security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/MatchingAuthenticationProvider.java

   1 package org.argeo.security.core;
   2
   3 import java.io.InputStream;
   4 import java.util.ArrayList;
   5 import java.util.List;
   6 import java.util.Properties;
   7
   8 import org.apache.commons.io.IOUtils;
   9 import org.springframework.core.io.Resource;
  10 import org.springframework.security.AuthenticationException;
  11 import org.springframework.security.BadCredentialsException;
  12 import org.springframework.security.GrantedAuthority;
  13 import org.springframework.security.GrantedAuthorityImpl;
  14 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
  15 import org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider;
  16 import org.springframework.security.userdetails.User;
  17 import org.springframework.security.userdetails.UserDetails;
  18
  19 public class MatchingAuthenticationProvider extends
  20                 AbstractUserDetailsAuthenticationProvider {
  21
  22         private Resource mapping;
  23         private Properties properties;
  24
  25         private List<String> defaultRoles = new ArrayList<String>();
  26
  27         @Override
  28         protected void doAfterPropertiesSet() throws Exception {
  29                 properties = new Properties();
  30                 InputStream propIn = mapping.getInputStream();
  31                 try {
  32                         properties.load(propIn);
  33                 } finally {
  34                         IOUtils.closeQuietly(propIn);
  35                 }
  36         }
  37
  38         @Override
  39         protected void additionalAuthenticationChecks(UserDetails userDetails,
  40                         UsernamePasswordAuthenticationToken authentication)
  41                         throws AuthenticationException {
  42                 if (!userDetails.getPassword().equals(authentication.getCredentials()))
  43                         throw new BadCredentialsException(
  44                                         "Invalid credentails provided by "
  45                                                         + authentication.getName());
  46         }
  47
  48         @Override
  49         protected UserDetails retrieveUser(String username,
  50                         UsernamePasswordAuthenticationToken authentication)
  51                         throws AuthenticationException {
  52                 String value = properties.getProperty(username);
  53                 if (value == null)
  54                         throw new BadCredentialsException("User " + username
  55                                         + " is not registered");
  56                 List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
  57                 for (String role : defaultRoles)
  58                         grantedAuthorities.add(new GrantedAuthorityImpl(role));
  59                 return new User(
  60                                 username,
  61                                 value,
  62                                 true,
  63                                 true,
  64                                 true,
  65                                 true,
  66                                 grantedAuthorities
  67                                                 .toArray(new GrantedAuthority[grantedAuthorities.size()]));
  68         }
  69
  70         public void setMapping(Resource mapping) {
  71                 this.mapping = mapping;
  72         }
  73
  74         public void setDefaultRoles(List<String> defaultRoles) {
  75                 this.defaultRoles = defaultRoles;
  76         }
  77
  78 }