security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java

   1 /*
   2  * Copyright (C) 2007-2012 Argeo GmbH
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security.core;
  17
  18 import java.util.ArrayList;
  19 import java.util.List;
  20
  21 import org.argeo.security.OsAuthenticationToken;
  22 import org.springframework.security.Authentication;
  23 import org.springframework.security.AuthenticationException;
  24 import org.springframework.security.GrantedAuthority;
  25 import org.springframework.security.GrantedAuthorityImpl;
  26 import org.springframework.security.providers.AuthenticationProvider;
  27
  28 /**
  29  * Validates an OS authentication. The id is that it will always be
  30  * authenticated since we are always runnign within an OS, but the fact that the
  31  * {@link Authentication} works properly depends on the proper OS login module
  32  * having been called as well. TODO make it more configurable (base roles, is
  33  * admin)
  34  */
  35 public class OsAuthenticationProvider implements AuthenticationProvider {
  36         final static String osUserRole = "ROLE_OS_USER";
  37         final static String userRole = "ROLE_USER";
  38         final static String adminRole = "ROLE_ADMIN";
  39
  40         final static Boolean isAdmin = true;
  41
  42         public Authentication authenticate(Authentication authentication)
  43                         throws AuthenticationException {
  44                 return new OsAuthenticationToken(getBaseAuthorities());
  45         }
  46
  47         public static GrantedAuthority[] getBaseAuthorities() {
  48                 List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
  49                 auths.add(new GrantedAuthorityImpl(osUserRole));
  50                 auths.add(new GrantedAuthorityImpl(userRole));
  51                 if (isAdmin)
  52                         auths.add(new GrantedAuthorityImpl(adminRole));
  53                 return auths.toArray(new GrantedAuthority[auths.size()]);
  54         }
  55
  56         @SuppressWarnings("rawtypes")
  57         public boolean supports(Class authentication) {
  58                 return OsAuthenticationToken.class.isAssignableFrom(authentication);
  59         }
  60
  61 }