security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java

   1 package org.argeo.security.ui.internal;
   2
   3 import java.security.AccessController;
   4 import java.security.Principal;
   5 import java.util.Collections;
   6 import java.util.HashSet;
   7 import java.util.Set;
   8
   9 import javax.security.auth.Subject;
  10
  11 import org.argeo.ArgeoException;
  12 import org.springframework.security.Authentication;
  13 import org.springframework.security.GrantedAuthority;
  14
  15 public class CurrentUser {
  16         public final static String getUsername() {
  17                 Subject subject = getSubject();
  18                 if (subject == null)
  19                         return null;
  20                 Principal principal = subject.getPrincipals().iterator().next();
  21                 return principal.getName();
  22
  23         }
  24
  25         public final static Set<String> roles() {
  26                 Principal principal = getSubject().getPrincipals(Authentication.class)
  27                                 .iterator().next();
  28                 Authentication authentication = (Authentication) principal;
  29                 Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
  30                 for (GrantedAuthority ga : authentication.getAuthorities()) {
  31                         roles.add(ga.getAuthority());
  32                 }
  33                 return Collections.unmodifiableSet(roles);
  34         }
  35
  36         public final static Subject getSubject() {
  37
  38                 Subject subject = Subject.getSubject(AccessController.getContext());
  39                 if (subject == null)
  40                         throw new ArgeoException("Not authenticated.");
  41                 return subject;
  42
  43         }
  44 }