View Javadoc
1   package net.sumaris.server.http.security;
2   
3   /*-
4    * #%L
5    * SUMARiS:: Server
6    * %%
7    * Copyright (C) 2018 - 2019 SUMARiS Consortium
8    * %%
9    * This program is free software: you can redistribute it and/or modify
10   * it under the terms of the GNU General Public License as
11   * published by the Free Software Foundation, either version 3 of the
12   * License, or (at your option) any later version.
13   * 
14   * This program is distributed in the hope that it will be useful,
15   * but WITHOUT ANY WARRANTY; without even the implied warranty of
16   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17   * GNU General Public License for more details.
18   * 
19   * You should have received a copy of the GNU General Public
20   * License along with this program.  If not, see
21   * <http://www.gnu.org/licenses/gpl-3.0.html>.
22   * #L%
23   */
24  
25  import lombok.AllArgsConstructor;
26  import lombok.NonNull;
27  import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
28  import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
29  import org.springframework.security.core.AuthenticationException;
30  import org.springframework.security.core.userdetails.UserDetails;
31  import org.springframework.security.core.userdetails.UsernameNotFoundException;
32  import org.springframework.stereotype.Component;
33  
34  import java.util.Optional;
35  
36  import static lombok.AccessLevel.PACKAGE;
37  
38  /**
39   * @author peck7 on 30/11/2018.
40   */
41  @Component
42  @AllArgsConstructor(access = PACKAGE)
43  public class TokenAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
44  
45      @NonNull
46      private AuthService authService;
47  
48      @Override
49      protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
50          // Nothing to do
51      }
52  
53      @Override
54      protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
55          final Object token = authentication.getCredentials();
56          return Optional
57                  .ofNullable(token)
58                  .map(String::valueOf)
59                  .flatMap(authService::authenticate)
60                  .orElseThrow(() -> new UsernameNotFoundException("Cannot find user with authentication token=" + token));
61      }
62  }