Commit ac7b3dc1 authored by Sonia Zorba's avatar Sonia Zorba
Browse files

Groups persistence and logic

parent 844e9e5e

gms/src/main/java/it/inaf/ia2/gms/authn/CustomAuthenticationData.java

+17 −1
Original line number Diff line number Diff line
@@ -4,17 +4,33 @@ import java.util.Collection; 
import java.util.Map;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.oauth2.common.OAuth2AccessToken;

import org.springframework.security.oauth2.common.OAuth2RefreshToken;



public class CustomAuthenticationData extends UsernamePasswordAuthenticationToken {



    private final Map<String, Object> attributes;

    private final OAuth2AccessToken accessToken;

    private final OAuth2RefreshToken refreshToken;



    public CustomAuthenticationData(String username, Map<String, Object> attributes, Collection<? extends GrantedAuthority> authorities) {

    public CustomAuthenticationData(String username, Map<String, Object> attributes,

            Collection<? extends GrantedAuthority> authorities,

            OAuth2AccessToken accessToken, OAuth2RefreshToken refreshToken) {

        super(username, "N/A", authorities);

        this.attributes = attributes;

        this.accessToken = accessToken;

        this.refreshToken = refreshToken;

    }



    public Map<String, Object> getAttributes() {

        return attributes;

    }



    public OAuth2AccessToken getAccessToken() {

        return accessToken;

    }



    public OAuth2RefreshToken getRefreshToken() {

        return refreshToken;

    }

}

gms/src/main/java/it/inaf/ia2/gms/authn/CustomIdTokenConverter.java

+3 −2
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@ import org.springframework.security.core.Authentication; 
import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.core.authority.AuthorityUtils;

import org.springframework.security.oauth2.common.OAuth2AccessToken;

import org.springframework.security.oauth2.common.OAuth2RefreshToken;

import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;

import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;
@@ -25,12 +26,12 @@ public class CustomIdTokenConverter extends DefaultUserAuthenticationConverter { 
        OAuth2AccessToken token = jwkTokenStore.readAccessToken(idToken);



        Map<String, Object> claims = token.getAdditionalInformation();

        //OAuth2RefreshToken refreshToken = token.getRefreshToken();

        OAuth2RefreshToken refreshToken = token.getRefreshToken();



        String principal = (String) claims.get("sub");



        List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");



        return new CustomAuthenticationData(principal, claims, authorities);

        return new CustomAuthenticationData(principal, claims, authorities, token, refreshToken);

    }

}

gms/src/main/java/it/inaf/ia2/gms/authn/LoginController.java

+4 −0
Original line number Diff line number Diff line 
package it.inaf.ia2.gms.authn;



import java.security.Principal;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.http.MediaType;

import org.springframework.web.bind.annotation.GetMapping;

import org.springframework.web.bind.annotation.RestController;
@@ -8,6 +9,9 @@ import org.springframework.web.bind.annotation.RestController; 
@RestController

public class LoginController {



    @Autowired

    private SessionData sessionData;



    @GetMapping("/login")

    public Principal start(Principal principal) {

        return principal;

gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java

0 → 100644
+16 −0
Original line number Diff line number Diff line 
package it.inaf.ia2.gms.authn;



import org.springframework.context.annotation.Configuration;

import org.springframework.core.annotation.Order;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;



@Configuration

@Order(1000)

public class SecurityConfig extends WebSecurityConfigurerAdapter {



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable();

    }

}

gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java

0 → 100644
+41 −0
Original line number Diff line number Diff line 
package it.inaf.ia2.gms.authn;



import it.inaf.ia2.gms.persistence.UsersRepository;

import it.inaf.ia2.gms.persistence.model.User;

import javax.annotation.PostConstruct;

import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.security.oauth2.provider.OAuth2Authentication;

import org.springframework.stereotype.Component;

import org.springframework.web.context.annotation.SessionScope;



@Component

@SessionScope

public class SessionData {



    @Autowired

    private HttpServletRequest request;



    @Autowired

    private UsersRepository usersRepository;



    private String userId;



    @PostConstruct

    public void init() {

        CustomAuthenticationData authn = (CustomAuthenticationData) ((OAuth2Authentication) request.getUserPrincipal()).getUserAuthentication();

        userId = (String) authn.getPrincipal();

        //accessToken = (String) ((CustomAuthenticationData) request.getUserPrincipal()).getAttributes().get("access_token");

        //System.out.println("SessionData initialized: " + accessToken);



        if (!usersRepository.findById(userId).isPresent()) {

            User user = new User();

            user.setId(userId);

            usersRepository.save(user);

        }

    }



    public String getUserId() {

        return userId;

    }

}