improvements + bookmarks
This commit is contained in:
@@ -9,23 +9,27 @@ import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
|
||||
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
* @author _bastler@bstly.de
|
||||
*
|
||||
* The Class LocalRememberMeServices.
|
||||
*/
|
||||
public class LocalRememberMeServices extends PersistentTokenBasedRememberMeServices {
|
||||
|
||||
/**
|
||||
* @param key
|
||||
* @param userDetailsService
|
||||
* @param tokenRepository
|
||||
* Instantiates a new local remember me services.
|
||||
*
|
||||
* @param key the key
|
||||
* @param userDetailsService the user details service
|
||||
* @param tokenRepository the token repository
|
||||
*/
|
||||
public LocalRememberMeServices(String key, UserDetailsService userDetailsService,
|
||||
PersistentTokenRepository tokenRepository) {
|
||||
super(key, userDetailsService, tokenRepository);
|
||||
}
|
||||
|
||||
/*
|
||||
* @see org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices#rememberMeRequested(javax.servlet.http.HttpServletRequest, java.lang.String)
|
||||
*/
|
||||
/*
|
||||
*
|
||||
* @see org.springframework.security.web.authentication.rememberme.
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
package de.bstly.board.security;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
@@ -12,36 +13,55 @@ import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.web.authentication.RememberMeServices;
|
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import com.google.common.collect.Lists;
|
||||
|
||||
import de.bstly.board.businesslogic.UserManager;
|
||||
import de.bstly.board.model.LocalUser;
|
||||
|
||||
|
||||
/**
|
||||
* @author Lurkars
|
||||
*
|
||||
* The Class OAuth2AuthenticationSuccessHandler.
|
||||
*/
|
||||
@Component
|
||||
public class OAuth2AuthenticationSuccessHandler
|
||||
extends SavedRequestAwareAuthenticationSuccessHandler {
|
||||
|
||||
|
||||
@Autowired
|
||||
private UserManager localUserManager;
|
||||
|
||||
|
||||
private RememberMeServices rememberMeServices;
|
||||
|
||||
/*
|
||||
* @see org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler#onAuthenticationSuccess(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication)
|
||||
*/
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
|
||||
Authentication authentication) throws IOException, ServletException {
|
||||
LocalUser localUser = localUserManager.getByAuth(authentication);
|
||||
|
||||
User user = new User(localUser.getUsername(), "", authentication.getAuthorities());
|
||||
List<GrantedAuthority> authorities = Lists.newArrayList();
|
||||
authorities.addAll(authentication.getAuthorities());
|
||||
|
||||
if (localUser.getRoles() != null) {
|
||||
for (String role : localUser.getRoles()) {
|
||||
authorities.add(new SimpleGrantedAuthority(role));
|
||||
}
|
||||
}
|
||||
|
||||
User user = new User(localUser.getUsername(), "", authorities);
|
||||
|
||||
UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken(
|
||||
user, null, authentication.getAuthorities());
|
||||
user, null, authorities);
|
||||
|
||||
SecurityContextHolder.getContext().setAuthentication(newAuthentication);
|
||||
|
||||
@@ -54,6 +74,11 @@ public class OAuth2AuthenticationSuccessHandler
|
||||
clearAuthenticationAttributes(request);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the remember me services.
|
||||
*
|
||||
* @param rememberMeServices the new remember me services
|
||||
*/
|
||||
public void setRememberMeServices(RememberMeServices rememberMeServices) {
|
||||
this.rememberMeServices = rememberMeServices;
|
||||
}
|
||||
|
||||
@@ -25,26 +25,37 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
import de.bstly.board.businesslogic.UserManager;
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
* @author monitoring@bstly.de
|
||||
*
|
||||
* The Class SecurityConfig.
|
||||
*/
|
||||
@EnableWebSecurity
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
|
||||
@Autowired
|
||||
private UserManager localUserManager;
|
||||
|
||||
|
||||
@Autowired
|
||||
private OAuth2AuthenticationSuccessHandler oAuth2AuthenticationSuccessHandler;
|
||||
|
||||
|
||||
@Autowired
|
||||
private DataSource dataSource;
|
||||
|
||||
|
||||
@Value("${loginUrl:/login}")
|
||||
private String loginUrl;
|
||||
|
||||
|
||||
@Value("${loginTargetUrl:/}")
|
||||
private String loginTargetUrl;
|
||||
|
||||
/*
|
||||
* @see org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter#configure(org.springframework.security.config.annotation.web.builders.HttpSecurity)
|
||||
*/
|
||||
/*
|
||||
*
|
||||
* @see org.springframework.security.config.annotation.web.configuration.
|
||||
@@ -87,14 +98,20 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return
|
||||
* Password encoder.
|
||||
*
|
||||
* @return the argon 2 password encoder
|
||||
*/
|
||||
@Bean(name = "passwordEncoder")
|
||||
public Argon2PasswordEncoder passwordEncoder() {
|
||||
return new Argon2PasswordEncoder();
|
||||
}
|
||||
|
||||
/**
|
||||
* Persistent token repository.
|
||||
*
|
||||
* @return the persistent token repository
|
||||
*/
|
||||
@Bean
|
||||
public PersistentTokenRepository persistentTokenRepository() {
|
||||
JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
|
||||
@@ -102,6 +119,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
return tokenRepository;
|
||||
}
|
||||
|
||||
/**
|
||||
* Remember me services.
|
||||
*
|
||||
* @return the remember me services
|
||||
*/
|
||||
@Bean
|
||||
public RememberMeServices rememberMeServices() {
|
||||
PersistentTokenBasedRememberMeServices rememberMeServices = new LocalRememberMeServices(
|
||||
|
||||
Reference in New Issue
Block a user