oidc alias login

2022-12-27 20:42:23 +01:00
parent f618d1c1a7
commit e20266f147
9 changed files with 109 additions and 31 deletions
@@ -20,8 +20,11 @@ import com.google.common.collect.Lists;
 import de.bstly.we.model.Permission;
 import de.bstly.we.model.QPermission;
 import de.bstly.we.model.QUser;
+import de.bstly.we.model.QUserAlias;
 import de.bstly.we.model.User;
+import de.bstly.we.model.UserAlias;
 import de.bstly.we.repository.PermissionRepository;
+import de.bstly.we.repository.UserAliasRepository;
 import de.bstly.we.repository.UserRepository;
 import de.bstly.we.security.model.LocalUserDetails;

@@ -35,9 +38,12 @@ public class LocalUserDetailsService implements UserDetailsService {
 	private UserRepository userRepository;
 	@Autowired
 	private PermissionRepository permissionRepository;
+	@Autowired
+	private UserAliasRepository userAliasRepository;

 	private QUser qUser = QUser.user;
 	private QPermission qPermission = QPermission.permission;
+	private QUserAlias qUserAlias = QUserAlias.userAlias;

 	/*
 	 * @see org.springframework.security.core.userdetails.UserDetailsService#
@@ -46,6 +52,16 @@ public class LocalUserDetailsService implements UserDetailsService {
 	@Override
 	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
 		User user = userRepository.findOne(qUser.username.equalsIgnoreCase(username)).orElse(null);
+		String alias = null;
+
+		if (user == null) {
+			UserAlias userAlias = userAliasRepository.findOne(qUserAlias.alias.eq(username)).orElse(null);
+
+			if (userAlias != null) {
+				user = userRepository.findOne(qUser.id.eq(userAlias.getTarget())).orElse(null);
+				alias = username;
+			}
+		}

 		if (user != null) {
 			String password = userRepository.findById(user.getId()).get().getPasswordHash();
@@ -64,26 +80,8 @@ public class LocalUserDetailsService implements UserDetailsService {

 			Set<GrantedAuthority> authorities = getAuthoritiesForUser(user.getId());

-			// ignore and use status
-//			boolean onlyAddons = true;
-//			for (Permission permission : permissionManager
-//					.getNotExpiresByTargetIgnoreStart(user.getId())) {
-//				if (!permission.isAddon()) {
-//					onlyAddons = false;
-//					break;
-//				}
-//			}
-//
-//			if (authorities.isEmpty()) {
-//				throw new AccountExpiredException("User is expired: " + username);
-//			}
-//
-//			if (onlyAddons) {
-//				throw new AccountExpiredException("User is expired: " + username);
-//			}
-
 			// Create user details
-			LocalUserDetails userDetails = new LocalUserDetails(user.getId(), user.getUsername(), password,
+			LocalUserDetails userDetails = new LocalUserDetails(user.getId(), user.getUsername(), alias, password,
 					authorities);

 			return userDetails;
@@ -55,7 +55,7 @@ public class LocalAnonymousAuthenticationFilter extends AnonymousAuthenticationF
 	@Override
 	protected Authentication createAuthentication(HttpServletRequest request) {
 		Authentication authentication = new LocalAnonymousAuthenticationToken(
-				new LocalUserDetails(-1L, LocalAnonymousAuthenticationToken.ANONYMOUS_USERNAME, "",
+				new LocalUserDetails(-1L, LocalAnonymousAuthenticationToken.ANONYMOUS_USERNAME, "", "",
 						LocalAnonymousAuthenticationToken.AUTHORITIES));
 		authentication.setAuthenticated(false);
 		return authentication;
@@ -28,11 +28,12 @@ public class LocalUserDetails extends User {
 	 * @param password    the password
 	 * @param authorities the authorities
 	 */
-	public LocalUserDetails(Long userId, String username, String password,
+	public LocalUserDetails(Long userId, String username, String alias, String password,
 			Collection<? extends GrantedAuthority> authorities) {
 		// Super
 		super(username, password, authorities);
 		this.userId = userId;
+		this.alias = alias;
 	}

 	/**