package com.mzl.flower.config.security.token;
|
|
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
import org.springframework.security.core.GrantedAuthority;
|
|
import java.util.Collection;
|
|
public class WebAuthenticationToken extends AbstractAuthenticationToken {
|
|
private static final long serialVersionUID = 110L;
|
|
private final Object principal;
|
private Object credentials;
|
|
public WebAuthenticationToken(Object principal, Object credentials) {
|
super(null);
|
this.principal = principal;
|
this.credentials = credentials;
|
setAuthenticated(false);
|
}
|
|
public WebAuthenticationToken(Object principal, Object credentials,
|
Collection<? extends GrantedAuthority> authorities) {
|
super(authorities);
|
this.principal = principal;
|
this.credentials = credentials;
|
super.setAuthenticated(true); // must use super, as we override
|
}
|
|
@Override
|
public Object getCredentials() {
|
return this.credentials;
|
}
|
|
@Override
|
public Object getPrincipal() {
|
return this.principal;
|
}
|
|
public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
|
if (isAuthenticated) {
|
throw new IllegalArgumentException(
|
"Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead");
|
}
|
|
super.setAuthenticated(false);
|
}
|
|
@Override
|
public void eraseCredentials() {
|
super.eraseCredentials();
|
credentials = null;
|
}
|
}
|
