package com.mzl.flower.config.security.provider;
|
|
import com.mzl.flower.config.security.token.PartnerAuthenticationToken;
|
import com.mzl.flower.constant.Constants;
|
import com.mzl.flower.service.impl.PartnerUserDetailsService;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.security.authentication.BadCredentialsException;
|
import org.springframework.security.authentication.InternalAuthenticationServiceException;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.AuthenticationException;
|
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.util.Assert;
|
|
import java.util.ArrayList;
|
import java.util.List;
|
|
@Slf4j
|
public class PartnerAuthenticationProvider extends SelfAuthenticationProvider {
|
|
private UserDetailsService userDetailsService;
|
|
private PasswordEncoder passwordEncoder;
|
|
@Override
|
protected void additionalAuthenticationChecks(UserDetails userDetails, Authentication authentication) throws AuthenticationException {
|
if (authentication.getCredentials() == null) {
|
log.debug("Authentication failed: no credentials provided");
|
|
throw new BadCredentialsException(messages.getMessage(
|
"AbstractUserDetailsAuthenticationProvider.badCredentials",
|
"Bad credentials"));
|
}
|
|
String presentedPassword = authentication.getCredentials().toString();
|
|
if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())
|
&& !presentedPassword.equals(userDetails.getPassword())) {
|
log.debug("Authentication failed: password does not match stored value");
|
|
throw new BadCredentialsException(messages.getMessage(
|
"AbstractUserDetailsAuthenticationProvider.badCredentials",
|
"Bad credentials"));
|
}
|
}
|
|
@Override
|
protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) {
|
PartnerAuthenticationToken result = new PartnerAuthenticationToken(principal, authentication.getCredentials(), user.getAuthorities());
|
result.setDetails(authentication.getDetails());
|
return result;
|
}
|
|
@Override
|
protected UserDetails retrieveUser(String username, Authentication authentication) throws AuthenticationException {
|
try {
|
PartnerUserDetailsService webUserDetailsService = (PartnerUserDetailsService) this.getUserDetailsService();
|
UserDetails loadedUser = webUserDetailsService.loadUserByUsername(username, prepareUserType());
|
if (loadedUser == null) {
|
throw new InternalAuthenticationServiceException(
|
"UserDetailsService returned null, which is an interface contract violation");
|
}
|
return loadedUser;
|
} catch (UsernameNotFoundException ex) {
|
throw ex;
|
} catch (InternalAuthenticationServiceException ex) {
|
throw ex;
|
} catch (Exception ex) {
|
throw new InternalAuthenticationServiceException(ex.getMessage(), ex);
|
}
|
}
|
|
protected List<String> prepareUserType(){
|
List<String> userTypes = new ArrayList<>();
|
userTypes.add(Constants.USER_TYPE.partner.name());
|
return userTypes;
|
}
|
|
protected void doAfterPropertiesSet() throws Exception {
|
Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
|
}
|
|
public void setUserDetailsService(UserDetailsService userDetailsService) {
|
this.userDetailsService = userDetailsService;
|
}
|
|
public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
|
this.passwordEncoder = passwordEncoder;
|
}
|
|
protected UserDetailsService getUserDetailsService() {
|
return userDetailsService;
|
}
|
|
@Override
|
public boolean supports(Class<?> authentication) {
|
return PartnerAuthenticationToken.class.isAssignableFrom(authentication);
|
}
|
}
|
