@Override public String getName() { return authentication.getName(); }
private static void processAuthPermissions(JwtBuilder builder, Authentication authentication) { builder.claim(AuthenticationClaims.CLAIM_NAME_ROOT, Boolean.valueOf(authentication.isRoot())); Collection<Permission> permissions = authentication.getPermissions(); if (permissions != null && !permissions.isEmpty()) { Collection<String> ps = new ArrayList<>(permissions.size()); for (Permission permission : permissions) { permission.getPermission().ifPresent(p -> ps.add(p)); } if (!ps.isEmpty()) { builder.claim(AuthenticationClaims.CLAIM_NAME_PERMISSIONS, ps); } } }
private static void processAuthDetails(JwtBuilder builder, final Authentication authentication) { authentication.forEachParameter((name, value) -> builder.claim(name, value)); }
@Override public Authentication authenticate(MyAuthenticationToken authenticationToken) throws AuthenticationException { if (!"test".equals(authenticationToken.getPrincipal())) { // <3> throw new UnknownAccountException(); } return Authentication.builder(authenticationToken.principalName).build(); }
@Override public Collection<? extends GrantedAuthority> getAuthorities() { return authentication.getPermissions().stream().map(p -> new PermissionGrantedAuthority(p)) .collect(Collectors.toSet()); }
@Override public Object getDetails() { return authentication.getParameter(SpringSecurityAuthentication.AUTHENTICATION_DETAILS_KEY).orElse(null); }
@Override public String getAuthenticationScheme() { return getAuthentication().map(a -> a.getScheme().orElse(null)).orElse(null); }
public void build1() throws IOException { // tag::build1[] JwtConfiguration configuration = JwtConfiguration .build(JwtConfigProperties.builder().withPropertySource("jwt.properties").build()); // <1> Authentication authc = Authentication.builder("test").build(); // <2> String jwt = JwtTokenBuilder.get().buildJwt(configuration, authc); // <3> jwt = JwtTokenBuilder.get().buildJwt(configuration, authc, UUID.randomUUID().toString()); // <4> // end::build1[] }
public void authContext1() { // tag::authcontext1[] AuthContext authContext = SpringSecurity.authContext(); // <1> UsernamePasswordAuthenticationToken tkn = new UsernamePasswordAuthenticationToken("user", "pwd", Arrays.asList(new GrantedAuthority[] { new SimpleGrantedAuthority("role1") })); SecurityContextHolder.getContext().setAuthentication(tkn); // <2> Authentication authc = authContext.requireAuthentication(); // <3> String name = authc.getName(); // <4> boolean permitted = authContext.isPermitted("role1"); // <5> SecurityContextHolder.getContext().setAuthentication(null); // <6> boolean notAnymore = authContext.isAuthenticated(); // end::authcontext1[] }
public void authentication() { // tag::authentication[] Authentication authc = Authentication.builder("userId") // <1> .withPermission("VIEW") // <2> .withPermission(new MyPermission()) // <3> .withParameter("name", "John") // <4> .withParameter("surname", "Doe") // <5> .scheme("myscheme") // <6> .build(); // end::authentication[] }
public void authenticationListener() { // tag::listener[] Realm realm = getRealm(); realm.addAuthenticationListener(authentication -> { // <1> // do something ... authentication.getName(); }); // end::listener[] }
public void build3() throws IOException { // tag::build3[] JwtConfiguration configuration = JwtConfiguration.builder().includeDetails(true).build(); // <1> Authentication authc = Authentication.builder("test").withParameter("name", "John").build(); // <2> String jwt = JwtTokenBuilder.get().buildJwt(configuration, authc); // <3> // end::build3[] }
@Authenticate @GET @Path("name") @Produces(MediaType.TEXT_PLAIN) public String getPrincipalName(@javax.ws.rs.core.Context SecurityContext securityContext) { JaxrsAuthenticationInspector inspector = JaxrsAuthenticationInspector.of(securityContext); // <1> boolean isAuthenticated = inspector.isAuthenticated(); // <2> Optional<Authentication> auth = inspector.getAuthentication(); // <3> Authentication authc = inspector.requireAuthentication(); // <4> boolean permitted = inspector.isPermitted("ROLE1"); // <5> permitted = inspector.isPermittedAny("ROLE1", "ROLE2"); // <6> return inspector.getAuthentication().map(a -> a.getName()).orElse(null); } // end::authinsp[]
public void build2() throws IOException { // tag::build2[] JwtConfiguration configuration = JwtConfiguration.builder().includePermissions(true).build(); // <1> Authentication authc = Authentication.builder("test").withPermission("role1").withPermission("role2").build(); // <2> String jwt = JwtTokenBuilder.get().buildJwt(configuration, authc); // <3> // end::build2[] }
JwtBuilder builder = createJWT(id, authentication.getName(), issuer, (timeToLiveMs != null) ? timeToLiveMs.longValue() : -1, notBeforeNow);
public void authenticator3() { // tag::authenticator3[] Authenticator<MyAuthenticationToken> authenticator = Authenticator.create(MyAuthenticationToken.class, // <1> token -> { // check authentication token information token.getPrincipal(); token.getCredentials(); boolean valid = true; // ... // if not valid, throw an exception if (!valid) { throw new InvalidCredentialsException(); } // otherwise, return the authenticated principal representation return Authentication.builder("thePrincipalName").build(); }); try { Authentication authc = authenticator.authenticate(new MyAuthenticationToken("test")); // <2> } catch (AuthenticationException e) { // <3> } // end::authenticator3[] }
public void permissions() { // tag::permissions[] final Permission p1 = Permission.create("role1"); // <1> final Permission p2 = Permission.create("role2"); // <2> Authentication authc = Authentication.builder("test").withPermission(p1).withPermission(p2).build(); // <3> // Realm with default authorizer Realm realm = Realm.builder().withDefaultAuthorizer().build(); // <4> // permission checking boolean permitted = realm.isPermitted(authc, p1); // <5> permitted = realm.isPermitted(authc, "role1"); // <6> permitted = realm.isPermittedAny(authc, p1, p2); // <7> permitted = realm.isPermittedAny(authc, "role1", "role2"); // <8> boolean notPermitted = realm.isPermitted(authc, "other_role"); // <9> // end::permissions[] }
Authentication.Builder auth = Authentication.builder(principalName).scheme("Bearer").root(false);
Authentication.Builder auth = Authentication.builder(principalName).scheme("Bearer").root(false);