protected void injectSecurityContext( User user ) { List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContext context = SecurityContextHolder.createEmptyContext(); context.setAuthentication( authentication ); SecurityContextHolder.setContext( context ); }
protected void saveAndInjectUserSecurityContext( User user ) { userService.addUser( user ); userService.addUserCredentials( user.getUserCredentials() ); List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContextHolder.getContext().setAuthentication( authentication ); }
protected User createAndInjectAdminUser( String... authorities ) { User user = createAdminUser( authorities ); List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContext context = SecurityContextHolder.createEmptyContext(); context.setAuthentication( authentication ); SecurityContextHolder.setContext( context ); return user; }
@Override public void encodeAndSetPassword( UserCredentials userCredentials, String rawPassword ) { if ( StringUtils.isEmpty( rawPassword ) && !userCredentials.isExternalAuth() ) { return; // Leave unchanged if internal authentication and no password supplied } if ( userCredentials.isExternalAuth() ) { userCredentials.setPassword( UserService.PW_NO_INTERNAL_LOGIN ); return; // Set unusable, not-encoded password if external authentication } boolean isNewPassword = StringUtils.isBlank( userCredentials.getPassword() ) || !passwordManager.matches( rawPassword, userCredentials.getPassword() ); if ( isNewPassword ) { userCredentials.setPasswordLastUpdated( new Date() ); } // Encode and set password userCredentials.setPassword( passwordManager.encode( rawPassword ) ); userCredentials.getPreviousPasswords().add( passwordManager.encode( rawPassword ) ); }
return new User( credentials.getUsername(), credentials.getPassword(), enabled, true, credentialsNonExpired, accountNonLocked, SecurityUtils.getGrantedAuthorities( credentials ) );
@Override public void postCreate( IdentifiableObject persistedObject, ObjectBundle bundle ) { if ( !User.class.isInstance( persistedObject ) || !bundle.hasExtras( persistedObject, "uc" ) ) return; User user = (User) persistedObject; final UserCredentials userCredentials = (UserCredentials) bundle.getExtras( persistedObject, "uc" ); if ( !StringUtils.isEmpty( userCredentials.getPassword() ) ) { userService.encodeAndSetPassword( userCredentials, userCredentials.getPassword() ); } if ( user.getAvatar() != null ) { FileResource fileResource = fileResourceService.getFileResource( user.getAvatar().getUid() ); fileResource.setAssigned( true ); fileResourceService.updateFileResource( fileResource ); } preheatService.connectReferences( userCredentials, bundle.getPreheat(), bundle.getPreheatIdentifier() ); sessionFactory.getCurrentSession().save( userCredentials ); user.setUserCredentials( userCredentials ); sessionFactory.getCurrentSession().update( user ); bundle.removeExtras( persistedObject, "uc" ); }
user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuths );
@Override public void postUpdate( IdentifiableObject persistedObject, ObjectBundle bundle ) { if ( !User.class.isInstance( persistedObject ) || !bundle.hasExtras( persistedObject, "uc" ) ) return; User user = (User) persistedObject; final UserCredentials userCredentials = (UserCredentials) bundle.getExtras( persistedObject, "uc" ); final UserCredentials persistedUserCredentials = bundle.getPreheat().get( bundle.getPreheatIdentifier(), UserCredentials.class, user ); if ( !StringUtils.isEmpty( userCredentials.getPassword() ) ) { userService.encodeAndSetPassword( persistedUserCredentials, userCredentials.getPassword() ); } mergeService.merge( new MergeParams<>( userCredentials, persistedUserCredentials ).setMergeMode( bundle.getMergeMode() ) ); preheatService.connectReferences( persistedUserCredentials, bundle.getPreheat(), bundle.getPreheatIdentifier() ); persistedUserCredentials.setUserInfo( user ); user.setUserCredentials( persistedUserCredentials ); sessionFactory.getCurrentSession().update( user.getUserCredentials() ); bundle.removeExtras( persistedObject, "uc" ); }