diff --git a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java index 80beaf8ce..7bb151632 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java @@ -70,7 +70,7 @@ public abstract class AbstractAuthenticationProvider { @Qualifier("onlineTicketServices") protected OnlineTicketServices onlineTicketServices; - static ArrayList grantedAdministratorsAuthoritys = new ArrayList(); + public static ArrayList grantedAdministratorsAuthoritys = new ArrayList(); static { grantedAdministratorsAuthoritys.add(new SimpleGrantedAuthority("ROLE_ADMINISTRATORS")); diff --git a/maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java b/maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java index ff1e20d2d..c5420911c 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java @@ -37,6 +37,14 @@ public class SigninPrincipal implements UserDetails { ArrayList grantedAuthorityApps; boolean authenticated; boolean roleAdministrators; + + private boolean accountNonExpired; + + private boolean accountNonLocked; + + private boolean credentialsNonExpired; + + private boolean enabled; /** * SigninPrincipal. @@ -50,6 +58,10 @@ public class SigninPrincipal implements UserDetails { public SigninPrincipal(UserInfo userInfo) { this.userInfo = userInfo; this.authenticated = true; + this.accountNonExpired = true; + this.accountNonLocked = true; + this.credentialsNonExpired =true; + this.enabled = true; } /** @@ -116,22 +128,22 @@ public class SigninPrincipal implements UserDetails { @Override public boolean isAccountNonExpired() { - return false; + return this.accountNonExpired; } @Override public boolean isAccountNonLocked() { - return false; + return this.accountNonLocked; } @Override public boolean isCredentialsNonExpired() { - return false; + return this.credentialsNonExpired; } @Override public boolean isEnabled() { - return false; + return this.enabled; } public ArrayList getGrantedAuthorityApps() { diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java index 8c920347a..ddb217667 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java @@ -12,9 +12,19 @@ */ package org.maxkey.authz.oauth2.provider; +import java.util.ArrayList; + +import org.maxkey.authn.AbstractAuthenticationProvider; +import org.maxkey.authn.SigninPrincipal; +import org.maxkey.authn.online.OnlineTicket; import org.maxkey.domain.UserInfo; import org.maxkey.persistence.db.LoginService; -import org.springframework.security.core.userdetails.User; +import org.maxkey.web.WebConstants; +import org.maxkey.web.WebContext; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; @@ -24,7 +34,8 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; * */ public class OAuth2UserDetailsService implements UserDetailsService { - + private static final Logger _logger = + LoggerFactory.getLogger(OAuth2UserDetailsService.class); LoginService loginService; @@ -42,8 +53,27 @@ public class OAuth2UserDetailsService implements UserDetailsService { throw new UsernameNotFoundException(e.getMessage(), e); } + String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase(); - return new User(username, userInfo.getPassword(), loginService.grantAuthority(userInfo)); + SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo); + OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId); + //set OnlineTicket + signinPrincipal.setOnlineTicket(onlineTicket); + + ArrayList grantedAuthoritys = loginService.grantAuthority(userInfo); + signinPrincipal.setAuthenticated(true); + + for(GrantedAuthority administratorsAuthority : AbstractAuthenticationProvider.grantedAdministratorsAuthoritys) { + if(grantedAuthoritys.contains(administratorsAuthority)) { + signinPrincipal.setRoleAdministrators(true); + _logger.trace("ROLE ADMINISTRATORS Authentication ."); + } + } + _logger.debug("Granted Authority " + grantedAuthoritys); + + signinPrincipal.setGrantedAuthorityApps(grantedAuthoritys); + + return signinPrincipal; } }