Example usage for org.springframework.security.core Authentication getAuthorities

List of usage examples for org.springframework.security.core Authentication getAuthorities

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.core.*
  5. Authentication
  6. getAuthorities

Introduction

In this page you can find the example usage for org.springframework.security.core Authentication getAuthorities.

Prototype

Collection<? extends GrantedAuthority> getAuthorities();

Source Link

Document

Set by an AuthenticationManager to indicate the authorities that the principal has been granted.

Usage

From source file:org.joyrest.oauth2.interceptor.AuthorizationInterceptor.java

@Override
public InternalResponse<Object> around(InterceptorChain chain, InternalRequest<Object> req,
        InternalResponse<Object> resp) throws Exception {
    InternalRoute route = chain.getRoute();
    if (!route.isSecured()) {
        return chain.proceed(req, resp);
    }/*from ww w .jav  a 2  s .  c o m*/

    Authentication authentication = req.getPrincipal().filter(principal -> principal instanceof Authentication)
            .map(principal -> (Authentication) principal).orElseThrow(
                    () -> new InvalidConfigurationException("Principal object is not Authentication type."));

    List<String> authorities = authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority)
            .collect(toList());

    if (Collections.disjoint(authorities, route.getRoles())) {
        throw new UserDeniedAuthorizationException("User denied access");
    }

    return chain.proceed(req, resp);
}

From source file:com.thinkbiganalytics.auth.jwt.JwtRememberMeServices.java

/**
 * Sets a JWT cookie when the user has successfully logged in.
 *
 * @param request        the HTTP request
 * @param response       the HTTP response
 * @param authentication the user//from  ww  w . jav  a2 s .  co  m
 */
@Override
protected void onLoginSuccess(@Nonnull final HttpServletRequest request,
        @Nonnull final HttpServletResponse response, @Nonnull final Authentication authentication) {
    final Stream<String> user = Stream.of(authentication.getPrincipal().toString());
    final Stream<String> groups = authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority);
    final String[] tokens = Stream.concat(user, groups).toArray(String[]::new);

    setCookie(tokens, getTokenValiditySeconds(), request, response);
}

From source file:de.blizzy.documentr.access.DocumentrPermissionEvaluator.java

public boolean hasApplicationPermission(Authentication authentication, Permission permission) {
    return hasApplicationPermission(authentication.getAuthorities(), permission);
}

From source file:org.opendatakit.security.spring.UserServiceImpl.java

@Override
public User getCurrentUser() {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    Collection<? extends GrantedAuthority> authorities = auth.getAuthorities();

    return internalGetUser(auth.getName(), authorities);
}

From source file:cz.zcu.kiv.eegdatabase.wui.app.session.EEGDataBaseSession.java

@Override
public Roles getRoles() {
    Roles roles = new Roles();
    if (isSignedIn()) {

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

        for (GrantedAuthority auth : authentication.getAuthorities()) {
            roles.add(auth.getAuthority());
        }/*from www  .  ja  va2  s  . c o m*/
    }

    return roles;
}

From source file:org.openlmis.fulfillment.security.CustomUserAuthenticationConverterTest.java

@Test
public void shouldExtractAuthenticationWithPrincipalAndCommaSeparatedAuthorities() {
    Authentication authentication = userAuthenticationConverter
            .extractAuthentication(ImmutableMap.of(REFERENCE_DATA_USER_ID, userId.toString(),
                    UserAuthenticationConverter.AUTHORITIES, "one,two,three"));

    checkAuthentication(userId, authentication);
    assertEquals(3, authentication.getAuthorities().size());
}

From source file:org.cloudfoundry.identity.uaa.authentication.manager.LoginAuthenticationManagerTests.java

@Test
public void testHappyDayWithAuthorities() {
    UaaUser user = UaaUserTestFactory.getAdminUser("FOO", "foo", "fo@test.org", "Foo", "Bar");
    Mockito.when(userDatabase.retrieveUserByName("foo")).thenReturn(user);
    Authentication authentication = manager
            .authenticate(UaaAuthenticationTestFactory.getAuthenticationRequest("foo"));
    assertEquals(user.getUsername(), ((UaaPrincipal) authentication.getPrincipal()).getName());
    assertEquals(user.getAuthorities(), authentication.getAuthorities());
}

From source file:org.socialsignin.springsocial.security.userdetails.SpringSocialSecurityUserDetailsService.java

/**
 * Uses a <code>SignUpService</code> implementation to check if a local user account for this username is available 
 * and if so, bases the user's authentication on the set of connections the user currently has to
 * 3rd party providers.  Allows provider-specific roles to be set for each user - uses a <code>UsersConnectionRepository</code>
 * to obtain list of connections the user has and a <code>SpringSocialSecurityAuthenticationFactory</code>
 * to obtain an authentication based on those connections.
 * /*from ww  w.j av a 2 s  .  co  m*/
 */
@Override
public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
    ConnectionRepository connectionRepository = usersConnectionRepository.createConnectionRepository(userName);
    SpringSocialProfile springSocialProfile = signUpService.getUserProfile(userName);
    List<Connection<?>> allConnections = getConnections(connectionRepository, userName);
    if (allConnections.size() > 0) {

        Authentication authentication = authenticationFactory.createAuthenticationForAllConnections(userName,
                springSocialProfile.getPassword(), allConnections);
        return new User(userName, authentication.getCredentials().toString(), true, true, true, true,
                authentication.getAuthorities());

    } else {
        throw new UsernameNotFoundException(userName);
    }

}

From source file:cz.zcu.kiv.eegdatabase.wui.app.session.EEGDataBaseSession.java

public boolean authenticatedSocial() {

    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

    for (GrantedAuthority auth : authentication.getAuthorities()) {
        if (auth.getAuthority().equals("ROLE_ANONYMOUS"))
            return false;
    }//  ww w  .j av a  2s .c om

    if (authentication.isAuthenticated()) {

        String username = "";

        if (authentication.getPrincipal() instanceof User)
            username = ((User) authentication.getPrincipal()).getUsername();
        else if (authentication.getPrincipal() instanceof Person)
            username = ((Person) authentication.getPrincipal()).getUsername();

        return signIn(username, SOCIAL_PASSWD);
    }

    return false;
}

From source file:de.blizzy.documentr.access.DocumentrPermissionEvaluator.java

public boolean hasAnyProjectPermission(Authentication authentication, Permission permission) {
    for (GrantedAuthority authority : authentication.getAuthorities()) {
        if (authority instanceof PermissionGrantedAuthority) {
            PermissionGrantedAuthority pga = (PermissionGrantedAuthority) authority;
            GrantedAuthorityTarget target = pga.getTarget();
            Type type = target.getType();
            if ((type == Type.PROJECT) && hasPermission(pga, permission)) {

                return true;
            }//from  w  ww. j a  v  a 2s  . com
        }
    }
    return hasApplicationPermission(authentication, permission);
}