List of usage examples for org.springframework.security.core.token Token getKey
String getKey();
From source file:org.ihtsdo.otf.refset.security.RefsetIdentityService.java
protected UserDetails authenticate(String userName, String token) { LOGGER.debug("Authenticating user {} ", userName); User user = getGuestUser();//from w w w . j a v a2s. co m MultiValueMap<String, String> params = new LinkedMultiValueMap<String, String>(); params.add("username", userName); params.add("password", token); params.add("queryName", "getUserByNameAuth"); try { if (StringUtils.isEmpty(userName) || StringUtils.isEmpty(token)) { throw new AccessDeniedException("User is unauthorized. Please check user name and password"); } Assert.notNull(rt, "Rest template can not be empty"); LOGGER.debug("Calling authentication service with URL {}, User {} and Parameters {} ", otfServiceUrl, userName); JsonNode obj = rt.postForObject(otfServiceUrl, params, JsonNode.class); LOGGER.debug("authentication service call successfully returned with {} ", obj); //populate user with other user details populateUser(user, obj); //now check if user has access to Refset app. params = new LinkedMultiValueMap<String, String>(); params.add("username", userName); params.add("queryName", "getUserApps"); LOGGER.debug("Calling autorization service with URL {}, User {} and Parameters {} ", otfServiceUrl, userName); JsonNode appJson = rt.postForObject(otfServiceUrl, params, JsonNode.class); LOGGER.debug("autorization service call successfully returned with {} ", appJson); JsonNode apps = appJson.get("apps"); Collection<RefsetRole> roles = new ArrayList<RefsetRole>(); for (JsonNode object : apps) { if (object != null && object.asText().equals(APP_NAME)) { RefsetRole role = new RefsetRole(); role.setAuthority(ROLE_USER); roles.add(role); break; } } user.setAuthorities(roles); if (isUserHasRole(user)) { String info = userName + ":" + token; Token key = service.allocateToken(info); user.setToken(key.getKey()); } } catch (Exception e) { LOGGER.error("Error during authentication for user:password - {} ", userName + ":" + token, e); throw new AccessDeniedException("User is unauthorized. Please check user name and password"); } return user; }
From source file:ro.cs.om.utils.security.SecurityTokenMonitor.java
@Override public void run() { Token t = null; try {/* w w w. j av a 2 s . c o m*/ while (true) { Thread.currentThread().sleep(sleepDuration); Enumeration<String> keys = tokenRepository.keys(); while (keys.hasMoreElements()) { t = tokenRepository.get(keys.nextElement()); if ((System.currentTimeMillis() - t.getKeyCreationTime()) > AVAILABILITY) { tokenRepository.remove(t.getKey()); logger.debug("\ttoken ".concat(t.getKey().concat(" removed!"))); } } } } catch (Exception e) { logger.error("", e); } }