Example usage for org.springframework.security.core.token Token getKey

List of usage examples for org.springframework.security.core.token Token getKey

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.core.token.*
  5. Token
  6. getKey

Introduction

In this page you can find the example usage for org.springframework.security.core.token Token getKey.

Prototype

String getKey();

Source Link

Document

Obtains the randomised, secure key assigned to this token.

Usage

From source file:org.ihtsdo.otf.refset.security.RefsetIdentityService.java

protected UserDetails authenticate(String userName, String token) {

    LOGGER.debug("Authenticating user {} ", userName);

    User user = getGuestUser();//from  w w  w . j  a v a2s.  co m

    MultiValueMap<String, String> params = new LinkedMultiValueMap<String, String>();
    params.add("username", userName);
    params.add("password", token);
    params.add("queryName", "getUserByNameAuth");

    try {

        if (StringUtils.isEmpty(userName) || StringUtils.isEmpty(token)) {

            throw new AccessDeniedException("User is unauthorized. Please check user name and password");
        }
        Assert.notNull(rt, "Rest template can not be empty");

        LOGGER.debug("Calling authentication service with URL {}, User {} and Parameters {} ", otfServiceUrl,
                userName);

        JsonNode obj = rt.postForObject(otfServiceUrl, params, JsonNode.class);

        LOGGER.debug("authentication service call successfully returned with {} ", obj);

        //populate user with other user details
        populateUser(user, obj);

        //now check if user has access to Refset app.
        params = new LinkedMultiValueMap<String, String>();
        params.add("username", userName);
        params.add("queryName", "getUserApps");

        LOGGER.debug("Calling autorization service with URL {}, User {} and Parameters {} ", otfServiceUrl,
                userName);

        JsonNode appJson = rt.postForObject(otfServiceUrl, params, JsonNode.class);

        LOGGER.debug("autorization service call successfully returned with {} ", appJson);

        JsonNode apps = appJson.get("apps");
        Collection<RefsetRole> roles = new ArrayList<RefsetRole>();

        for (JsonNode object : apps) {

            if (object != null && object.asText().equals(APP_NAME)) {

                RefsetRole role = new RefsetRole();
                role.setAuthority(ROLE_USER);
                roles.add(role);
                break;
            }
        }
        user.setAuthorities(roles);

        if (isUserHasRole(user)) {

            String info = userName + ":" + token;
            Token key = service.allocateToken(info);
            user.setToken(key.getKey());
        }

    } catch (Exception e) {

        LOGGER.error("Error during authentication for user:password - {} ", userName + ":" + token, e);

        throw new AccessDeniedException("User is unauthorized. Please check user name and password");
    }

    return user;

}

From source file:ro.cs.om.utils.security.SecurityTokenMonitor.java

@Override
public void run() {
    Token t = null;
    try {/*  w  w  w. j  av  a 2 s  . c o  m*/
        while (true) {
            Thread.currentThread().sleep(sleepDuration);
            Enumeration<String> keys = tokenRepository.keys();
            while (keys.hasMoreElements()) {
                t = tokenRepository.get(keys.nextElement());
                if ((System.currentTimeMillis() - t.getKeyCreationTime()) > AVAILABILITY) {
                    tokenRepository.remove(t.getKey());
                    logger.debug("\ttoken ".concat(t.getKey().concat(" removed!")));
                }
            }
        }
    } catch (Exception e) {
        logger.error("", e);
    }
}