List of usage examples for org.springframework.security.oauth.provider ConsumerAuthentication getConsumerDetails
public ConsumerDetails getConsumerDetails()
From source file:nl.surfnet.coin.api.AbstractApiController.java
protected ClientMetaData getClientMetaData() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); ClientMetaData metaData = null;//from w ww . j a v a 2 s .co m // oauth2 if (authentication instanceof OAuth2Authentication) { OAuth2Authentication oauth2 = (OAuth2Authentication) authentication; String clientId = oauth2.getAuthorizationRequest().getClientId(); ClientDetails clientDetails = janusClientDetailsService.loadClientByClientId(clientId); metaData = ((OpenConextClientDetails) clientDetails).getClientMetaData(); registerApiVersion("oauth2"); } // oauth1 3-legged else if (authentication instanceof PreAuthenticatedAuthenticationToken) { PreAuthenticatedAuthenticationToken preAuth = (PreAuthenticatedAuthenticationToken) authentication; Object principal = preAuth.getPrincipal(); if (principal instanceof ClientMetaDataUser) { ClientMetaDataUser user = (ClientMetaDataUser) principal; metaData = user.getClientMetaData(); if (metaData == null) { Object details = preAuth.getDetails(); if (details instanceof OAuthAuthenticationDetails) { OAuthAuthenticationDetails authDetails = (OAuthAuthenticationDetails) details; ConsumerDetails consumerDetails = authDetails.getConsumerDetails(); if (consumerDetails instanceof OpenConextConsumerDetails) { OpenConextConsumerDetails base = (OpenConextConsumerDetails) consumerDetails; metaData = base.getClientMetaData(); } } } registerApiVersion("oauth1-3legged"); } } // oauth1 2-legged else if (authentication instanceof ConsumerAuthentication) { ConsumerAuthentication conAuth = (ConsumerAuthentication) authentication; ConsumerDetails consumerDetails = conAuth.getConsumerDetails(); if (consumerDetails instanceof OpenConextConsumerDetails) { OpenConextConsumerDetails details = (OpenConextConsumerDetails) consumerDetails; metaData = details.getClientMetaData(); registerApiVersion("oauth1-2legged"); } } else if (authentication instanceof SAMLAuthenticationToken) { SAMLAuthenticationToken samlToken = (SAMLAuthenticationToken) authentication; metaData = samlToken.getClientMetaData(); registerApiVersion("oauth2"); } else { throw new IllegalArgumentException("Authentication is of unknown class ('" + (authentication != null ? authentication.getClass() : "null") + "')"); } Assert.notNull(metaData, "ClientMetaData may not be null for checking ACL's. Authentication is of class ('" + (authentication != null ? authentication.getClass() : "null") + "')"); return metaData; }
From source file:org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter.java
/** * Validate the signature of the request given the authentication request. * * @param authentication The authentication request. *//* w w w . j ava2 s . c o m*/ protected void validateSignature(ConsumerAuthentication authentication) throws AuthenticationException { SignatureSecret secret = authentication.getConsumerDetails().getSignatureSecret(); String token = authentication.getConsumerCredentials().getToken(); OAuthProviderToken authToken = null; if (token != null && !"".equals(token)) { authToken = getTokenServices().getToken(token); } String signatureMethod = authentication.getConsumerCredentials().getSignatureMethod(); OAuthSignatureMethod method; try { method = getSignatureMethodFactory().getSignatureMethod(signatureMethod, secret, authToken != null ? authToken.getSecret() : null); } catch (UnsupportedSignatureMethodException e) { throw new OAuthException(e.getMessage(), e); } String signatureBaseString = authentication.getConsumerCredentials().getSignatureBaseString(); String signature = authentication.getConsumerCredentials().getSignature(); if (log.isDebugEnabled()) { log.debug("Verifying signature " + signature + " for signature base string " + signatureBaseString + " with method " + method.getName() + "."); } method.verify(signatureBaseString, signature); }
From source file:org.springframework.security.oauth.provider.OAuthProviderProcessingFilter.java
/** * Validate the signature of the request given the authentication request. * * @param authentication The authentication request. *//*from w w w.j a v a 2 s. co m*/ protected void validateSignature(ConsumerAuthentication authentication) throws AuthenticationException { SignatureSecret secret = authentication.getConsumerDetails().getSignatureSecret(); String token = authentication.getConsumerCredentials().getToken(); OAuthProviderToken authToken = null; if (token != null && !"".equals(token)) { authToken = getTokenServices().getToken(token); } String signatureMethod = authentication.getConsumerCredentials().getSignatureMethod(); OAuthSignatureMethod method = getSignatureMethodFactory().getSignatureMethod(signatureMethod, secret, authToken != null ? authToken.getSecret() : null); String signatureBaseString = authentication.getConsumerCredentials().getSignatureBaseString(); String signature = authentication.getConsumerCredentials().getSignature(); if (log.isDebugEnabled()) { log.debug("Verifying signature " + signature + " for signature base string " + signatureBaseString + " with method " + method.getName() + "."); } method.verify(signatureBaseString, signature); }