List of usage examples for org.springframework.security.oauth.provider ConsumerAuthentication getCredentials
public Object getCredentials()
From source file:org.opencastproject.kernel.security.LtiLaunchAuthenticationHandler.java
/** * {@inheritDoc}//from ww w . j ava 2 s. com * * @see org.springframework.security.oauth.provider.OAuthAuthenticationHandler#createAuthentication(javax.servlet.http.HttpServletRequest, * org.springframework.security.oauth.provider.ConsumerAuthentication, * org.springframework.security.oauth.provider.token.OAuthAccessProviderToken) */ @Override public Authentication createAuthentication(HttpServletRequest request, ConsumerAuthentication authentication, OAuthAccessProviderToken authToken) { // The User ID must be provided by the LTI consumer String userIdFromConsumer = request.getParameter(LTI_USER_ID_PARAM); if (StringUtils.isBlank(userIdFromConsumer)) { logger.warn("Received authentication request without user id ({})", LTI_USER_ID_PARAM); return null; } // Get the comser guid if provided String consumerGUID = request.getParameter(LTI_CONSUMER_GUID); //This is an optional field it could be blank if (StringUtils.isBlank(consumerGUID)) { consumerGUID = "UknownConsumer"; } //We need to construct a complex ID to avoid confusion userIdFromConsumer = LTI_USER_ID_PREFIX + LTI_ID_DELIMITER + consumerGUID + LTI_ID_DELIMITER + userIdFromConsumer; //if this is a trusted consumer we trust their details String oaAuthKey = request.getParameter("oauth_consumer_key"); if (highlyTrustedKeys.contains(oaAuthKey)) { logger.debug("{} is a trusted key", oaAuthKey); //If supplied we use the human readable name String suppliedEid = request.getParameter("lis_person_sourcedid"); //This is an optional field it could be null if (suppliedEid != null) { userIdFromConsumer = suppliedEid; } else { //if no eid is set we use the supplied ID userIdFromConsumer = request.getParameter(LTI_USER_ID_PARAM); } } if (logger.isDebugEnabled()) { logger.debug("LTI user id is : {}", userIdFromConsumer); } UserDetails userDetails = null; Collection<GrantedAuthority> userAuthorities = null; try { userDetails = userDetailsService.loadUserByUsername(userIdFromConsumer); userAuthorities = (Collection<GrantedAuthority>) userDetails.getAuthorities(); //This list is potentially an modifiable collection userAuthorities = new HashSet<GrantedAuthority>(userAuthorities); //we still need to enrich this user with the LTI Roles String roles = request.getParameter(ROLES); String context = request.getParameter(CONTEXT_ID); enrichRoleGrants(roles, context, userAuthorities); } catch (UsernameNotFoundException e) { // This user is known to the tool consumer, but not to Matterhorn. Create a user "on the fly" userAuthorities = new HashSet<GrantedAuthority>(); // We should add the authorities passed in from the tool consumer? userAuthorities.add(new GrantedAuthorityImpl("ROLE_ANONYMOUS")); String roles = request.getParameter(ROLES); String context = request.getParameter(CONTEXT_ID); enrichRoleGrants(roles, context, userAuthorities); //all users need the OATH ROLE, the user Role and the Anon Role userAuthorities.add(new GrantedAuthorityImpl(ROLE_OAUTH_USER)); userAuthorities.add(new GrantedAuthorityImpl("ROLE_USER")); userAuthorities.add(new GrantedAuthorityImpl("ROLE_ANONYMOUS")); logger.info("Returning user with {} authorities", userAuthorities.size()); userDetails = new User(userIdFromConsumer, "oauth", true, true, true, true, userAuthorities); } Authentication ltiAuth = new PreAuthenticatedAuthenticationToken(userDetails, authentication.getCredentials(), userAuthorities); SecurityContextHolder.getContext().setAuthentication(ltiAuth); return ltiAuth; }