Java tutorial
/** * Copyright 2013 Stockholm County Council * * This file is part of APIGW * * APIGW is free software; you can redistribute it and/or modify * it under the terms of version 2.1 of the GNU Lesser General Public * License as published by the Free Software Foundation. * * APIGW is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with APIGW; if not, write to the * Free Software Foundation, Inc., 59 Temple Place, Suite 330, * Boston, MA 02111-1307 USA * */ package org.apigw.authserver.x509; import org.apigw.authserver.svc.CertifiedClientDetailsService; import org.apigw.authserver.types.domain.CertifiedClient; import org.joda.time.DateTimeComparator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.AuthenticationUserDetailsService; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; import org.springframework.util.Assert; import java.util.Date; public class CertifiedClientAuthenticationUserDetailsService implements AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>, InitializingBean { public static final Logger log = LoggerFactory.getLogger(CertifiedClientAuthenticationUserDetailsService.class); private CertifiedClientDetailsService clientDetailsService; @Override public UserDetails loadUserDetails(PreAuthenticatedAuthenticationToken token) throws AuthenticationException { if (token.getName() == null) { throw new UsernameNotFoundException("Username null not found"); } final X509ClientPrincipal principal = (X509ClientPrincipal) token.getPrincipal(); CertifiedClient clientDetails = clientDetailsService.loadClientByX509Cert(principal.getIssuerDN(), principal.getSubjectDN()); boolean expired = hasExpired(clientDetails); boolean enabled = !expired; return new User(clientDetails.getClientId(), "N/A", enabled, !expired, true, !clientDetails.isLocked(), clientDetails.getAuthorities()); } boolean hasExpired(CertifiedClient clientDetails) { return (clientDetails.getExpireDate() != null) && DateTimeComparator.getDateOnlyInstance() .compare(clientDetails.getExpireDate(), getCurrentDate()) < 0; } public void setClientDetailsService(CertifiedClientDetailsService clientDetailsService) { this.clientDetailsService = clientDetailsService; } protected Date getCurrentDate() { return new Date(); } @Override public void afterPropertiesSet() throws Exception { Assert.notNull(clientDetailsService, "clientDetailsService must not be null"); } }