通过相同的应用程序

时间:2017-05-31 12:22:58

标签: java spring spring-boot spring-security oauth-2.0 

I need to have a single Oath2 project to authorize normal user and admin user... Both are in different tables so I need to write custom authentication provider for each. Please help me out with working examples.

I have tried an implementation using spring boot. Below is some code which I tried out.

@Component
public class UserAuthenticationProvider implements AuthenticationProvider {

    private static final Logger LOGGER = LogManager.getLogger(UserAuthenticationProvider.class);

    @Autowired
    private UserRepository userRepository;

    @Autowired
    private AES256 aes256;

    public UserAuthenticationProvider() {
        LOGGER.info("*** UserAuthenticationProvider created");
    }

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        LOGGER.debug("AdminAuthenticationManager : authenticate - Enter");
        UserAuthenticationToken authToken = (UserAuthenticationToken) authentication;
        String name = authToken.getName();
        String password = authentication.getCredentials().toString();
        String encrUsername = aes256.encrypt(name, AES256.class.getName());
        String encrPassword = aes256.encrypt(password, AES256.class.getName());

        LOGGER.debug("authenticate name : " + name + ",password : " + password + ",encrUsername : " + encrUsername
                + ",encrPassword : " + encrPassword);

        User user = userRepository.findByUserNameAndPassword(encrUsername, encrPassword);

        List<GrantedAuthority> grantedAuths = new ArrayList<>();
        grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));

        if (null != user) {
            authentication.setAuthenticated(true);
            LOGGER.debug("authenticate success");
            LOGGER.debug("AdminAuthenticationManager : authenticate - Exit");
            return new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
        } else {
            LOGGER.debug("authenticate failure");
            LOGGER.debug("AdminAuthenticationManager : authenticate - Exit");
            throw new UsernameNotFoundException("Invalid Credentials");
        }
    }

    @Override
    public boolean supports(Class<?> authentication) {
        if (authentication.isAssignableFrom(UserAuthenticationToken.class)) {
            return true;
        }
        return false;
    }

}



Below is UserAuthenticationToken 


public class UserAuthenticationToken extends UsernamePasswordAuthenticationToken {
    private static final long serialVersionUID = 1L;
    private String userId;
    private String password;

    public UserAuthenticationToken(String userId, String password) {
        super(userId, password);
        // super.setAuthenticated(true); // must use super, as we override
        this.userId = userId;
        this.password = password;
    }

    public UserAuthenticationToken(String userId, String password, String isAdmin,
            Collection<? extends GrantedAuthority> authorities) {
        super(userId, password);
        super.setAuthenticated(true);
        this.userId = userId;
        this.password = password;
    }

    @Override
    public Object getCredentials() {
        return password;
    }

    @Override
    public Object getPrincipal() {
        return userId;
    }
}

以下是UserAuthentcationFilter     public class UserAuthentcationFilter扩展UsernamePasswordAuthenticationFilter {

public static final String ADMIN = "admin";

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
            throws AuthenticationException {
        final String isAdmin = request.getParameter("isAdmin");
        if (null != isAdmin && isAdmin.equalsIgnoreCase(ADMIN)) {
            return null;
        }
        final String userName = request.getParameter("username");
        final String password = request.getParameter("password");
        request.getSession().setAttribute("isAdmin", isAdmin);

        return new UserAuthenticationToken(userName, password);
    }

Below is AdminAuthenticationProvider 

@Component
public class AdminAuthenticationProvider implements AuthenticationProvider {

    private static final Logger `enter code here`LOGGER = LogManager.getLogger(AdminAuthenticationProvider.class);

    @Autowired
    private UserAccessDetailsRepository userAccessDetailsRepository;

    @Autowired
    private AES256 aes256;

    public AdminAuthenticationProvider() {
        LOGGER.info("*** AdminAuthenticationProvider created");
    }

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        LOGGER.debug("AdminAuthenticationManager : authenticate - Enter");
        String name = authentication.getName();
        String password = authentication.getCredentials().toString();
        String encrUsername = aes256.encrypt(name, AES256.class.getName());
        String encrPassword = aes256.encrypt(password, AES256.class.getName());
        String role;

        LOGGER.debug("authenticate name : " + name + ",password : " + password + ",encrUsername : " + encrUsername
                + ",encrPassword : " + encrPassword);

        UserAccessDetails userDetails = userAccessDetailsRepository
                .findFirstUserAccessDetailsByUserNameAndPassword(encrUsername, encrPassword);

        role = userDetails.getRole().toString();

        List<GrantedAuthority> grantedAuths = new ArrayList<>();
        if ("2".equals(role)) {
            grantedAuths.add(new SimpleGrantedAuthority("ROLE_AGENT"));
        } else if ("3".equals(role)) {
            grantedAuths.add(new SimpleGrantedAuthority("ROLE_SUPPORT"));
        } else {
            grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
        }

        if (null != userDetails) {
            authentication.setAuthenticated(true);
            LOGGER.debug("authenticate success");
            LOGGER.debug("AdminAuthenticationManager : authenticate - Exit");
            return new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
        } else {
            LOGGER.debug("authenticate failure");
            LOGGER.debug("AdminAuthenticationManager : authenticate - Exit");
            throw new UsernameNotFoundException("Invalid Credentials");
        }
    }

    @Override
    public boolean supports(Class<?> authentication) {
        if (authentication.isAssignableFrom(AdminAuthenticationToken.class)) {
            return true;
        }
        return false;
    }

}


Below is AdminAuthentcationFilter

@Order(Ordered.HIGHEST_PRECEDENCE)
public class AdminAuthentcationFilter extends AbstractAuthenticationProcessingFilter {

    public static final String ADMIN = "admin";

    public AdminAuthentcationFilter() {
        super("/*"); // allow any request to contain an authorization header
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
            throws AuthenticationException {
        final String isAdmin = request.getParameter("isAdmin");
        if (null == isAdmin || (null != isAdmin && !isAdmin.equalsIgnoreCase(ADMIN))) {
            return null;
        }
        final String userName = request.getParameter("username");
        final String password = request.getParameter("password");
        request.getSession().setAttribute("isAdmin", isAdmin);

        return new UserAuthenticationToken(userName, password);
    }
}

当达到服务时,我得到无限循环错误。我需要解决此问题,以便使用相同的应用程序来容纳用户和管理员身份验证。

1 个答案:

答案 0 :(得分:0)

看一下本教程。它以一步一步的方式解释了如何使用github或google

实现oauth

http://blog.takipi.com/tutorial-how-to-implement-java-oauth-2-0-to-sign-in-with-github-and-google/

相关问题
最新问题