This is the codeAbility Sharing Platform! Learn more about the codeAbility Sharing Platform.

Skip to content
Snippets Groups Projects
Commit 141a6f1d authored by Michael Breu's avatar Michael Breu
Browse files

First cleaned version

parent 54553b42
Branches
2 merge requests!188Merging Peer Reviewing et. al to Master,!164211 peer reviewing functionality
......@@ -5,6 +5,7 @@ import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED_VAL
import at.ac.uibk.gitsearch.security.AuthoritiesConstants;
import at.ac.uibk.gitsearch.security.jwt.JWTConfigurer;
import at.ac.uibk.gitsearch.security.jwt.TokenProvider;
import at.ac.uibk.gitsearch.security.oauth2.GitSearchOAuth2AuthenticationToken;
import at.ac.uibk.gitsearch.security.oauth2.GitSearchOAuth2AuthorizationRequestRepository;
import at.ac.uibk.gitsearch.security.oauth2.SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport;
import at.ac.uibk.gitsearch.security.oauth2.UserDetailsFetcher;
......@@ -222,17 +223,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
)
.successHandler(getAuthenticationSuccessHandler());
oauth2.addObjectPostProcessor(new ObjectPostProcessor<OAuth2LoginAuthenticationFilter>() {
@Override
public <O extends OAuth2LoginAuthenticationFilter> O postProcess(O object) {
if (object instanceof OAuth2LoginAuthenticationFilter) {
OAuth2LoginAuthenticationFilter oAuthLoginFilter = (OAuth2LoginAuthenticationFilter) object;
oAuthLoginFilter.setAuthenticationResultConverter(oauth2Tokenconverter);
}
return object;
}});
oauth2.addObjectPostProcessor(authenticationFilterPostProcessor);
}
)
......@@ -252,7 +243,27 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
}
Converter<org.springframework.security.oauth2.jwt.Jwt, AbstractAuthenticationToken> authenticationConverter() {
/**
* this method postprocesses OAuth2LoginAuthenticationFilter and assigns an AuthenticationResultConverter.
* The AuthenticationResultConverter is needed to convey the original referer-URL from the original
*/
private final ObjectPostProcessor<OAuth2LoginAuthenticationFilter> authenticationFilterPostProcessor =
new ObjectPostProcessor<OAuth2LoginAuthenticationFilter>() {
@Override
public <O extends OAuth2LoginAuthenticationFilter> O postProcess(O object) {
if (object instanceof OAuth2LoginAuthenticationFilter) {
OAuth2LoginAuthenticationFilter oAuthLoginFilter = (OAuth2LoginAuthenticationFilter) object;
oAuthLoginFilter.setAuthenticationResultConverter((OAuth2LoginAuthenticationToken authenticationResult) -> {
OAuth2AuthenticationToken authToken = new GitSearchOAuth2AuthenticationToken(authenticationResult);
return authToken;
});
}
return object;
}};
Converter<org.springframework.security.oauth2.jwt.Jwt, AbstractAuthenticationToken> authenticationConverter() {
JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(
new at.ac.uibk.gitsearch.security.oauth2.JwtGrantedAuthorityConverter()
......@@ -307,37 +318,6 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
};
}
public static class GitSearchOAuth2AuthenticationToken extends OAuth2AuthenticationToken {
/**
* serialVersionUID
*/
private static final long serialVersionUID = 1L;
private String redirectURL;
public GitSearchOAuth2AuthenticationToken(OAuth2LoginAuthenticationToken authenticationResult) {
super(authenticationResult.getPrincipal(), authenticationResult.getAuthorities(),
authenticationResult.getClientRegistration().getRegistrationId());
redirectURL = authenticationResult.getAuthorizationExchange().getAuthorizationRequest().getAttribute(GitSearchOAuth2AuthorizationRequestRepository.REFERER_ATTRIBUTE);
if(redirectURL == null)
redirectURL = "/";
}
public String getRedirectURL() {
return redirectURL;
}
}
private Converter<OAuth2LoginAuthenticationToken, OAuth2AuthenticationToken> oauth2Tokenconverter = (OAuth2LoginAuthenticationToken authenticationResult) -> {
OAuth2AuthenticationToken authToken = new GitSearchOAuth2AuthenticationToken(authenticationResult);
return authToken;
};
/**
* not used by OidcAuthorizationCodeAuthenticationProvider :-(
* @return
......
package at.ac.uibk.gitsearch.security.oauth2;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken;
public class GitSearchOAuth2AuthenticationToken extends OAuth2AuthenticationToken {
/**
* serialVersionUID
*/
private static final long serialVersionUID = 1L;
private String redirectURL;
public GitSearchOAuth2AuthenticationToken(OAuth2LoginAuthenticationToken authenticationResult) {
super(authenticationResult.getPrincipal(), authenticationResult.getAuthorities(),
authenticationResult.getClientRegistration().getRegistrationId());
redirectURL = authenticationResult.getAuthorizationExchange().getAuthorizationRequest().getAttribute(GitSearchOAuth2AuthorizationRequestRepository.REFERER_ATTRIBUTE);
if(redirectURL == null)
redirectURL = "/";
}
public String getRedirectURL() {
return redirectURL;
}
}
\ No newline at end of file
package at.ac.uibk.gitsearch.security.oauth2;
import at.ac.uibk.gitsearch.config.SecurityConfiguration.GitSearchOAuth2AuthenticationToken;
import at.ac.uibk.gitsearch.security.jwt.TokenProvider;
import java.io.IOException;
import java.security.Principal;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment