Java 类org.springframework.security.authentication.event.AbstractAuthenticationEvent 实例源码

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    if (event instanceof AuthenticationSuccessEvent) {
        log.debug("Authentication OK: {}", event.getAuthentication().getName());

        // Activity log
        Object details = event.getAuthentication().getDetails();
        String params = null;

        if (details instanceof WebAuthenticationDetails) {
            WebAuthenticationDetails wad = (WebAuthenticationDetails) details;
            params = wad.getRemoteAddress();
        } else if (GenericHolder.get() != null) {
            params = (String) GenericHolder.get();
        }

        UserActivity.log(event.getAuthentication().getName(), "LOGIN", null, null, params);
    } else if (event instanceof AuthenticationFailureBadCredentialsEvent) {
        log.info("Authentication ERROR: {}", event.getAuthentication().getName());
    }
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent appEvent) {
    String currentUserName = extractUserName(appEvent);
    if (currentUserName == null || isLockMechanismDisabled()) {
        return;
    }

    if (appEvent instanceof AuthenticationSuccessEvent &&
            accessCounter.containsKey(currentUserName) &&
            accessCounter.get(currentUserName) < maxLoginFailures) {

        accessCounter.remove(currentUserName);
        lastFailedLogin.remove(currentUserName);
    }

    if (appEvent instanceof AuthenticationFailureBadCredentialsEvent) {
        if (accessCounter.containsKey(currentUserName)) {
            accessCounter.put(currentUserName, accessCounter.get(currentUserName) + 1);
        } else {
            accessCounter.put(currentUserName, 1);
        }
        lastFailedLogin.put(currentUserName, new Date());
    }
}

private String extractUserName(AbstractAuthenticationEvent appEvent) {
    if (appEvent.getSource() != null && appEvent.getSource() instanceof InternalAuthentication) {
        InternalAuthentication internalAuth = (InternalAuthentication) appEvent.getSource();

        if (internalAuth.getPrincipal() != null) {

            if (internalAuth.getPrincipal() instanceof User) {
                User user = (User) internalAuth.getPrincipal();
                return user.getUserName();
            }
            if (internalAuth.getPrincipal() instanceof String) {
                return (String) internalAuth.getPrincipal();
            }
        }
    }

    return null;
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent appEvent) {
    String currentUserName = extractUserName(appEvent);
    if (currentUserName == null || isLockMechanismDisabled()) {
        return;
    }

    if (appEvent instanceof AuthenticationSuccessEvent &&
            accessCounter.containsKey(currentUserName) &&
            accessCounter.get(currentUserName) < maxLoginFailures) {

        accessCounter.remove(currentUserName);
        lastFailedLogin.remove(currentUserName);
    }

    if (appEvent instanceof AuthenticationFailureBadCredentialsEvent) {
        if (accessCounter.containsKey(currentUserName)) {
            accessCounter.put(currentUserName, accessCounter.get(currentUserName) + 1);
        } else {
            accessCounter.put(currentUserName, 1);
        }
        lastFailedLogin.put(currentUserName, new Date());
    }
}

private String extractUserName(AbstractAuthenticationEvent appEvent) {
    if (appEvent.getSource() != null && appEvent.getSource() instanceof InternalAuthentication) {
        InternalAuthentication internalAuth = (InternalAuthentication) appEvent.getSource();

        if (internalAuth.getPrincipal() != null) {

            if (internalAuth.getPrincipal() instanceof User) {
                User user = (User) internalAuth.getPrincipal();
                return user.getUserName();
            }
            if (internalAuth.getPrincipal() instanceof String) {
                return (String) internalAuth.getPrincipal();
            }
        }
    }

    return null;
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
  final StringBuilder builder = new StringBuilder();
  builder.append("Authentication event ");
  builder.append(event.getClass().getSimpleName());
  builder.append(": ");
  builder.append(event.getAuthentication().getName());
  builder.append("; details: ");
  builder.append(event.getAuthentication().getDetails());

  if (event instanceof AbstractAuthenticationFailureEvent) {
    builder.append("; exception: ");
    builder.append(((AbstractAuthenticationFailureEvent) event)
        .getException().getMessage());
  }
  LOG.warn(builder.toString());
}

@Override
@Transactional(propagation = Propagation.REQUIRES_NEW)
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    logToAuditService(event);

    emitLogMessage(event);
    storeLogMessage(event);
}

private static void emitLogMessage(AbstractAuthenticationEvent event) {
    final StringBuilder builder = new StringBuilder();
    builder.append("Authentication event ");
    builder.append(ClassUtils.getShortName(event.getClass()));
    builder.append(": ");
    builder.append(event.getAuthentication().getName());

    if (event instanceof AbstractAuthenticationFailureEvent) {
        builder.append("; exception: ");
        builder.append(((AbstractAuthenticationFailureEvent) event).getException().getMessage());
    }

    LOG.warn(builder.toString());
}

private void storeLogMessage(final AbstractAuthenticationEvent event) {
    try {
        if (event instanceof InteractiveAuthenticationSuccessEvent) {
            accountAuditService.auditLoginSuccessEvent(InteractiveAuthenticationSuccessEvent.class.cast(event));
        } else if (event instanceof AuthenticationSuccessEvent) {
            accountAuditService.auditLoginSuccessEvent(AuthenticationSuccessEvent.class.cast(event));
        } else if (event instanceof AbstractAuthenticationFailureEvent) {
            accountAuditService.auditLoginFailureEvent(AbstractAuthenticationFailureEvent.class.cast(event));
        }
    } catch (Exception ex) {
        LOG.error("Failed to audit authentication event in database", ex);
    }
}

private void logToAuditService(AbstractAuthenticationEvent event) {
    if (event instanceof AuthenticationSuccessEvent) {
        final Authentication authentication = event.getAuthentication();

        final ImmutableMap.Builder<String, Object> extra = auditService.extra("remoteAddress",
                getRemoteAddress(authentication));
        addGrantedAuthorities(authentication, extra);
        addSource(event, extra);
        auditService.log("loginSuccess", authentication.getName(), extra.build());
    }
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    if (event instanceof AbstractAuthenticationFailureEvent) {
        onAuthenticationFailureEvent((AbstractAuthenticationFailureEvent) event);
    }
    else if (this.webListener != null && this.webListener.accepts(event)) {
        this.webListener.process(this, event);
    }
    else if (event instanceof AuthenticationSuccessEvent) {
        onAuthenticationSuccessEvent((AuthenticationSuccessEvent) event);
    }
}

public void process(AuthenticationAuditListener listener,
        AbstractAuthenticationEvent input) {
    if (listener != null) {
        AuthenticationSwitchUserEvent event = (AuthenticationSwitchUserEvent) input;
        Map<String, Object> data = new HashMap<String, Object>();
        if (event.getAuthentication().getDetails() != null) {
            data.put("details", event.getAuthentication().getDetails());
        }
        data.put("target", event.getTargetUser().getUsername());
        listener.publish(new AuditEvent(event.getAuthentication().getName(),
                "AUTHENTICATION_SWITCH", data));
    }

}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    Authentication source = event.getAuthentication();
    if (event instanceof AbstractAuthenticationFailureEvent) {
        Exception e = ((AbstractAuthenticationFailureEvent) event).getException();
        log.info(String.format("Authentication failure [user: %s] [error: %s]", source.getName(), e.getMessage()));
    } else if (event instanceof AuthenticationSuccessEvent) {
        String userName = source.getName();
        log.info(String.format("User logged in [user: %s]", userName));
        eventService.post(EventType.Login.toString(), userName, null);
    }
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    if (event instanceof AbstractAuthenticationFailureEvent) {
        onAuthenticationFailureEvent((AbstractAuthenticationFailureEvent) event);
    }
    else if (this.webListener != null && this.webListener.accepts(event)) {
        this.webListener.process(this, event);
    }
    else if (event instanceof AuthenticationSuccessEvent) {
        onAuthenticationSuccessEvent((AuthenticationSuccessEvent) event);
    }
}

public void process(AuthenticationAuditListener listener,
        AbstractAuthenticationEvent input) {
    if (listener != null) {
        AuthenticationSwitchUserEvent event = (AuthenticationSwitchUserEvent) input;
        Map<String, Object> data = new HashMap<String, Object>();
        if (event.getAuthentication().getDetails() != null) {
            data.put("details", event.getAuthentication().getDetails());
        }
        data.put("target", event.getTargetUser().getUsername());
        listener.publish(new AuditEvent(event.getAuthentication().getName(),
                "AUTHENTICATION_SWITCH", data));
    }

}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    if (event instanceof AbstractAuthenticationFailureEvent) {
        onAuthenticationFailureEvent((AbstractAuthenticationFailureEvent) event);
    }
    else if (this.webListener != null && this.webListener.accepts(event)) {
        this.webListener.process(this, event);
    }
    else {
        onAuthenticationEvent(event);
    }
}

private void onAuthenticationEvent(AbstractAuthenticationEvent event) {
    Map<String, Object> data = new HashMap<String, Object>();
    if (event.getAuthentication().getDetails() != null) {
        data.put("details", event.getAuthentication().getDetails());
    }
    publish(new AuditEvent(event.getAuthentication().getName(),
            "AUTHENTICATION_SUCCESS", data));
}

public void process(AuthenticationAuditListener listener,
        AbstractAuthenticationEvent input) {
    if (listener != null) {
        AuthenticationSwitchUserEvent event = (AuthenticationSwitchUserEvent) input;
        Map<String, Object> data = new HashMap<String, Object>();
        if (event.getAuthentication().getDetails() != null) {
            data.put("details", event.getAuthentication().getDetails());
        }
        data.put("target", event.getTargetUser().getUsername());
        listener.publish(new AuditEvent(event.getAuthentication().getName(),
                "AUTHENTICATION_SWITCH", data));
    }

}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    // Authentication success
    if (event instanceof AuthenticationSuccessEvent) {
        handleAuthenticationSuccessEvent((AuthenticationSuccessEvent) event);
    }
    // Authentication failure
    if (event instanceof AbstractAuthenticationFailureEvent) {
        handleAuthenticationFailureEvent((AbstractAuthenticationFailureEvent) event);
    }
    // Authentication clear
    if (event instanceof AuthenticationCleanedEvent) {
        handleAuthenticationCleanedEvent((AuthenticationCleanedEvent) event);
    }
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    Authentication authentication = event.getAuthentication();

    if (event instanceof AuthenticationSuccessEvent) {
      ResourceOwnerPasswordResourceDetails resource = getResourceOwnerPasswordResourceDetails();
      resource.setScope(Arrays.asList("words"));
      resource.setUsername(authentication.getName());
      resource.setPassword(authentication.getCredentials().toString());

      try {
          OAuth2AccessToken accessToken = accessTokenProvider.obtainAccessToken(resource, new DefaultAccessTokenRequest());
          log.debug("Access token request succeeded for user: '{}', new token is '{}'"
                  , resource.getUsername() 
                  , accessToken.getValue());
          if (authentication instanceof AbstractAuthenticationToken && authentication.getDetails() instanceof CustomAuthenticationDetails) {
              ((CustomAuthenticationDetails) ((AbstractAuthenticationToken) authentication).getDetails())
                .setBearer(accessToken.getValue());
              log.debug("Access token was added to authentication as details");
          } else if (log.isDebugEnabled()) {
              log.debug("Access token could not be added to authentication as details");
          }
      } catch (Exception e) {
          log.error("Access token request failed for user: '" + resource.getUsername() + "'", e);
      }
    }
    if (authentication instanceof CredentialsContainer) {
           // Authentication is complete. Remove credentials and other secret data from authentication
           ((CredentialsContainer)authentication).eraseCredentials();
       }

}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    Authentication authentication = event.getAuthentication();
    if (event instanceof AuthenticationSuccessEvent) {

      ResourceOwnerPasswordResourceDetails resource = getResourceOwnerPasswordResourceDetails();
      resource.setScope(Arrays.asList("words"));
      resource.setUsername(authentication.getName());
      resource.setPassword(authentication.getCredentials().toString());

      try {
          OAuth2AccessToken accessToken = accessTokenProvider.obtainAccessToken(resource, new DefaultAccessTokenRequest());
          log.debug("Access token request succeeded for user: '{}', new token is '{}'"
                  , resource.getUsername() 
                  , accessToken.getValue());
          if (authentication instanceof AbstractAuthenticationToken && authentication.getDetails() instanceof CustomAuthenticationDetails) {
              ((CustomAuthenticationDetails) ((AbstractAuthenticationToken) authentication).getDetails())
                .setBearer(accessToken.getValue());
              log.debug("Access token was added to authentication as details");
          } else if (log.isDebugEnabled()) {
              log.debug("Access token could not be added to authentication as details");
          }
      } catch (Exception e) {
          log.error("Access token request failed for user: '" + resource.getUsername() + "'", e);
      }
    }
    if (authentication instanceof CredentialsContainer) {
           // Authentication is complete. Remove credentials and other secret data from authentication
           ((CredentialsContainer)authentication).eraseCredentials();
       }

}

private EventBuilder createEvent(String uei, AbstractAuthenticationEvent authEvent) {
    EventBuilder builder = new EventBuilder(uei, "OpenNMS.WebUI");
    builder.setTime(new Date(authEvent.getTimestamp()));
    org.springframework.security.core.Authentication auth = authEvent.getAuthentication();
    if (auth != null && auth.getName() != null) {
        builder.addParam("user", WebSecurityUtils.sanitizeString(auth.getName()));
    }
    if (auth != null && auth.getDetails() != null && auth.getDetails() instanceof WebAuthenticationDetails) {
        WebAuthenticationDetails webDetails = (WebAuthenticationDetails) auth.getDetails();
        if (webDetails.getRemoteAddress() != null) {
            builder.addParam("ip", webDetails.getRemoteAddress());
        }
    }
    return builder;
}

private String getLines(AbstractAuthenticationEvent event){
    final StringBuilder builder = new StringBuilder();
    if(event!=null){                        
        builder.append("Authentication Log(");
        builder.append(ClassUtils.getShortName(event.getClass()));
        builder.append("): ");
        builder.append(getLines(event.getAuthentication()));
    }   
    return builder.toString();
}

private static void addSource(AbstractAuthenticationEvent event, ImmutableMap.Builder<String, Object> extra) {
    extra.put("source", event.getSource().getClass().getSimpleName());
}

public boolean accepts(AbstractAuthenticationEvent event) {
    return event instanceof AuthenticationSwitchUserEvent;
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    this.event = event;
}

public boolean accepts(AbstractAuthenticationEvent event) {
    return event instanceof AuthenticationSwitchUserEvent;
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    this.event = event;
}

public boolean accepts(AbstractAuthenticationEvent event) {
    return event instanceof AuthenticationSwitchUserEvent;
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    this.event = event;
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {
    if (log.isDebugEnabled()) {
        log.debug("Authentication Event:[" + event.toString() + "]");
    }
}

@Override
public void onApplicationEvent(AbstractAuthenticationEvent event) {     
    authlogger.write(event);
}

public void write(AbstractAuthenticationEvent event){       
    log.info(getLines(event));
}