public void authenticate(Connection<?> connection) { Facebook facebook = (Facebook) connection.getApi(); String [] fields = { "id", "name", "email", "first_name", "last_name" }; User userProfile = facebook.fetchObject("me", User.class, fields); String username = userProfile.getName(); log.info("User Profile by facebook {} {} {}", userProfile.getFirstName(), userProfile.getLastName(), userProfile.getEmail()); Optional<io.osoon.domain.User> byEmail = userService.findByEmail(userProfile.getEmail()); io.osoon.domain.User osoonUser; if (byEmail.isPresent()) { osoonUser = byEmail.get(); } else { io.osoon.domain.User newUser = io.osoon.domain.User.of(userProfile.getEmail(), username); newUser.setImageUrl(connection.getImageUrl()); osoonUser = userService.saveOne(newUser); } OSoonUserDetails userDetails = new OSoonUserDetails(osoonUser); RememberMeAuthenticationToken rememberMeToken = new RememberMeAuthenticationToken("osoon-remember-me", userDetails, null); SecurityContextHolder.getContext().setAuthentication(rememberMeToken); log.info("User {} {} {} connected.", userProfile.getFirstName(), userProfile.getLastName(), userProfile.getEmail()); }
@Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth != null && auth instanceof RememberMeAuthenticationToken) { rememberMeServices.loginSuccess((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse, auth); } filterChain.doFilter(servletRequest, servletResponse); }
/** * Check if user is login by remember me cookie, refer * org.springframework.security.authentication. * AuthenticationTrustResolverImpl */ @SuppressWarnings("unused") private boolean isRememberMeAuthenticated() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { return false; } return RememberMeAuthenticationToken.class.isAssignableFrom(authentication.getClass()); }
protected void onValidTokenFound(HttpServletRequest request, HttpServletResponse response, RemoteToken token) { try { FlowableAppUser appUser = userCache.get(token.getUserId()); validateRequiredPriviliges(request, response, appUser); SecurityContextHolder.getContext().setAuthentication(new RememberMeAuthenticationToken(token.getId(), appUser, appUser.getAuthorities())); } catch (Exception e) { LOGGER.trace("Could not set necessary threadlocals for token", e); redirectOrSendNotPermitted(request, response, token.getUserId()); } }
/** * This is needed so that expressions in spring-security SPEL work properly. */ public static void convertUsernamePasswordToRememberMeAuthentication() { final UsernamePasswordAuthenticationToken usernamePassword = (UsernamePasswordAuthenticationToken) getAuthentication(); final RememberMeAuthenticationToken rememberMe = new RememberMeAuthenticationToken( ExtendedAnonymousAuthenticationFilter.KEY, usernamePassword.getPrincipal(), usernamePassword.getAuthorities()); setAuthentication(rememberMe); }
public boolean isRemembered(Authentication authentication, String attribute) { return IS_REMEMBERED.equals(attribute) && RememberMeAuthenticationToken.class .isAssignableFrom(authentication.getClass()); }
@Override public boolean supports(Class<?> authentication) { return (RememberMeAuthenticationToken.class.isAssignableFrom(authentication)); }
protected void login(User user) { OSoonUserDetails userDetails = new OSoonUserDetails(user); RememberMeAuthenticationToken rememberMeToken = new RememberMeAuthenticationToken("osoon-remember-me", userDetails, null); SecurityContextHolder.getContext().setAuthentication(rememberMeToken); }
protected boolean isFullyAuthenticated(Authentication authentication) { return !(authentication instanceof AnonymousAuthenticationToken || authentication instanceof RememberMeAuthenticationToken); }
@Override public boolean isRememberMe() { return getAuthentication() instanceof RememberMeAuthenticationToken; }