43 lines
2.0 KiB
Java
43 lines
2.0 KiB
Java
package ba.steleks.security;/**
|
|
* Created by ensar on 28/05/17.
|
|
*/
|
|
|
|
import ba.steleks.model.UserRole;
|
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
|
import org.springframework.security.authentication.AuthenticationManager;
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
import org.springframework.security.core.Authentication;
|
|
import org.springframework.security.core.AuthenticationException;
|
|
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
|
|
|
import javax.servlet.FilterChain;
|
|
import javax.servlet.ServletException;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
import java.io.IOException;
|
|
import java.util.Collections;
|
|
import java.util.Set;
|
|
|
|
public class JWTLoginFilter extends AbstractAuthenticationProcessingFilter {
|
|
|
|
public JWTLoginFilter(String defaultFilterProcessesUrl, AuthenticationManager authenticationManager) {
|
|
super(defaultFilterProcessesUrl);
|
|
setAuthenticationManager(authenticationManager);
|
|
}
|
|
|
|
@Override
|
|
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
|
|
AccountCredentials creds = new ObjectMapper().readValue(request.getInputStream(), AccountCredentials.class);
|
|
return getAuthenticationManager().authenticate(new UsernamePasswordAuthenticationToken(creds.getUsername(),
|
|
creds.getPassword(), Collections.emptyList()));
|
|
}
|
|
|
|
@Override
|
|
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
|
|
super.successfulAuthentication(request, response, chain, authResult);
|
|
Set<UserRole> userRoles = UserRoleFactory.fromGrantedAuthorities(authResult.getAuthorities());
|
|
|
|
TokenAuthenticationService.addAuthenticationHeader(response, authResult.getName(), userRoles);
|
|
}
|
|
}
|