package com.perforce;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import com.perforce.model.Role;
import com.perforce.model.UserInfo;
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
static Logger logger = Logger.getLogger(CustomAuthenticationProvider.class.getName());
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
logger.debug("Authenticate()");
String username = authentication.getName();
logger.debug("username=" + username);
String password = (String) authentication.getCredentials();
try {
HttpSession session = getSession();
P4Helper helper = (P4Helper) session.getAttribute(Constants.P4HELPER_SESSIONKEY);
if(helper == null) {
helper = new P4Helper();
session.setAttribute(Constants.P4HELPER_SESSIONKEY, helper);
if(helper.canPing()) {
helper.configServer();
}
}
UserInfo principal = helper.loginUser(username, password);
if(principal == null || principal.getTicket() == null || principal.getTicket().length()==0) {
throw new BadCredentialsException("User credentials invalid");
}
Role role = null;
List<Role> roleList = new ArrayList<Role>();
logger.debug("checking for admin");
if(helper.isAdmin(username)) {
role = new Role();
role.setName("SEC_ADMIN");
roleList.add(role);
}
logger.debug("getting user groups");
List<String> userGroups = helper.getUserGroups(username, true);
for(String g : userGroups) {
role = new Role();
role.setName(g);
roleList.add(role);
}
// if(roleList.isEmpty()) {
// role = new Role();
// role.setName("SEC_AUTHENTICATED");
// roleList.add(role);
// }
for(Role r : roleList) {
logger.debug(r.getName());
}
logger.debug("setting rolelist");
Collection<? extends GrantedAuthority> authorities = (Collection<? extends GrantedAuthority>) roleList;
logger.debug("returning principal");
return new UsernamePasswordAuthenticationToken(principal, password, authorities);
} catch (ApplicationException ae) {
logger.debug("caught exception: " + ae.getMessage());
ae.printStackTrace();
throw new InternalAuthenticationServiceException("User credentials invalid");
}
}
public boolean supports(Class<?> arg0) {
return true;
}
public static HttpSession getSession() {
ServletRequestAttributes attr = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
return attr.getRequest().getSession(true); // true == allow create
}
}