org.acegisecurity.GrantedAuthority Java Examples

/**
 * This method retrieves the Distributed Session Ticket
 * 
 * @return the Distributed Session Ticket if valid or null
 */
private String getDST() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    String sDST = null;
    
    if (authentication != null) {
        GrantedAuthority[] authorities = authentication.getAuthorities();
        if (logger.isDebugEnabled()) {
            logger.debug("Granted Authority Count:" + authorities.length);
        }
        
        for (int i = 0; i < authorities.length; i++) {
            if (logger.isDebugEnabled()) {
                logger.debug("Authority:" + authorities[i]);
            }
            if (authorities[i].toString().startsWith(DistributedSession.getPrefix())) {
                sDST = authorities[0].toString();
            }
        }
    }
    else {
        logger.debug("Authentication is NULL");            
    }
    
    return sDST;
}
 

/**
 * Select the granted authorities for the sepcified user and return and 
 * array of the authorities found.
 * @param username the user name to get the authorities for
 * @return the list of granted authorities
 * @throws LdapDataAccessException thrown if there is an error
 */
private GrantedAuthority[] getGrantedAuthorities(String username) throws LdapDataAccessException {
   
    List privileges = auth.getUserPrivileges(username);
    if (privileges != null) {
        int privSize = privileges.size();
        GrantedAuthority roles[] = new GrantedAuthority[privSize]; 
    
        int i=0;
        Iterator it = privileges.iterator();
        while (it.hasNext()) {
            RolePrivilege priv = (RolePrivilege) it.next();
            GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_"+priv.getPrivilege());
            roles[i++] = ga;
        }
        
        return roles;
    }
    return new GrantedAuthority[0];
}
 

protected Object mapRow(ResultSet rs, int rownum)
    throws SQLException {
    String username = rs.getString(1);
    String password = rs.getString(2);
    boolean enabled = rs.getBoolean(3);
    boolean credentialsNonExpired = rs.getBoolean(4);
    
    if (password == null) {
        //set the password to blank for users authenticated by an external Authentication source
        password = "";
    }
    UserDetails user = new User(username, password, enabled, true,
            !credentialsNonExpired, true,
            new GrantedAuthority[] {new GrantedAuthorityImpl("HOLDER")});

    return user;
}
 

@Override
public UserDetails loadUserByUsername(String username)
        throws UsernameNotFoundException, DataAccessException {
    com.ramussoft.net.common.User user = getUserFactory().getUser(username);

    if (user == null) {
        throw new UsernameNotFoundException(MessageFormat.format(
                "User {0} not found", username));
    }

    List<Group> list = user.getGroups();
    GrantedAuthority[] arrayAuths = new GrantedAuthority[list.size() + 1];
    for (int i = 0; i < list.size(); i++) {
        arrayAuths[i] = new GrantedAuthorityImpl("ROLE_"
                + list.get(i).getName().toUpperCase());
    }
    arrayAuths[list.size()] = new GrantedAuthorityImpl("ROLE_USER");

    return new User(user.getLogin(), user.getPassword(), true, true, true,
            true, arrayAuths);
}
 

/**
 * Locates the user based on the username.
 *
 * @param username The username presented to the {@link DaoAuthenticationProvider}
 * @return A fully populated user record (never <code>null</code>)
 * @throws UsernameNotFoundException if the user could not be found or the user has no GrantedAuthority.
 * @throws DataAccessException       If user could not be found for a repository-specific reason.
 */
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
    User user = getUserByName(username);
    if (user == null) {
        throw new UsernameNotFoundException("User \"" + username + "\" was not found.");
    }

    String[] roles = userDao.getRolesForUser(username);
    GrantedAuthority[] authorities = new GrantedAuthority[roles.length];
    for (int i = 0; i < roles.length; i++) {
        authorities[i] = new GrantedAuthorityImpl("ROLE_" + roles[i].toUpperCase());
    }

    // If user is LDAP authenticated, disable user. The proper authentication should in that case
    // be done by SubsonicLdapBindAuthenticator.
    boolean enabled = !user.isLdapAuthenticated();

    return new org.acegisecurity.userdetails.User(username, user.getPassword(), enabled, true, true, true, authorities);
}
 

/**
 * @since 0.21
 */
public GitLabOAuthUserDetails getUserDetails(String username) {
	GitlabUser user = loadUser(username);
	if (user != null) {
		// FIXME to implement
		List<GrantedAuthority> groups = new ArrayList<GrantedAuthority>();
		try {
			List<GitlabGroup> gitLabGroups = gitLabAPI.getGroups();
			for (GitlabGroup gitlabGroup : gitLabGroups) {
				groups.add(new GrantedAuthorityImpl(gitlabGroup.getName()));
			}
		} catch (IOException e) {
			LOGGER.log(Level.FINE, e.getMessage(), e);
		}
		return new GitLabOAuthUserDetails(user, groups.toArray(new GrantedAuthority[groups.size()]));
	}
	return null;
}
 

@Before
public void setup() throws Exception {
    mockStatic(Jenkins.class);

    when(Jenkins.getInstance()).thenReturn(jenkins);
    when(Jenkins.getInstanceOrNull()).thenReturn(jenkins);
    when(Jenkins.getAuthentication()).thenReturn(authentication);
    GrantedAuthority[] grantedAuthorities = Lists.newArrayList(SecurityRealm.AUTHENTICATED_AUTHORITY).toArray(new GrantedAuthority[1]);

    Mockito.when(authentication.getAuthorities()).thenReturn(grantedAuthorities);
    Mockito.when(authentication.getPrincipal()).thenReturn("joe");
    mockStatic(User.class);

    when(user.getId()).thenReturn("joe");
    when(user.getFullName()).thenReturn("joe smith");
    when(user.getDisplayName()).thenReturn("joe smith");
    when(User.class, method(User.class, "get", Authentication.class)).withArguments(authentication).thenReturn(user);
    when(User.current()).thenReturn(user);
}
 

public UserDetails loadUserByUsername(String username)
{
    LdapUserDetails ldapUserDetails = ldapUserSearch.searchForUser(username);
    GrantedAuthority[] authorities = ldapAuthoritiesPopulator.getGrantedAuthorities(ldapUserDetails);

    return new User(username, "empty_password", true, true, true, true, authorities);
}
 

/**
 * This method is necessary for loading users by the ticket response
 * 
 * @param username
 * @param authorities
 * @return the UserDetails
 */
public UserDetails loadUserByUsernameAndAuthorities(String username, GrantedAuthority[] authorities) {
    if (logger.isDebugEnabled()) {
        logger.debug("loadUserByUsernameAndAuthorities");
    }
    GrantedAuthority[] newAuthorities = new GrantedAuthority[authorities.length+1];
    System.arraycopy(authorities, 0, newAuthorities, 0, authorities.length);
    newAuthorities[authorities.length]= new GrantedAuthorityImpl("ROLE_KUALI_USER");
    logger.warn("setting granted authorities:" + newAuthorities.toString());
    UserDetails user = new User(username, "empty_password", true, true, true, true, newAuthorities);    
    return user;
}
 

/**
 * This overridden method ...
 * 
 * @see org.acegisecurity.userdetails.UserDetailsService#loadUserByUsername(java.lang.String)
 */
public UserDetails loadUserByUsername(String username)
{
    if (logger.isDebugEnabled()) {
        logger.debug("loadUserByUsername");
    }
    return loadUserByUsernameAndAuthorities(username, new GrantedAuthority[0]);        
}
 

/**
 * This overridden method appends the Distributed Session Ticket to the
 * granted authorities
 * 
 * @see org.kuali.rice.kim.client.acegi.KualiUserDetailsService#loadUserByTicketResponse(org.kuali.rice.kim.client.acegi.KualiTicketResponse)
 */
public UserDetails loadUserByTicketResponse(KualiTicketResponse response) {
    GrantedAuthority[] authorities = new GrantedAuthority[1];
    authorities[0]= new GrantedAuthorityImpl(response.getDistributedSessionToken());
    if (logger.isDebugEnabled()) {
        logger.debug("loadUserByTicketResponse:" + response.getDistributedSessionToken());
    }
    return loadUserByUsernameAndAuthorities(response.getUser(), authorities); 
}
 

/**
    * Called by JUnit once for all tests (@BeforeClass) before instantiation 
    * of the test class. This method establishes the security context and
    * creates the logged in user "TestUser". This method can be overridden
    * without the need to use JUnit tags, but be sure to call super.initialise()
    * from within the overridden method if a logged in user id is required  
 * @throws java.lang.Exception
    */
@BeforeClass
public static void initialise() throws Exception {
	testCount = 0;
	testClassName = "";
	
	try
	{
		TestingAuthenticationToken testToken = new TestingAuthenticationToken(
		"TestUser", "TestUser", new GrantedAuthority[] {});	
		
		testToken.setAuthenticated(true);
		
		MockUserRoleDAO dao = new MockUserRoleDAO(baseTestFile);
		
		testToken.setDetails(dao.getCurrentUser());

		// Create and store the Acegi SecurityContext into the SecurityContextHolder.
		SecurityContext securityContext = new SecurityContextImpl();
		securityContext.setAuthentication(testToken);
		SecurityContextHolder.setContext(securityContext);
		
		// Create a MockApplicationContext
		ApplicationContextFactory.setWebApplicationContext(new MockWebApplicationContext());
	}
	catch(Exception e)
	{
		if(log.isErrorEnabled())
		{
			log.error("BaseWCTTest: Failed to create current user '"+AuthUtil.getRemoteUser()+"'");
		}
		throw e;
	}
}
 

@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException,
        DataAccessException {
    List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
    auths.add(AUTHENTICATED_AUTHORITY);
    Set<String> groups = groupsByUser.get(username);
    if (groups != null) {
        for (String g : groups) {
            auths.add(new GrantedAuthorityImpl(g));
        }
    }
    return new org.acegisecurity.userdetails.User(username,"",true,true,true,true, auths.toArray(new GrantedAuthority[auths.size()]));
}
 

public GrantedAuthority[] getAuthoritiesAsGrantedAuthorities() {
	GrantedAuthority[] authorities = new GrantedAuthority[this.authorities.size()];
	for(int i=0; i<authorities.length; i++) {
		authorities[i] = new GrantedAuthorityImpl(this.authorities.get(i));
	}
	return authorities;
}
 

@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException,
        DataAccessException {
    List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
    auths.add(AUTHENTICATED_AUTHORITY);
    Set<String> groups = groupsByUser.get(username);
    if (groups != null) {
        for (String g : groups) {
            auths.add(new GrantedAuthorityImpl(g));
        }
    }
    return new org.acegisecurity.userdetails.User(username,"",true,true,true,true, auths.toArray(new GrantedAuthority[0]));
}
 

@SuppressWarnings("unchecked")
@Override
   public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
       List users = usersByUsernameMapping.execute(username);

       if (users.size() == 0) {
           throw new UsernameNotFoundException("User not found");
       }

       UserDetails user = (UserDetails) users.get(0); // contains no GrantedAuthority[]

       List dbAuths = authoritiesByUsernameMapping.execute(user.getUsername());

       if (dbAuths.size() == 0) {
           throw new UsernameNotFoundException("User has no GrantedAuthority");
       }

       GrantedAuthority[] arrayAuths = {};

       addCustomAuthorities(user.getUsername(), dbAuths);

       arrayAuths = (GrantedAuthority[]) dbAuths.toArray(arrayAuths);

       String returnUsername = user.getUsername();

       if (!isUsernameBasedPrimaryKey()) {
           returnUsername = username;
       }

       return new User(returnUsername, user.getPassword(), user.isEnabled(),
           true, true, true, arrayAuths);
   }
 

private UsernamePasswordAuthenticationToken authenticateNow(Authentication authentication) throws AuthenticationException {
	return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_KUALI_USER")});
}
 

/** @see LdapAuthoritiesPopulator#getGrantedAuthorities(LdapUserDetails) .*/
public GrantedAuthority[] getGrantedAuthorities(LdapUserDetails userDetails) throws LdapDataAccessException {        
    return getGrantedAuthorities(userDetails.getUsername());
}
 

public OicUserProperty(String userName, GrantedAuthority[] authorities) {
	this.userName = userName;
	for(GrantedAuthority authority : authorities) {
		this.authorities.add(authority.getAuthority());
	}
}
 

@Override
public UserProperty newInstance(User user) {
	LOGGER.fine("OicUserPropertyDescriptor.newInstance called, user:" + user);
	return new OicUserProperty(user.getId(), new GrantedAuthority[0]);
}
 

@Override
public GrantedAuthority[] getAuthorities() {
    return Arrays.copyOf(grantedAuthorities, grantedAuthorities.length);
}
 

public OicUserDetails(String userName, GrantedAuthority[] grantedAuthorities) {
    this.userName = userName;
    this.grantedAuthorities = Arrays.copyOf(grantedAuthorities, grantedAuthorities.length);
}
 

public GrantedAuthority[] getGrantedAuthorities(LdapUserDetails userDetails) throws LdapDataAccessException {
    UserDetails details = userDetailsService.loadUserByUsername(userDetails.getUsername());
    return details.getAuthorities();
}
 

public GrantedAuthority getAuth() {
    return new GrantedAuthorityImpl(getName());
}
 

@Override
public GrantedAuthority[] getAuthorities() {
	return authorities.toArray(new GrantedAuthority[authorities.size()]);
}
 

public GitLabOAuthUserDetails(GitlabUser user, GrantedAuthority[] authorities) {
	super(user.getUsername(), "", true, true, true, true, authorities);
}
 

@Override
public GrantedAuthority[] getAuthorities() {
    //Fix for FB warning: EI_EXPOSE_REP
    return Arrays.copyOf(grantedAuthorities, grantedAuthorities.length);
}