imported userinfouserdetails filter from MITRE codebase

2012-06-13 16:33:55 -04:00 · 2012-06-13 16:33:55 -04:00 · ace5dd1f1e
parent 2a05ff995d
commit ace5dd1f1e
7 changed files with 95 additions and 3 deletions
--- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java
+++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java
@ -43,7 +43,7 @@ public interface UserInfoRepository {
 	 * @param user
 	 * @return
 	 */
-	public UserInfo save(DefaultUserInfo userInfo);
+	public UserInfo save(UserInfo userInfo);
 	
 	/**
 	 * Removes the given UserInfo from the repository
--- a/openid-connect-server/.springBeans
+++ b/openid-connect-server/.springBeans
@ -9,6 +9,8 @@
 	<configs>
 		<config>src/main/webapp/WEB-INF/user-context.xml</config>
 		<config>src/main/webapp/WEB-INF/server-config.xml</config>
+		<config>src/main/webapp/WEB-INF/local-config.xml</config>
+		<config>src/main/webapp/WEB-INF/data-context.xml</config>
 	</configs>
 	<configSets>
 	</configSets>
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
@ -49,7 +49,7 @@ public class JpaUserInfoRepository implements UserInfoRepository {
 	
 	@Override
 	@Transactional	
-	public UserInfo save(DefaultUserInfo userInfo) {
+	public UserInfo save(UserInfo userInfo) {
 		return saveOrUpdate(userInfo.getUserId(), manager, userInfo);
 	}

--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/UserInfoUserDetailsService.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/UserInfoUserDetailsService.java
@ -0,0 +1,77 @@
+package org.mitre.openid.connect.service.impl;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.mitre.openid.connect.model.UserInfo;
+import org.mitre.openid.connect.repository.UserInfoRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.GrantedAuthorityImpl;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service("userInfoUserDetailsService")
+public class UserInfoUserDetailsService implements UserDetailsService {
+	
+	@Autowired
+	UserInfoRepository repository;
+	
+    public static final GrantedAuthority ROLE_USER = new GrantedAuthorityImpl("ROLE_USER");
+    public static final GrantedAuthority ROLE_ADMIN = new GrantedAuthorityImpl("ROLE_ADMIN");
+
+    private List<String> admins = new ArrayList<String>();
+    
+	@Override
+	public UserDetails loadUserByUsername(String username)
+			throws UsernameNotFoundException {
+		UserInfo userInfo = repository.getByUserId(username);
+		
+		if (userInfo != null) {
+		
+			// TODO: make passwords configurable? part of object?
+			String password = "password";
+			
+	        boolean enabled = true;
+	        /*
+	         * TODO: this was for a MITRE-specific flag
+	        if(userInfo.getDeleteFlag() > 0){
+	        	enabled = false;
+	        }
+	        */
+	        boolean accountNonExpired = true;
+	        boolean credentialsNonExpired = true;
+	        boolean accountNonLocked = true;
+	        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+	        authorities.add(ROLE_USER);
+	        
+	        if (admins != null && admins.contains(username)) {
+	        	authorities.add(ROLE_ADMIN);
+	        }
+	        
+			User user = new User(userInfo.getUserId(), password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
+			return user;
+		} else {
+			return null;
+		}
+	}
+
+	/**
+     * @return the admins
+     */
+    public List<String> getAdmins() {
+    	return admins;
+    }
+
+	/**
+     * @param admins the admins to set
+     */
+    public void setAdmins(List<String> admins) {
+    	this.admins = admins;
+    }
+
+}
--- a/openid-connect-server/src/main/webapp/WEB-INF/local-config.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/local-config.xml
@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+
+<!-- Empty: Override this file in your local project to change configuration options. -->
+
+</beans>
--- a/openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml
@ -230,4 +230,8 @@
 	<!-- <task:annotation-driven scheduler="taskScheduler" executor="taskExecutor" 
 		/> -->

+
+	<!-- import application-local configuration information (such as bean definitions) -->
+	<import resource="local-config.xml" />
+
 </beans>
--- a/openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
+++ b/openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
@ -20,7 +20,7 @@
                
                	<security:authentication property="authorities" var="roles"/>

-                    <security:authorize ifAllGranted="ROLE_USER">
+                    <security:authorize ifAnyGranted="ROLE_USER">
                        Logged in as <a href="#"><%= request.getUserPrincipal().getName() %></a>
                    </security:authorize>
                </p>