001/* 002 * Licensed under the Apache License, Version 2.0 (the "License"); 003 * you may not use this file except in compliance with the License. 004 * You may obtain a copy of the License at 005 * 006 * http://www.apache.org/licenses/LICENSE-2.0 007 * 008 * Unless required by applicable law or agreed to in writing, software 009 * distributed under the License is distributed on an "AS IS" BASIS, 010 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 011 * See the License for the specific language governing permissions and 012 * limitations under the License. 013 */ 014package org.gbif.ws.remoteauth.jwt; 015 016import org.gbif.ws.remoteauth.AbstractRemoteAuthenticationProvider; 017import org.gbif.ws.remoteauth.RemoteAuthClient; 018import org.gbif.ws.security.GbifAuthenticationToken; 019import org.gbif.ws.security.GbifUserPrincipal; 020 021import org.springframework.http.HttpHeaders; 022import org.springframework.http.ResponseEntity; 023import org.springframework.security.core.Authentication; 024 025import lombok.extern.slf4j.Slf4j; 026 027/** 028 * JWT Remote authentication against the registry. 029 */ 030@Slf4j 031public class JwtRemoteBasicAuthenticationProvider 032 extends AbstractRemoteAuthenticationProvider<JwtAuthentication> { 033 034 private static final String AUTH_PATH = "/user/auth/jwt"; 035 036 public JwtRemoteBasicAuthenticationProvider(RemoteAuthClient remoteAuthClient) { 037 super(JwtAuthentication.class, AUTH_PATH, remoteAuthClient); 038 } 039 040 @Override 041 public HttpHeaders createHttpHeaders(Authentication authentication) { 042 String token = ((JwtAuthentication) authentication).getToken(); 043 HttpHeaders headers = new HttpHeaders(); 044 headers.setBearerAuth(token); 045 return headers; 046 } 047 048 @Override 049 protected Authentication createSuccessAuthentication( 050 ResponseEntity<String> response, Authentication authentication) { 051 String newToken = response.getHeaders().getFirst("token"); 052 GbifUserPrincipal gbifUserPrincipal = 053 new GbifUserPrincipal(readUserFromResponse(response).toGbifUser()); 054 return new GbifAuthenticationToken( 055 gbifUserPrincipal, gbifUserPrincipal.getAuthorities(), newToken); 056 } 057}