Source code

001/*
002 * Licensed under the Apache License, Version 2.0 (the "License");
003 * you may not use this file except in compliance with the License.
004 * You may obtain a copy of the License at
005 *
006 *     http://www.apache.org/licenses/LICENSE-2.0
007 *
008 * Unless required by applicable law or agreed to in writing, software
009 * distributed under the License is distributed on an "AS IS" BASIS,
010 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
011 * See the License for the specific language governing permissions and
012 * limitations under the License.
013 */
014package org.gbif.ws.remoteauth.jwt;
015
016import org.gbif.ws.remoteauth.AbstractRemoteAuthenticationProvider;
017import org.gbif.ws.remoteauth.RemoteAuthClient;
018import org.gbif.ws.security.GbifAuthenticationToken;
019import org.gbif.ws.security.GbifUserPrincipal;
020
021import org.springframework.http.HttpHeaders;
022import org.springframework.http.ResponseEntity;
023import org.springframework.security.core.Authentication;
024
025import lombok.extern.slf4j.Slf4j;
026
027/**
028 * JWT Remote authentication against the registry.
029 */
030@Slf4j
031public class JwtRemoteBasicAuthenticationProvider
032    extends AbstractRemoteAuthenticationProvider<JwtAuthentication> {
033
034  private static final String AUTH_PATH = "/user/auth/jwt";
035
036  public JwtRemoteBasicAuthenticationProvider(RemoteAuthClient remoteAuthClient) {
037    super(JwtAuthentication.class, AUTH_PATH, remoteAuthClient);
038  }
039
040  @Override
041  public HttpHeaders createHttpHeaders(Authentication authentication) {
042    String token = ((JwtAuthentication) authentication).getToken();
043    HttpHeaders headers = new HttpHeaders();
044    headers.setBearerAuth(token);
045    return headers;
046  }
047
048  @Override
049  protected Authentication createSuccessAuthentication(
050      ResponseEntity<String> response, Authentication authentication) {
051    String newToken = response.getHeaders().getFirst("token");
052    GbifUserPrincipal gbifUserPrincipal =
053        new GbifUserPrincipal(readUserFromResponse(response).toGbifUser());
054    return new GbifAuthenticationToken(
055        gbifUserPrincipal, gbifUserPrincipal.getAuthorities(), newToken);
056  }
057}