Source code

001/*
002 * Licensed under the Apache License, Version 2.0 (the "License");
003 * you may not use this file except in compliance with the License.
004 * You may obtain a copy of the License at
005 *
006 *     http://www.apache.org/licenses/LICENSE-2.0
007 *
008 * Unless required by applicable law or agreed to in writing, software
009 * distributed under the License is distributed on an "AS IS" BASIS,
010 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
011 * See the License for the specific language governing permissions and
012 * limitations under the License.
013 */
014package org.gbif.ws.security;
015
016import org.gbif.api.vocabulary.AppRole;
017
018import java.util.Collection;
019import java.util.Collections;
020import java.util.UUID;
021
022import org.slf4j.Logger;
023import org.slf4j.LoggerFactory;
024import org.springframework.security.core.Authentication;
025import org.springframework.security.core.GrantedAuthority;
026import org.springframework.security.core.authority.SimpleGrantedAuthority;
027
028/**
029 * Class providing temporary authorization for legacy web service requests (GBRDS/IPT).
030 */
031public class LegacyRequestAuthorization implements Authentication {
032
033  private static final Logger LOG = LoggerFactory.getLogger(LegacyRequestAuthorization.class);
034
035  private boolean authenticated = false;
036  private final UUID userKey;
037  private final UUID organizationKey;
038  private final Collection<GrantedAuthority> authorities;
039
040  public LegacyRequestAuthorization(UUID userKey, UUID organizationKey) {
041    this.userKey = userKey;
042    this.organizationKey = organizationKey;
043    this.authorities = Collections.singleton(new SimpleGrantedAuthority(AppRole.IPT.name()));
044    setAuthenticated(true);
045  }
046
047  public UUID getUserKey() {
048    return userKey;
049  }
050
051  public UUID getOrganizationKey() {
052    return organizationKey;
053  }
054
055  @Override
056  public Collection<? extends GrantedAuthority> getAuthorities() {
057    return authorities;
058  }
059
060  @Override
061  public Object getCredentials() {
062    LOG.warn("LegacyRequestAuthorization#getCredentials is not used");
063    return null;
064  }
065
066  @Override
067  public Object getDetails() {
068    LOG.warn("LegacyRequestAuthorization#getDetails is not used");
069    return null;
070  }
071
072  @Override
073  public Object getPrincipal() {
074    return new BasicUserPrincipal(userKey.toString());
075  }
076
077  @Override
078  public boolean isAuthenticated() {
079    return authenticated;
080  }
081
082  @Override
083  public void setAuthenticated(boolean isAuthenticated) {
084    this.authenticated = isAuthenticated;
085  }
086
087  @Override
088  public String getName() {
089    return userKey.toString();
090  }
091}