@Override @NotNull public Set<String> getGroups(Object principal) { Set<String> groups = new HashSet<>(); groups.add(SecurityLogic.getAllGroup(portofinoConfiguration)); if (principal == null) { groups.add(SecurityLogic.getAnonymousGroup(portofinoConfiguration)); } else if (principal instanceof Serializable) { groups.add(SecurityLogic.getRegisteredGroup(portofinoConfiguration)); groups.addAll(loadAuthorizationInfo((Serializable) principal)); } else { throw new AuthorizationException("Invalid principal: " + principal); } return groups; }
protected AbstractPortofinoRealm() { //Legacy - let the actual implementation handle hashing setup(new PlaintextHashService(), new PlaintextHashFormat()); legacyHashing = true; }
public String generateWebToken(Object principal) { Key key = getJWTKey(); Map<String, Object> claims = new HashMap<>(); claims.put("principal", principal); ByteArrayOutputStream bytes = new ByteArrayOutputStream(); ObjectOutputStream objectOutputStream; try { objectOutputStream = new ObjectOutputStream(bytes); objectOutputStream.writeObject(principal); objectOutputStream.close(); } catch (IOException e) { throw new RuntimeException(e); } claims.put("serialized-principal", bytes.toByteArray()); return Jwts.builder(). setClaims(claims). setExpiration(new DateTime().plusDays(1).toDate()). signWith(key, SignatureAlgorithm.HS512). compact(); }
public AuthenticationInfo loadAuthenticationInfo(JSONWebToken token) { Key key = getJWTKey(); Jwt jwt; try { jwt = Jwts.parser().setSigningKey(key).parse(token.getPrincipal()); } catch (JwtException e) { throw new AuthenticationException(e); } Map body = (Map) jwt.getBody(); String credentials = legacyHashing ? token.getCredentials() : encryptPassword(token.getCredentials()); String base64Principal = (String) body.get("serialized-principal"); byte[] serializedPrincipal = Base64.decode(base64Principal); Object principal; try { ObjectInputStream objectInputStream = new ObjectInputStream(new ByteArrayInputStream(serializedPrincipal)); principal = objectInputStream.readObject(); objectInputStream.close(); } catch (Exception e) { throw new AuthenticationException(e); } return new SimpleAuthenticationInfo(principal, credentials, getName()); }
protected void setup(HashService hashService, HashFormat hashFormat) { PortofinoPasswordService passwordService = new PortofinoPasswordService(); passwordService.setHashService(hashService); passwordService.setHashFormat(hashFormat); PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); setCredentialsMatcher(passwordMatcher); this.passwordService = passwordService; this.legacyHashing = false; } }
/** * {@inheritDoc} * <p>This default implementation handles built-in groups (all, anonymous, registered, etc.), delegating * to loadAuthorizationInfo method the actual loading of application-specific groups.</p> * * @return */ public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { Object principal = principals.getPrimaryPrincipal(); Set<String> groups = getGroups(principal); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(groups); if(groups.contains(SecurityLogic.getAdministratorsGroup(portofinoConfiguration))) { info.addStringPermission("*"); } Permission permission = new GroupPermission(groups); info.setObjectPermissions(Collections.singleton(permission)); return info; }
protected void setup(HashService hashService, HashFormat hashFormat) { PortofinoPasswordService passwordService = new PortofinoPasswordService(); passwordService.setHashService(hashService); passwordService.setHashFormat(hashFormat); PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); setCredentialsMatcher(passwordMatcher); this.passwordService = passwordService; } }
protected AbstractPortofinoRealm() { //Legacy - let the actual implementation handle hashing setup(new PlaintextHashService(), new PlaintextHashFormat()); }
/** * {@inheritDoc} * <p>This default implementation handles built-in groups (all, anonymous, registered, etc.), delegating * to loadAuthorizationInfo method the actual loading of application-specific groups.</p> * * @return */ public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { Object principal = principals.getPrimaryPrincipal(); Set<String> groups = new HashSet<String>(); groups.add(SecurityLogic.getAllGroup(portofinoConfiguration)); if (principal == null) { groups.add(SecurityLogic.getAnonymousGroup(portofinoConfiguration)); } else if (principal instanceof Serializable) { groups.add(SecurityLogic.getRegisteredGroup(portofinoConfiguration)); groups.addAll(loadAuthorizationInfo((Serializable) principal)); } else { throw new AuthorizationException("Invalid principal: " + principal); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(groups); if(groups.contains(SecurityLogic.getAdministratorsGroup(portofinoConfiguration))) { info.addStringPermission("*"); } Permission permission = new GroupPermission(groups); info.setObjectPermissions(Collections.singleton(permission)); return info; }