aboutsummaryrefslogtreecommitdiff
path: root/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2018-03-16 10:46:23 +0300
committerGravatar Vitaly Takmazov2018-03-16 10:46:23 +0300
commit9ef168a03b75aeca0c2f7dda9ce87d4014c703a9 (patch)
tree8ace0ada0f576d97592f8bc84803a2dcf3e7a244 /juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
parent7cadae166b103182d7d1daaafe602cd8fb145c53 (diff)
merge common projects
Diffstat (limited to 'juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java')
-rw-r--r--juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java103
1 files changed, 103 insertions, 0 deletions
diff --git a/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
new file mode 100644
index 00000000..b56b98c8
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.service.security;
+
+import com.juick.User;
+import com.juick.service.security.entities.JuickUser;
+import com.juick.service.UserService;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.authentication.RememberMeAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
+import org.springframework.util.Assert;
+import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.util.WebUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Created by aalexeev on 4/5/17.
+ */
+public class HashParamAuthenticationFilter extends OncePerRequestFilter {
+ public static final String PARAM_NAME = "hash";
+
+ private final UserService userService;
+ private final RememberMeServices rememberMeServices;
+
+
+ public HashParamAuthenticationFilter(
+ final UserService userService,
+ final RememberMeServices rememberMeServices) {
+ Assert.notNull(userService, "userService should not be null");
+ Assert.notNull(rememberMeServices, "rememberMeServices should not be null");
+
+ this.userService = userService;
+ this.rememberMeServices = rememberMeServices;
+ }
+
+ @Override
+ protected void doFilterInternal(
+ HttpServletRequest request,
+ HttpServletResponse response,
+ FilterChain filterChain) throws ServletException, IOException {
+
+ String hash = getHashFromRequest(request);
+
+ if (hash != null && authenticationIsRequired()) {
+ User user = userService.getUserByHash(hash);
+
+ if (!user.isAnonymous()) {
+ User userWithPassword = userService.getFullyUserByName(user.getName());
+ userWithPassword.setAuthHash(userService.getHashByUID(userWithPassword.getUid()));
+ Authentication authentication = new RememberMeAuthenticationToken(
+ ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(userWithPassword), JuickUser.USER_AUTHORITY);
+
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+
+ rememberMeServices.loginSuccess(request, response, authentication);
+ }
+ }
+
+ filterChain.doFilter(request, response);
+ }
+
+ private boolean authenticationIsRequired() {
+ Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication();
+
+ return existingAuth == null ||
+ !existingAuth.isAuthenticated() ||
+ existingAuth instanceof AnonymousAuthenticationToken;
+ }
+
+ private String getHashFromRequest(HttpServletRequest request) {
+ String paramHash = request.getParameter(PARAM_NAME);
+ Cookie cookieHash = WebUtils.getCookie(request, PARAM_NAME);
+
+ if (paramHash == null && cookieHash != null) {
+ return cookieHash.getValue();
+ }
+ return paramHash;
+ }
+}