Index: mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansDaoAuthenticationProvider.groovy =================================================================== diff -u --- mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansDaoAuthenticationProvider.groovy (revision 0) +++ mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansDaoAuthenticationProvider.groovy (revision 8648) @@ -0,0 +1,116 @@ +package com.lemanscorp.security + +import com.lemanscorp.MediationUserDetailsService +import org.springframework.security.authentication.BadCredentialsException +import org.springframework.security.authentication.InternalAuthenticationServiceException +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken +import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider +import org.springframework.security.authentication.dao.SaltSource +import org.springframework.security.authentication.encoding.PasswordEncoder +import org.springframework.security.authentication.encoding.PlaintextPasswordEncoder +import org.springframework.security.core.AuthenticationException +import org.springframework.security.core.userdetails.UserDetails +import org.springframework.security.core.userdetails.UsernameNotFoundException +import org.springframework.util.Assert + +class LemansDaoAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider { + private PasswordEncoder passwordEncoder + private String userNotFoundEncodedPassword + private SaltSource saltSource + private MediationUserDetailsService userDetailsService + + LemansDaoAuthenticationProvider() { + this.setPasswordEncoder((PasswordEncoder)(new PlaintextPasswordEncoder())) + } + + protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) + throws AuthenticationException { + Object salt = null + if (this.saltSource != null) { + salt = this.saltSource.getSalt(userDetails) + } + + if (authentication.credentials == null) { + this.logger.debug('Authentication failed: no credentials provided') + throw new BadCredentialsException(this.messages. + getMessage('AbstractUserDetailsAuthenticationProvider.badCredentials', 'Bad credentials'), userDetails) + } else { + String presentedPassword = authentication.credentials + if (!this.passwordEncoder.isPasswordValid(userDetails.password, presentedPassword, salt)) { + this.logger.debug('Authentication failed: password does not match stored value') + throw new BadCredentialsException(this.messages. + getMessage('AbstractUserDetailsAuthenticationProvider.badCredentials', 'Bad credentials'), userDetails) + } + } + } + + protected void doAfterPropertiesSet() throws Exception { + Assert.notNull(this.userDetailsService, 'A UserDetailsService must be set') + } + + protected final UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) + throws AuthenticationException { + UserDetails loadedUser + try { + LemansUsernamePasswordAuthenticationToken lemansAuth = (LemansUsernamePasswordAuthenticationToken)authentication + loadedUser = this.userDetailsService. + loadUser(username, lemansAuth.dealerCode, lemansAuth.dm, lemansAuth.rememberMe) + } catch (UsernameNotFoundException var6) { + if (authentication.credentials != null) { + String presentedPassword = authentication.credentials + this.passwordEncoder.isPasswordValid(this.userNotFoundEncodedPassword, presentedPassword, (Object)null) + } + + throw var6 + } catch (Exception var7) { + throw new InternalAuthenticationServiceException(var7.message, var7) + } + + if (loadedUser == null) { + throw new InternalAuthenticationServiceException('UserDetailsService returned null, which is an interface contract violation') + } else { + return loadedUser + } + } + + void setPasswordEncoder(Object passwordEncoder) { + Assert.notNull(passwordEncoder, 'passwordEncoder cannot be null') + if (passwordEncoder instanceof PasswordEncoder) { + this.setPasswordEncoderInternal((PasswordEncoder)passwordEncoder) + } else if (passwordEncoder instanceof org.springframework.security.crypto.password.PasswordEncoder) { + final org.springframework.security.crypto.password.PasswordEncoder delegate = + (org.springframework.security.crypto.password.PasswordEncoder)passwordEncoder + this.setPasswordEncoderInternal(new PasswordEncoder() { + String encodePassword(String rawPass, Object salt) { + this.checkSalt(salt) + delegate.encode(rawPass) + } + + boolean isPasswordValid(String encPass, String rawPass, Object salt) { + this.checkSalt(salt) + delegate.matches(rawPass, encPass) + } + + private void checkSalt(Object salt) { + Assert.isNull(salt, 'Salt value must be null when used with crypto module PasswordEncoder') + } + } ) + } else { + throw new IllegalArgumentException('passwordEncoder must be a PasswordEncoder instance') + } + } + + private void setPasswordEncoderInternal(PasswordEncoder passwordEncoder) { + Assert.notNull(passwordEncoder, 'passwordEncoder cannot be null') + this.userNotFoundEncodedPassword = passwordEncoder.encodePassword('userNotFoundPassword', (Object)null) + this.passwordEncoder = passwordEncoder + } + + void setUserDetailsService(MediationUserDetailsService userDetailsService) { + this.userDetailsService = userDetailsService + } + + protected MediationUserDetailsService getUserDetailsService() { + this.userDetailsService + } +} Index: mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansUsernamePasswordAuthenticationToken.groovy =================================================================== diff -u --- mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansUsernamePasswordAuthenticationToken.groovy (revision 0) +++ mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansUsernamePasswordAuthenticationToken.groovy (revision 8648) @@ -0,0 +1,30 @@ +package com.lemanscorp.security + +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken + +class LemansUsernamePasswordAuthenticationToken extends UsernamePasswordAuthenticationToken { + private static final long serialVersionUID = 320L + private final String dealerCode + private final String rememberMe + private final String dm + + LemansUsernamePasswordAuthenticationToken(Object principal, Object credentials, dealerCode, rememberMe, dm) { + super(principal, credentials) + this.dealerCode = dealerCode + this.rememberMe = rememberMe + this.dm = dm + } + + String getDealerCode() { + this.dealerCode + } + + String getRememberMe() { + this.rememberMe + } + + String getDm() { + this.dm + } +} + Index: mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansUsernamePasswordAuthenticationFilter.groovy =================================================================== diff -u --- mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansUsernamePasswordAuthenticationFilter.groovy (revision 0) +++ mediator-service/branches/DS-801_JSON_Login/src/groovy/com/lemans/security/LemansUsernamePasswordAuthenticationFilter.groovy (revision 8648) @@ -0,0 +1,61 @@ +package com.lemanscorp.security + +import org.springframework.security.authentication.AuthenticationServiceException +import org.springframework.security.core.Authentication +import org.springframework.security.core.AuthenticationException +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter +import javax.servlet.http.HttpServletRequest +import javax.servlet.http.HttpServletResponse + + +class LemansUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter { + + private String userName + private String password + private String dealerCode + private String dm + private String rememberMe + + private final String userNameParameter = 'userName' + private final String passwordParameter = 'password' + private final String dealerCodeParameter = 'dealerCode' + private final String rememberMeParameter = 'rememberMe' + private final String dmParameter = 'dm' + + @Override + Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { + if (request.method != 'POST') { + throw new AuthenticationServiceException('Authentication method not supported: ' + request.method) + } else { + if ('application/json' == request.contentType) { + processJsonInput(request) + } else { + processRequestParams(request) + } + userName = userName.trim() + LemansUsernamePasswordAuthenticationToken authRequest = + new LemansUsernamePasswordAuthenticationToken(userName ?: '', password ?: '', dealerCode, rememberMe, dm) + this.setDetails(request, authRequest) + return this.authenticationManager.authenticate(authRequest) + } + } + + private void processJsonInput(HttpServletRequest request) { + Map loginJsonPayload = request.JSON + userName = loginJsonPayload["$userNameParameter"] + password = loginJsonPayload["$passwordParameter"] + dealerCode = loginJsonPayload["$dealerCodeParameter"] + dm = loginJsonPayload["$dmParameter"] + rememberMe = loginJsonPayload["$rememberMeParameter"] + } + + private void processRequestParams(HttpServletRequest request) { + userName = request.getParameter(this.userNameParameter) + password = request.getParameter(this.passwordParameter) + dealerCode = request.getParameter(this.dealerCodeParameter) + dm = request.getParameter(this.dmParameter) + rememberMe = request.getParameter(this.rememberMeParameter) + } + + +}