| /* |
| */ |
| package org.taverna.server.master.identity; |
| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| import static org.taverna.server.master.defaults.Default.AUTHORITY_PREFIX; |
| |
| import org.springframework.security.core.Authentication; |
| import org.springframework.security.core.GrantedAuthority; |
| import org.springframework.security.core.context.SecurityContextHolder; |
| import org.taverna.server.master.interfaces.LocalIdentityMapper; |
| import org.taverna.server.master.utils.UsernamePrincipal; |
| |
| /** |
| * Extracts the local user id from the set of Spring Security authorities |
| * granted to the current user. This is done by scanning the set of authorities |
| * to see if any of them start with the substring listed in the <tt>prefix</tt> |
| * property; the username is the rest of the authority string in that case. |
| * |
| * @author Donal Fellows |
| */ |
| public class AuthorityDerivedIDMapper implements LocalIdentityMapper { |
| private String prefix = AUTHORITY_PREFIX; |
| |
| public String getPrefix() { |
| return prefix; |
| } |
| |
| public void setPrefix(String prefix) { |
| this.prefix = prefix; |
| } |
| |
| @Override |
| public String getUsernameForPrincipal(UsernamePrincipal user) { |
| Authentication auth = SecurityContextHolder.getContext() |
| .getAuthentication(); |
| if (auth == null || !auth.isAuthenticated()) |
| return null; |
| for (GrantedAuthority authority : auth.getAuthorities()) { |
| String token = authority.getAuthority(); |
| if (token == null) |
| continue; |
| if (token.startsWith(prefix)) |
| return token.substring(prefix.length()); |
| } |
| return null; |
| } |
| } |