1
|
package eu.dnetlib.uoaauthorizationlibrary.security;
|
2
|
|
3
|
import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
|
4
|
import org.apache.log4j.Logger;
|
5
|
import org.springframework.beans.factory.annotation.Autowired;
|
6
|
import org.springframework.http.HttpStatus;
|
7
|
import org.springframework.security.core.Authentication;
|
8
|
import org.springframework.security.core.context.SecurityContextHolder;
|
9
|
import org.springframework.stereotype.Component;
|
10
|
import org.springframework.web.filter.GenericFilterBean;
|
11
|
|
12
|
import javax.servlet.*;
|
13
|
import javax.servlet.http.HttpServletRequest;
|
14
|
import javax.servlet.http.HttpServletResponse;
|
15
|
import java.io.IOException;
|
16
|
|
17
|
@Component
|
18
|
public class AuthorizationFilter implements Filter {
|
19
|
|
20
|
private AuthorizationProvider authorizationProvider;
|
21
|
private AuthorizationUtils utils;
|
22
|
private final Logger log = Logger.getLogger(this.getClass());
|
23
|
|
24
|
@Autowired
|
25
|
AuthorizationFilter(AuthorizationProvider authorizationProvider, AuthorizationUtils utils) {
|
26
|
this.authorizationProvider = authorizationProvider;
|
27
|
this.utils = utils;
|
28
|
}
|
29
|
|
30
|
@Override
|
31
|
public void init(FilterConfig filterConfig) throws ServletException {
|
32
|
|
33
|
}
|
34
|
|
35
|
@Override
|
36
|
public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
|
37
|
HttpServletRequest request = (HttpServletRequest) req;
|
38
|
String token = utils.getToken(request);
|
39
|
if (token != null) {
|
40
|
Authentication auth = authorizationProvider.getAuthentication(token);
|
41
|
if(auth != null) {
|
42
|
SecurityContextHolder.getContext().setAuthentication(auth);
|
43
|
}
|
44
|
}
|
45
|
filterChain.doFilter(req, res);
|
46
|
}
|
47
|
|
48
|
@Override
|
49
|
public void destroy() {
|
50
|
|
51
|
}
|
52
|
}
|