D-Net

package eu.dnetlib.uoaauthorizationlibrary.security;

import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;

import org.apache.log4j.Logger;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.http.HttpStatus;

import org.springframework.security.core.Authentication;

import org.springframework.security.core.context.SecurityContextHolder;

import org.springframework.stereotype.Component;

import org.springframework.web.filter.GenericFilterBean;

import javax.servlet.*;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

@Component

public class AuthorizationFilter implements Filter {

    private AuthorizationProvider authorizationProvider;

    private AuthorizationUtils utils;

    private final Logger log = Logger.getLogger(this.getClass());

    @Autowired

    AuthorizationFilter(AuthorizationProvider authorizationProvider, AuthorizationUtils utils) {

        this.authorizationProvider = authorizationProvider;

        this.utils = utils;

    }

    @Override

    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) req;

        String token = utils.getToken(request);

        if (token != null) {

            Authentication auth = authorizationProvider.getAuthentication(token);

            if(auth != null) {

                SecurityContextHolder.getContext().setAuthentication(auth);

            }

        }

        filterChain.doFilter(req, res);

    }

    @Override

    public void destroy() {

    }

}