OAuth2ServerLoginModule.java
3.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
/*
* Decompiled with CFR 0_118.
*
* Could not load the following classes:
* javax.jcr.Credentials
* javax.jcr.SimpleCredentials
* org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule
* org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl
* org.slf4j.Logger
* org.slf4j.LoggerFactory
*/
package com.adobe.granite.oauth.server.auth.impl;
import com.adobe.granite.oauth.server.auth.impl.OAuth2ServerCredentials;
import java.security.Principal;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import javax.jcr.Credentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule;
import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/*
* This class specifies class file version 49.0 but uses Java 6 signatures. Assumed Java 6.
*/
public class OAuth2ServerLoginModule
extends AbstractLoginModule {
private static final Logger log = LoggerFactory.getLogger(OAuth2ServerLoginModule.class);
private static final Set<Class> SUPPORTED_CREDENTIALS = Collections.singleton(OAuth2ServerCredentials.class);
private String userId;
private Set<? extends Principal> principals;
private SimpleCredentials sharedCredentials;
public boolean commit() throws LoginException {
if (this.sharedCredentials == null || this.userId == null || this.principals == null || this.principals.isEmpty()) {
this.clearState();
return false;
}
if (!this.subject.isReadOnly()) {
this.subject.getPrincipals().addAll(this.principals);
this.subject.getPublicCredentials().add((Object)this.sharedCredentials);
this.subject.getPublicCredentials().add((Object)new AuthInfoImpl(this.userId, null, this.principals));
} else {
log.debug("Could not add information to read only subject {}", (Object)this.subject);
}
return true;
}
public boolean login() throws LoginException {
Credentials credentials = this.getCredentials();
if (!(credentials instanceof OAuth2ServerCredentials)) {
return false;
}
this.userId = ((OAuth2ServerCredentials)credentials).getUserId();
if (this.userId == null) {
log.debug("Could not extract userId/credentials");
return false;
}
this.principals = this.getPrincipals(this.userId);
if (this.principals.isEmpty()) {
this.principals = null;
log.debug("No principals found for {}", (Object)this.userId);
return false;
}
this.sharedCredentials = new SimpleCredentials(this.userId, new char[0]);
this.sharedState.put("org.apache.jackrabbit.credentials", this.sharedCredentials);
this.sharedState.put("javax.security.auth.login.name", this.userId);
log.debug("login succeeded with trusted user: {}", (Object)this.userId);
return true;
}
protected Set<Class> getSupportedCredentials() {
return SUPPORTED_CREDENTIALS;
}
protected void clearState() {
this.sharedCredentials = null;
this.userId = null;
this.principals = null;
super.clearState();
}
}