OpenID Connect support (#865)
* Added OpenID Connect support Utilized Spring Security's OAuth2 respectively OIDC support as another possibility to manage users and their permissions. Signed-off-by: Brandon Schmitt <Brandon.Schmitt@kiwigrid.com> * Document OpenID Connect Support Signed-off-by: Brandon Schmitt <Brandon.Schmitt@kiwigrid.com> * Updated license in OidcUserManagementAutoConfiguration.java Signed-off-by: Brandon Schmitt <Brandon.Schmitt@kiwigrid.com> * Revert updated license notice and add Kiwigrid license file This reverts commit 23d36245 Signed-off-by: Brandon Schmitt <Brandon.Schmitt@kiwigrid.com> * Resolve SonarQube issues - Explicitly import the needed specific classes - Document public methods - Add `static` to the constant `JwtAuthoritiesOidcUserService.INVALID_REQUEST` - Remove superfluous runtime exception `OAuth2AuthenticationException` Signed-off-by: Brandon Schmitt <Brandon.Schmitt@kiwigrid.com> * Add OidcUser support in SpringSecurityAuditorAware Signed-off-by: Brandon Schmitt <Brandon.Schmitt@kiwigrid.com> * Secure Management API using OpenID Connect, too. Signed-off-by: Brandon Schmitt <Brandon.Schmitt@kiwigrid.com>
This commit is contained in:
committed by
Dominic Schabel
parent
38017ba7bc
commit
1bcced9838
@@ -12,14 +12,18 @@ import java.util.Collections;
|
||||
import java.util.Optional;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
|
||||
import org.eclipse.hawkbit.im.authentication.UserPrincipal;
|
||||
import org.eclipse.hawkbit.repository.model.BaseEntity;
|
||||
import org.eclipse.hawkbit.ui.utils.SpringContextHelper;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
|
||||
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
|
||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||
|
||||
import com.vaadin.server.VaadinService;
|
||||
@@ -187,7 +191,20 @@ public final class UserDetailsFormatter {
|
||||
public static UserDetails getCurrentUser() {
|
||||
final SecurityContext context = (SecurityContext) VaadinService.getCurrentRequest().getWrappedSession()
|
||||
.getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);
|
||||
return (UserDetails) context.getAuthentication().getPrincipal();
|
||||
Authentication authentication = context.getAuthentication();
|
||||
if (authentication instanceof OAuth2AuthenticationToken) {
|
||||
OidcUser oidcUser = (OidcUser) authentication.getPrincipal();
|
||||
Object details = authentication.getDetails();
|
||||
String tenant = "DEFAULT";
|
||||
if (details instanceof TenantAwareAuthenticationDetails) {
|
||||
tenant = ((TenantAwareAuthenticationDetails) details).getTenant();
|
||||
}
|
||||
return new UserPrincipal(oidcUser.getPreferredUsername(), "***", oidcUser.getGivenName(),
|
||||
oidcUser.getFamilyName(), oidcUser.getPreferredUsername(), oidcUser.getEmail(), tenant,
|
||||
oidcUser.getAuthorities());
|
||||
} else {
|
||||
return (UserDetails) authentication.getPrincipal();
|
||||
}
|
||||
}
|
||||
|
||||
private static String trimAndFormatDetail(final String formatString, final int expectedDetailLength) {
|
||||
|
||||
Reference in New Issue
Block a user