Make noop default password encoder for StaticAuthenticationProvider (#1791)
if no provider is specified for the password Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -35,10 +35,8 @@ public class InMemoryUserManagementAutoConfiguration extends GlobalAuthenticatio
|
|||||||
private final StaticAuthenticationProvider authenticationProvider;
|
private final StaticAuthenticationProvider authenticationProvider;
|
||||||
|
|
||||||
InMemoryUserManagementAutoConfiguration(final SecurityProperties securityProperties,
|
InMemoryUserManagementAutoConfiguration(final SecurityProperties securityProperties,
|
||||||
final TenantAwareUserProperties tenantAwareUserProperties,
|
final TenantAwareUserProperties tenantAwareUserProperties) {
|
||||||
final Optional<PasswordEncoder> passwordEncoder) {
|
authenticationProvider = new StaticAuthenticationProvider(tenantAwareUserProperties, securityProperties);
|
||||||
authenticationProvider = new StaticAuthenticationProvider(tenantAwareUserProperties, securityProperties,
|
|
||||||
passwordEncoder.orElse(null));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
@@ -37,9 +37,8 @@ import java.util.regex.Pattern;
|
|||||||
public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
|
public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
|
||||||
|
|
||||||
public StaticAuthenticationProvider(
|
public StaticAuthenticationProvider(
|
||||||
final TenantAwareUserProperties tenantAwareUserProperties, final SecurityProperties securityProperties,
|
final TenantAwareUserProperties tenantAwareUserProperties, final SecurityProperties securityProperties) {
|
||||||
final PasswordEncoder passwordEncoder) {
|
setUserDetailsService(userDetailsService(securityProperties, tenantAwareUserProperties));
|
||||||
setUserDetailsService(userDetailsService(securityProperties, tenantAwareUserProperties, passwordEncoder));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@@ -56,11 +55,10 @@ public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
|
|||||||
|
|
||||||
private static UserDetailsService userDetailsService(
|
private static UserDetailsService userDetailsService(
|
||||||
final SecurityProperties securityProperties,
|
final SecurityProperties securityProperties,
|
||||||
final TenantAwareUserProperties tenantAwareUserProperties,
|
final TenantAwareUserProperties tenantAwareUserProperties) {
|
||||||
final PasswordEncoder passwordEncoder) {
|
|
||||||
final List<User> userPrincipals = new ArrayList<>();
|
final List<User> userPrincipals = new ArrayList<>();
|
||||||
tenantAwareUserProperties.getUser().forEach((username, user) -> {
|
tenantAwareUserProperties.getUser().forEach((username, user) -> {
|
||||||
final String password = password(user.getPassword(), passwordEncoder);
|
final String password = password(user.getPassword());
|
||||||
final List<GrantedAuthority> credentials =
|
final List<GrantedAuthority> credentials =
|
||||||
createAuthorities(user.getRoles(), user.getPermissions(), Collections::emptyList);
|
createAuthorities(user.getRoles(), user.getPermissions(), Collections::emptyList);
|
||||||
if (ObjectUtils.isEmpty(user.getTenant())) {
|
if (ObjectUtils.isEmpty(user.getTenant())) {
|
||||||
@@ -75,7 +73,7 @@ public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
|
|||||||
// explicitly setup system user - add is as a regular (non-tenant scoped) user
|
// explicitly setup system user - add is as a regular (non-tenant scoped) user
|
||||||
userPrincipals.add(new User(
|
userPrincipals.add(new User(
|
||||||
securityProperties.getUser().getName(),
|
securityProperties.getUser().getName(),
|
||||||
password(securityProperties.getUser().getPassword(), passwordEncoder),
|
password(securityProperties.getUser().getPassword()),
|
||||||
createAuthorities(
|
createAuthorities(
|
||||||
securityProperties.getUser().getRoles(), Collections.emptyList(),
|
securityProperties.getUser().getRoles(), Collections.emptyList(),
|
||||||
PermissionUtils::createAllAuthorityList)));
|
PermissionUtils::createAllAuthorityList)));
|
||||||
@@ -84,9 +82,8 @@ public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
|
|||||||
return new FixedInMemoryTenantAwareUserDetailsService(userPrincipals);
|
return new FixedInMemoryTenantAwareUserDetailsService(userPrincipals);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String password(final String password, final PasswordEncoder passwordEncoder) {
|
private static String password(final String password) {
|
||||||
return passwordEncoder == null && !Pattern.compile("^\\{.+}.*$").matcher(password).matches() ?
|
return !Pattern.compile("^\\{.+}.*$").matcher(password).matches() ? "{noop}" + password : password;
|
||||||
"{noop}" + password : password;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static List<GrantedAuthority> createAuthorities(
|
private static List<GrantedAuthority> createAuthorities(
|
||||||
|
|||||||
Reference in New Issue
Block a user