Provide abstraction for an Authenticated Principal

This commit is contained in:
Joe Grandja 2017-04-07 16:07:21 -04:00
parent 2ce174dbf0
commit 71e491fcf0
5 changed files with 157 additions and 6 deletions

View File

@ -24,8 +24,8 @@ import java.util.Collections;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.CredentialsContainer;
import org.springframework.security.core.AuthenticatedPrincipal;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
/**
* Base class for <code>Authentication</code> objects.
@ -79,8 +79,8 @@ public abstract class AbstractAuthenticationToken implements Authentication,
}
public String getName() {
if (this.getPrincipal() instanceof UserDetails) {
return ((UserDetails) this.getPrincipal()).getUsername();
if (this.getPrincipal() instanceof AuthenticatedPrincipal) {
return ((AuthenticatedPrincipal) this.getPrincipal()).getName();
}
if (getPrincipal() instanceof Principal) {

View File

@ -0,0 +1,46 @@
/*
* Copyright 2012-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.core;
import org.springframework.security.authentication.AuthenticationManager;
/**
* Representation of an authenticated <code>Principal</code> once an
* {@link Authentication} request has been successfully authenticated
* by the {@link AuthenticationManager#authenticate(Authentication)} method.
*
* Implementors typically provide their own representation of a <code>Principal</code>,
* which usually contains information describing the <code>Principal</code> entity,
* such as, first/middle/last name, address, email, phone, id, etc.
*
* This interface allows implementors to expose specific attributes
* of their custom representation of <code>Principal</code> in a generic way.
*
* @author Joe Grandja
* @since 5.0
* @see Authentication#getPrincipal()
* @see org.springframework.security.core.userdetails.UserDetails
*/
public interface AuthenticatedPrincipal {
/**
* Returns the name of the authenticated <code>Principal</code>. Never <code>null</code>.
*
* @return the name of the authenticated <code>Principal</code>
*/
String getName();
}

View File

@ -18,6 +18,7 @@ package org.springframework.security.core.userdetails;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.AuthenticatedPrincipal;
import java.io.Serializable;
import java.util.Collection;
@ -41,7 +42,7 @@ import java.util.Collection;
*
* @author Ben Alex
*/
public interface UserDetails extends Serializable {
public interface UserDetails extends AuthenticatedPrincipal, Serializable {
// ~ Methods
// ========================================================================================================
@ -60,8 +61,7 @@ public interface UserDetails extends Serializable {
String getPassword();
/**
* Returns the username used to authenticate the user. Cannot return <code>null</code>
* .
* Returns the username used to authenticate the user. Cannot return <code>null</code>.
*
* @return the username (never <code>null</code>)
*/
@ -100,4 +100,14 @@ public interface UserDetails extends Serializable {
* @return <code>true</code> if the user is enabled, <code>false</code> otherwise
*/
boolean isEnabled();
/**
* Returns the name of the user. Cannot return <code>null</code>.
* The default implementation of this method returns {@link #getUsername()}.
*
* @return the name of the user (never <code>null</code>)
*/
default String getName() {
return getUsername();
}
}

View File

@ -17,8 +17,10 @@
package org.springframework.security.authentication;
import static org.assertj.core.api.Assertions.*;
import static org.mockito.Mockito.*;
import org.junit.*;
import org.springframework.security.core.AuthenticatedPrincipal;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
@ -135,6 +137,18 @@ public class AbstractAuthenticationTokenTests {
assertThat(token.toString().lastIndexOf("Not granted any authorities") != -1).isTrue();
}
@Test
public void testGetNameWhenPrincipalIsAuthenticatedPrincipal() {
String principalName = "test";
AuthenticatedPrincipal principal = mock(AuthenticatedPrincipal.class);
when(principal.getName()).thenReturn(principalName);
MockAuthenticationImpl token = new MockAuthenticationImpl(principal, "Password", authorities);
assertThat(token.getName()).isEqualTo(principalName);
verify(principal, times(1)).getName();
}
// ~ Inner Classes
// ==================================================================================================

View File

@ -0,0 +1,81 @@
/*
* Copyright 2012-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.core.userdetails;
import org.junit.Test;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import java.util.Collection;
import static org.assertj.core.api.Assertions.assertThat;
/**
* Tests {@link UserDetails}
*
* @author Joe Grandja
*/
public class UserDetailsTest {
@Test
public void getNameWhenCalledThenDefaultToGetUsername() {
UserDetails userDetails = new MockUserDetails("joeg");
assertThat(userDetails.getName()).isEqualTo(userDetails.getUsername());
}
private class MockUserDetails implements UserDetails {
private final String username;
private MockUserDetails(String username) {
this.username = username;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return AuthorityUtils.NO_AUTHORITIES;
}
@Override
public String getPassword() {
return null;
}
@Override
public String getUsername() {
return this.username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
}