projects / examples / facebook-app / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Switched from the manual implemented authentication-layer to Spring Security
[examples/facebook-app] / src / main / java / de / juplo / yourshouter / SpringSecuritySignInAdapter.java
diff --git a/src/main/java/de/juplo/yourshouter/SpringSecuritySignInAdapter.java b/src/main/java/de/juplo/yourshouter/SpringSecuritySignInAdapter.java
new file mode 100644 (file)
index 0000000..05c978b
--- /dev/null
+++ b/src/main/java/de/juplo/yourshouter/SpringSecuritySignInAdapter.java
@@ -0,0 +1,72 @@
+package de.juplo.yourshouter;
+
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.social.connect.Connection;
+import org.springframework.social.connect.web.SignInAdapter;
+import org.springframework.stereotype.Service;
+import org.springframework.web.context.request.NativeWebRequest;
+
+
+/**
+ * Simple implementation of {@link SignInAdapter}.
+ *
+ * This implementation signes in the user by storing him in the
+ * {@link SecurityContext} provided by Spring-Security, using the user-ID as
+ * principal.
+ *
+ * We configured Spring-Social to call this implementation, to sign in the
+ * user, after he was authenticated by Facebook.
+ *
+ * @author Kai Moritz
+ */
+@Service
+public class SpringSecuritySignInAdapter implements SignInAdapter
+{
+  private final static Logger LOG =
+      LoggerFactory.getLogger(SpringSecuritySignInAdapter.class);
+
+  /**
+   * Stores the user in the {@link SecurityContext} provided by Spring Security
+   * to sign him in. Spring Security will automatically persist the
+   * authentication in the user-session for subsequent requests.
+   *
+   * @param user
+   *     The user-ID. We configured Spring-Social to call
+   *     {@link UserCookieSignInAdapter} to extract a user-ID from the
+   *     connection.
+   * @param connection
+   *     The connection. In our case a connection to Facebook.
+   * @param request
+   *     The actual request. We need it, to store the cookie.
+   * @return
+   *     We return <code>null</code>, to indicate, that the user should be
+   *     redirected to the default-post-sign-in-URL (configured in
+   *     {@link ProviderSinInController}) after a successfull authentication.
+   *
+   * @see {@link ProviderSignInController#postSignInUrl}
+   */
+  @Override
+  public String signIn(
+      String user,
+      Connection<?> connection,
+      NativeWebRequest request
+      )
+  {
+    LOG.info(
+        "signing in user {} (connected via {})",
+        user,
+        connection.getKey().getProviderId()
+        );
+
+    SecurityContextHolder.getContext().setAuthentication(
+        new UsernamePasswordAuthenticationToken(user, null, null));
+
+    // We return null to trigger a redirect to "/".
+    return null;
+  }
+}
Unnamed repository; edit this file 'description' to name the repository.