@Override
public Authentication authenticate(Authentication a) throws AuthenticationException {
FacebookUserDTO fud = (FacebookUserDTO) a.getPrincipal();
String credentials = (String) a.getCredentials();
// fetch user from our DB
FacebookUser user = usersService.getByFacebookId(fud.getFacebookProfileId());
// checking according to spring security documentation
if (user.isDisabled()) {
logger.info("Account disabled: " + user);
throw new DisabledException("Konto wyłączone");
}
if (user.isLocked()) {
logger.info("Account locked: " + user);
throw new LockedException("Konto zablokowane");
}
// if user is allowed to access - allow him :)
List<GrantedAuthority> authorities = usersService.getUsersAuthorities(user);
logger.info("User granted authorities=" + authorities);
// fetch profile of logged user and fill information from his profile
Facebook facebook = new FacebookTemplate(fud.getAccessToken());
FacebookProfile facebookProfile = facebook.userOperations().getUserProfile();
fillUserData(user, facebookProfile);
user.setAccessToken(fud.getAccessToken());
Authentication auth = new UsernamePasswordAuthenticationToken(user, credentials, authorities);
logger.info("Authentication completed: " + auth);
return auth;
}
/**
* Method rewrites temporary facebook profile information to FacebookUser object
*
* @param user
* @param facebookProfile
*/
private void fillUserData(final FacebookUser user, final FacebookProfile facebookProfile) {
user.setFacebookEmail(facebookProfile.getEmail());
user.setFacebookFirstName(facebookProfile.getFirstName());
user.setFacebookGener(facebookProfile.getGender());
user.setFacebookId(Long.parseLong(facebookProfile.getId()));
user.setFacebookLastName(facebookProfile.getLastName());
user.setFacebookUsername(facebookProfile.getUsername());
}