/**
* Add new user into local db.
*
* @param securedUser user
*/
@Transactional
public void addNewUserIntoLocal(SecuredUser securedUser) {
User user = securedUser.getUser();
user.setAuthProviderClass(securedUser.getUserInfoProviderClass());
user.setCreatedDate(new Date());
User newUser = userService.getUserById(user.getUserId());
if (newUser != null) {
user = newUser.merge(user);
}
if (user.getRole() == null) {
user.setRole(Role.USER);
}
User savedUser = userService.saveUser(user);
securedUser.setUser(savedUser);
}
@SuppressWarnings("deprecation")
protected void additionalAuthenticationChecks(
UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) {
Authentication authentication2 = SecurityContextHolder.getContext().getAuthentication();
if (authentication2 != null) {
return;
}
Object salt = null;
if (this.saltSource != null) {
salt = this.saltSource.getSalt(userDetails);
}
String message =
messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials");
if (authentication.getCredentials() == null) {
LOG.debug("Authentication failed: no credentials provided");
throw new BadCredentialsException(message, userDetails);
}
String presentedPassword = authentication.getCredentials().toString();
SecuredUser user = ((SecuredUser) userDetails);
boolean authorized = false;
for (OnLoginRunnable each :
getPluginManager().getEnabledModulesByClass(OnLoginRunnable.class, defaultLoginPlugin)) {
try {
each.validateUser(
user.getUsername(), presentedPassword, user.getPassword(), passwordEncoder, salt);
LOG.info("{} is logined by {}", user.getUsername(), each.getClass().getName());
authorized = true;
break;
} catch (BadCredentialsException exception) {
LOG.info("{} is not logined by {}", user.getUsername(), each.getClass().getName());
authorized = false;
}
}
if (!authorized) {
throw new BadCredentialsException(message, user);
}
// If It's the first time to login
if (user.getUser().getId() == null) {
addNewUserIntoLocal(user);
LOG.info("{} is saved by password {}", user.getUser().getId(), user.getUser().getPassword());
}
}
