/** * Add new user into local db. * * @param securedUser user */ @Transactional public void addNewUserIntoLocal(SecuredUser securedUser) { User user = securedUser.getUser(); user.setAuthProviderClass(securedUser.getUserInfoProviderClass()); user.setCreatedDate(new Date()); User newUser = userService.getUserById(user.getUserId()); if (newUser != null) { user = newUser.merge(user); } if (user.getRole() == null) { user.setRole(Role.USER); } User savedUser = userService.saveUser(user); securedUser.setUser(savedUser); }
@SuppressWarnings("deprecation") protected void additionalAuthenticationChecks( UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) { Authentication authentication2 = SecurityContextHolder.getContext().getAuthentication(); if (authentication2 != null) { return; } Object salt = null; if (this.saltSource != null) { salt = this.saltSource.getSalt(userDetails); } String message = messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"); if (authentication.getCredentials() == null) { LOG.debug("Authentication failed: no credentials provided"); throw new BadCredentialsException(message, userDetails); } String presentedPassword = authentication.getCredentials().toString(); SecuredUser user = ((SecuredUser) userDetails); boolean authorized = false; for (OnLoginRunnable each : getPluginManager().getEnabledModulesByClass(OnLoginRunnable.class, defaultLoginPlugin)) { try { each.validateUser( user.getUsername(), presentedPassword, user.getPassword(), passwordEncoder, salt); LOG.info("{} is logined by {}", user.getUsername(), each.getClass().getName()); authorized = true; break; } catch (BadCredentialsException exception) { LOG.info("{} is not logined by {}", user.getUsername(), each.getClass().getName()); authorized = false; } } if (!authorized) { throw new BadCredentialsException(message, user); } // If It's the first time to login if (user.getUser().getId() == null) { addNewUserIntoLocal(user); LOG.info("{} is saved by password {}", user.getUser().getId(), user.getUser().getPassword()); } }