Add exclusion list for domains.
This commit is contained in:
Paulo Gustavo Veiga
@@ -45,6 +45,12 @@ public class AuthenticationProvider implements org.springframework.security.auth
|
||||
if (user == null || credentials == null || !encoder.matches(user.getPassword(), credentials)) {
|
||||
throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
|
||||
}
|
||||
|
||||
// User has been disabled ...
|
||||
if (!user.isActive()) {
|
||||
throw new BadCredentialsException("User has been disabled for login " + auth.getPrincipal());
|
||||
}
|
||||
|
||||
userDetailsService.getUserService().auditLogin(user);
|
||||
return new UsernamePasswordAuthenticationToken(userDetails, credentials, userDetails.getAuthorities());
|
||||
}
|
||||
|
||||
@@ -23,6 +23,7 @@ import com.wisemapping.model.User;
|
||||
import com.wisemapping.service.UserService;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.dao.DataAccessException;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
|
||||
@@ -43,77 +44,6 @@ public class UserDetailsService
|
||||
}
|
||||
}
|
||||
|
||||
// @Override
|
||||
// @NotNull
|
||||
// public UserDetails loadUserDetails(@NotNull OpenIDAuthenticationToken token) throws UsernameNotFoundException {
|
||||
//
|
||||
// final User tUser = buildUserFromToken(token);
|
||||
// final User dbUser = userService.getUserBy(tUser.getEmail());
|
||||
//
|
||||
// final User result;
|
||||
// if (dbUser != null) {
|
||||
// if (!token.getIdentityUrl().equals(dbUser.getAuthenticatorUri())) {
|
||||
// throw new IllegalStateException("Identity url for this user can not change:" + token.getIdentityUrl());
|
||||
// }
|
||||
// result = dbUser;
|
||||
// } else {
|
||||
// try {
|
||||
// tUser.setAuthenticationType(AuthenticationType.OPENID);
|
||||
// tUser.setAuthenticatorUri(token.getIdentityUrl());
|
||||
//
|
||||
// result = userService.createUser(tUser, false, false);
|
||||
// } catch (WiseMappingException e) {
|
||||
// throw new IllegalStateException(e);
|
||||
// }
|
||||
//
|
||||
// }
|
||||
// return new UserDetails(result, isAdmin(result.getEmail()));
|
||||
// }
|
||||
|
||||
// @NotNull
|
||||
// private User buildUserFromToken(@NotNull OpenIDAuthenticationToken token) {
|
||||
// final User result = new User();
|
||||
//
|
||||
// String lastName = null;
|
||||
// String firstName = null;
|
||||
// String email = null;
|
||||
// String fullName = null;
|
||||
//
|
||||
// final List<OpenIDAttribute> attributes = token.getAttributes();
|
||||
// for (OpenIDAttribute attribute : attributes) {
|
||||
// if (attribute.getName().equals("email")) {
|
||||
// email = attribute.getValues().get(0);
|
||||
// }
|
||||
//
|
||||
// if (attribute.getName().equals("firstname")) {
|
||||
// firstName = attribute.getValues().get(0);
|
||||
//
|
||||
// }
|
||||
//
|
||||
// if (attribute.getName().equals("lastname")) {
|
||||
// lastName = attribute.getValues().get(0);
|
||||
// }
|
||||
//
|
||||
// if (attribute.getName().equals("fullname")) {
|
||||
// fullName = attribute.getValues().get(0);
|
||||
// }
|
||||
//
|
||||
// }
|
||||
// if (lastName == null || firstName == null) {
|
||||
// result.setFirstname(fullName);
|
||||
// result.setLastname("");
|
||||
// } else {
|
||||
// result.setLastname(lastName);
|
||||
// result.setFirstname(firstName);
|
||||
// }
|
||||
// result.setEmail(email);
|
||||
// result.setPassword("");
|
||||
//
|
||||
// final Calendar now = Calendar.getInstance();
|
||||
// result.setActivationDate(now);
|
||||
// return result;
|
||||
// }
|
||||
|
||||
private boolean isAdmin(@Nullable String email) {
|
||||
return email != null && adminUser != null && email.trim().endsWith(adminUser);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user