View Javadoc
1   /*
2    * Copyright (c) 2002-2021, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.mylutece.authentication;
35  
36  import fr.paris.lutece.portal.service.security.LoginRedirectException;
37  import fr.paris.lutece.portal.service.security.LuteceAuthentication;
38  import fr.paris.lutece.portal.service.security.LuteceUser;
39  import javax.security.auth.login.LoginException;
40  import javax.servlet.http.HttpServletRequest;
41  
42  import fr.paris.lutece.plugins.mylutece.service.ILuteceUserAttributesProvidedDescription;
43  import fr.paris.lutece.plugins.mylutece.service.ILuteceUserRolesProvidedDescription;
44  import fr.paris.lutece.plugins.mylutece.service.MyLuteceUserService;
45  import java.util.Arrays;
46  
47  public abstract class AbstractAuthentication implements LuteceAuthentication,ILuteceUserAttributesProvidedDescription,ILuteceUserRolesProvidedDescription
48  {
49      /**
50       * {@inheritDoc }
51       */
52      @Override
53      public LuteceUser login( final String strUserName, final String strUserPassword, HttpServletRequest request ) throws LoginException, LoginRedirectException
54      {
55          LuteceUser user = processLogin( strUserName, strUserPassword, request );
56          MyLuteceUserService.provideUserExternalInfos( user );
57  
58          return user;
59      }
60  
61      /**
62       * {@inheritDoc }
63       */
64      @Override
65      public LuteceUser getHttpAuthenticatedUser( HttpServletRequest request )
66      {
67          LuteceUser user = processHttpAuthenticatedUser( request );
68          MyLuteceUserService.provideUserExternalInfos( user );
69  
70          return user;
71      }
72  
73      /**
74       * {@inheritDoc }
75       */
76      @Override
77      public boolean isUserInRole( LuteceUser user, HttpServletRequest request, String strRole )
78      {
79          return Arrays.asList( user.getRoles( ) ).contains( strRole );
80      }
81  
82      /**
83       * Process the login of the user
84       * 
85       * @param strUsername
86       *            the username
87       * @param strPassword
88       *            the password
89       * @param request
90       *            the HttpServletRequest
91       * @return the LuteceUser
92       * @throws LoginException
93       * @throws LoginRedirectException
94       */
95      protected LuteceUser processLogin( String strUsername, String strPassword, HttpServletRequest request ) throws LoginException, LoginRedirectException
96      {
97          // Default implementation doesn't do anything. This is used for backward compatibility
98          // with authentication modules which called "login" method directly
99          return null;
100     }
101 
102     /**
103      * Process the authentication of the user when authentication infos are on the request
104      * 
105      * @param request
106      *            the HttpServletRequest
107      * @return the LuteceUser
108      */
109     protected LuteceUser processHttpAuthenticatedUser( HttpServletRequest request )
110     {
111         // Default implementation doesn't do anything. This is used for backward compatibility
112         // with authentication modules which called "getHttpAuthenticated" method directly
113         return null;
114     }
115 
116 }