AuthResolver

This commit is contained in:
Dominique Eifländer 2024-05-17 14:57:54 +02:00
parent 6894f0f61c
commit 576f1f8159
2 changed files with 53 additions and 2 deletions

View File

@ -1,6 +1,5 @@
package com.knecon.fforesight.keycloakcommons.security;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
@ -8,7 +7,6 @@ import java.util.concurrent.ConcurrentHashMap;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationManagerResolver;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.jwt.JwtDecoders;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider;
import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver;

View File

@ -0,0 +1,53 @@
package com.knecon.fforesight.keycloakcommons.security;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationManagerResolver;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider;
import org.springframework.stereotype.Component;
import com.knecon.fforesight.tenantcommons.TenantProvider;
import lombok.RequiredArgsConstructor;
@Component
@RequiredArgsConstructor
public class WebsocketTenantAuthenticationManagerResolver implements AuthenticationManagerResolver<String> {
private final TenantProvider tenantProvider;
private final JwtDecoder jwtDecoder;
private final Map<String, AuthenticationManager> authenticationManagers = new ConcurrentHashMap<>();
@Override
public AuthenticationManager resolve(String token) {
return this.authenticationManagers.computeIfAbsent(toTenant(token), this::fromTenant);
}
private String toTenant(String token) {
return TokenUtils.toTenant(token);
}
private AuthenticationManager fromTenant(String tenant) {
return Optional.ofNullable(this.tenantProvider.getTenant(tenant)).map(tt ->
{
var provider = new JwtAuthenticationProvider(jwtDecoder);
var converter = new JwtAuthenticationConverter();
converter.setJwtGrantedAuthoritiesConverter(new CustomJwtAuthoritiesConverter(tt.getAuthDetails()));
provider.setJwtAuthenticationConverter(converter);
return provider;
}).orElseThrow(() -> new IllegalArgumentException("unknown tenant"))::authenticate;
}
}