인프런 커뮤니티 질문&답변
작성한 질문수
(해결완료) 코드 변경사항 있습니다. 참고들 하세요!
작성
·
570
5
package io.security.basicsecurity.security.provider;
import io.security.basicsecurity.security.common.FormWebAuthenticationDetails;
import io.security.basicsecurity.security.service.AccountContext;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.transaction.annotation.Transactional;
@Slf4j
public class FormAuthenticationProvider implements AuthenticationProvider {
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private PasswordEncoder passwordEncoder;
public FormAuthenticationProvider(PasswordEncoder passwordEncoder) {
this.passwordEncoder = passwordEncoder;
}
@Override
@Transactional
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String username = authentication.getName();
String password = (String) authentication.getCredentials();
AccountContext accountContext = (AccountContext) userDetailsService.loadUserByUsername(username);
if(!passwordEncoder.matches(password, accountContext.getAccount().getPassword())) {
throw new BadCredentialsException("Invalid Password");
// throw new BadCredentialsException("BadCredentialsException");
}
String secretKey = ( (FormWebAuthenticationDetails) authentication.getDetails() ).getSecretKey();
// FormWebAuthenticationDetails formWebAuthenticationDetails = (FormWebAuthenticationDetails) authentication.getDetails();
// String secretKey = formWebAuthenticationDetails.getSecretKey();
if(secretKey == null || ! secretKey.equals("secret")) {
// if(secretKey == null || !"secret".equals(secretKey)) {
throw new IllegalArgumentException("invalid Secret");
// throw new InsufficientAuthenticationException("InsufficientAuthenticationException");
}
return new UsernamePasswordAuthenticationToken(accountContext.getAccount(), null, accountContext.getAuthorities());
// UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(accountContext.getAccount(), null, accountContext.getAuthorities());
// return authenticationToken;
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
// return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
}
}
