SecurityController.java

package com.nicusa.controller;

import com.nicusa.domain.Portfolio;
import com.nicusa.domain.UserProfile;
import com.nicusa.resource.UserProfileResource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.social.connect.Connection;
import org.springframework.social.connect.web.ProviderSignInUtils;
import org.springframework.stereotype.Controller;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.context.request.WebRequest;

import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import java.util.UUID;

@Controller
public class SecurityController {


  public static final String LOGGED_IN_USER_PROFILE_ID = "LOGGED_IN_USER_PROFILE_ID";

  @PersistenceContext
  private EntityManager entityManager;

  @Autowired
  private ProviderSignInUtils providerSignInUtils;

  @RequestMapping(value = "/signin", method = RequestMethod.GET)
  public String signin() {
    return "redirect:/";
  }

  @RequestMapping(value="/signup", method= RequestMethod.GET)
  @Transactional
  public String signup(WebRequest request) {
    Connection<?> connection = providerSignInUtils.getConnectionFromSession(request);
    UserProfile userProfile = new UserProfile();
    userProfile.setUserId(UUID.randomUUID().toString());
    org.springframework.social.connect.UserProfile socialUserProfile = connection.fetchUserProfile();
    userProfile.setName(socialUserProfile.getName());
    userProfile.setEmailAddress(socialUserProfile.getEmail());
    entityManager.persist(userProfile);
    Portfolio portfolio = new Portfolio();
    portfolio.setUserProfile(userProfile);
    entityManager.persist(userProfile);
    userProfile.setPortfolio(portfolio);
    entityManager.merge(userProfile);


    signin(userProfile);

    providerSignInUtils.doPostSignUp(userProfile.getUserId(), request);
    return "redirect:/";
  }

  public void signin(UserProfile userProfile) {
    SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(userProfile.getId(), null, null));
  }

  public Long getAuthenticatedUserProfileId() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if(authentication == null || authentication instanceof AnonymousAuthenticationToken) {
      return UserProfileResource.ANONYMOUS_USER_PROFILE_ID;
    } else {
      return (Long)authentication.getPrincipal();
    }
  }

}