SignalkLoginService.java

/*
 *
 * Copyright (C) 2012-2014 R T Huitema. All Rights Reserved.
 * Web: www.42.co.nz
 * Email: robert@42.co.nz
 * Author: R T Huitema
 *
 * This file is part of the signalk-server-java project
 *
 * This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE
 * WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 */
package nz.co.fortytwo.signalk.server;

import java.security.Principal;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

import javax.security.auth.Subject;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.MappedLoginService;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.security.Credential;

public class SignalkLoginService implements LoginService {
	    private final static Logger log = LogManager.getLogger(SignalkLoginService.class);

	    private final Map<String, Boolean> users = new ConcurrentHashMap<>();

	    // matches what is in the constraint object in the spring config
	    private final String[] ACCESS_ROLE = new String[] { "rolename" };
		
	    private IdentityService identityService = new DefaultIdentityService();

		@Override
		public IdentityService getIdentityService() {
			return identityService;
		}

		@Override
		public String getName() {
			return "";
		}

		@Override
		public UserIdentity login(String username, Object creds) {
			
	        UserIdentity user = null;
	        
	        
	        // HERE IS THE HARDCODING
			boolean validUser = "admin".equals(username) && "s3cr3t".equals(creds);
			if (validUser) {
				Credential credential = (creds instanceof Credential)?(Credential)creds:Credential.getCredential(creds.toString());

			    Principal userPrincipal = new MappedLoginService.KnownUser(username,credential);
			    Subject subject = new Subject();
			    subject.getPrincipals().add(userPrincipal);
			    subject.getPrivateCredentials().add(creds);
			    subject.setReadOnly();
			    user=identityService.newUserIdentity(subject,userPrincipal, ACCESS_ROLE);
			    users.put(user.getUserPrincipal().getName(), true);
			}

		    return (user != null) ? user : null;
		}

		@Override
		public void logout(UserIdentity arg0) {
			
		}

		@Override
		public void setIdentityService(IdentityService arg0) {
		     this.identityService = arg0;
			
		}

		@Override
		public boolean validate(UserIdentity user) {
			if (users.containsKey(user.getUserPrincipal().getName()))
	            return true;

	        return false;	
		}
	

}