Package io.jmix.webdavrest.security
Class CookieAuthenticationProvider
java.lang.Object
io.jmix.webdavrest.security.CookieAuthenticationProvider
- All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider
public class CookieAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider
Is used for 'cookie' authentication method. This Authentication provider tries to authenticate user by 2 tokens:
- URL-token: one-time token included directly to URL generated by
WebdavEndPointLinkController
. Handling request with such valid token generates Cookie-token. When it's invalidated, but still used in URL. - Cookie-token: secured persistent cookie used as main auth token during further WebDAV requests
-
Field Summary
Modifier and TypeFieldDescriptionprotected final CookieAuthenticationRegistry
protected final UserRepository
-
Constructor Summary
ConstructorDescriptionCookieAuthenticationProvider
(CookieAuthenticationRegistry cookieAuthenticationRegistry, UserRepository userRepository) -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
authenticate
(org.springframework.security.core.Authentication authentication) protected boolean
isCookieTokenValid
(String token) protected boolean
isUrlTokenValid
(String token) boolean
-
Field Details
-
cookieAuthenticationRegistry
-
userRepository
-
-
Constructor Details
-
CookieAuthenticationProvider
public CookieAuthenticationProvider(CookieAuthenticationRegistry cookieAuthenticationRegistry, UserRepository userRepository)
-
-
Method Details
-
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException - Specified by:
authenticate
in interfaceorg.springframework.security.authentication.AuthenticationProvider
- Throws:
org.springframework.security.core.AuthenticationException
-
supports
- Specified by:
supports
in interfaceorg.springframework.security.authentication.AuthenticationProvider
-
isUrlTokenValid
-
isCookieTokenValid
-