Coverage Report - org.mule.module.spring.security.AuthorizationFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
AuthorizationFilter
0%
0/25
0%
0/14
0
 
 1  
 /*
 2  
  * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 3  
  * The software in this package is published under the terms of the CPAL v1.0
 4  
  * license, a copy of which has been included with this distribution in the
 5  
  * LICENSE.txt file.
 6  
  */
 7  
 package org.mule.module.spring.security;
 8  
 
 9  
 import org.mule.api.MuleEvent;
 10  
 import org.mule.api.lifecycle.InitialisationException;
 11  
 import org.mule.api.security.Authentication;
 12  
 import org.mule.api.security.CryptoFailureException;
 13  
 import org.mule.api.security.EncryptionStrategyNotFoundException;
 14  
 import org.mule.api.security.NotPermittedException;
 15  
 import org.mule.api.security.SecurityException;
 16  
 import org.mule.api.security.SecurityProviderNotFoundException;
 17  
 import org.mule.api.security.UnauthorisedException;
 18  
 import org.mule.api.security.UnknownAuthenticationTypeException;
 19  
 import org.mule.config.i18n.CoreMessages;
 20  
 import org.mule.module.spring.security.i18n.SpringSecurityMessages;
 21  
 import org.mule.security.AbstractSecurityFilter;
 22  
 
 23  
 import java.text.MessageFormat;
 24  
 import java.util.Collection;
 25  
 import java.util.HashSet;
 26  
 
 27  
 import edu.emory.mathcs.backport.java.util.Arrays;
 28  
 
 29  
 import org.apache.commons.logging.Log;
 30  
 import org.apache.commons.logging.LogFactory;
 31  
 import org.springframework.security.core.GrantedAuthority;
 32  
 
 33  
 /**
 34  
  * Authorizes user access based on the required authorities for a user.
 35  
  */
 36  0
 public class AuthorizationFilter extends AbstractSecurityFilter
 37  
 {
 38  0
     protected final Log logger = LogFactory.getLog(getClass());
 39  0
     private Collection<String> requiredAuthorities = new HashSet<String>();
 40  
 
 41  
     public void doFilter(MuleEvent event)
 42  
         throws SecurityException, UnknownAuthenticationTypeException, CryptoFailureException,
 43  
         SecurityProviderNotFoundException, EncryptionStrategyNotFoundException, InitialisationException
 44  
     {
 45  0
         Authentication auth = event.getSession().getSecurityContext().getAuthentication();
 46  0
         if (auth == null)
 47  
         {
 48  0
             throw new UnauthorisedException(CoreMessages.authNoCredentials());
 49  
         }
 50  
 
 51  0
         if (!(auth instanceof SpringAuthenticationAdapter))
 52  
         {
 53  0
             throw new UnauthorisedException(SpringSecurityMessages.springAuthenticationRequired());
 54  
         }
 55  
 
 56  0
         SpringAuthenticationAdapter springAuth = (SpringAuthenticationAdapter) auth;
 57  
 
 58  0
         String principalName = springAuth.getName();
 59  0
         GrantedAuthority[] authorities = springAuth.getAuthorities();
 60  
 
 61  
         // If the principal has at least one of the granted authorities,
 62  
         // then return.
 63  0
         boolean authorized = false;
 64  0
         if (authorities != null)
 65  
         {
 66  0
             if (logger.isDebugEnabled())
 67  
             {
 68  0
                 logger.debug("Found authorities '" + Arrays.toString(authorities) + "' for principal '"
 69  
                              + principalName + "'.");
 70  
             }
 71  
 
 72  0
             for (GrantedAuthority authority : authorities)
 73  
             {
 74  0
                 if (requiredAuthorities.contains(authority.getAuthority()))
 75  
                 {
 76  0
                     authorized = true;
 77  
                 }
 78  
             }
 79  
         }
 80  
 
 81  0
         if (!authorized)
 82  
         {
 83  0
             logger.info(MessageFormat.format("Could not find required authorities for {0}. Required authorities: {1}. Authorities found: {2}.", 
 84  
                 principalName, Arrays.toString(requiredAuthorities.toArray()), Arrays.toString(authorities)));
 85  0
             throw new NotPermittedException(SpringSecurityMessages.noGrantedAuthority(principalName));
 86  
         }
 87  0
     }
 88  
 
 89  
     public Collection<String> getRequiredAuthorities()
 90  
     {
 91  0
         return requiredAuthorities;
 92  
     }
 93  
 
 94  
     public void setRequiredAuthorities(Collection<String> requiredAuthorities)
 95  
     {
 96  0
         this.requiredAuthorities = requiredAuthorities;
 97  0
     }
 98  
 }