From e1278e91400c5c61030e9f3015152552d07b11c2 Mon Sep 17 00:00:00 2001
From: Dmitriy Kopylenko <dima767@gmail.com>
Date: Thu, 18 Oct 2018 10:46:40 -0400
Subject: [PATCH] SHIBUI-943: Implement AuditorAware SPI

---
 .../configuration/auto/WebSecurityConfig.java |  8 ++++++
 .../ui/security/DefaultAuditorAware.java      | 27 +++++++++++++++++++
 2 files changed, 35 insertions(+)
 create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
index 2e334f75f..f824ca8a5 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
@@ -1,5 +1,6 @@
 package edu.internet2.tier.shibboleth.admin.ui.configuration.auto;
 
+import edu.internet2.tier.shibboleth.admin.ui.security.DefaultAuditorAware;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.AutoConfigureBefore;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
@@ -7,6 +8,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
+import org.springframework.data.domain.AuditorAware;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
@@ -77,6 +79,12 @@ public void configure(WebSecurity web) throws Exception {
         };
     }
 
+    @Bean
+    @Profile("!no-auth")
+    public AuditorAware<String> defaultAuditorAware() {
+        return new DefaultAuditorAware();
+    }
+
     @Bean
     @Profile("no-auth")
     public WebSecurityConfigurerAdapter noAuthUsedForEaseDevelopment() {
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java
new file mode 100644
index 000000000..080b4312d
--- /dev/null
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java
@@ -0,0 +1,27 @@
+package edu.internet2.tier.shibboleth.admin.ui.security;
+
+import org.springframework.data.domain.AuditorAware;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+
+import java.util.Optional;
+
+/**
+ * Default implementation of Spring Data's <code>AuditorAware</code> SPI to let Spring Data
+ * plug in authenticated principal's id to <code>@CreatedBy</code> and <code>@LastModifiedBy</code>
+ * fields of Auditable entities.
+ *
+ * @author Dmitriy Kopylenko
+ */
+public class DefaultAuditorAware implements AuditorAware<String> {
+
+    @Override
+    public Optional<String> getCurrentAuditor() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication == null || !authentication.isAuthenticated()) {
+            return Optional.empty();
+        }
+        return Optional.of(User.class.cast(authentication.getPrincipal()).getUsername());
+    }
+}