[SHIBUI-1029]

First pass at adding a custom new user filter.
TIER · Jan 15, 2019 · a6ed8ff · a6ed8ff
1 parent 11df915
commit a6ed8ff
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 3 deletions.
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java
@@ -0,0 +1,45 @@
+package net.unicon.shibui.pac4j;
+
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+import java.security.Principal;
+
+/**
+ * @author Bill Smith (wsmith@unicon.net)
+ */
+public class AddNewUserFilter implements Filter {
+
+    private UserRepository userRepository;
+
+    public AddNewUserFilter(UserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        Principal principal =  ((HttpServletRequest) request).getUserPrincipal();
+        String username = principal.getName();
+        System.out.println("WOO! Principal: " + username);
+
+        chain.doFilter(request, response);
+    }
+
+    @Override
+    public void destroy() {
+
+    }
+}
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
@@ -1,5 +1,7 @@
 package net.unicon.shibui.pac4j;
 
+import edu.internet2.tier.shibboleth.admin.ui.security.model.User;
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository;
 import org.pac4j.core.config.Config;
 import org.pac4j.springframework.security.web.CallbackFilter;
 import org.pac4j.springframework.security.web.SecurityFilter;
@@ -17,8 +19,8 @@
 @AutoConfigureOrder(-1)
 public class WebSecurity {
     @Bean("webSecurityConfig")
-    public WebSecurityConfigurerAdapter webSecurityConfigurerAdapter(final Config config) {
-        return new Pac4jWebSecurityConfigurerAdapter(config);
+    public WebSecurityConfigurerAdapter webSecurityConfigurerAdapter(final Config config, UserRepository userRepository) {
+        return new Pac4jWebSecurityConfigurerAdapter(config, userRepository);
     }
 
     @Configuration
@@ -33,9 +35,11 @@ protected void configure(HttpSecurity http) throws Exception {
     @Order(1)
     public static class Pac4jWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
         private final Config config;
+        private UserRepository userRepository;
 
-        public Pac4jWebSecurityConfigurerAdapter(final Config config) {
+        public Pac4jWebSecurityConfigurerAdapter(final Config config, UserRepository userRepository) {
             this.config = config;
+            this.userRepository = userRepository;
         }
 
         @Override
@@ -48,6 +52,9 @@ protected void configure(HttpSecurity http) throws Exception {
             http.authorizeRequests().anyRequest().fullyAuthenticated();
 
             http.addFilterBefore(securityFilter, BasicAuthenticationFilter.class);
+
+            http.addFilterBefore(new AddNewUserFilter(userRepository), BasicAuthenticationFilter.class);
+
             http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
 
             // http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());