diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/AdminRoleRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/AdminRoleRepository.java new file mode 100644 index 000000000..581f1189a --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/AdminRoleRepository.java @@ -0,0 +1,15 @@ +package edu.internet2.tier.shibboleth.admin.ui.security.repository; + +import edu.internet2.tier.shibboleth.admin.ui.security.model.AdminRole; + +import java.util.Optional; + +/** + * Spring Data repository to manage entities of type {@link AdminRole}. + * + * @author Dmitriy Kopylenko + */ +public interface AdminRoleRepository { + + Optional findByName(final String name); +} diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/AdminUserRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/AdminUserRepository.java new file mode 100644 index 000000000..d5fe4c314 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/AdminUserRepository.java @@ -0,0 +1,14 @@ +package edu.internet2.tier.shibboleth.admin.ui.security.repository; + +import edu.internet2.tier.shibboleth.admin.ui.security.model.AdminUser; +import org.springframework.data.jpa.repository.JpaRepository; + +/** + * Spring Data repository to manage entities of type {@link AdminUser}. + * + * @author Dmitriy Kopylenko + */ +public interface AdminUserRepository extends JpaRepository { + + AdminUser findByUsername(String username); +} diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java new file mode 100644 index 000000000..00d36d381 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java @@ -0,0 +1,40 @@ +package edu.internet2.tier.shibboleth.admin.ui.security.springsecurity; + +import edu.internet2.tier.shibboleth.admin.ui.security.model.AdminRole; +import edu.internet2.tier.shibboleth.admin.ui.security.model.AdminUser; +import edu.internet2.tier.shibboleth.admin.ui.security.repository.AdminUserRepository; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.transaction.annotation.Transactional; + +import java.util.HashSet; +import java.util.Set; + +/** + * Spring Security {@link UserDetailsService} implementation for local administration of admin users ins the system. + * + * @author Dmitriy Kopylenko + */ +@RequiredArgsConstructor +public class AdminUserService implements UserDetailsService { + + private final AdminUserRepository adminUserRepository; + + @Override + @Transactional(readOnly = true) + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + AdminUser user = adminUserRepository.findByUsername(username); + + Set grantedAuthorities = new HashSet<>(); + for (AdminRole role : user.getRoles()) { + grantedAuthorities.add(new SimpleGrantedAuthority(role.getName())); + } + + return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), grantedAuthorities); + } +} +