SHIBUI-943: Implement AuditorAware SPI

TIER · Oct 18, 2018 · e1278e9 · e1278e9
1 parent 1cc1462
commit e1278e9
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 0 deletions.
diff --git a/...ain/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java b/...ain/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
@@ -1,12 +1,14 @@
 package edu.internet2.tier.shibboleth.admin.ui.configuration.auto;
 
+import edu.internet2.tier.shibboleth.admin.ui.security.DefaultAuditorAware;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.AutoConfigureBefore;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.security.servlet.SpringBootWebSecurityConfiguration;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
+import org.springframework.data.domain.AuditorAware;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
@@ -77,6 +79,12 @@ public void configure(WebSecurity web) throws Exception {
         };
     }
 
+    @Bean
+    @Profile("!no-auth")
+    public AuditorAware<String> defaultAuditorAware() {
+        return new DefaultAuditorAware();
+    }
+
     @Bean
     @Profile("no-auth")
     public WebSecurityConfigurerAdapter noAuthUsedForEaseDevelopment() {

diff --git a/...nd/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java b/...nd/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java
@@ -0,0 +1,27 @@
+package edu.internet2.tier.shibboleth.admin.ui.security;
+
+import org.springframework.data.domain.AuditorAware;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+
+import java.util.Optional;
+
+/**
+ * Default implementation of Spring Data's <code>AuditorAware</code> SPI to let Spring Data
+ * plug in authenticated principal's id to <code>@CreatedBy</code> and <code>@LastModifiedBy</code>
+ * fields of Auditable entities.
+ *
+ * @author Dmitriy Kopylenko
+ */
+public class DefaultAuditorAware implements AuditorAware<String> {
+
+    @Override
+    public Optional<String> getCurrentAuditor() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication == null || !authentication.isAuthenticated()) {
+            return Optional.empty();
+        }
+        return Optional.of(User.class.cast(authentication.getPrincipal()).getUsername());
+    }
+}