001/* 002 * The contents of this file are subject to the license and copyright 003 * detailed in the LICENSE and NOTICE files at the root of the source 004 * tree. 005 */ 006package org.fcrepo.auth.common; 007 008import static org.slf4j.LoggerFactory.getLogger; 009 010import java.util.HashSet; 011import java.util.Set; 012 013import org.apache.http.auth.BasicUserPrincipal; 014import org.apache.shiro.authc.AuthenticationToken; 015import org.fcrepo.auth.common.ContainerRolesPrincipalProvider.ContainerRolesPrincipal; 016import org.slf4j.Logger; 017 018/** 019 * @author peichman 020 */ 021public class ContainerAuthToken implements AuthenticationToken { 022 023 private static final Logger log = getLogger(ContainerAuthToken.class); 024 025 public static final String AUTHORIZED = "AUTHORIZED"; 026 027 private final BasicUserPrincipal servletUser; 028 029 private final Set<ContainerRolesPrincipal> servletRoles; 030 031 /** 032 * @param servletUsername username returned from servlet container authentication 033 * @param servletRoleNames roles returned from servlet container authentication 034 */ 035 public ContainerAuthToken(final String servletUsername, final Set<String> servletRoleNames) { 036 servletUser = new BasicUserPrincipal(servletUsername); 037 log.debug("Setting servlet username {}", servletUsername); 038 this.servletRoles = new HashSet<>(); 039 for (final String roleName : servletRoleNames) { 040 log.debug("Adding servlet role {} to {}", roleName, servletUsername); 041 this.servletRoles.add(new ContainerRolesPrincipal(roleName)); 042 } 043 } 044 045 @Override 046 public Object getPrincipal() { 047 return servletUser; 048 } 049 050 /** 051 * This token represents a user who was already authenticated by the servlet container, so return a constant 052 * credentials string. 053 */ 054 @Override 055 public Object getCredentials() { 056 return AUTHORIZED; 057 } 058 059 /** 060 * @return set of principals 061 */ 062 public Set<ContainerRolesPrincipal> getRoles() { 063 return servletRoles; 064 } 065 066}