AbstractAuthenticationProvider

maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java

@@ -20,7 +20,7 @@ package org.maxkey.authn.support.basic;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.util.AuthorizationHeaderUtils;
 import org.slf4j.Logger;
@@ -39,7 +39,7 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
 	
 	@Autowired
     @Qualifier("authenticationProvider")
-    RealmAuthenticationProvider authenticationProvider ;
+	AbstractAuthenticationProvider authenticationProvider ;
 	
 	public BasicEntryPoint() {
 	    

maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java

@@ -20,7 +20,7 @@ package org.maxkey.authn.support.httpheader;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -39,7 +39,7 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
     
     @Autowired
     @Qualifier("authenticationProvider")
-    RealmAuthenticationProvider authenticationProvider ;
+    AbstractAuthenticationProvider authenticationProvider ;
 	
 	String []skipRequestURI={
 			"/oauth/v20/token",

maxkey-authentications/src/main/java/org/maxkey/authn/support/kerberos/RemoteKerberosService.java

@@ -23,7 +23,7 @@ import java.util.List;
 import java.util.Map;
 
 import org.joda.time.DateTime;
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.crypto.ReciprocalUtils;
 import org.maxkey.util.DateUtils;
@@ -35,7 +35,7 @@ public class RemoteKerberosService  implements KerberosService{
 	private static Logger _logger = LoggerFactory.getLogger(RemoteKerberosService.class);
 	List<KerberosProxy> kerberosProxys;
 	
-	RealmAuthenticationProvider authenticationProvider ;
+	AbstractAuthenticationProvider authenticationProvider ;
 	
 	public boolean login(String kerberosTokenString,String kerberosUserDomain){
 		_logger.debug("encoder Kerberos Token "+kerberosTokenString);

maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/AbstractSocialSignOnEndpoint.java

@@ -20,7 +20,7 @@
  */
 package org.maxkey.authn.support.socialsignon;
 
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
 import org.maxkey.authn.support.socialsignon.service.SocialsAssociateService;
@@ -76,7 +76,7 @@ public class AbstractSocialSignOnEndpoint {
 	
 	@Autowired
     @Qualifier("authenticationProvider")
-    RealmAuthenticationProvider authenticationProvider ;
+	AbstractAuthenticationProvider authenticationProvider ;
  	
   	protected AuthRequest buildAuthRequest(String provider){
   		

maxkey-authentications/src/main/java/org/maxkey/authn/support/wsfederation/WsFederationServiceImpl.java

@@ -19,7 +19,7 @@ package org.maxkey.authn.support.wsfederation;
 
 import javax.servlet.http.HttpServletRequest;
 
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.util.StringUtils;
 import org.opensaml.saml1.core.impl.AssertionImpl;
@@ -36,7 +36,7 @@ public class WsFederationServiceImpl implements   WsFederationService{
 	
 	@Autowired
     @Qualifier("authenticationProvider")
-    RealmAuthenticationProvider authenticationProvider ;
+	AbstractAuthenticationProvider authenticationProvider ;
 	
 	public boolean login(String wsFederationWA,String wsFederationWResult,HttpServletRequest request){
 		// it's an authentication

maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -64,7 +64,16 @@ public abstract class AbstractAuthenticationProvider {
     protected abstract String getProviderName();
 
     protected abstract Authentication doInternalAuthenticate(Authentication authentication);
+    
+    public abstract Authentication basicAuthenticate(Authentication authentication) ;
 
+    public abstract Authentication trustAuthentication(
+                                    String username, 
+                                    String type, 
+                                    String provider, 
+                                    String code,
+                                    String message);
+    
     @SuppressWarnings("rawtypes")
     public boolean supports(Class authentication) {
         return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));

maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java

@@ -105,6 +105,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
         return usernamePasswordAuthenticationToken;
     }
     
+    @Override
     public Authentication basicAuthenticate(Authentication authentication) {
         BasicAuthentication basicAuth = (BasicAuthentication) authentication;
         UserInfo loadeduserInfo = loadUserInfo(basicAuth.getUsername(), "");
@@ -142,6 +143,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
      * @param message String
      * @return boolean
      */
+    @Override
     public  Authentication trustAuthentication(String username, 
                                             String type, 
                                             String provider, 

maxkey-core/src/main/java/org/maxkey/authn/support/jwt/JwtLoginService.java

@@ -30,8 +30,7 @@ import java.util.Date;
 import java.util.UUID;
 import javax.servlet.http.HttpServletResponse;
 import org.joda.time.DateTime;
-import org.maxkey.authn.RealmAuthenticationProvider;
-import org.maxkey.configuration.ApplicationConfig;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.configuration.oidc.OIDCProviderMetadataDetails;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
@@ -43,14 +42,23 @@ import org.slf4j.LoggerFactory;
 public class JwtLoginService {
     private static final Logger _logger = LoggerFactory.getLogger(JwtLoginService.class);
 
-    protected ApplicationConfig applicationConfig;
 
     OIDCProviderMetadataDetails jwtProviderMetadata;
 
     DefaultJwtSigningAndValidationService jwtSignerValidationService;
     
-    RealmAuthenticationProvider authenticationProvider ;
+    AbstractAuthenticationProvider authenticationProvider ;
 
+    
+    public JwtLoginService(AbstractAuthenticationProvider authenticationProvider,
+            OIDCProviderMetadataDetails jwtProviderMetadata,
+            DefaultJwtSigningAndValidationService jwtSignerValidationService
+            ) {
+        this.authenticationProvider = authenticationProvider;
+        this.jwtProviderMetadata = jwtProviderMetadata;
+        this.jwtSignerValidationService = jwtSignerValidationService;
+        
+    }
     public boolean login(String jwt, HttpServletResponse response) {
         _logger.debug("jwt : " + jwt);
 
@@ -188,9 +196,6 @@ public class JwtLoginService {
         return loginResult;
     }
 
-    public void setApplicationConfig(ApplicationConfig applicationConfig) {
-        this.applicationConfig = applicationConfig;
-    }
 
     public void setJwtProviderMetadata(OIDCProviderMetadataDetails jwtProviderMetadata) {
         this.jwtProviderMetadata = jwtProviderMetadata;
@@ -200,7 +205,7 @@ public class JwtLoginService {
         this.jwtSignerValidationService = jwtSignerValidationService;
     }
 
-    public void setAuthenticationProvider(RealmAuthenticationProvider authenticationProvider) {
+    public void setAuthenticationProvider(AbstractAuthenticationProvider authenticationProvider) {
         this.authenticationProvider = authenticationProvider;
     }
 

maxkey-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java

@@ -23,7 +23,7 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.joda.time.DateTime;
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.constants.ConstantsTimeInterval;
@@ -50,7 +50,7 @@ public abstract class AbstractRemeberMeService {
     
     @Autowired
     @Qualifier("authenticationProvider")
-    RealmAuthenticationProvider authenticationProvider ;
+    AbstractAuthenticationProvider authenticationProvider ;
 
     // follow function is for persist
     public abstract void save(RemeberMe remeberMe);

maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java

@@ -23,6 +23,8 @@ import java.util.HashMap;
 import java.util.Map;
 
 import javax.sql.DataSource;
+
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
@@ -117,7 +119,7 @@ public class ApplicationAutoConfiguration  implements InitializingBean {
     }
     
     @Bean(name = "authenticationProvider")
-    public RealmAuthenticationProvider authenticationProvider() {
+    public AbstractAuthenticationProvider authenticationProvider() {
         return new RealmAuthenticationProvider();
     }
     

maxkey-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java

@@ -23,7 +23,7 @@ import java.net.URI;
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
 
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.jwt.JwtLoginService;
 import org.maxkey.configuration.oidc.OIDCProviderMetadataDetails;
 import org.maxkey.constants.ConstantsProperties;
@@ -127,11 +127,14 @@ public class JwtAuthnAutoConfiguration implements InitializingBean {
     public JwtLoginService jwtLoginService(
             DefaultJwtSigningAndValidationService jwtSignerValidationService,
             OIDCProviderMetadataDetails oidcProviderMetadata,
-            RealmAuthenticationProvider authenticationProvider) {
-        JwtLoginService jwtLoginService = new JwtLoginService();
-        jwtLoginService.setJwtSignerValidationService(jwtSignerValidationService);
-        jwtLoginService.setJwtProviderMetadata(oidcProviderMetadata);
-        jwtLoginService.setAuthenticationProvider(authenticationProvider);
+            AbstractAuthenticationProvider authenticationProvider) {
+        
+        JwtLoginService jwtLoginService = new JwtLoginService(
+                authenticationProvider,
+                oidcProviderMetadata,
+                jwtSignerValidationService
+                );
+        
         return jwtLoginService;
     }
     

maxkey-core/src/main/java/org/maxkey/web/WebContext.java

@@ -104,28 +104,6 @@ public final class WebContext {
         removeAttribute(WebConstants.CURRENT_MESSAGE);
     }
 
-    /**
-     * setAuthentication.
-     * @param username String
-     * @param type String
-     * @param provider String
-     * @param code String
-     * @param message String
-     * @return boolean
-     
-    public static boolean setAuthentication(String username, 
-                                            String type, 
-                                            String provider, 
-                                            String code,
-                                            String message) {
-        
-        RealmAuthenticationProvider authenticationProvider = 
-                (RealmAuthenticationProvider) getBean("authenticationProvider");
-        authenticationProvider.trustAuthentication(username, type, provider, code, message);
-        
-        return isAuthenticated();
-    }*/
-
     public static void setAuthentication(Authentication authentication) {
         setAttribute(WebConstants.AUTHENTICATION, authentication);
     }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java

@@ -23,8 +23,8 @@ package org.maxkey.authz.cas.endpoint;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.BasicAuthentication;
-import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
 import org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl;
@@ -58,7 +58,7 @@ public class CasRestV1Endpoint  extends CasBaseAuthorizeEndpoint{
 	
     @Autowired
     @Qualifier("authenticationProvider")
-    RealmAuthenticationProvider authenticationProvider ;
+    AbstractAuthenticationProvider authenticationProvider ;
     
 
 	@RequestMapping(value="/authz/cas/v1/tickets", 

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java

@@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.Validate;
-import org.maxkey.authn.RealmAuthenticationProvider;
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authz.saml.common.EndpointGenerator;
 import org.maxkey.authz.saml.common.TrustResolver;
 import org.maxkey.authz.saml.service.IDService;
@@ -91,7 +91,7 @@ public class ConsumerEndpoint {
 	
 	@Autowired
     @Qualifier("authenticationProvider")
-    RealmAuthenticationProvider authenticationProvider ;
+	AbstractAuthenticationProvider authenticationProvider ;
 
 	private String singleSignOnServiceURL;
 	private String assertionConsumerServiceURL;

maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java

@@ -20,8 +20,8 @@ package org.maxkey.web.endpoint;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.BasicAuthentication;
-import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authn.support.jwt.JwtLoginService;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.configuration.ApplicationConfig;
@@ -62,7 +62,7 @@ public class LoginEndpoint {
 	
 	@Autowired
 	@Qualifier("authenticationProvider")
-	RealmAuthenticationProvider authenticationProvider ;
+	AbstractAuthenticationProvider authenticationProvider ;
 	
 	/**
 	 * init login

maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java

@@ -23,6 +23,7 @@ import java.security.spec.InvalidKeySpecException;
 
 import javax.sql.DataSource;
 
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.jwt.JwtLoginService;
 import org.maxkey.authz.oauth2.provider.ClientDetailsService;
 import org.maxkey.authz.oauth2.provider.approval.TokenApprovalStore;
@@ -46,6 +47,7 @@ import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.crypto.jose.keystore.JWKSetKeyStore;
 import org.maxkey.crypto.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService;
 import org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
+import org.maxkey.crypto.password.NoOpPasswordEncoder;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -59,7 +61,6 @@ import org.springframework.core.io.ClassPathResource;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 import com.nimbusds.jose.JOSEException;
@@ -156,11 +157,15 @@ public class Oauth20AutoConfiguration implements InitializingBean {
     @Bean(name = "jwtLoginService")
     public JwtLoginService jwtLoginService(
             DefaultJwtSigningAndValidationService jwtSignerValidationService,
-            OIDCProviderMetadataDetails oidcProviderMetadata) {
-        JwtLoginService jwkSetKeyStore = new JwtLoginService();
-        jwkSetKeyStore.setJwtSignerValidationService(jwtSignerValidationService);
-        jwkSetKeyStore.setJwtProviderMetadata(oidcProviderMetadata);
-        return jwkSetKeyStore;
+            OIDCProviderMetadataDetails oidcProviderMetadata,
+            AbstractAuthenticationProvider authenticationProvider) {
+        
+        JwtLoginService jwtLoginService = new JwtLoginService(
+                authenticationProvider,
+                oidcProviderMetadata,
+                jwtSignerValidationService
+                );
+        return jwtLoginService;
     }
     
     

maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java

@@ -24,8 +24,8 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.BasicAuthentication;
-import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authn.support.kerberos.KerberosService;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
@@ -87,7 +87,7 @@ public class LoginEndpoint {
 	
 	@Autowired
 	@Qualifier("authenticationProvider")
-	RealmAuthenticationProvider authenticationProvider ;
+	AbstractAuthenticationProvider authenticationProvider ;
 	
 	@Autowired
     @Qualifier("tfaOptAuthn")