View Javadoc
1   /*
2    * Copyright 2021 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.bremersee.security.core.userdetails;
18  
19  import java.util.List;
20  import java.util.Map;
21  import lombok.AccessLevel;
22  import lombok.Getter;
23  import lombok.ToString;
24  import org.bremersee.data.ldaptive.LdaptiveOperations;
25  import org.ldaptive.FilterTemplate;
26  import org.ldaptive.SearchRequest;
27  import org.ldaptive.SearchScope;
28  import org.springframework.security.core.userdetails.UserDetails;
29  import org.springframework.security.core.userdetails.UserDetailsService;
30  import org.springframework.security.core.userdetails.UsernameNotFoundException;
31  
32  /**
33   * The ldaptive user details service.
34   *
35   * @author Christian Bremer
36   */
37  @ToString(callSuper = true, exclude = {"ldaptiveOperations"})
38  public class LdaptiveUserDetailsService extends AbstractUserDetailsService implements UserDetailsService {
39  
40    @Getter(value = AccessLevel.PROTECTED)
41    private final LdaptiveOperations ldaptiveOperations;
42  
43    /**
44     * Instantiates a new ldaptive user details service.
45     *
46     * @param ldaptiveOperations the ldaptive operations
47     * @param userBaseDn the user base dn
48     * @param userFindOneFilter the user find one filter
49     * @param userFindOneSearchScope the user find one search scope
50     * @param userAccountControlAttributeName the user account control attribute name
51     * @param authorities the authorities
52     * @param authorityAttributeName the authority attribute name
53     * @param authorityDn the authority dn
54     * @param authorityMap the authority map
55     * @param authorityPrefix the authority prefix
56     */
57    public LdaptiveUserDetailsService(
58        LdaptiveOperations ldaptiveOperations,
59        String userBaseDn,
60        String userFindOneFilter,
61        SearchScope userFindOneSearchScope,
62        String userAccountControlAttributeName,
63        List<String> authorities,
64        String authorityAttributeName,
65        boolean authorityDn,
66        Map<String, String> authorityMap,
67        String authorityPrefix) {
68  
69      super(
70          userBaseDn, userFindOneFilter, userFindOneSearchScope, userAccountControlAttributeName, authorities,
71          authorityAttributeName, authorityDn, authorityMap, authorityPrefix);
72      this.ldaptiveOperations = ldaptiveOperations;
73    }
74  
75    @Override
76    public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
77      return getLdaptiveOperations()
78          .findOne(
79              SearchRequest.builder()
80                  .dn(getUserBaseDn())
81                  .filter(FilterTemplate.builder()
82                      .filter(getUserFindOneFilter())
83                      .parameters(userName)
84                      .build())
85                  .scope(getUserFindOneSearchScope())
86                  .returnAttributes(returnAttributes())
87                  .sizeLimit(1)
88                  .build(),
89              getUserDetailsLdapMapper(userName))
90          .orElseThrow(() -> new UsernameNotFoundException("User '" + userName + "' was not found."));
91    }
92  
93  }