Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Select an option

  • Save kickroot/4948229 to your computer and use it in GitHub Desktop.

Select an option

Save kickroot/4948229 to your computer and use it in GitHub Desktop.
package com.mycompany
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.*
import org.springframework.web.filter.GenericFilterBean;
import org.springframework.beans.factory.*
import org.springframework.context.*
import javax.servlet.*
import javax.servlet.http.*
class ApiTokenFilter extends GenericFilterBean {
///////////////////////////// Class Attributes \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
////////////////////////////// Class Methods \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//////////////////////////////// Attributes \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
def authenticationManager
def apiProvider
/////////////////////////////// Constructors \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
////////////////////////////////// Methods \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//------------------------ Implements:
//------------------------ Overrides: GenericFilterBean
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
if (SecurityContextHolder.getContext().getAuthentication() == null) {
def userId = request.getParameter("userId")
def apiKey = request.getParameter("apiKey")
if ( userId && apiKey ) {
def myAuth = new ApiTokenAuthentication(
name: userId,
credentials: apiKey,
principal: userId,
authenticated: true
)
myAuth = apiProvider.authenticate(myAuth)
if (myAuth) {
// Store to SecurityContextHolder
SecurityContextHolder.getContext().setAuthentication(myAuth);
}
}
}
chain.doFilter(request, response)
}
//---------------------------- Abstract Methods -----------------------------
//---------------------------- Utility Methods ------------------------------
//---------------------------- Property Methods -----------------------------
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment