View Javadoc
1   package com.atlassian.refapp.sal.auth;
2   
3   import com.atlassian.plugin.spring.scanner.annotation.export.ExportAsService;
4   import com.atlassian.sal.api.auth.AuthenticationController;
5   import com.atlassian.sal.core.util.Assert;
6   import com.atlassian.seraph.auth.RoleMapper;
7   import com.atlassian.seraph.filter.BaseLoginFilter;
8   
9   import javax.inject.Inject;
10  import javax.inject.Named;
11  import javax.servlet.http.HttpServletRequest;
12  import java.security.Principal;
13  
14  /**
15   * Fork of {@link com.atlassian.sal.core.auth.SeraphAuthenticationController} to use explicit rolemapper
16   *
17   * @since 2.7.0
18   */
19  @ExportAsService
20  @Named("authController")
21  public class RefappAuthenticationController implements AuthenticationController {
22      private final RoleMapper roleMapper;
23  
24      /**
25       * @throws IllegalArgumentException if the roleMapper is <code>null</code>.
26       */
27      @Inject
28      public RefappAuthenticationController(RoleMapper roleMapper) {
29          this.roleMapper = Assert.notNull(roleMapper, "roleMapper");
30      }
31  
32      /**
33       * Checks the {@link RoleMapper} on whether or not the principal can login.
34       *
35       * @see AuthenticationController#canLogin(java.security.Principal, javax.servlet.http.HttpServletRequest)
36       */
37      public boolean canLogin(final Principal principal, final HttpServletRequest request) {
38          return roleMapper.canLogin(principal, request);
39      }
40  
41      /**
42       * Checks the request attibutes for the {@link com.atlassian.seraph.filter.BaseLoginFilter#OS_AUTHSTATUS_KEY}. Will return <code>true</code> if
43       * the key is not present.
44       */
45      public boolean shouldAttemptAuthentication(final HttpServletRequest request) {
46          return request.getAttribute(BaseLoginFilter.OS_AUTHSTATUS_KEY) == null;
47      }
48  }