/**
* Copyright (c) 2011, salesforce.com, inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without modification, are permitted provided
* that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this list of conditions and the
* following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and
* the following disclaimer in the documentation and/or other materials provided with the distribution.
*
* Neither the name of salesforce.com, inc. nor the names of its contributors may be used to endorse or
* promote products derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
package com.force.sdk.springsecurity;
import java.security.Principal;
import java.util.Collection;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import com.force.sdk.oauth.ForceUserPrincipal;
/**
*
* Represents an OAuth Authentication. The principal is the username and the credentials are the
* OAuth authentication token also known as the session id. The {@code SecurityContext} is set into the
* details field that gets inherited.
*
* @author John Simone
*/
public class OAuthAuthenticationToken extends AbstractAuthenticationToken {
private final Principal principal;
private final String credentials;
/**
* Use given credentials. Default principal to "Unknown".
* @param credentials (auth token / session id)
*/
public OAuthAuthenticationToken(String credentials) {
super(null);
this.principal = new ForceUserPrincipal("Unknown", null);
this.credentials = credentials;
}
/**
* Creates token with given principal, credentials, and authorities.
*
* @param principal (username)
* @param credentials (auth token / session id)
* @param authorities collection of {@code GrantedAuthority} objects
*/
public OAuthAuthenticationToken(Principal principal, String credentials, Collection<GrantedAuthority> authorities) {
super(authorities);
this.principal = principal;
this.credentials = credentials;
}
@Override
public Object getCredentials() {
return credentials;
}
@Override
public Object getPrincipal() {
return principal;
}
}