unicon.matthews.security.auth.jwt.JwtTokenAuthenticationProcessingFilter - Code Metrics - Apereo-Learning-Analytics-Initiative/OpenLRW - Measure and Improve Code Quality continuously with Scrutinizer

unicon.matthews.security.auth.jwt.JwtTokenAuthenticationProcessingFilter A
last analyzed 2019-01-30 08:29 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	34
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	0
loc	34
rs	10
eloc	27
wmc	4

4 Methods

Rating	Name	Size	Complexity
A	successfulAuthentication(HttpServletRequest,HttpServletResponse,FilterChain,Authentication)	7	1
A	attemptAuthentication(HttpServletRequest,HttpServletResponse)	6	1
A	unsuccessfulAuthentication(HttpServletRequest,HttpServletResponse,AuthenticationException)	5	1
A	JwtTokenAuthenticationProcessingFilter(AuthenticationFailureHandler,TokenExtractor,RequestMatcher)	6	1

package unicon.matthews.security.auth.jwt;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.util.matcher.RequestMatcher;

import unicon.matthews.security.auth.JwtAuthenticationToken;
import unicon.matthews.security.auth.jwt.extractor.TokenExtractor;
import unicon.matthews.security.config.WebSecurityConfig;
import unicon.matthews.security.model.token.RawAccessJwtToken;

/**
 * Performs validation of provided JWT Token.
 * 
 * @author vladimir.stankovic
 *
 * Aug 5, 2016
 */
public class JwtTokenAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {
    private final AuthenticationFailureHandler failureHandler;
    private final TokenExtractor tokenExtractor;
    
    @Autowired
    public JwtTokenAuthenticationProcessingFilter(AuthenticationFailureHandler failureHandler, 
            TokenExtractor tokenExtractor, RequestMatcher matcher) {
        super(matcher);
        this.failureHandler = failureHandler;
        this.tokenExtractor = tokenExtractor;
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
            throws AuthenticationException, IOException, ServletException {
        String tokenPayload = request.getHeader(WebSecurityConfig.JWT_TOKEN_HEADER_PARAM);
        RawAccessJwtToken token = new RawAccessJwtToken(tokenExtractor.extract(tokenPayload));
        return getAuthenticationManager().authenticate(new JwtAuthenticationToken(token));
    }

    @Override
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
            Authentication authResult) throws IOException, ServletException {
        SecurityContext context = SecurityContextHolder.createEmptyContext();
        context.setAuthentication(authResult);
        SecurityContextHolder.setContext(context);
        chain.doFilter(request, response);
    }

    @Override
    protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
            AuthenticationException failed) throws IOException, ServletException {
        SecurityContextHolder.clearContext();
        failureHandler.onAuthenticationFailure(request, response, failed);
    }
}


1			package unicon.matthews.security.auth.jwt;
2
3			import java.io.IOException;
4
5			import javax.servlet.FilterChain;
6			import javax.servlet.ServletException;
7			import javax.servlet.http.HttpServletRequest;
8			import javax.servlet.http.HttpServletResponse;
9
10			import org.springframework.beans.factory.annotation.Autowired;
11			import org.springframework.security.core.Authentication;
12			import org.springframework.security.core.AuthenticationException;
13			import org.springframework.security.core.context.SecurityContext;
14			import org.springframework.security.core.context.SecurityContextHolder;
15			import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
16			import org.springframework.security.web.authentication.AuthenticationFailureHandler;
17			import org.springframework.security.web.util.matcher.RequestMatcher;
18
19			import unicon.matthews.security.auth.JwtAuthenticationToken;
20			import unicon.matthews.security.auth.jwt.extractor.TokenExtractor;
21			import unicon.matthews.security.config.WebSecurityConfig;
22			import unicon.matthews.security.model.token.RawAccessJwtToken;
23
24			/**
25			* Performs validation of provided JWT Token.
26			*
27			* @author vladimir.stankovic
28			*
29			* Aug 5, 2016
30			*/
31			public class JwtTokenAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {
32			private final AuthenticationFailureHandler failureHandler;
33			private final TokenExtractor tokenExtractor;
34
35			@Autowired
36			public JwtTokenAuthenticationProcessingFilter(AuthenticationFailureHandler failureHandler,
37			TokenExtractor tokenExtractor, RequestMatcher matcher) {
38			super(matcher);
39			this.failureHandler = failureHandler;
40			this.tokenExtractor = tokenExtractor;
41			}
42
43			@Override
44			public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
45			throws AuthenticationException, IOException, ServletException {
46			String tokenPayload = request.getHeader(WebSecurityConfig.JWT_TOKEN_HEADER_PARAM);
47			RawAccessJwtToken token = new RawAccessJwtToken(tokenExtractor.extract(tokenPayload));
48			return getAuthenticationManager().authenticate(new JwtAuthenticationToken(token));
49			}
50
51			@Override
52			protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
53			Authentication authResult) throws IOException, ServletException {
54			SecurityContext context = SecurityContextHolder.createEmptyContext();
55			context.setAuthentication(authResult);
56			SecurityContextHolder.setContext(context);
57			chain.doFilter(request, response);
58			}
59
60			@Override
61			protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
62			AuthenticationException failed) throws IOException, ServletException {
63			SecurityContextHolder.clearContext();
64			failureHandler.onAuthenticationFailure(request, response, failed);
65			}
66			}
67

Apereo-Learning-Analytics-Initiative / OpenLRW

unicon.matthews.security.auth.jwt.JwtTokenAuthenticationProcessingFilter A last analyzed 2019-01-30 08:29 UTC

Complexity

Size/Duplication

Importance

4 Methods

Duplication Side-by-Side

Filter issues like

unicon.matthews.security.auth.jwt.JwtTokenAuthenticationProcessingFilter A
last analyzed 2019-01-30 08:29 UTC