View Javadoc
1   package org.oxerr.spring.security.otp.authentication;
2   
3   import org.oxerr.spring.security.otp.core.OTPAuthenticationService;
4   import org.springframework.beans.factory.InitializingBean;
5   import org.springframework.security.authentication.AuthenticationProvider;
6   import org.springframework.security.core.Authentication;
7   import org.springframework.security.core.AuthenticationException;
8   import org.springframework.util.Assert;
9   
10  public class OTPAuthenticationProvider implements AuthenticationProvider,
11  		InitializingBean {
12  
13  	private final OTPAuthenticationService otpAuthenticationService;
14  
15  	public OTPAuthenticationProvider(OTPAuthenticationService otpAuthenticationService) {
16  		this.otpAuthenticationService = otpAuthenticationService;
17  	}
18  
19  	@Override
20  	public Authentication authenticate(final Authentication authentication)
21  			throws AuthenticationException {
22  		final OTPAuthenticationToken otpAuthenticationToken = (OTPAuthenticationToken) authentication;
23  		final String oneTimePassword = otpAuthenticationToken.getOneTimePassword();
24  		final Authentication auth = this.otpAuthenticationService.loadAuthenticationByOneTimePassword(oneTimePassword);
25  		return auth != null ? new OTPAuthenticationToken(auth) : null;
26  	}
27  
28  	@Override
29  	public boolean supports(Class<?> authentication) {
30  		return OTPAuthenticationToken.class.isAssignableFrom(authentication);
31  	}
32  
33  	@Override
34  	public void afterPropertiesSet() throws Exception {
35  		Assert.notNull(this.otpAuthenticationService, "A otpAuthenticationService must be set.");
36  	}
37  
38  }