From a5edb20978bfdc0f7516de644b19cb50164509b3 Mon Sep 17 00:00:00 2001 From: Marcus Hert Da Coregio Date: Fri, 12 Jul 2024 14:56:16 -0300 Subject: [PATCH] Introduce UserAuthorities Closes gh-15406 --- .../core/userdetails/UserAuthorities.java | 48 +++++++++++++++++++ .../UserAuthoritiesRepository.java | 36 ++++++++++++++ .../core/userdetails/UserDetails.java | 15 +----- .../core/userdetails/UserDetailsService.java | 7 ++- 4 files changed, 91 insertions(+), 15 deletions(-) create mode 100644 core/src/main/java/org/springframework/security/core/userdetails/UserAuthorities.java create mode 100644 core/src/main/java/org/springframework/security/core/userdetails/UserAuthoritiesRepository.java diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserAuthorities.java b/core/src/main/java/org/springframework/security/core/userdetails/UserAuthorities.java new file mode 100644 index 00000000000..a470f2d6ba1 --- /dev/null +++ b/core/src/main/java/org/springframework/security/core/userdetails/UserAuthorities.java @@ -0,0 +1,48 @@ +/* + * Copyright 2002-2024 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.core.userdetails; + +import java.io.Serializable; +import java.util.Collection; + +import org.springframework.security.core.GrantedAuthority; + +/** + * Represents user authorities. This interface is mostly intended for scenarios where a + * password is not need, like X509, CAS, Passkeys, One Time Tokens and others. + * + * @author Marcus da Coregio + * @since 6.4 + * @see UserAuthoritiesRepository + * @see UserDetails + */ +public interface UserAuthorities extends Serializable { + + /** + * Returns the authorities granted to the user. Cannot return null. + * @return the authorities, sorted by natural key (never null) + */ + Collection getAuthorities(); + + /** + * Returns the username used to authenticate the user. Cannot return + * null. + * @return the username (never null) + */ + String getUsername(); + +} diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserAuthoritiesRepository.java b/core/src/main/java/org/springframework/security/core/userdetails/UserAuthoritiesRepository.java new file mode 100644 index 00000000000..5919165f127 --- /dev/null +++ b/core/src/main/java/org/springframework/security/core/userdetails/UserAuthoritiesRepository.java @@ -0,0 +1,36 @@ +/* + * Copyright 2002-2024 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.core.userdetails; + +/** + * Repository interface for accessing user authorities. + * + * @author Marcus da Coregio + * @since 6.4 + * @see UserAuthorities + */ +public interface UserAuthoritiesRepository { + + /** + * Finds the authorities associated with the given username. + * @param username the username for which to find authorities + * @return the {@link UserAuthorities} object containing authorities associated with + * the specified username, or {@code null} if no authorities are found + */ + UserAuthorities findAuthoritiesByUsername(String username); + +} diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java b/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java index bab08c5a2ac..e3fd18c3b23 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java @@ -40,13 +40,7 @@ * @see UserDetailsService * @see UserCache */ -public interface UserDetails extends Serializable { - - /** - * Returns the authorities granted to the user. Cannot return null. - * @return the authorities, sorted by natural key (never null) - */ - Collection getAuthorities(); +public interface UserDetails extends Serializable, UserAuthorities { /** * Returns the password used to authenticate the user. @@ -54,13 +48,6 @@ public interface UserDetails extends Serializable { */ String getPassword(); - /** - * Returns the username used to authenticate the user. Cannot return - * null. - * @return the username (never null) - */ - String getUsername(); - /** * Indicates whether the user's account has expired. An expired account cannot be * authenticated. diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java b/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java index 22ac2162974..b6a0b91e9b5 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java @@ -31,7 +31,7 @@ * @see org.springframework.security.authentication.dao.DaoAuthenticationProvider * @see UserDetails */ -public interface UserDetailsService { +public interface UserDetailsService extends UserAuthoritiesRepository { /** * Locates the user based on the username. In the actual implementation, the search @@ -46,4 +46,9 @@ public interface UserDetailsService { */ UserDetails loadUserByUsername(String username) throws UsernameNotFoundException; + @Override + default UserAuthorities findAuthoritiesByUsername(String username) { + return loadUserByUsername(username); + } + }