diff --git a/build.gradle b/build.gradle index 729a867..1bca849 100644 --- a/build.gradle +++ b/build.gradle @@ -111,7 +111,7 @@ dependencies { console "org.grails:grails-console" - compile 'org.grails.plugins:spring-security-core:3.2.0.M1' + compile 'org.grails.plugins:spring-security-core:3.2.1' compile("commons-httpclient:commons-httpclient:3.1") { exclude module: ['commons-codec', 'commons-logging', 'junit'] diff --git a/grails-app/services/org/grails/plugin/springsecurity/saml/SpringSamlUserDetailsService.groovy b/grails-app/services/org/grails/plugin/springsecurity/saml/SpringSamlUserDetailsService.groovy index a8a6069..d5775a7 100644 --- a/grails-app/services/org/grails/plugin/springsecurity/saml/SpringSamlUserDetailsService.groovy +++ b/grails-app/services/org/grails/plugin/springsecurity/saml/SpringSamlUserDetailsService.groovy @@ -38,6 +38,7 @@ import grails.core.GrailsApplication * @author alvaro.sanchez */ @Transactional +@Slf4j('logger') class SpringSamlUserDetailsService extends GormUserDetailsService implements SAMLUserDetailsService { String authorityClassName @@ -54,19 +55,19 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM public Object loadUserBySAML(SAMLCredential credential) throws UsernameNotFoundException { - log.debug("Loading user - ${credential.toString()}") + logger.debug("Loading user - ${credential.toString()}") if (credential) { String username = getSamlUsername(credential) - log.debug("Username ${username}") + logger.debug("Username ${username}") if (!username) { throw new UsernameNotFoundException("No username supplied in saml response.") } def user = generateSecurityUser(username) - log.debug("Generated User ${user.username}") + logger.debug("Generated User ${user.username}") user = mapAdditionalAttributes(credential, user) if (user) { - log.debug "Loading database roles for $username..." + logger.debug "Loading database roles for $username..." def authorities = getAuthoritiesForUser(credential, username) def grantedAuthorities = [] @@ -89,11 +90,11 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM else { grantedAuthorities = authorities } - log.debug("User Class ${user?.class}") - log.debug("User - username ${user?.username}") - log.debug("User - id ${user?.id}") + logger.debug("User Class ${user?.class}") + logger.debug("User - username ${user?.username}") + logger.debug("User - id ${user?.id}") def userDetails = createUserDetails(user, grantedAuthorities) - log.debug("User Details ${userDetails.toString()}") + logger.debug("User Details ${userDetails.toString()}") return userDetails } else { throw new InstantiationException('could not instantiate new user') @@ -102,10 +103,10 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM } protected String getSamlUsername(credential) { - log.debug("getSamlUsername") + logger.debug("getSamlUsername") if (samlUserAttributeMappings?.username) { def value = credential.getAttributeAsString(samlUserAttributeMappings.username) - log.debug("Username getSamlUsername ${value}") + logger.debug("Username getSamlUsername ${value}") return value } else { // if no mapping provided for username attribute then assume it is the returned subject in the assertion @@ -129,19 +130,19 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM String[] samlGroups = credential.getAttributeAsStringArray(samlUserGroupAttribute) samlGroups.eachWithIndex { groupName, groupIdx -> - log.debug("Group Name From Saml ${groupName}") + logger.debug("Group Name From Saml ${groupName}") def role = samlUserGroupToRoleMapping?.find{ it?.value == groupName }?.key def authority if (role){ - log.debug("Found Role") + logger.debug("Found Role") authority = getRole(role) } if (authority) { - log.debug("Found Authority Adding it") + logger.debug("Found Authority Adding it") authorities.add(new SimpleGrantedAuthority(authority."$authorityNameField")) } } - log.debug("Returning Authorities with ${authorities?.size()} Authorities Added") + logger.debug("Returning Authorities with ${authorities?.size()} Authorities Added") return authorities } @@ -149,13 +150,13 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM private Object generateSecurityUser(username) { if (userDomainClassName) { - log.debug("UserClassName ${userDomainClassName}") + logger.debug("UserClassName ${userDomainClassName}") Class UserClass = grailsApplication.getClassForName(userDomainClassName) - log.debug("Artefact ${grailsApplication.getClassForName(userDomainClassName)}") - log.debug("Config ${grailsApplication.config.toString()}") + logger.debug("Artefact ${grailsApplication.getClassForName(userDomainClassName)}") + logger.debug("Config ${grailsApplication.config.toString()}") //getClassForName(userDomainClassName)?.clazz - log.debug("UserClass ${UserClass}") + logger.debug("UserClass ${UserClass}") if (UserClass) { def user = BeanUtils.instantiateClass(UserClass) user.username = username @@ -170,40 +171,40 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM } private def saveUser(userClazz, user, authorities) { - log.debug("Saving User") + logger.debug("Saving User") if (userClazz && samlAutoCreateActive && samlAutoCreateKey && authorityNameField && authorityJoinClassName) { Map whereClause = [:] whereClause.put "$samlAutoCreateKey".toString(), user."$samlAutoCreateKey" Class joinClass = grailsApplication.getDomainClass(authorityJoinClassName)?.clazz - log.debug("Before With Transaction") + logger.debug("Before With Transaction") - log.debug("Saving User") + logger.debug("Saving User") def existingUser userClazz.withTransaction { existingUser = userClazz.findWhere(whereClause) } if (!existingUser) { - log.debug("User Doesn't Exist.....save it") + logger.debug("User Doesn't Exist.....save it") userClazz.withTransaction { user.save(flush:true) //if (!user.save()) throw new UsernameNotFoundException("Could not save user ${user}"); } } else { - log.debug("User Exists.....update its properties") + logger.debug("User Exists.....update its properties") user = updateUserProperties(existingUser, user) if (samlAutoAssignAuthorities) { - log.debug("Remove all Authorities") + logger.debug("Remove all Authorities") joinClass.withTransaction { joinClass.removeAll user } } - log.debug("Now Save the User") + logger.debug("Now Save the User") userClazz.withTransaction { user.save() } @@ -211,14 +212,14 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM } if (samlAutoAssignAuthorities) { - log.debug("go thru the list of authorities") + logger.debug("go thru the list of authorities") authorities.each { grantedAuthority -> - log.debug("Working on Authority ${grantedAuthority}.${authorityNameField}") + logger.debug("Working on Authority ${grantedAuthority}.${authorityNameField}") def role = getRole(grantedAuthority."${authorityNameField}") - log.debug("SAVING USER_ROLE - User name ${user.username}") - log.debug("SAVING USER_ROLE - Role name ${role.authority}") - log.debug("SAVING USER_ROLE - User Id ${user.id}") - log.debug("SAVING USER_ROLE - Role Id ${role.id}") + logger.debug("SAVING USER_ROLE - User name ${user.username}") + logger.debug("SAVING USER_ROLE - Role name ${role.authority}") + logger.debug("SAVING USER_ROLE - User Id ${user.id}") + logger.debug("SAVING USER_ROLE - Role Id ${role.id}") joinClass.withTransaction { if (!joinClass.exists(user.id, role.id)){ joinClass.create(user, role, true) @@ -244,15 +245,15 @@ class SpringSamlUserDetailsService extends GormUserDetailsService implements SAM private Object getRole(String authority) { if (authority && authorityNameField && authorityClassName) { - log.debug("getRole - param -> ${authority}") + logger.debug("getRole - param -> ${authority}") Class RoleClass = grailsApplication.getDomainClass(authorityClassName).clazz Map whereClause = [:] whereClause.put "$authorityNameField".toString(), authority if (RoleClass) { RoleClass.withTransaction { - log.debug("Where clause -> ${whereClause}") + logger.debug("Where clause -> ${whereClause}") def returnVal = RoleClass.findWhere(whereClause) - log.debug("Return Value from getRole Class-> ${returnVal?.class} Value -> ${returnVal}") + logger.debug("Return Value from getRole Class-> ${returnVal?.class} Value -> ${returnVal}") returnVal } } else {