├── spring-security-phone-samples
    ├── spring-security-phone-samples-helloworld
    │   ├── src
    │   │   └── main
    │   │   │   ├── resources
    │   │   │       ├── application.properties
    │   │   │       ├── messages.properties
    │   │   │       ├── messages_zh_CN.properties
    │   │   │       ├── log4j2.xml
    │   │   │       └── templates
    │   │   │       │   ├── layout.html
    │   │   │       │   ├── login.html
    │   │   │       │   └── login
    │   │   │       │       └── phone.html
    │   │   │   └── java
    │   │   │       └── org
    │   │   │           └── oxerr
    │   │   │               └── spring
    │   │   │                   └── security
    │   │   │                       └── phone
    │   │   │                           └── samples
    │   │   │                               └── helloworld
    │   │   │                                   ├── package-info.java
    │   │   │                                   ├── web
    │   │   │                                       ├── package-info.java
    │   │   │                                       └── IndexController.java
    │   │   │                                   ├── SecurityConfiguration.java
    │   │   │                                   ├── WebMvcConfiguration.java
    │   │   │                                   └── Application.java
    │   └── pom.xml
    └── pom.xml
├── spring-security-phone-web
    ├── src
    │   └── main
    │   │   └── java
    │   │       └── org
    │   │           └── oxerr
    │   │               └── spring
    │   │                   └── security
    │   │                       └── phone
    │   │                           └── web
    │   │                               └── authentication
    │   │                                   ├── package-info.java
    │   │                                   └── PhoneAuthenticationFilter.java
    └── pom.xml
├── spring-security-phone-config
    ├── src
    │   └── main
    │   │   └── java
    │   │       └── org
    │   │           └── oxerr
    │   │               └── spring
    │   │                   └── security
    │   │                       └── phone
    │   │                           └── config
    │   │                               └── annotation
    │   │                                   └── web
    │   │                                       └── configurers
    │   │                                           ├── package-info.java
    │   │                                           └── PhoneLoginConfigurer.java
    └── pom.xml
├── spring-security-phone-core
    ├── src
    │   └── main
    │   │   └── java
    │   │       └── org
    │   │           └── oxerr
    │   │               └── spring
    │   │                   └── security
    │   │                       └── phone
    │   │                           ├── core
    │   │                               ├── package-info.java
    │   │                               └── userdetails
    │   │                               │   ├── PhoneUserDetailsService.java
    │   │                               │   └── PhoneNumberNotFoundException.java
    │   │                           └── authentication
    │   │                               ├── PhoneAuthenticationToken.java
    │   │                               └── PhoneAuthenticationProvider.java
    └── pom.xml
├── maven-version-rules.xml
├── src
    └── site
    │   └── site.xml
├── .gitignore
├── spring-security-phone-coverage
    └── pom.xml
└── pom.xml


/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | spring.thymeleaf.cache=false
2 | 


--------------------------------------------------------------------------------
/spring-security-phone-web/src/main/java/org/oxerr/spring/security/phone/web/authentication/package-info.java:
--------------------------------------------------------------------------------
1 | package org.oxerr.spring.security.phone.web.authentication;
2 | 


--------------------------------------------------------------------------------
/spring-security-phone-config/src/main/java/org/oxerr/spring/security/phone/config/annotation/web/configurers/package-info.java:
--------------------------------------------------------------------------------
1 | package org.oxerr.spring.security.phone.config.annotation.web.configurers;
2 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/java/org/oxerr/spring/security/phone/samples/helloworld/package-info.java:
--------------------------------------------------------------------------------
1 | package org.oxerr.spring.security.phone.samples.helloworld;
2 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/java/org/oxerr/spring/security/phone/samples/helloworld/web/package-info.java:
--------------------------------------------------------------------------------
1 | package org.oxerr.spring.security.phone.samples.helloworld.web;
2 | 


--------------------------------------------------------------------------------
/spring-security-phone-core/src/main/java/org/oxerr/spring/security/phone/core/package-info.java:
--------------------------------------------------------------------------------
1 | /**
2 |  * Authenticates users via phone number & verification code.
3 |  */
4 | package org.oxerr.spring.security.phone.core;
5 | 


--------------------------------------------------------------------------------
/spring-security-phone-core/src/main/java/org/oxerr/spring/security/phone/core/userdetails/PhoneUserDetailsService.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.core.userdetails;
 2 | 
 3 | import org.springframework.security.core.userdetails.UserDetails;
 4 | 
 5 | public interface PhoneUserDetailsService {
 6 | 
 7 | 	boolean consumeCode(String number, String code);
 8 | 
 9 | 	UserDetails loadUserByNumber(String number) throws PhoneNumberNotFoundException;
10 | 
11 | }
12 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/resources/messages.properties:
--------------------------------------------------------------------------------
 1 | login.title=Please Sign In
 2 | login.failure=Your login attempt was not successful, try again.
 3 | login.failure.reason=Reason:
 4 | login.rememberMe=Remember me on this computer.
 5 | login.username=Username
 6 | login.password=Password
 7 | login.login=Login
 8 | 
 9 | login.type.password=Login via Username
10 | login.type.phone=Login via Phone
11 | 
12 | phone.number=Phone number
13 | phone.code=Code
14 | phone.code.send=Send code
15 | 


--------------------------------------------------------------------------------
/maven-version-rules.xml:
--------------------------------------------------------------------------------
 1 | <ruleset comparisonMethod="maven"
 2 | 	xmlns="http://mojo.codehaus.org/versions-maven-plugin/rule/2.0.0"
 3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4 | 	xsi:schemaLocation="
 5 | 		http://mojo.codehaus.org/versions-maven-plugin/rule/2.0.0
 6 | 		http://mojo.codehaus.org/versions-maven-plugin/xsd/rule-2.0.0.xsd">
 7 | 	<rules>
 8 | 		<rule groupId="javax.servlet" comparisonMethod="maven">
 9 | 			<ignoreVersions>
10 | 				<ignoreVersion type="regex">.*\-b\d+</ignoreVersion>
11 | 			</ignoreVersions>
12 | 		</rule>
13 | 	</rules>
14 | </ruleset>
15 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/resources/messages_zh_CN.properties:
--------------------------------------------------------------------------------
 1 | login.title=\u8bf7\u767b\u5f55
 2 | login.failure=\u767b\u5f55\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5\u3002
 3 | login.failure.reason=\u539f\u56e0\uff1a
 4 | login.rememberMe=\u5728\u8fd9\u53f0\u8bbe\u5907\u4e0a\u8bb0\u4f4f\u6211\u3002
 5 | login.username=\u7528\u6237\u540d
 6 | login.password=\u5bc6\u7801
 7 | login.login=\u767b\u5f55
 8 | 
 9 | login.type.password=\u4f7f\u7528\u7528\u6237\u540d\u767b\u5f55
10 | login.type.phone=\u4f7f\u7528\u624b\u673a\u53f7\u767b\u5f55
11 | 
12 | phone.number=\u624b\u673a\u53f7
13 | phone.code=\u9a8c\u8bc1\u7801
14 | phone.code.send=\u53d1\u9001\u9a8c\u8bc1\u7801
15 | 


--------------------------------------------------------------------------------
/spring-security-phone-core/src/main/java/org/oxerr/spring/security/phone/core/userdetails/PhoneNumberNotFoundException.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.core.userdetails;
 2 | 
 3 | import org.springframework.security.core.AuthenticationException;
 4 | 
 5 | public class PhoneNumberNotFoundException extends AuthenticationException {
 6 | 
 7 | 	private static final long serialVersionUID = 2017062701L;
 8 | 
 9 | 	public PhoneNumberNotFoundException() {
10 | 		super("Phone number was not found.");
11 | 	}
12 | 
13 | 	public PhoneNumberNotFoundException(String msg) {
14 | 		super(msg);
15 | 	}
16 | 
17 | 	public PhoneNumberNotFoundException(String msg, Throwable t) {
18 | 		super(msg, t);
19 | 	}
20 | 
21 | }
22 | 


--------------------------------------------------------------------------------
/src/site/site.xml:
--------------------------------------------------------------------------------
 1 | <project xmlns="http://maven.apache.org/DECORATION/1.6.0"
 2 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 | 	xsi:schemaLocation="http://maven.apache.org/DECORATION/1.6.0
 4 | 		http://maven.apache.org/xsd/decoration-1.6.0.xsd">
 5 | 	<skin>
 6 | 		<groupId>org.apache.maven.skins</groupId>
 7 | 		<artifactId>maven-fluido-skin</artifactId>
 8 | 		<version>1.5</version>
 9 | 	</skin>
10 | 	<body>
11 | 		<menu ref="parent" inherit="top" />
12 | 		<menu ref="modules" inherit="top" />
13 | 		<menu ref="reports" inherit="top" />
14 | 	</body>
15 | 	<custom>
16 | 		<fluidoSkin>
17 | 			<topBarEnabled>true</topBarEnabled>
18 | 			<sideBarEnabled>true</sideBarEnabled>
19 | 			<sourceLineNumbersEnabled>true</sourceLineNumbersEnabled>
20 | 			<copyrightClass>pull-right</copyrightClass>
21 | 		</fluidoSkin>
22 | 	</custom>
23 | </project>
24 | 


--------------------------------------------------------------------------------
/spring-security-phone-core/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project
 3 | 	xmlns="http://maven.apache.org/POM/4.0.0"
 4 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 5 | 	xsi:schemaLocation="
 6 | 		http://maven.apache.org/POM/4.0.0
 7 | 		https://maven.apache.org/xsd/maven-4.0.0.xsd">
 8 | 	<modelVersion>4.0.0</modelVersion>
 9 | 	<parent>
10 | 		<groupId>org.oxerr.spring.security.phone</groupId>
11 | 		<artifactId>spring-security-phone</artifactId>
12 | 		<version>2.0.4-SNAPSHOT</version>
13 | 	</parent>
14 | 	<artifactId>spring-security-phone-core</artifactId>
15 | 	<name>Spring Security Phone Core</name>
16 | 	<description>Spring Security Phone Core.</description>
17 | 	<dependencies>
18 | 		<dependency>
19 | 			<groupId>org.springframework.security</groupId>
20 | 			<artifactId>spring-security-core</artifactId>
21 | 		</dependency>
22 | 	</dependencies>
23 | </project>
24 | 


--------------------------------------------------------------------------------
/spring-security-phone-config/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project
 3 | 	xmlns="http://maven.apache.org/POM/4.0.0"
 4 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 5 | 	xsi:schemaLocation="
 6 | 		http://maven.apache.org/POM/4.0.0
 7 | 		https://maven.apache.org/xsd/maven-4.0.0.xsd">
 8 | 	<modelVersion>4.0.0</modelVersion>
 9 | 	<parent>
10 | 		<groupId>org.oxerr.spring.security.phone</groupId>
11 | 		<artifactId>spring-security-phone</artifactId>
12 | 		<version>2.0.4-SNAPSHOT</version>
13 | 	</parent>
14 | 	<artifactId>spring-security-phone-config</artifactId>
15 | 	<name>Spring Security Phone Config</name>
16 | 	<description>Spring Security Phone Config.</description>
17 | 	<dependencies>
18 | 		<dependency>
19 | 			<groupId>org.springframework.security</groupId>
20 | 			<artifactId>spring-security-config</artifactId>
21 | 		</dependency>
22 | 		<dependency>
23 | 			<groupId>${project.groupId}</groupId>
24 | 			<artifactId>spring-security-phone-web</artifactId>
25 | 			<version>${project.version}</version>
26 | 		</dependency>
27 | 	</dependencies>
28 | </project>
29 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project
 3 | 	xmlns="http://maven.apache.org/POM/4.0.0"
 4 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 5 | 	xsi:schemaLocation="
 6 | 		http://maven.apache.org/POM/4.0.0
 7 | 		https://maven.apache.org/xsd/maven-4.0.0.xsd">
 8 | 	<modelVersion>4.0.0</modelVersion>
 9 | 	<parent>
10 | 		<groupId>org.oxerr.spring.security.phone</groupId>
11 | 		<artifactId>spring-security-phone</artifactId>
12 | 		<version>2.0.4-SNAPSHOT</version>
13 | 	</parent>
14 | 	<groupId>org.oxerr.spring.security.phone.samples</groupId>
15 | 	<artifactId>spring-security-phone-samples</artifactId>
16 | 	<packaging>pom</packaging>
17 | 	<name>Spring Security Phone Samples</name>
18 | 	<description>Spring Security Phone Samples.</description>
19 | 	<modules>
20 | 		<module>spring-security-phone-samples-helloworld</module>
21 | 	</modules>
22 | 	<build>
23 | 		<plugins>
24 | 			<plugin>
25 | 				<groupId>org.apache.maven.plugins</groupId>
26 | 				<artifactId>maven-deploy-plugin</artifactId>
27 | 				<configuration>
28 | 					<skip>true</skip>
29 | 				</configuration>
30 | 			</plugin>
31 | 		</plugins>
32 | 	</build>
33 | </project>
34 | 


--------------------------------------------------------------------------------
/spring-security-phone-web/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project
 3 | 	xmlns="http://maven.apache.org/POM/4.0.0"
 4 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 5 | 	xsi:schemaLocation="
 6 | 		http://maven.apache.org/POM/4.0.0
 7 | 		https://maven.apache.org/xsd/maven-4.0.0.xsd">
 8 | 	<modelVersion>4.0.0</modelVersion>
 9 | 	<parent>
10 | 		<groupId>org.oxerr.spring.security.phone</groupId>
11 | 		<artifactId>spring-security-phone</artifactId>
12 | 		<version>2.0.4-SNAPSHOT</version>
13 | 	</parent>
14 | 	<artifactId>spring-security-phone-web</artifactId>
15 | 	<name>Spring Security Phone Web</name>
16 | 	<description>Spring Security Phone Web.</description>
17 | 	<dependencies>
18 | 		<dependency>
19 | 			<groupId>javax.servlet</groupId>
20 | 			<artifactId>javax.servlet-api</artifactId>
21 | 		</dependency>
22 | 		<dependency>
23 | 			<groupId>org.springframework.security</groupId>
24 | 			<artifactId>spring-security-web</artifactId>
25 | 		</dependency>
26 | 		<dependency>
27 | 			<groupId>${project.groupId}</groupId>
28 | 			<artifactId>spring-security-phone-core</artifactId>
29 | 			<version>${project.version}</version>
30 | 		</dependency>
31 | 	</dependencies>
32 | </project>
33 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/java/org/oxerr/spring/security/phone/samples/helloworld/web/IndexController.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.samples.helloworld.web;
 2 | 
 3 | import static org.springframework.web.bind.annotation.RequestMethod.GET;
 4 | 
 5 | import java.io.IOException;
 6 | import java.nio.charset.StandardCharsets;
 7 | import java.security.Principal;
 8 | 
 9 | import javax.annotation.security.RolesAllowed;
10 | import javax.servlet.http.HttpServletResponse;
11 | 
12 | import org.springframework.security.core.Authentication;
13 | import org.springframework.security.core.userdetails.User;
14 | import org.springframework.stereotype.Controller;
15 | import org.springframework.web.bind.annotation.RequestMapping;
16 | 
17 | @Controller
18 | @RolesAllowed("ROLE_USER")
19 | public class IndexController {
20 | 
21 | 	@RequestMapping(method = GET, path = "/")
22 | 	public void getIndex(
23 | 		Principal principal,
24 | 		Authentication authentication,
25 | 		HttpServletResponse response
26 | 	) throws IOException {
27 | 
28 | 		String username = ((User) authentication.getPrincipal()).getUsername();
29 | 
30 | 		response.setCharacterEncoding(StandardCharsets.UTF_8.name());
31 | 		response.setContentType("text/plain");
32 | 		response.getWriter().println("hello " + username);
33 | 		response.flushBuffer();
34 | 	}
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # Java
 2 | *.class
 3 | 
 4 | # Mobile Tools for Java (J2ME)
 5 | .mtj.tmp/
 6 | 
 7 | # Package Files #
 8 | *.jar
 9 | *.war
10 | *.ear
11 | 
12 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
13 | hs_err_pid*
14 | 
15 | # Maven
16 | target/
17 | pom.xml.tag
18 | pom.xml.releaseBackup
19 | pom.xml.versionsBackup
20 | pom.xml.next
21 | release.properties
22 | dependency-reduced-pom.xml
23 | buildNumber.properties
24 | .mvn/timing.properties
25 | 
26 | # Eclipse
27 | .metadata
28 | bin/
29 | tmp/
30 | *.tmp
31 | *.bak
32 | *.swp
33 | *~.nib
34 | local.properties
35 | .settings/
36 | .loadpath
37 | .recommenders
38 | 
39 | # Eclipse Core
40 | .project
41 | 
42 | # External tool builders
43 | .externalToolBuilders/
44 | 
45 | # Locally stored "Eclipse launch configurations"
46 | *.launch
47 | 
48 | # PyDev specific (Python IDE for Eclipse)
49 | *.pydevproject
50 | 
51 | # CDT-specific (C/C++ Development Tooling)
52 | .cproject
53 | 
54 | # JDT-specific (Eclipse Java Development Tools)
55 | .classpath
56 | 
57 | # Java annotation processor (APT)
58 | .factorypath
59 | 
60 | # PDT-specific (PHP Development Tools)
61 | .buildpath
62 | 
63 | # sbteclipse plugin
64 | .target
65 | 
66 | # Tern plugin
67 | .tern-project
68 | 
69 | # TeXlipse plugin
70 | .texlipse
71 | 
72 | # STS (Spring Tool Suite)
73 | .springBeans
74 | 
75 | # Code Recommenders
76 | .recommenders/
77 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/java/org/oxerr/spring/security/phone/samples/helloworld/SecurityConfiguration.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.samples.helloworld;
 2 | 
 3 | import org.oxerr.spring.security.phone.config.annotation.web.configurers.PhoneLoginConfigurer;
 4 | import org.oxerr.spring.security.phone.core.userdetails.PhoneUserDetailsService;
 5 | import org.springframework.beans.factory.annotation.Autowired;
 6 | import org.springframework.context.annotation.Configuration;
 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 8 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 9 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
10 | 
11 | @EnableWebSecurity
12 | public class SecurityConfiguration {
13 | 
14 | 	@Configuration
15 | 	public static class FormLoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
16 | 
17 | 		@Autowired
18 | 		private PhoneUserDetailsService phoneUserDetailsService;
19 | 
20 | 		@Override
21 | 		protected void configure(HttpSecurity http) throws Exception {
22 | 			http
23 | 				.authorizeRequests()
24 | 					.anyRequest().permitAll()
25 | 					.and()
26 | 				.formLogin().loginPage("/login").permitAll()
27 | 					.and()
28 | 				.apply(new PhoneLoginConfigurer<>(phoneUserDetailsService)).loginProcessingUrl("/login/phone").permitAll();
29 | 		}
30 | 
31 | 	}
32 | 
33 | }
34 | 


--------------------------------------------------------------------------------
/spring-security-phone-core/src/main/java/org/oxerr/spring/security/phone/authentication/PhoneAuthenticationToken.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.authentication;
 2 | 
 3 | import org.springframework.security.authentication.AbstractAuthenticationToken;
 4 | import org.springframework.security.core.userdetails.UserDetails;
 5 | import org.springframework.util.Assert;
 6 | 
 7 | public class PhoneAuthenticationToken extends AbstractAuthenticationToken {
 8 | 
 9 | 	private static final long serialVersionUID = 2021112801L;
10 | 
11 | 	private final Object principal;
12 | 
13 | 	private Object credentials;
14 | 
15 | 	public PhoneAuthenticationToken(String number, String code) {
16 | 		super(null);
17 | 		this.principal = number;
18 | 		this.credentials = code;
19 | 		setAuthenticated(false);
20 | 	}
21 | 
22 | 	public PhoneAuthenticationToken(UserDetails userDetails) {
23 | 		super(userDetails.getAuthorities());
24 | 		this.principal = userDetails;
25 | 	}
26 | 
27 | 	@Override
28 | 	public Object getCredentials() {
29 | 		return this.credentials;
30 | 	}
31 | 
32 | 	@Override
33 | 	public Object getPrincipal() {
34 | 		return this.principal;
35 | 	}
36 | 
37 | 	@Override
38 | 	public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
39 | 		Assert.isTrue(!isAuthenticated,
40 | 				"Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead");
41 | 		super.setAuthenticated(false);
42 | 	}
43 | 
44 | 	@Override
45 | 	public void eraseCredentials() {
46 | 		super.eraseCredentials();
47 | 		this.credentials = null;
48 | 	}
49 | 
50 | }
51 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/resources/log4j2.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <Configuration status="WARN">
 3 | 	<Appenders>
 4 | 		<Console name="console" target="SYSTEM_OUT">
 5 | 			<ThresholdFilter level="DEBUG" onMatch="ACCEPT" onMismatch="DENY" />
 6 | 			<PatternLayout charset="UTF-8" pattern="%d{HH:mm:ss.SSS} %-5p [%t] %l %m%n" />
 7 | 		</Console>
 8 | 		<RollingRandomAccessFile name="file"
 9 | 			fileName="target/spring-security-phone-samples-helloworld.log"
10 | 			filePattern="target/spring-security-phone-samples-helloworld-%d{yyyy-MM-dd}-%i.log.gz">
11 | 			<PatternLayout charset="UTF-8">
12 | 				<Pattern>%d %-6p [%t] %C{1.}.%M:%L %m%n</Pattern>
13 | 			</PatternLayout>
14 | 			<Policies>
15 | 				<OnStartupTriggeringPolicy />
16 | 				<TimeBasedTriggeringPolicy />
17 | 			</Policies>
18 | 			<DefaultRolloverStrategy max="7" />
19 | 		</RollingRandomAccessFile>
20 | 	</Appenders>
21 | 	<Loggers>
22 | 		<Logger name="org.springframework.web.filter.CommonsRequestLoggingFilter"
23 | 			level="DEBUG" includeLocation="true"
24 | 			additivity="false">
25 | 			<AppenderRef ref="console" />
26 | 			<AppenderRef ref="file" />
27 | 		</Logger>
28 | 		<Logger name="org.oxerr.spring.security.phone.samples.helloworld"
29 | 			level="ALL" includeLocation="true"
30 | 			additivity="false">
31 | 			<AppenderRef ref="console" />
32 | 			<AppenderRef ref="file" />
33 | 		</Logger>
34 | 		<Root level="WARN" includeLocation="true">
35 | 			<AppenderRef ref="console" />
36 | 			<AppenderRef ref="file" />
37 | 		</Root>
38 | 	</Loggers>
39 | </Configuration>
40 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/java/org/oxerr/spring/security/phone/samples/helloworld/WebMvcConfiguration.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.samples.helloworld;
 2 | 
 3 | import org.springframework.stereotype.Component;
 4 | import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 5 | import org.springframework.web.servlet.config.annotation.PathMatchConfigurer;
 6 | import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
 7 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 8 | import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
 9 | import org.springframework.web.util.UrlPathHelper;
10 | 
11 | @Component
12 | public class WebMvcConfiguration implements WebMvcConfigurer {
13 | 
14 | 	@Override
15 | 	public void configurePathMatch(PathMatchConfigurer configurer) {
16 | 		UrlPathHelper urlPathHelper = new UrlPathHelper();
17 | 		urlPathHelper.setRemoveSemicolonContent(false);
18 | 
19 | 		configurer.setUrlPathHelper(urlPathHelper);
20 | 	}
21 | 
22 | 	@Override
23 | 	public void addViewControllers(ViewControllerRegistry registry) {
24 | 		registry.addViewController("/login").setViewName("login");
25 | 		registry.addViewController("/login/phone").setViewName("login/phone");
26 | 	}
27 | 
28 | 	@Override
29 | 	public void addInterceptors(InterceptorRegistry registry) {
30 | 		LocaleChangeInterceptor localeChangeInterceptor = new LocaleChangeInterceptor();
31 | 		localeChangeInterceptor.setParamName("hl");
32 | 		registry.addInterceptor(localeChangeInterceptor);
33 | 	}
34 | 
35 | }
36 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/resources/templates/layout.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html
 3 | 	xmlns="http://www.w3.org/1999/xhtml"
 4 | 	xmlns:th="http://www.thymeleaf.org"
 5 | 	xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
 6 | <head>
 7 | <meta charset="utf-8" />
 8 | <meta http-equiv="X-UA-Compatible" content="IE=edge" />
 9 | <meta name="viewport" th:content="${viewport} ?: 'width=device-width, initial-scale=1'" />
10 | <!--/* The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags */-->
11 | 
12 | <meta name="_csrf" th:content="${_csrf.token}" />
13 | <meta name="_csrf_header" th:content="${_csrf.headerName}" />
14 | <meta name="_ctx" th:content="${#httpServletRequest.getContextPath()}" />
15 | 
16 | <!--/* HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries */-->
17 | <!--/* WARNING: Respond.js doesn't work if you view the page via file:// */-->
18 | <!--[if lt IE 9]>
19 | <script src="//cdn.bootcss.com/html5shiv/3.7.3/html5shiv.min.js"></script>
20 | <script src="//cdn.bootcss.com/respond.js/1.4.2/respond.min.js"></script>
21 | <![endif]-->
22 | </head>
23 | <body>
24 | 	<section layout:fragment="content"></section>
25 | 
26 | 	<script th:inline="javascript">
27 | 	/*<![CDATA[*/
28 | 	<!--
29 | 	var _ctx = /*[[${#httpServletRequest.getContextPath()}]]*/;
30 | 	var _locale = /*[[${#locale.language + (#strings.isEmpty(#locale.country) ? '' : '-' + #locale.country)}]]*/;
31 | 	//-->
32 | 	/*]]>*/
33 | 	</script>
34 | 
35 | 	<section layout:fragment="custom-scripts" th:remove="tag"></section>
36 | </body>
37 | </html>
38 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/resources/templates/login.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html
 3 | 	xmlns:th="http://www.thymeleaf.org"
 4 | 	xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
 5 | 	layout:decorator="layout"
 6 | 	th:with="viewport='width=device-width, initial-scale=1, user-scalable=0'">
 7 | <head>
 8 | </head>
 9 | <body onload="document.f.username.focus();">
10 | 	<div class="container" layout:fragment="content">
11 | 		<div class="row">
12 | 			<div class="col-md-4 col-md-offset-4">
13 | 				<div class="login-panel panel panel-default">
14 | 					<div class="panel-heading">
15 | 						<h3 class="panel-title" th:text="#{login.title}">Please Sign In</h3>
16 | 					</div>
17 | 					<div class="panel-body">
18 | 						<div class="text-danger" th:if="${#httpSession?.getAttribute('SPRING_SECURITY_LAST_EXCEPTION')} != null">
19 | 							<p th:text="#{login.failure}">Your login attempt was not successful, try again.</p>
20 | 							<p><span th:text="#{login.failure.reason}">Reason: </span><span th:text="${#httpSession?.getAttribute('SPRING_SECURITY_LAST_EXCEPTION').localizedMessage}"></span></p>
21 | 						</div>
22 | 						<form name="f" role="form" th:action="@{/login}" method="post">
23 | 							<fieldset>
24 | 								<div class="form-group">
25 | 									<input class="form-control" th:placeholder="#{login.username}" name="username" type="text" autofocus="autofocus" />
26 | 								</div>
27 | 								<div class="form-group">
28 | 									<input class="form-control" th:placeholder="#{login.password}" name="password" type="password" />
29 | 								</div>
30 | 								<div class="checkbox">
31 | 									<label>
32 | 										<input name="remember-me" type="checkbox" /><span th:text="#{login.rememberMe}">Remember me on this computer.</span>
33 | 									</label>
34 | 								</div>
35 | 								<button type="submit" class="btn btn-lg btn-success btn-block" th:text="#{login.login}">Login</button>
36 | 							</fieldset>
37 | 						</form>
38 | 					</div>
39 | 					<div class="panel-footer">
40 | 						<ol class="breadcrumb" style="margin-bottom: 0;">
41 | 							<li class="active" th:text="#{login.type.password}"></li>
42 | 							<li><a th:href="@{/login/phone}" th:text="#{login.type.phone}"></a></li>
43 | 						</ol>
44 | 					</div>
45 | 				</div>
46 | 			</div>
47 | 		</div>
48 | 	</div>
49 | </body>
50 | </html>
51 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/resources/templates/login/phone.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html
 3 | 	xmlns="http://www.w3.org/1999/xhtml"
 4 | 	xmlns:th="http://www.thymeleaf.org"
 5 | 	xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
 6 | 	layout:decorator="layout"
 7 | 	th:with="viewport='width=device-width, initial-scale=1, user-scalable=0'">
 8 | <head>
 9 | </head>
10 | <body>
11 | 	<div class="container" layout:fragment="content">
12 | 		<div class="row">
13 | 			<div class="col-md-4 col-md-offset-4">
14 | 				<div class="login-panel panel panel-default">
15 | 					<div th:replace="login :: .login-panel/.panel-heading"></div>
16 | 					<div class="panel-body">
17 | 						<div th:replace="login :: .login-panel/.panel-body/.text-danger"></div>
18 | 						<form role="form" th:action="@{/login/phone}" method="post">
19 | 							<fieldset>
20 | 								<div class="form-group">
21 | 									<input class="form-control" th:placeholder="#{phone.number}" name="number" id="number" type="tel" autofocus="autofocus" tabindex="10" />
22 | 								</div>
23 | 								<div class="form-group">
24 | 									<div class="input-group">
25 | 										<input class="form-control" th:placeholder="#{phone.code}" name="code" id="code" type="number" tabindex="30" />
26 | 										<span class="input-group-btn">
27 | 											<button class="btn btn-default" id="sendCodeButton" tabindex="20" th:text="#{phone.code.send}" onclick="alert('test code is 123456');return false;"></button>
28 | 										</span>
29 | 									</div><!-- /input-group -->
30 | 								</div>
31 | 								<div class="checkbox">
32 | 									<label>
33 | 										<input name="remember-me" type="checkbox" tabindex="40" /><span th:text="#{login.rememberMe}">Remember me on this computer.</span>
34 | 									</label>
35 | 								</div>
36 | 								<button type="submit" class="btn btn-lg btn-success btn-block" id="loginButton" th:text="#{login.login}" tabindex="50">Login</button>
37 | 							</fieldset>
38 | 						</form>
39 | 					</div>
40 | 					<div class="panel-footer">
41 | 						<ol class="breadcrumb" style="margin-bottom: 0;">
42 | 							<li><a th:href="@{/login}" th:text="#{login.type.password}" tabindex="100"></a></li>
43 | 							<li class="active" th:text="#{login.type.phone}"></li>
44 | 						</ol>
45 | 					</div>
46 | 				</div>
47 | 			</div>
48 | 		</div>
49 | 	</div>
50 | </body>
51 | </html>
52 | 


--------------------------------------------------------------------------------
/spring-security-phone-coverage/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0"
 3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4 | 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
 5 | 		http://maven.apache.org/maven-v4_0_0.xsd">
 6 | 	<modelVersion>4.0.0</modelVersion>
 7 | 	<parent>
 8 | 		<groupId>org.oxerr.spring.security.phone</groupId>
 9 | 		<artifactId>spring-security-phone</artifactId>
10 | 		<version>2.0.4-SNAPSHOT</version>
11 | 	</parent>
12 | 	<artifactId>spring-security-phone-coverage</artifactId>
13 | 	<name>Spring Security Phone Coverage</name>
14 | 	<description>Compute aggregated test code coverage.</description>
15 | 	<properties>
16 | 		<maven.install.skip>true</maven.install.skip>
17 | 		<maven.deploy.skip>true</maven.deploy.skip>
18 | 		<gpg.skip>true</gpg.skip>
19 | 		<skipNexusStagingDeployMojo>true</skipNexusStagingDeployMojo>
20 | 	</properties>
21 | 	<build>
22 | 		<plugins>
23 | 			<plugin>
24 | 				<groupId>org.apache.maven.plugins</groupId>
25 | 				<artifactId>maven-jar-plugin</artifactId>
26 | 				<configuration>
27 | 					<skipIfEmpty>true</skipIfEmpty>
28 | 				</configuration>
29 | 			</plugin>
30 | 		</plugins>
31 | 	</build>
32 | 	<dependencies>
33 | 		<dependency>
34 | 			<groupId>${project.groupId}</groupId>
35 | 			<artifactId>spring-security-phone-core</artifactId>
36 | 			<version>${project.version}</version>
37 | 		</dependency>
38 | 		<dependency>
39 | 			<groupId>${project.groupId}</groupId>
40 | 			<artifactId>spring-security-phone-web</artifactId>
41 | 			<version>${project.version}</version>
42 | 		</dependency>
43 | 		<dependency>
44 | 			<groupId>${project.groupId}</groupId>
45 | 			<artifactId>spring-security-phone-config</artifactId>
46 | 			<version>${project.version}</version>
47 | 		</dependency>
48 | 		<dependency>
49 | 			<groupId>org.oxerr.spring.security.phone.samples</groupId>
50 | 			<artifactId>spring-security-phone-samples-helloworld</artifactId>
51 | 			<version>${project.version}</version>
52 | 		</dependency>
53 | 	</dependencies>
54 | 	<reporting>
55 | 		<plugins>
56 | 			<plugin>
57 | 				<groupId>org.jacoco</groupId>
58 | 				<artifactId>jacoco-maven-plugin</artifactId>
59 | 				<reportSets>
60 | 					<reportSet>
61 | 						<reports>
62 | 							<report>report-aggregate</report>
63 | 						</reports>
64 | 					</reportSet>
65 | 				</reportSets>
66 | 			</plugin>
67 | 		</plugins>
68 | 	</reporting>
69 | </project>
70 | 


--------------------------------------------------------------------------------
/spring-security-phone-web/src/main/java/org/oxerr/spring/security/phone/web/authentication/PhoneAuthenticationFilter.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.web.authentication;
 2 | 
 3 | import javax.servlet.http.HttpServletRequest;
 4 | import javax.servlet.http.HttpServletResponse;
 5 | 
 6 | import org.oxerr.spring.security.phone.authentication.PhoneAuthenticationToken;
 7 | import org.springframework.security.authentication.AuthenticationServiceException;
 8 | import org.springframework.security.core.Authentication;
 9 | import org.springframework.security.core.AuthenticationException;
10 | import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
11 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
12 | import org.springframework.util.Assert;
13 | 
14 | public class PhoneAuthenticationFilter
15 | 		extends AbstractAuthenticationProcessingFilter {
16 | 
17 | 	public static final String SPRING_SECURITY_FORM_NUMBER_KEY = "number";
18 | 	public static final String SPRING_SECURITY_FORM_CODE_KEY = "code";
19 | 
20 | 	private String numberParameter = SPRING_SECURITY_FORM_NUMBER_KEY;
21 | 	private String codeParameter = SPRING_SECURITY_FORM_CODE_KEY;
22 | 
23 | 	public PhoneAuthenticationFilter() {
24 | 		super(new AntPathRequestMatcher("/login/phone", "POST"));
25 | 	}
26 | 
27 | 	/**
28 | 	 * {@inheritDoc}
29 | 	 */
30 | 	@Override
31 | 	public Authentication attemptAuthentication(HttpServletRequest request,
32 | 			HttpServletResponse response) throws AuthenticationException {
33 | 		if (!request.getMethod().equals("POST")) {
34 | 			throw new AuthenticationServiceException(
35 | 					"Authentication method not supported: " + request.getMethod());
36 | 		}
37 | 
38 | 		final String number = request.getParameter(numberParameter);
39 | 		final String code = request.getParameter(codeParameter);
40 | 
41 | 		final PhoneAuthenticationToken authRequest = new PhoneAuthenticationToken(number, code);
42 | 		authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
43 | 
44 | 		return this.getAuthenticationManager().authenticate(authRequest);
45 | 	}
46 | 
47 | 	public void setNumberParameter(String numberParameter) {
48 | 		Assert.hasText(numberParameter, "Number parameter must not be empty or null");
49 | 		this.numberParameter = numberParameter;
50 | 	}
51 | 
52 | 	public void setCodeParameter(String codeParameter) {
53 | 		Assert.hasText(codeParameter, "Code parameter must not be empty or null");
54 | 		this.codeParameter = codeParameter;
55 | 	}
56 | 
57 | }
58 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/src/main/java/org/oxerr/spring/security/phone/samples/helloworld/Application.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.samples.helloworld;
 2 | 
 3 | import java.util.Arrays;
 4 | 
 5 | import org.oxerr.spring.security.phone.core.userdetails.PhoneNumberNotFoundException;
 6 | import org.oxerr.spring.security.phone.core.userdetails.PhoneUserDetailsService;
 7 | import org.springframework.boot.SpringApplication;
 8 | import org.springframework.boot.autoconfigure.SpringBootApplication;
 9 | import org.springframework.boot.web.servlet.FilterRegistrationBean;
10 | import org.springframework.context.annotation.Bean;
11 | import org.springframework.core.Ordered;
12 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
13 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
14 | import org.springframework.security.core.userdetails.User;
15 | import org.springframework.security.core.userdetails.UserDetails;
16 | import org.springframework.web.filter.CommonsRequestLoggingFilter;
17 | 
18 | @SpringBootApplication
19 | @EnableGlobalMethodSecurity(jsr250Enabled = true)
20 | public class Application {
21 | 
22 | 	/**
23 | 	 * Writes the request URI (and optionally the query string) to the Commons Log.
24 | 	 *
25 | 	 * @return the filter registration bean for the {@link CommonsRequestLoggingFilter}.
26 | 	 */
27 | 	@Bean
28 | 	public FilterRegistrationBean<CommonsRequestLoggingFilter> commonsRequestLoggingFilterRegistrationBean() {
29 | 		FilterRegistrationBean<CommonsRequestLoggingFilter> registrationBean = new FilterRegistrationBean<>();
30 | 		CommonsRequestLoggingFilter requestLoggingFilter = new CommonsRequestLoggingFilter();
31 | 		registrationBean.setFilter(requestLoggingFilter);
32 | 		registrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
33 | 		return registrationBean;
34 | 	}
35 | 
36 | 	@Bean
37 | 	public PhoneUserDetailsService phoneUserDetailsService() {
38 | 		return new PhoneUserDetailsService() {
39 | 
40 | 			@Override
41 | 			public UserDetails loadUserByNumber(String number)
42 | 					throws PhoneNumberNotFoundException {
43 | 				return new User("user", "user1234", Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
44 | 			}
45 | 
46 | 			@Override
47 | 			public boolean consumeCode(String number, String code) {
48 | 				return "123456".equals(code);
49 | 			}
50 | 		};
51 | 	}
52 | 
53 | 	public static void main(String[] args) {
54 | 		SpringApplication.run(Application.class, args);
55 | 	}
56 | 
57 | }
58 | 


--------------------------------------------------------------------------------
/spring-security-phone-samples/spring-security-phone-samples-helloworld/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project
 3 | 	xmlns="http://maven.apache.org/POM/4.0.0"
 4 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 5 | 	xsi:schemaLocation="
 6 | 		http://maven.apache.org/POM/4.0.0
 7 | 		https://maven.apache.org/xsd/maven-4.0.0.xsd">
 8 | 	<modelVersion>4.0.0</modelVersion>
 9 | 	<parent>
10 | 		<groupId>org.oxerr.spring.security.phone.samples</groupId>
11 | 		<artifactId>spring-security-phone-samples</artifactId>
12 | 		<version>2.0.4-SNAPSHOT</version>
13 | 	</parent>
14 | 	<artifactId>spring-security-phone-samples-helloworld</artifactId>
15 | 	<properties>
16 | 		<spring-boot.version>2.6.0</spring-boot.version>
17 | 	</properties>
18 | 	<dependencyManagement>
19 | 		<dependencies>
20 | 			<dependency>
21 | 				<groupId>org.springframework.boot</groupId>
22 | 				<artifactId>spring-boot-dependencies</artifactId>
23 | 				<version>${spring-boot.version}</version>
24 | 				<type>pom</type>
25 | 				<scope>import</scope>
26 | 			</dependency>
27 | 		</dependencies>
28 | 	</dependencyManagement>
29 | 	<dependencies>
30 | 		<dependency>
31 | 			<groupId>org.springframework.boot</groupId>
32 | 			<artifactId>spring-boot-configuration-processor</artifactId>
33 | 			<optional>true</optional>
34 | 		</dependency>
35 | 		<dependency>
36 | 			<groupId>org.springframework.boot</groupId>
37 | 			<artifactId>spring-boot-devtools</artifactId>
38 | 			<optional>true</optional>
39 | 		</dependency>
40 | 		<dependency>
41 | 			<groupId>org.springframework.boot</groupId>
42 | 			<artifactId>spring-boot-starter</artifactId>
43 | 			<exclusions>
44 | 				<exclusion>
45 | 					<groupId>org.springframework.boot</groupId>
46 | 					<artifactId>spring-boot-starter-logging</artifactId>
47 | 				</exclusion>
48 | 			</exclusions>
49 | 		</dependency>
50 | 		<dependency>
51 | 			<groupId>org.springframework.boot</groupId>
52 | 			<artifactId>spring-boot-starter-log4j2</artifactId>
53 | 		</dependency>
54 | 		<dependency>
55 | 			<groupId>org.springframework.boot</groupId>
56 | 			<artifactId>spring-boot-starter-thymeleaf</artifactId>
57 | 		</dependency>
58 | 		<dependency>
59 | 			<groupId>org.springframework.boot</groupId>
60 | 			<artifactId>spring-boot-starter-web</artifactId>
61 | 		</dependency>
62 | 		<dependency>
63 | 			<groupId>nz.net.ultraq.thymeleaf</groupId>
64 | 			<artifactId>thymeleaf-layout-dialect</artifactId>
65 | 		</dependency>
66 | 		<dependency>
67 | 			<groupId>org.oxerr.spring.security.phone</groupId>
68 | 			<artifactId>spring-security-phone-config</artifactId>
69 | 			<version>${project.version}</version>
70 | 		</dependency>
71 | 	</dependencies>
72 | </project>
73 | 


--------------------------------------------------------------------------------
/spring-security-phone-core/src/main/java/org/oxerr/spring/security/phone/authentication/PhoneAuthenticationProvider.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.authentication;
 2 | 
 3 | import org.oxerr.spring.security.phone.core.userdetails.PhoneUserDetailsService;
 4 | import org.springframework.beans.factory.InitializingBean;
 5 | import org.springframework.context.MessageSource;
 6 | import org.springframework.context.MessageSourceAware;
 7 | import org.springframework.context.support.MessageSourceAccessor;
 8 | import org.springframework.security.authentication.AccountStatusUserDetailsChecker;
 9 | import org.springframework.security.authentication.AuthenticationProvider;
10 | import org.springframework.security.authentication.BadCredentialsException;
11 | import org.springframework.security.core.Authentication;
12 | import org.springframework.security.core.AuthenticationException;
13 | import org.springframework.security.core.SpringSecurityMessageSource;
14 | import org.springframework.security.core.userdetails.UserDetails;
15 | import org.springframework.security.core.userdetails.UserDetailsChecker;
16 | import org.springframework.util.Assert;
17 | 
18 | public class PhoneAuthenticationProvider implements AuthenticationProvider,
19 | 		InitializingBean, MessageSourceAware {
20 | 
21 | 	protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
22 | 	private final PhoneUserDetailsService phoneUserDetailsService;
23 | 
24 | 	private UserDetailsChecker postAuthenticationChecks = new AccountStatusUserDetailsChecker();
25 | 
26 | 	public PhoneAuthenticationProvider(
27 | 		PhoneUserDetailsService phoneUserDetailsService
28 | 	) {
29 | 		this.phoneUserDetailsService = phoneUserDetailsService;
30 | 	}
31 | 
32 | 	/**
33 | 	 * {@inheritDoc}
34 | 	 */
35 | 	@Override
36 | 	public Authentication authenticate(final Authentication authentication)
37 | 			throws AuthenticationException {
38 | 		final PhoneAuthenticationToken phoneAuthenticationToken = (PhoneAuthenticationToken) authentication;
39 | 
40 | 		final String number = (String) phoneAuthenticationToken.getPrincipal();
41 | 		final String code = (String) phoneAuthenticationToken.getCredentials();
42 | 
43 | 		if (!phoneUserDetailsService.consumeCode(number, code)) {
44 | 			throw new BadCredentialsException(messages.getMessage(
45 | 					"AbstractUserDetailsAuthenticationProvider.badCredentials",
46 | 					"Bad credentials"));
47 | 		}
48 | 
49 | 		UserDetails user = phoneUserDetailsService.loadUserByNumber(number);
50 | 
51 | 		postAuthenticationChecks.check(user);
52 | 
53 | 		return new PhoneAuthenticationToken(user);
54 | 	}
55 | 
56 | 	/**
57 | 	 * {@inheritDoc}
58 | 	 */
59 | 	@Override
60 | 	public boolean supports(Class<?> authentication) {
61 | 		return PhoneAuthenticationToken.class.isAssignableFrom(authentication);
62 | 	}
63 | 
64 | 	/**
65 | 	 * {@inheritDoc}
66 | 	 */
67 | 	@Override
68 | 	public void afterPropertiesSet() throws Exception {
69 | 		Assert.notNull(this.messages, "A message source must be set");
70 | 		Assert.notNull(this.phoneUserDetailsService, "A phoneUserDetailsService must be set.");
71 | 		Assert.notNull(this.postAuthenticationChecks, "A postAuthenticationChecks must be set.");
72 | 	}
73 | 
74 | 	/**
75 | 	 * {@inheritDoc}
76 | 	 */
77 | 	@Override
78 | 	public void setMessageSource(MessageSource messageSource) {
79 | 		this.messages = new MessageSourceAccessor(messageSource);
80 | 	}
81 | 
82 | }
83 | 


--------------------------------------------------------------------------------
/spring-security-phone-config/src/main/java/org/oxerr/spring/security/phone/config/annotation/web/configurers/PhoneLoginConfigurer.java:
--------------------------------------------------------------------------------
 1 | package org.oxerr.spring.security.phone.config.annotation.web.configurers;
 2 | 
 3 | import org.oxerr.spring.security.phone.authentication.PhoneAuthenticationProvider;
 4 | import org.oxerr.spring.security.phone.core.userdetails.PhoneUserDetailsService;
 5 | import org.oxerr.spring.security.phone.web.authentication.PhoneAuthenticationFilter;
 6 | import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 7 | import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer;
 8 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 9 | import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
10 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
11 | import org.springframework.security.web.util.matcher.RequestMatcher;
12 | 
13 | public final class PhoneLoginConfigurer<H extends HttpSecurityBuilder<H>>
14 | 		extends
15 | 		AbstractAuthenticationFilterConfigurer<H, PhoneLoginConfigurer<H>,
16 | 		PhoneAuthenticationFilter> {
17 | 
18 | 	private final PhoneUserDetailsService phoneUserDetailsService;
19 | 
20 | 	public PhoneLoginConfigurer(PhoneUserDetailsService phoneUserDetailsService) {
21 | 		super(new PhoneAuthenticationFilter(), "/login/phone");
22 | 		this.phoneUserDetailsService = phoneUserDetailsService;
23 | 		numberParameter("number");
24 | 		codeParameter("code");
25 | 	}
26 | 
27 | 	/**
28 | 	 * {@inheritDoc}
29 | 	 */
30 | 	@Override
31 | 	public void configure(H http) throws Exception {
32 | 
33 | 		// Make sure the filter be registered in
34 | 		// org.springframework.security.config.annotation.web.builders.FilterComparator
35 | 		http.addFilterAfter(getAuthenticationFilter(),
36 | 				UsernamePasswordAuthenticationFilter.class);
37 | 
38 | 		super.configure(http);
39 | 	}
40 | 
41 | 	@Override
42 | 	public PhoneLoginConfigurer<H> loginPage(String loginPage) {
43 | 		return super.loginPage(loginPage);
44 | 	}
45 | 
46 | 	/**
47 | 	 * {@inheritDoc}
48 | 	 */
49 | 	@Override
50 | 	public void init(H http) throws Exception {
51 | 		super.init(http);
52 | 
53 | 		PhoneAuthenticationProvider authenticationProvider = new PhoneAuthenticationProvider(
54 | 				phoneUserDetailsService);
55 | 		postProcess(authenticationProvider);
56 | 		http.authenticationProvider(authenticationProvider);
57 | 
58 | 		initDefaultLoginFilter(http);
59 | 	}
60 | 
61 | 	/**
62 | 	 * {@inheritDoc}
63 | 	 */
64 | 	@Override
65 | 	protected RequestMatcher createLoginProcessingUrlMatcher(
66 | 			String loginProcessingUrl) {
67 | 		return new AntPathRequestMatcher(loginProcessingUrl, "POST");
68 | 	}
69 | 
70 | 	private void initDefaultLoginFilter(H http) {
71 | 		DefaultLoginPageGeneratingFilter loginPageGeneratingFilter = http
72 | 				.getSharedObject(DefaultLoginPageGeneratingFilter.class);
73 | 		if (loginPageGeneratingFilter != null && !isCustomLoginPage()) {
74 | 			String loginPageUrl = loginPageGeneratingFilter.getLoginPageUrl();
75 | 			if (loginPageUrl == null) {
76 | 				loginPageGeneratingFilter.setLoginPageUrl(getLoginPage());
77 | 				loginPageGeneratingFilter.setFailureUrl(getFailureUrl());
78 | 			}
79 | 		}
80 | 	}
81 | 
82 | 	public PhoneLoginConfigurer<H> numberParameter(String numberParameter) {
83 | 		getAuthenticationFilter().setNumberParameter(numberParameter);
84 | 		return this;
85 | 	}
86 | 
87 | 	public PhoneLoginConfigurer<H> codeParameter(String codeParameter) {
88 | 		getAuthenticationFilter().setCodeParameter(codeParameter);
89 | 		return this;
90 | 	}
91 | 
92 | }
93 | 


--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="UTF-8"?>
  2 | <project
  3 | 	xmlns="http://maven.apache.org/POM/4.0.0"
  4 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  5 | 	xsi:schemaLocation="
  6 | 		http://maven.apache.org/POM/4.0.0
  7 | 		https://maven.apache.org/xsd/maven-4.0.0.xsd">
  8 | 	<modelVersion>4.0.0</modelVersion>
  9 | 	<parent>
 10 | 		<groupId>org.oxerr</groupId>
 11 | 		<artifactId>oxerr-parent</artifactId>
 12 | 		<version>1.4.0</version>
 13 | 	</parent>
 14 | 	<groupId>org.oxerr.spring.security.phone</groupId>
 15 | 	<artifactId>spring-security-phone</artifactId>
 16 | 	<version>2.0.4-SNAPSHOT</version>
 17 | 	<packaging>pom</packaging>
 18 | 	<name>Spring Security Phone</name>
 19 | 	<description>Login via phone number &amp; verification code.</description>
 20 | 	<url>https://oxerr.org/spring-security-phone</url>
 21 | 	<inceptionYear>2016</inceptionYear>
 22 | 	<properties>
 23 | 		<maven.compiler.source>1.8</maven.compiler.source>
 24 | 		<maven.compiler.target>1.8</maven.compiler.target>
 25 | 		<spring-security.version>5.7.14</spring-security.version>
 26 | 	</properties>
 27 | 	<modules>
 28 | 		<module>spring-security-phone-core</module>
 29 | 		<module>spring-security-phone-web</module>
 30 | 		<module>spring-security-phone-config</module>
 31 | 		<module>spring-security-phone-samples</module>
 32 | 		<module>spring-security-phone-coverage</module>
 33 | 	</modules>
 34 | 	<build>
 35 | 		<plugins>
 36 | 			<plugin>
 37 | 				<groupId>org.codehaus.mojo</groupId>
 38 | 				<artifactId>versions-maven-plugin</artifactId>
 39 | 				<configuration>
 40 | 					<rulesUri>file:///${session.executionRootDirectory}/maven-version-rules.xml</rulesUri>
 41 | 				</configuration>
 42 | 			</plugin>
 43 | 			<plugin>
 44 | 				<groupId>org.jacoco</groupId>
 45 | 				<artifactId>jacoco-maven-plugin</artifactId>
 46 | 				<executions>
 47 | 					<execution>
 48 | 						<goals>
 49 | 							<goal>prepare-agent</goal>
 50 | 						</goals>
 51 | 					</execution>
 52 | 					<execution>
 53 | 						<id>report</id>
 54 | 						<phase>verify</phase>
 55 | 						<goals>
 56 | 							<goal>report</goal>
 57 | 						</goals>
 58 | 					</execution>
 59 | 				</executions>
 60 | 			</plugin>
 61 | 		</plugins>
 62 | 		<pluginManagement>
 63 | 			<plugins>
 64 | 				<plugin>
 65 | 					<groupId>org.codehaus.mojo</groupId>
 66 | 					<artifactId>findbugs-maven-plugin</artifactId>
 67 | 					<version>3.0.3</version>
 68 | 				</plugin>
 69 | 			</plugins>
 70 | 		</pluginManagement>
 71 | 	</build>
 72 | 	<reporting>
 73 | 		<plugins>
 74 | 			<plugin>
 75 | 				<groupId>org.codehaus.mojo</groupId>
 76 | 				<artifactId>findbugs-maven-plugin</artifactId>
 77 | 			</plugin>
 78 | 		</plugins>
 79 | 	</reporting>
 80 | 	<dependencyManagement>
 81 | 		<dependencies>
 82 | 			<dependency>
 83 | 				<groupId>javax.servlet</groupId>
 84 | 				<artifactId>javax.servlet-api</artifactId>
 85 | 				<version>4.0.1</version>
 86 | 			</dependency>
 87 | 			<dependency>
 88 | 				<groupId>org.springframework.security</groupId>
 89 | 				<artifactId>spring-security-core</artifactId>
 90 | 				<version>${spring-security.version}</version>
 91 | 			</dependency>
 92 | 			<dependency>
 93 | 				<groupId>org.springframework.security</groupId>
 94 | 				<artifactId>spring-security-config</artifactId>
 95 | 				<version>${spring-security.version}</version>
 96 | 			</dependency>
 97 | 			<dependency>
 98 | 				<groupId>org.springframework.security</groupId>
 99 | 				<artifactId>spring-security-web</artifactId>
100 | 				<version>${spring-security.version}</version>
101 | 			</dependency>
102 | 		</dependencies>
103 | 	</dependencyManagement>
104 | 	<scm>
105 | 		<connection>scm:git:git@github.com:sutra/spring-security-phone.git</connection>
106 | 		<developerConnection>scm:git:git@github.com:sutra/spring-security-phone.git</developerConnection>
107 | 		<url>https://github.com/sutra/spring-security-phone/tree/master</url>
108 | 	</scm>
109 | 	<issueManagement>
110 | 		<system>GitHub</system>
111 | 		<url>https://github.com/sutra/spring-security-phone/issues</url>
112 | 	</issueManagement>
113 | 	<distributionManagement>
114 | 		<site>
115 | 			<id>oxerr.org</id>
116 | 			<url>scp://oxerr.org/usr/local/www/spring-security-phone/</url>
117 | 		</site>
118 | 	</distributionManagement>
119 | </project>
120 | 


--------------------------------------------------------------------------------