Class AppianUserDetails

java.lang.Object
com.appiancorp.suiteapi.security.auth.AppianUserDetails
All Implemented Interfaces:
com.appiancorp.security.auth.SecurityContext, com.appiancorp.suiteapi.security.auth.UserDetailsAndSecurityContext, Serializable, Principal, org.springframework.security.core.userdetails.UserDetails

public class AppianUserDetails extends Object implements com.appiancorp.suiteapi.security.auth.UserDetailsAndSecurityContext
Implements the Spring UserDetails interface and holds Appian-specific data about a user.

Use AppianUserDetailsService to get an instance of this class.

See Also:
  • Constructor Details

    • AppianUserDetails

      @Deprecated public AppianUserDetails(UserProfile userProfile, PasswordStatus passwordStatus, Set<String> roles)
      Deprecated.
    • AppianUserDetails

      public AppianUserDetails(UserProfile userProfile, com.appiancorp.security.auth.GroupMembershipInfoProvider groupMembershipInfoProvider, PasswordStatus passwordStatus)
    • AppianUserDetails

      public AppianUserDetails(String username, com.appiancorp.security.auth.GroupMembershipInfoProvider groupMembershipInfoProvider)
      Constructor to use when you only have the username since calling to retrieve a UserProfile object is comparatively expensive.
  • Method Details

    • getUserProfile

      public UserProfile getUserProfile()
    • getUserUuid

      public String getUserUuid()
      Specified by:
      getUserUuid in interface com.appiancorp.security.auth.SecurityContext
    • setOverrideLocale

      public void setOverrideLocale(Locale overrideLocale)
    • getOverrideLocale

      public Locale getOverrideLocale()
      Specified by:
      getOverrideLocale in interface com.appiancorp.security.auth.SecurityContext
    • setAllowOverrideForDisabledLocale

      public void setAllowOverrideForDisabledLocale(boolean allowOverrideForDisabledLocale)
      Sets allowOverrideForDisabledLocale to decide locale override when it's disabled
    • isAllowOverrideForDisabledLocale

      public boolean isAllowOverrideForDisabledLocale()
      Returns boolean allowOverrideForDisabledLocale
      Specified by:
      isAllowOverrideForDisabledLocale in interface com.appiancorp.security.auth.SecurityContext
    • setIsAdsSuperUser

      public void setIsAdsSuperUser(boolean isAdsSuperUser)
    • isAdsSuperUser

      public boolean isAdsSuperUser()
      Specified by:
      isAdsSuperUser in interface com.appiancorp.security.auth.SecurityContext
    • getPasswordStatus

      public PasswordStatus getPasswordStatus()
    • setPasswordStatus

      public void setPasswordStatus(PasswordStatus passwordStatus)
    • getScsKey

      public char[] getScsKey()
      Returns the key used to encrypt and decrypt values stored in the secure credentials store for this user. This key is used by the system automatically and should not be used for any other purposes.
      Returns:
      the key
    • setScsKey

      public void setScsKey(char[] scsKey)
      Sets the key used to encrypt and decrypt values stored in the secure credentials store for this user. This key is set by the system automatically.
      Parameters:
      scsKey - the key that will be used to encrypt and decrypt values
    • hashAndSetScsKey

      public void hashAndSetScsKey(char[] scsKeyPlainText)
      Hashes and sets the key used to encrypt and decrypt values stored in the secure credentials store for this user. This key is set by the system automatically.
      Parameters:
      scsKeyPlainText - the plain text of the key that will be used to encrypt and decrypt values
    • getUsername

      public String getUsername()
      Specified by:
      getUsername in interface org.springframework.security.core.userdetails.UserDetails
    • getPassword

      public String getPassword()
      Specified by:
      getPassword in interface org.springframework.security.core.userdetails.UserDetails
    • isAccountNonExpired

      public boolean isAccountNonExpired()
      Returns true.
      Specified by:
      isAccountNonExpired in interface org.springframework.security.core.userdetails.UserDetails
    • isAccountNonLocked

      public boolean isAccountNonLocked()
      Returns true.
      Specified by:
      isAccountNonLocked in interface org.springframework.security.core.userdetails.UserDetails
    • isCredentialsNonExpired

      public boolean isCredentialsNonExpired()
      Returns true.
      Specified by:
      isCredentialsNonExpired in interface org.springframework.security.core.userdetails.UserDetails
    • isEnabled

      public boolean isEnabled()
      Returns true.
      Specified by:
      isEnabled in interface org.springframework.security.core.userdetails.UserDetails
    • getAuthorities

      public Collection<org.springframework.security.core.GrantedAuthority> getAuthorities()
      Returns this user's roles.
      Specified by:
      getAuthorities in interface org.springframework.security.core.userdetails.UserDetails
    • setAuthorities

      @Deprecated public void setAuthorities(Collection<org.springframework.security.core.GrantedAuthority> authorities)
      Deprecated.
      The authorities are calculated from the user's group memebrship and it is no longer necessary to set authorities explicitly.
      Parameters:
      authorities -
    • getName

      public String getName()
      Specified by:
      getName in interface Principal
    • getUserRef

      public com.appiancorp.type.refs.UserRef getUserRef()
      Returns the Appian data source UserRef for the user of these Credentials.
      Specified by:
      getUserRef in interface com.appiancorp.security.auth.SecurityContext
    • isUserRefNull

      public boolean isUserRefNull()
      Specified by:
      isUserRefNull in interface com.appiancorp.security.auth.SecurityContext
    • getMemberGroupUuids

      public Set<String> getMemberGroupUuids()
      Returns the UUIDs of the groups where the user is a member.
      Specified by:
      getMemberGroupUuids in interface com.appiancorp.security.auth.SecurityContext
    • getMemberGroupRefs

      public Set<com.appiancorp.type.refs.GroupRef> getMemberGroupRefs()
      Returns the Appian data source GroupRefs for the groups where the user is a member.
      Specified by:
      getMemberGroupRefs in interface com.appiancorp.security.auth.SecurityContext
    • getRoles

      public Set<String> getRoles()
      Returns the user's roles.
      Specified by:
      getRoles in interface com.appiancorp.security.auth.SecurityContext
    • isSysAdmin

      public boolean isSysAdmin()
      Specified by:
      isSysAdmin in interface com.appiancorp.security.auth.SecurityContext
    • getGrantorName

      public String getGrantorName()
      Specified by:
      getGrantorName in interface com.appiancorp.security.auth.SecurityContext
    • getGrantorRoles

      public Set<String> getGrantorRoles()
      Specified by:
      getGrantorRoles in interface com.appiancorp.security.auth.SecurityContext
    • isAuthenticatedByAppianInternalProvider

      public boolean isAuthenticatedByAppianInternalProvider()
      Specified by:
      isAuthenticatedByAppianInternalProvider in interface com.appiancorp.security.auth.SecurityContext
      Returns:
      true if Appian's internal authentication provider authenticated the user. If multiple authentication providers are chained, this will return true if Appian's internal provider was reached and successfully authenticated the user, regardless of the response of other providers.
    • setAuthenticatedByAppianInternalProvider

      public void setAuthenticatedByAppianInternalProvider(boolean value)
      This is meant to be set only by the internal Appian authentication provider.
    • isLoggedInThroughSaml

      public boolean isLoggedInThroughSaml()
      Specified by:
      isLoggedInThroughSaml in interface com.appiancorp.security.auth.SecurityContext
      Returns:
      true if Appian's internal SAML authentication provider authenticated the user. If multiple authentication providers are chained, this will return true if Appian's internal provider was reached and successfully authenticated the user, regardless of the response of other providers.
    • setLoggedInThroughSaml

      public void setLoggedInThroughSaml(boolean loggedInThroughSaml)
      This is meant to be set only by the internal Appian authentication provider.
    • getAppianLoginContext

      public com.appiancorp.security.auth.AppianLoginContext getAppianLoginContext()
      Returns SSO specific login context that is used internally.
      Specified by:
      getAppianLoginContext in interface com.appiancorp.security.auth.SecurityContext
    • setAppianLoginContext

      public void setAppianLoginContext(com.appiancorp.security.auth.AppianLoginContext appianLoginContext)
      This is meant to be set only by the internal Appian authentication provider.
    • getEncryptedSamlAssertion

      public String getEncryptedSamlAssertion()
      Holds encrypted saml assertion used to authenticate user when they logged in via saml. It is empty by default and will be cleared by OAuthSamlAuthGrantLoginSuccessListener once it has been consumed.
      Returns:
      encrypted saml assertion or empty string if not set
    • setEncryptedSamlAssertion

      public void setEncryptedSamlAssertion(String encryptedAssertion)
      This is meant to be set only by the SamlAuthenticationWrapper. Used by OAuth Saml based Auth type Http Connected Systems. If null input is provided it will normalized to an empty string.
      Parameters:
      encryptedAssertion -
    • clearEncryptedSamlAssertion

      public void clearEncryptedSamlAssertion()
      Clear cached saml assertion once we are done consuming it. We should not hold on it for longer than required period.
    • toString

      public String toString()
      Specified by:
      toString in interface Principal
      Overrides:
      toString in class Object
    • hashCode

      public int hashCode()
      Returns the hash code of the username.
      Specified by:
      hashCode in interface Principal
      Overrides:
      hashCode in class Object
    • equals

      public boolean equals(Object obj)
      Returns true if the given object is an instance of AppianUserDetails and has the same username as this object.
      Specified by:
      equals in interface Principal
      Overrides:
      equals in class Object
    • setCustomContext

      @Deprecated public AppianUserDetails setCustomContext(Class cls, String key, Object obj)
      Deprecated.
      this method should not be called by anybody other than the Appian platform. The behavior of this method is undocumented, and it may be removed or changed in future releases.
    • getCustomContext

      @Deprecated public Object getCustomContext(Class cls, String key)
      Deprecated.
      this method should not be called by anybody other than the Appian platform. The behavior of this method is undocumented, and it may be removed or changed in future releases.