1
00:00:00,240 --> 00:00:07,650
In this video, let's try to implement authentication provider and do authentication of the user aspect

2
00:00:07,650 --> 00:00:10,150
of our business requirements for that.

3
00:00:10,470 --> 00:00:13,050
Let's try to check what we have done previously.

4
00:00:13,320 --> 00:00:21,420
So previously, we have an implementation of user detailed service and from my default authentication

5
00:00:21,420 --> 00:00:24,690
provider, which is Darwell authentication provider.

6
00:00:24,960 --> 00:00:34,410
A call will happen to your user by user name, and this will go to the database and leverage my password

7
00:00:34,410 --> 00:00:36,540
encoders and check everything.

8
00:00:36,900 --> 00:00:44,340
Once authentication is successful, user details will be sent back to my provider with the conversion

9
00:00:44,340 --> 00:00:49,680
from user details to authentication is happening, which is up in the previous will do so.

10
00:00:49,680 --> 00:00:57,600
Now, I don't want to follow this user detail service and I don't want to tightly coupled with this

11
00:00:57,750 --> 00:01:04,709
spring security mechanism of user tritle service and user details, I just want to have my own implementation.

12
00:01:05,190 --> 00:01:15,150
Ignoring this default provider interfaces, user contract, everything that we just have to create a

13
00:01:15,600 --> 00:01:22,250
class which implements authentication provider and annotate the class with a direct component.

14
00:01:22,560 --> 00:01:30,270
So inside this we have to write a method called authenticate, which accept authentication and returns

15
00:01:30,310 --> 00:01:31,120
authentication.

16
00:01:31,470 --> 00:01:39,270
So here I'm just taking the user name from the authentication object by taking Get Me, which is from

17
00:01:39,270 --> 00:01:42,390
the principal interface and password.

18
00:01:42,450 --> 00:01:45,770
Also I am taking from the get credentials.

19
00:01:46,050 --> 00:01:52,830
So now what I'm doing is I'm just directly calling my repository with the user name and once I give

20
00:01:52,840 --> 00:01:59,820
the customer details, I'm leveraging the password encoder to just check whether the match between what

21
00:01:59,820 --> 00:02:04,710
I receive and what I stored in the database in terms of hash is matching.

22
00:02:05,010 --> 00:02:10,800
If everything is matching, then I'm just trying to populate the authorities based upon the role that

23
00:02:10,800 --> 00:02:18,120
I have in my customer object and forming a username password authentication.

24
00:02:18,630 --> 00:02:22,200
So if you remember in our previous videos we have discussed this.

25
00:02:22,530 --> 00:02:25,320
This is an implementation of authentication interface.

26
00:02:26,100 --> 00:02:34,110
So when I found this object of this class and returned to the method authenticate framework will happily

27
00:02:34,110 --> 00:02:37,080
accept that and will not throw any issues.

28
00:02:37,320 --> 00:02:38,940
So here are the same time.

29
00:02:38,940 --> 00:02:43,400
We also have a support method which are hard to implement.

30
00:02:43,620 --> 00:02:52,350
And here I'm saying to framework whenever I get input, which of username password authentication token

31
00:02:52,350 --> 00:02:56,270
from the user then only use this provider.

32
00:02:56,820 --> 00:03:05,040
But if we have a scenario where I am receiving some fingerprint or tip, then I don't want to use this

33
00:03:05,040 --> 00:03:05,540
provider.

34
00:03:05,760 --> 00:03:10,890
So in such scenarios we can create any number of providers with the same approach.

35
00:03:11,280 --> 00:03:14,760
But the only difference will be to support Summitville.

36
00:03:14,760 --> 00:03:20,260
How different authentication implementation along with this type.

37
00:03:20,640 --> 00:03:28,020
So maybe in such an we have to write our own authentication implementation with the name like fingerprint

38
00:03:28,020 --> 00:03:29,930
authentication to conduct class.

39
00:03:30,300 --> 00:03:37,380
So once we are done that, then any number of authentication providers we can configure and automatically

40
00:03:37,830 --> 00:03:39,610
spring security checks.

41
00:03:39,720 --> 00:03:46,560
Since we are annotating this with the component and implementing authentication provider as being security

42
00:03:46,560 --> 00:03:49,170
smart enough to detect all this progress.

43
00:03:49,440 --> 00:03:57,690
And as I was saying previously, we can have any number of providers implemented inside our security.

44
00:03:58,020 --> 00:04:04,530
And our provider manager, which implements the authentication manager, will take the responsibility

45
00:04:04,530 --> 00:04:13,410
of calling each and every authentication provider built that we get bad credentials until we get a successful

46
00:04:13,620 --> 00:04:17,579
authentication of all the providers has been tried.

47
00:04:17,700 --> 00:04:21,360
But still there is no authentication happening.

48
00:04:21,750 --> 00:04:24,300
So I just keep a breakpoint point here also.

49
00:04:24,600 --> 00:04:31,830
And I'm also keeping a breakpoint here to show you that my code will not stop here because I'm not going

50
00:04:31,830 --> 00:04:34,770
to use the user details, service, all those things.

51
00:04:35,040 --> 00:04:40,200
My code will directly call from my provider manager to this provider.

52
00:04:40,200 --> 00:04:43,710
We call with the authentication parameter here.

53
00:04:43,710 --> 00:04:51,360
I just wanted to show you I'm not following any user details are user details service and even I can

54
00:04:51,360 --> 00:04:54,840
ignore this password and so I can have my own implementation.

55
00:04:54,840 --> 00:04:59,920
I'm just showing this code so that we can have a mix of all.

56
00:05:00,000 --> 00:05:05,460
The things also like in that I'm just delivering password and quarter, but not leveraging any user

57
00:05:05,460 --> 00:05:06,750
details or user details.

58
00:05:07,200 --> 00:05:11,790
It's up to us to write inside this method, whatever we want.

59
00:05:12,090 --> 00:05:16,110
But at the end of the authentication happens.

60
00:05:16,350 --> 00:05:19,830
We have to return the object of authentication.

61
00:05:19,980 --> 00:05:27,450
So now let's try to go to browser and call my account service with the credentials or credentials are

62
00:05:27,540 --> 00:05:28,200
happy.

63
00:05:28,510 --> 00:05:30,420
A great example.

64
00:05:30,670 --> 00:05:33,830
Dot com password is one, two, three, four, five.

65
00:05:34,400 --> 00:05:43,470
Now you can see, as I was saying, the filters will intercept my request and they will call the authentication

66
00:05:43,470 --> 00:05:43,980
manager.

67
00:05:44,190 --> 00:05:49,650
So in this scenario, provider manager is the implementation of authentication manager.

68
00:05:49,800 --> 00:05:58,090
So they will call provider manager dot authenticate and this will internally call authenticate matter.

69
00:05:58,590 --> 00:06:01,490
Here you can see it is inside for Loop.

70
00:06:01,890 --> 00:06:09,030
And let's try to see what all providers available is only one provider available, which is of easy

71
00:06:09,030 --> 00:06:13,240
bank username, password authentication provider, which we have implemented.

72
00:06:13,470 --> 00:06:21,360
But if you have implemented three or four, all of them will be shown here and the provider manager

73
00:06:21,540 --> 00:06:29,460
will make sure it is covering all the providers it reaches a successful authentication or invalid authentication.

74
00:06:29,700 --> 00:06:37,590
So in this scenario, since my test is of data type username password authentication token, which is

75
00:06:37,590 --> 00:06:44,130
supported by my provider, is a bank user name ID up to the Atlantic Ocean provider, it is allowing

76
00:06:44,130 --> 00:06:48,070
to pass for the end once I release this breakpoint.

77
00:06:48,390 --> 00:06:52,440
This will call my authenticate implementation method.

78
00:06:52,630 --> 00:07:00,480
And here you can see all the code will be executed successfully and you will get a response, whatever

79
00:07:00,480 --> 00:07:02,000
we have mentioned in the back.

80
00:07:02,550 --> 00:07:10,830
This is how we should implement authentication provider and already a method of authentication as part

81
00:07:10,830 --> 00:07:11,770
of our requirement.

82
00:07:12,090 --> 00:07:20,070
So we have seen all the details about authentication provider, how to create them, and how authentication

83
00:07:20,070 --> 00:07:27,030
manager implementations like provider manager will call all the providers that we have defined one by

84
00:07:27,030 --> 00:07:33,450
one and how the authentication happens by citing security as part of logic written inside the authenticate

85
00:07:33,450 --> 00:07:33,810
method.

86
00:07:34,140 --> 00:07:36,120
I hope this is making sense to you.

87
00:07:36,270 --> 00:07:39,090
And I'll also attach this code to this video.

88
00:07:39,360 --> 00:07:45,500
Please download it and do Hanton and if you have any questions, please post in the Q&A section.

89
00:07:45,810 --> 00:07:46,500
Thank you.

90
00:07:46,500 --> 00:07:48,780
And I will see you in the next section, but.