Add call attributes to the authentication if no details are present

grpc-server-spring-boot-autoconfigure/src/main/java/net/devh/boot/grpc/server/security/interceptors/AuthenticatingServerInterceptor.java

@@ -21,6 +21,7 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
@@ -69,6 +70,12 @@ public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(final ServerCall<Re
                 throw new BadCredentialsException("No credentials found in the request", e);
             }
         }
+        if (authentication.getDetails() == null && authentication instanceof AbstractAuthenticationToken) {
+            // Append call attributes to the authentication request.
+            // This gives the AuthenticationManager access to information like remote and local address.
+            // It can then decide whether it wants to use its own user details or the attributes.
+            ((AbstractAuthenticationToken) authentication).setDetails(call.getAttributes());
+        }
         log.debug("Credentials found: Authenticating...");
         authentication = this.authenticationManager.authenticate(authentication);
         SecurityContextHolder.getContext().setAuthentication(authentication);