Example 1 with ClientSecretEntity
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class MembersManagerImpl method getClient.
@Override
public Client getClient(String clientId) {
Client result = new Client();
ClientDetailsEntity clientDetailsEntity = clientDetailsManager.findByClientId(clientId);
if (clientDetailsEntity != null) {
result = Client.valueOf(clientDetailsEntity);
//Set member name
result.setMemberName(Text.valueOf(clientDetailsManager.getMemberName(clientId)));
//Set client secret
if (clientDetailsEntity.getClientSecrets() != null) {
for (ClientSecretEntity secret : clientDetailsEntity.getClientSecrets()) {
if (secret.isPrimary()) {
result.setClientSecret(Text.valueOf(encryptionManager.decryptForInternalUse(secret.getClientSecret())));
}
}
}
} else {
result.getErrors().add(getMessage("admin.edit_client.invalid_orcid"));
}
return result;
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
ClientSecretEntity(org.orcid.persistence.jpa.entities.ClientSecretEntity)
OrcidClient(org.orcid.jaxb.model.clientgroup.OrcidClient)
Client(org.orcid.pojo.ajaxForm.Client)
Example 2 with ClientSecretEntity
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class OrcidMultiSecretAuthenticationProvider method additionalAuthenticationChecks.
@SuppressWarnings("deprecation")
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
if (authentication.getCredentials() == null) {
logger.debug("Authentication failed: no credentials provided");
throw new BadCredentialsException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
String presentedPassword = authentication.getCredentials().toString();
ClientDetailsEntity clientDetailsEntity = clientDetailsManager.findByClientId(userDetails.getUsername());
for (ClientSecretEntity clientSecretEntity : clientDetailsEntity.getClientSecrets()) {
if (getPasswordEncoder().isPasswordValid(encryptionManager.decryptForInternalUse(clientSecretEntity.getClientSecret()), presentedPassword, null)) {
return;
}
}
logger.debug("Authentication failed: password does not match any value");
throw new BadCredentialsException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
ClientSecretEntity(org.orcid.persistence.jpa.entities.ClientSecretEntity)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Example 3 with ClientSecretEntity
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class SSOCredentials method toSSOCredentials.
public static SSOCredentials toSSOCredentials(ClientDetailsEntity clientDetails) {
SSOCredentials result = new SSOCredentials();
if (clientDetails != null) {
result.setClientName(Text.valueOf(clientDetails.getClientName()));
result.setClientDescription(Text.valueOf(clientDetails.getClientDescription()));
result.setClientWebsite(Text.valueOf(clientDetails.getClientWebsite()));
if (clientDetails.getClientSecrets() != null) {
for (ClientSecretEntity clientSecret : clientDetails.getClientSecrets()) {
if (clientSecret.isPrimary())
result.setClientSecret(Text.valueOf(clientSecret.getDecryptedClientSecret()));
}
}
result.setClientOrcid(Text.valueOf(clientDetails.getClientId()));
if (clientDetails.getClientRegisteredRedirectUris() != null && !clientDetails.getClientRegisteredRedirectUris().isEmpty()) {
result.redirectUris = new TreeSet<RedirectUri>();
for (ClientRedirectUriEntity redirectUri : clientDetails.getClientRegisteredRedirectUris()) {
if (RedirectUriType.SSO_AUTHENTICATION.value().equals(redirectUri.getRedirectUriType())) {
RedirectUri rUri = new RedirectUri();
rUri.setValue(Text.valueOf(redirectUri.getRedirectUri()));
result.redirectUris.add(rUri);
}
}
}
}
return result;
}
Also used :
ClientSecretEntity(org.orcid.persistence.jpa.entities.ClientSecretEntity)
ClientRedirectUriEntity(org.orcid.persistence.jpa.entities.ClientRedirectUriEntity)
Example 4 with ClientSecretEntity
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class UpdateSecretKeyStatus method getNewestClientSecret.
public ClientSecretEntity getNewestClientSecret(Set<ClientSecretEntity> clientSecrets) {
ClientSecretEntity latest = null;
if (clientSecrets != null && !clientSecrets.isEmpty()) {
Iterator<ClientSecretEntity> it = clientSecrets.iterator();
while (it.hasNext()) {
ClientSecretEntity actual = it.next();
if (latest != null) {
Date actualLatest = latest.getDateCreated();
Date newLatest = actual.getDateCreated();
if (actualLatest.compareTo(newLatest) < 0) {
latest = actual;
}
} else {
latest = actual;
}
}
}
return latest;
}
Also used :
ClientSecretEntity(org.orcid.persistence.jpa.entities.ClientSecretEntity)
Date(java.util.Date)
Example 5 with ClientSecretEntity
use of org.orcid.persistence.jpa.entities.ClientSecretEntity in project ORCID-Source by ORCID.
the class OrcidSSOManagerImpl method getUserCredentials.
@Override
public ClientDetailsEntity getUserCredentials(String orcid) {
ClientDetailsEntity existingClientDetails = clientDetailsManager.getPublicClient(orcid);
if (existingClientDetails != null) {
SortedSet<ClientRedirectUriEntity> allRedirectUris = existingClientDetails.getClientRegisteredRedirectUris();
SortedSet<ClientRedirectUriEntity> onlySSORedirectUris = new TreeSet<ClientRedirectUriEntity>();
if (allRedirectUris != null) {
for (ClientRedirectUriEntity rUri : allRedirectUris) {
// Leave only the redirect uris used for SSO authentication
if (SSO_REDIRECT_URI_TYPE.equals(rUri.getRedirectUriType())) {
onlySSORedirectUris.add(rUri);
}
}
}
existingClientDetails.setClientRegisteredRedirectUris(onlySSORedirectUris);
if (existingClientDetails.getClientSecrets() != null) {
for (ClientSecretEntity clientSecret : existingClientDetails.getClientSecrets()) {
clientSecret.setDecryptedClientSecret(encryptionManager.decryptForInternalUse(clientSecret.getClientSecret()));
}
}
}
return existingClientDetails;
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
TreeSet(java.util.TreeSet)
ClientSecretEntity(org.orcid.persistence.jpa.entities.ClientSecretEntity)
ClientRedirectUriEntity(org.orcid.persistence.jpa.entities.ClientRedirectUriEntity)
Aggregations
ClientSecretEntity (org.orcid.persistence.jpa.entities.ClientSecretEntity)14
ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)10
Date (java.util.Date)5
HashSet (java.util.HashSet)5
ClientRedirectUriEntity (org.orcid.persistence.jpa.entities.ClientRedirectUriEntity)5
Transactional (org.springframework.transaction.annotation.Transactional)4
TreeSet (java.util.TreeSet)3
HashMap (java.util.HashMap)2
Map (java.util.Map)2
MapperFactory (ma.glasnost.orika.MapperFactory)2
MappingContext (ma.glasnost.orika.MappingContext)2
DefaultMapperFactory (ma.glasnost.orika.impl.DefaultMapperFactory)2
ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)2
Test (org.junit.Test)1
BaseControllerTest (org.orcid.frontend.web.util.BaseControllerTest)1
Client (org.orcid.jaxb.model.client_v2.Client)1
ClientRedirectUri (org.orcid.jaxb.model.client_v2.ClientRedirectUri)1
ClientSummary (org.orcid.jaxb.model.client_v2.ClientSummary)1
OrcidClient (org.orcid.jaxb.model.clientgroup.OrcidClient)1
FuzzyDate (org.orcid.jaxb.model.common_v2.FuzzyDate)1
