Examples with NacosUser com.alibaba.nacos.plugin.auth.impl.users.NacosUser used on opensource projects

Example 1 with NacosUser

use of com.alibaba.nacos.plugin.auth.impl.users.NacosUser in project nacos by alibaba.

the class NacosAuthManager method login.

/**
 * Authentication of request, identify the user who request the resource.
 *
 * @param request where we can find the user information
 * @return user related to this request, null if no user info is found.
 * @throws AccessException if authentication is failed
 */
public User login(Object request) throws AccessException {
    HttpServletRequest req = (HttpServletRequest) request;
    String token = resolveToken(req);
    validate0(token);
    NacosUser user = getNacosUser(token);
    req.getSession().setAttribute(AuthConstants.NACOS_USER_KEY, user);
    req.getSession().setAttribute(com.alibaba.nacos.plugin.auth.constant.Constants.Identity.IDENTITY_ID, user.getUserName());
    return user;
}

Example 2 with NacosUser

use of com.alibaba.nacos.plugin.auth.impl.users.NacosUser in project nacos by alibaba.

the class NacosAuthPluginService method validateAuthority.

@Override
public Boolean validateAuthority(IdentityContext identityContext, Permission permission) throws AccessException {
    NacosUser user = (NacosUser) identityContext.getParameter(USER_IDENTITY_PARAM_KEY);
    nacosAuthManager.auth(permission, user);
    return true;
}

Example 3 with NacosUser

use of com.alibaba.nacos.plugin.auth.impl.users.NacosUser in project nacos by alibaba.

the class UserControllerTest method setUp.

@Before
public void setUp() throws Exception {
    userController = new UserController();
    user = new NacosUser();
    user.setUserName("nacos");
    user.setGlobalAdmin(true);
    user.setToken("1234567890");
    injectObject("authConfigs", authConfigs);
    injectObject("authManager", authManager);
    injectObject("nacosAuthConfig", nacosAuthConfig);
}

Example 4 with NacosUser

use of com.alibaba.nacos.plugin.auth.impl.users.NacosUser in project nacos by alibaba.

the class UserController method login.

/**
 * Login to Nacos
 *
 * <p>This methods uses username and password to require a new token.
 *
 * @param username username of user
 * @param password password
 * @param response http response
 * @param request  http request
 * @return new token of the user
 * @throws AccessException if user info is incorrect
 */
@PostMapping("/login")
public Object login(@RequestParam String username, @RequestParam String password, HttpServletResponse response, HttpServletRequest request) throws AccessException {
    if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType()) || AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
        NacosUser user = (NacosUser) authManager.login(request);
        response.addHeader(AuthConstants.AUTHORIZATION_HEADER, AuthConstants.TOKEN_PREFIX + user.getToken());
        ObjectNode result = JacksonUtils.createEmptyJsonNode();
        result.put(Constants.ACCESS_TOKEN, user.getToken());
        result.put(Constants.TOKEN_TTL, nacosAuthConfig.getTokenValidityInSeconds());
        result.put(Constants.GLOBAL_ADMIN, user.isGlobalAdmin());
        result.put(Constants.USERNAME, user.getUserName());
        return result;
    }
    // create Authentication class through username and password, the implement class is UsernamePasswordAuthenticationToken
    UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
    try {
        // use the method authenticate of AuthenticationManager(default implement is ProviderManager) to valid Authentication
        Authentication authentication = authenticationManager.authenticate(authenticationToken);
        // bind SecurityContext to Authentication
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // generate Token
        String token = jwtTokenManager.createToken(authentication);
        // write Token to Http header
        response.addHeader(AuthConstants.AUTHORIZATION_HEADER, "Bearer " + token);
        return RestResultUtils.success("Bearer " + token);
    } catch (BadCredentialsException authentication) {
        return RestResultUtils.failed(HttpStatus.UNAUTHORIZED.value(), null, "Login failed");
    }
}

Example 5 with NacosUser

use of com.alibaba.nacos.plugin.auth.impl.users.NacosUser in project nacos by alibaba.

the class NacosAuthManager method getNacosUser.

private NacosUser getNacosUser(String token) {
    Authentication authentication = tokenManager.getAuthentication(token);
    SecurityContextHolder.getContext().setAuthentication(authentication);
    String username = authentication.getName();
    NacosUser user = new NacosUser();
    user.setUserName(username);
    user.setToken(token);
    List<RoleInfo> roleInfoList = roleService.getRoles(username);
    if (roleInfoList != null) {
        for (RoleInfo roleInfo : roleInfoList) {
            if (roleInfo.getRole().equals(AuthConstants.GLOBAL_ADMIN_ROLE)) {
                user.setGlobalAdmin(true);
                break;
            }
        }
    }
    return user;
}