Search in sources :

Example 1 with VerifiedEmailAuthToken

use of com.enonic.xp.security.auth.VerifiedEmailAuthToken in project xp by enonic.

the class SecurityServiceImplTest method testAuthenticateByEmail.

@Test
public void testAuthenticateByEmail() throws Exception {
    runAsAdmin(() -> {
        final CreateUserParams createUser = CreateUserParams.create().userKey(PrincipalKey.ofUser(SYSTEM, "User1")).displayName("User 1").email("user1@enonic.com").login("User1").password("password").build();
        final User user = securityService.createUser(createUser);
        refresh();
        final VerifiedEmailAuthToken authToken = new VerifiedEmailAuthToken();
        authToken.setEmail("user1@enonic.com");
        authToken.setIdProvider(SYSTEM);
        final AuthenticationInfo authInfo = securityService.authenticate(authToken);
        assertTrue(authInfo.isAuthenticated());
        assertEquals(user.getKey(), authInfo.getUser().getKey());
    });
}
Also used : CreateUserParams(com.enonic.xp.security.CreateUserParams) User(com.enonic.xp.security.User) VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo) AbstractElasticsearchIntegrationTest(com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 2 with VerifiedEmailAuthToken

use of com.enonic.xp.security.auth.VerifiedEmailAuthToken in project xp by enonic.

the class SecurityServiceImpl method authenticate.

@Override
public AuthenticationInfo authenticate(final AuthenticationToken token) {
    if (!(token instanceof VerifiedUsernameAuthToken) && !(token instanceof VerifiedEmailAuthToken)) {
        addRandomDelay();
    }
    if (isSuAuthenticationEnabled(token)) {
        return authenticateSu((UsernamePasswordAuthToken) token);
    }
    if (token.getIdProvider() != null) {
        return doAuthenticate(token);
    } else {
        final IdProviders idProviders = callAsAuthenticated(this::getIdProviders);
        for (IdProvider idProvider : idProviders) {
            token.setIdProvider(idProvider.getKey());
            final AuthenticationInfo authInfo = doAuthenticate(token);
            if (authInfo.isAuthenticated()) {
                return authInfo;
            }
        }
        return AuthenticationInfo.unAuthenticated();
    }
}
Also used : IdProviders(com.enonic.xp.security.IdProviders) VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken) IdProvider(com.enonic.xp.security.IdProvider) VerifiedUsernameAuthToken(com.enonic.xp.security.auth.VerifiedUsernameAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)

Example 3 with VerifiedEmailAuthToken

use of com.enonic.xp.security.auth.VerifiedEmailAuthToken in project xp by enonic.

the class LoginHandler method authenticate.

private AuthenticationInfo authenticate(IdProviderKey idProvider) {
    AuthenticationInfo authInfo = null;
    if (isValidEmail(this.user)) {
        if (this.skipAuth) {
            final VerifiedEmailAuthToken verifiedEmailAuthToken = new VerifiedEmailAuthToken();
            verifiedEmailAuthToken.setEmail(this.user);
            verifiedEmailAuthToken.setIdProvider(idProvider);
            authInfo = runAsAuthenticated(() -> this.securityService.get().authenticate(verifiedEmailAuthToken));
        } else {
            final EmailPasswordAuthToken emailAuthToken = new EmailPasswordAuthToken();
            emailAuthToken.setEmail(this.user);
            emailAuthToken.setPassword(this.password);
            emailAuthToken.setIdProvider(idProvider);
            authInfo = runAsAuthenticated(() -> this.securityService.get().authenticate(emailAuthToken));
        }
    }
    if (authInfo == null || !authInfo.isAuthenticated()) {
        if (this.skipAuth) {
            final VerifiedUsernameAuthToken usernameAuthToken = new VerifiedUsernameAuthToken();
            usernameAuthToken.setUsername(this.user);
            usernameAuthToken.setIdProvider(idProvider);
            authInfo = runAsAuthenticated(() -> this.securityService.get().authenticate(usernameAuthToken));
        } else {
            final UsernamePasswordAuthToken usernameAuthToken = new UsernamePasswordAuthToken();
            usernameAuthToken.setUsername(this.user);
            usernameAuthToken.setPassword(this.password);
            usernameAuthToken.setIdProvider(idProvider);
            authInfo = runAsAuthenticated(() -> this.securityService.get().authenticate(usernameAuthToken));
        }
    }
    return authInfo;
}
Also used : VerifiedEmailAuthToken(com.enonic.xp.security.auth.VerifiedEmailAuthToken) VerifiedUsernameAuthToken(com.enonic.xp.security.auth.VerifiedUsernameAuthToken) UsernamePasswordAuthToken(com.enonic.xp.security.auth.UsernamePasswordAuthToken) EmailPasswordAuthToken(com.enonic.xp.security.auth.EmailPasswordAuthToken) AuthenticationInfo(com.enonic.xp.security.auth.AuthenticationInfo)

Aggregations

AuthenticationInfo (com.enonic.xp.security.auth.AuthenticationInfo)3 VerifiedEmailAuthToken (com.enonic.xp.security.auth.VerifiedEmailAuthToken)3 VerifiedUsernameAuthToken (com.enonic.xp.security.auth.VerifiedUsernameAuthToken)2 AbstractElasticsearchIntegrationTest (com.enonic.xp.repo.impl.elasticsearch.AbstractElasticsearchIntegrationTest)1 CreateUserParams (com.enonic.xp.security.CreateUserParams)1 IdProvider (com.enonic.xp.security.IdProvider)1 IdProviders (com.enonic.xp.security.IdProviders)1 User (com.enonic.xp.security.User)1 EmailPasswordAuthToken (com.enonic.xp.security.auth.EmailPasswordAuthToken)1 UsernamePasswordAuthToken (com.enonic.xp.security.auth.UsernamePasswordAuthToken)1 Test (org.junit.jupiter.api.Test)1