Search in sources :

Example 1 with OAuthUserInfo

use of com.google.gerrit.extensions.auth.oauth.OAuthUserInfo in project gerrit by GerritCodeReview.

the class OAuthRealm method authenticate.

/**
   * Authenticates with the {@link OAuthLoginProvider} specified in the authentication request.
   *
   * <p>{@link AccountManager} calls this method without password if authenticity of the user has
   * already been established. In that case we can skip the authentication request to the {@code
   * OAuthLoginService}.
   *
   * @param who the authentication request.
   * @return the authentication request with resolved email address and display name in case the
   *     authenticity of the user could be established; otherwise {@code who} is returned unchanged.
   * @throws AccountException if the authentication request with the OAuth2 server failed or no
   *     {@code OAuthLoginProvider} was available to handle the request.
   */
@Override
public AuthRequest authenticate(AuthRequest who) throws AccountException {
    if (Strings.isNullOrEmpty(who.getPassword())) {
        return who;
    }
    if (Strings.isNullOrEmpty(who.getAuthPlugin()) || Strings.isNullOrEmpty(who.getAuthProvider())) {
        throw new AccountException("Cannot authenticate");
    }
    OAuthLoginProvider loginProvider = loginProviders.get(who.getAuthPlugin(), who.getAuthProvider());
    if (loginProvider == null) {
        throw new AccountException("Cannot authenticate");
    }
    OAuthUserInfo userInfo;
    try {
        userInfo = loginProvider.login(who.getUserName(), who.getPassword());
    } catch (IOException e) {
        throw new AccountException("Cannot authenticate", e);
    }
    if (userInfo == null) {
        throw new AccountException("Cannot authenticate");
    }
    if (!Strings.isNullOrEmpty(userInfo.getEmailAddress()) && (Strings.isNullOrEmpty(who.getUserName()) || !allowsEdit(AccountFieldName.REGISTER_NEW_EMAIL))) {
        who.setEmailAddress(userInfo.getEmailAddress());
    }
    if (!Strings.isNullOrEmpty(userInfo.getDisplayName()) && (Strings.isNullOrEmpty(who.getDisplayName()) || !allowsEdit(AccountFieldName.FULL_NAME))) {
        who.setDisplayName(userInfo.getDisplayName());
    }
    return who;
}
Also used : AccountException(com.google.gerrit.server.account.AccountException) OAuthUserInfo(com.google.gerrit.extensions.auth.oauth.OAuthUserInfo) IOException(java.io.IOException) OAuthLoginProvider(com.google.gerrit.extensions.auth.oauth.OAuthLoginProvider)

Aggregations

OAuthLoginProvider (com.google.gerrit.extensions.auth.oauth.OAuthLoginProvider)1 OAuthUserInfo (com.google.gerrit.extensions.auth.oauth.OAuthUserInfo)1 AccountException (com.google.gerrit.server.account.AccountException)1 IOException (java.io.IOException)1