Example 1 with OAuth2AccessTokenResult
use of com.haulmont.restapi.auth.OAuthTokenIssuer.OAuth2AccessTokenResult in project cuba by cuba-platform.
the class LdapAuthController method postAccessToken.
@RequestMapping(value = "/v2/ldap/token", method = RequestMethod.POST)
public ResponseEntity<OAuth2AccessToken> postAccessToken(Principal principal, @RequestParam Map<String, String> parameters, HttpServletRequest request) throws HttpRequestMethodNotSupportedException {
if (!ldapConfig.getLdapEnabled()) {
log.debug("LDAP authentication is disabled. Property cuba.rest.ldap.enabled is false");
throw new InvalidGrantException("LDAP is not supported");
}
if (!(principal instanceof Authentication)) {
throw new InsufficientAuthenticationException("There is no client authentication. Try adding an appropriate authentication filter.");
}
String grantType = parameters.get(OAuth2Utils.GRANT_TYPE);
if (!"password".equals(grantType)) {
throw new InvalidGrantException("grant type not supported for ldap/token endpoint");
}
String username = parameters.get("username");
if (restApiConfig.getStandardAuthenticationUsers().contains(username)) {
log.info("User {} is not allowed to use external login in REST API", username);
throw new BadCredentialsException("Bad credentials");
}
String ipAddress = request.getRemoteAddr();
String password = parameters.get("password");
OAuth2AccessTokenResult tokenResult = authenticate(username, password, request.getLocale(), ipAddress, parameters);
return ResponseEntity.ok(tokenResult.getAccessToken());
}
Also used :
OAuth2AccessTokenResult(com.haulmont.restapi.auth.OAuthTokenIssuer.OAuth2AccessTokenResult)
Authentication(org.springframework.security.core.Authentication)
InsufficientAuthenticationException(org.springframework.security.authentication.InsufficientAuthenticationException)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
InvalidGrantException(org.springframework.security.oauth2.common.exceptions.InvalidGrantException)
Example 2 with OAuth2AccessTokenResult
use of com.haulmont.restapi.auth.OAuthTokenIssuer.OAuth2AccessTokenResult in project cuba by cuba-platform.
the class IdpAuthController method postAccessToken.
@PostMapping(value = "/v2/idp/token")
public ResponseEntity<OAuth2AccessToken> postAccessToken(Principal principal, @RequestParam Map<String, String> parameters, HttpServletRequest request) throws HttpRequestMethodNotSupportedException {
if (!idpConfig.getIdpEnabled()) {
log.debug("IDP authentication is disabled. Property cuba.rest.idp.enabled is false");
throw new InvalidGrantException("IDP is not supported");
}
if (!(principal instanceof Authentication)) {
throw new InsufficientAuthenticationException("There is no client authentication. Try adding an appropriate authentication filter.");
}
// we cannot perform brute-force check here, since we don't know username
String idpTicket = parameters.get("idp_ticket");
String ipAddress = request.getRemoteAddr();
OAuth2AccessTokenResult tokenResult = authenticate(idpTicket, request.getLocale(), ipAddress, parameters);
return ResponseEntity.ok(tokenResult.getAccessToken());
}
Also used :
OAuth2AccessTokenResult(com.haulmont.restapi.auth.OAuthTokenIssuer.OAuth2AccessTokenResult)
Authentication(org.springframework.security.core.Authentication)
InsufficientAuthenticationException(org.springframework.security.authentication.InsufficientAuthenticationException)
InvalidGrantException(org.springframework.security.oauth2.common.exceptions.InvalidGrantException)
Aggregations
OAuth2AccessTokenResult (com.haulmont.restapi.auth.OAuthTokenIssuer.OAuth2AccessTokenResult)2
InsufficientAuthenticationException (org.springframework.security.authentication.InsufficientAuthenticationException)2
Authentication (org.springframework.security.core.Authentication)2
InvalidGrantException (org.springframework.security.oauth2.common.exceptions.InvalidGrantException)2
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
