Examples with SMPUnknownUserException com.helger.phoss.smp.exception.SMPUnknownUserException used on opensource projects

Example 1 with SMPUnknownUserException

use of com.helger.phoss.smp.exception.SMPUnknownUserException in project phoss-smp by phax.

the class SMPUserManagerPhoton method validateUserCredentials.

/**
 * Check if the provided credentials are valid. This checks if the user
 * exists, if it is not deleted, if the password matches and if the user is
 * not disabled. If valid, the resolved user is returned.
 *
 * @param aCredentials
 *        The credentials to check. May not be <code>null</code>.
 * @return <code>null</code> if something does wrong, the user on success
 *         only.
 * @throws SMPUnknownUserException
 *         if the user does not exist or if the user is marked as deleted.
 * @throws SMPUnauthorizedException
 *         If the password is invalid or if the user is marked as disabled
 */
@Nonnull
public static IUser validateUserCredentials(@Nonnull final BasicAuthClientCredentials aCredentials) throws SMPUnknownUserException, SMPUnauthorizedException {
    final IUserManager aUserMgr = PhotonSecurityManager.getUserMgr();
    final IUser aUser = aUserMgr.getUserOfLoginName(aCredentials.getUserName());
    if (aUser == null || aUser.isDeleted()) {
        // Deleted users are handled like non-existing users
        LOGGER.warn("Invalid login name provided: '" + aCredentials.getUserName() + "'");
        throw new SMPUnknownUserException(aCredentials.getUserName());
    }
    if (!aUserMgr.areUserIDAndPasswordValid(aUser.getID(), aCredentials.getPassword())) {
        LOGGER.warn("Invalid password provided for '" + aCredentials.getUserName() + "'");
        throw new SMPUnauthorizedException("Username and/or password are invalid!");
    }
    if (aUser.isDisabled()) {
        LOGGER.warn("User '" + aCredentials.getUserName() + "' is disabled");
        throw new SMPUnauthorizedException("User is disabled!");
    }
    return aUser;
}