Example 1 with AccountLockBO
use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.
the class AuthenticationServiceImpl method authenticate.
@Override
public Optional<AuthResponseBO> authenticate(final AuthRequestBO authRequest, final RequestContextBO requestContext) {
final AuthResponseBO tokens = exchangeService.exchange(authRequest, FROM_TOKEN_TYPE, generateTokenType, requestContext);
final Collection<AccountLockBO> locks = accountLocksService.getActiveLocksByAccountId(tokens.getEntityId());
if (locks == null || locks.isEmpty()) {
return Optional.of(tokens);
} else {
throw new ServiceAuthorizationException(ErrorCode.ACCOUNT_IS_LOCKED, "There is an active lock on account " + tokens.getEntityId());
}
}
Also used :
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO)
ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)
Example 2 with AccountLockBO
use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.
the class AccountLocker method processAuthMessage.
private void processAuthMessage(final AuthMessage authMessage) {
if (authMessage.getEntityType() == EntityType.ACCOUNT) {
final OffsetDateTime now = OffsetDateTime.now();
final OffsetDateTime from = now.minusMinutes(config.getCheckPeriod());
exchangeAttemptsRepository.findByEntityAndTimestamp(authMessage.getEntityId(), from).thenAccept(attempts -> {
final long failedCount = attempts.stream().filter(attempt -> !attempt.isSuccessful()).count();
if (failedCount >= config.getMaxAttempts()) {
LOG.info("Account {} had {} failed attempts in the past {} minutes; a lock will be placed", authMessage.getEntityId(), attempts.size(), config.getCheckPeriod());
final AccountLockBO lock = AccountLockBO.builder().accountId(authMessage.getEntityId()).expiresAt(now.plusMinutes(config.getLockPeriod())).build();
accountLocksService.create(lock);
}
});
} else {
LOG.info("Skipping entity auth message for entity of type {}", authMessage.getEntityType());
}
}
Also used :
Logger(org.slf4j.Logger)
EntityType(com.nexblocks.authguard.service.model.EntityType)
Inject(com.google.inject.Inject)
LoggerFactory(org.slf4j.LoggerFactory)
EventType(com.nexblocks.authguard.emb.model.EventType)
MessageSubscriber(com.nexblocks.authguard.emb.MessageSubscriber)
OffsetDateTime(java.time.OffsetDateTime)
AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage)
Channel(com.nexblocks.authguard.emb.annotations.Channel)
ExchangeAttemptsRepository(com.nexblocks.authguard.dal.persistence.ExchangeAttemptsRepository)
Message(com.nexblocks.authguard.emb.model.Message)
ConfigContext(com.nexblocks.authguard.config.ConfigContext)
Named(com.google.inject.name.Named)
ImmutableAccountLockerConfig(com.nexblocks.authguard.extensions.config.ImmutableAccountLockerConfig)
AccountLocksService(com.nexblocks.authguard.service.AccountLocksService)
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
OffsetDateTime(java.time.OffsetDateTime)
Example 3 with AccountLockBO
use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.
the class AccountLockerTest method onMessageLock.
@Test
void onMessageLock() {
// data
final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
final Message<Object> message = Message.builder().eventType(EventType.AUTHENTICATION).bodyType(AuthMessage.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
// mocks
Mockito.when(exchangeAttemptsRepository.findByEntityAndTimestamp(Mockito.any(), Mockito.any())).thenReturn(CompletableFuture.completedFuture(Arrays.asList(ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build())));
// call
accountLocker.onMessage(message);
// verify
final ArgumentCaptor<OffsetDateTime> timeArgumentCaptor = ArgumentCaptor.forClass(OffsetDateTime.class);
final ArgumentCaptor<AccountLockBO> accountLockArgumentCaptor = ArgumentCaptor.forClass(AccountLockBO.class);
Mockito.verify(exchangeAttemptsRepository).findByEntityAndTimestamp(Mockito.eq("account"), timeArgumentCaptor.capture());
assertThat(timeArgumentCaptor.getValue()).isBetween(OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).minusMinutes(1), OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).plusMinutes(1));
Mockito.verify(accountLocksService).create(accountLockArgumentCaptor.capture());
assertThat(accountLockArgumentCaptor.getValue().getAccountId()).isEqualTo(authMessage.getEntityId());
assertThat(accountLockArgumentCaptor.getValue().getExpiresAt()).isBetween(OffsetDateTime.now().plusMinutes(config.getLockPeriod()).minusMinutes(1), OffsetDateTime.now().plusMinutes(config.getLockPeriod()).plusMinutes(1));
}
Also used :
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
OffsetDateTime(java.time.OffsetDateTime)
AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage)
Test(org.junit.jupiter.api.Test)
Example 4 with AccountLockBO
use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.
the class AccountLocksServiceImplTest method getActiveLocksByAccountId.
@Test
void getActiveLocksByAccountId() {
final OffsetDateTime now = OffsetDateTime.now();
Mockito.when(repository.findByAccountId("account")).thenReturn(CompletableFuture.completedFuture(Arrays.asList(AccountLockDO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build(), AccountLockDO.builder().accountId("account").expiresAt(now.minusMinutes(1)).build())));
final Collection<AccountLockBO> actual = service.getActiveLocksByAccountId("account");
final Collection<AccountLockBO> expected = Collections.singletonList(AccountLockBO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build());
assertThat(actual).isEqualTo(expected);
}
Also used :
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
OffsetDateTime(java.time.OffsetDateTime)
Test(org.junit.jupiter.api.Test)
Example 5 with AccountLockBO
use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.
the class AccountLocksServiceImplTest method delete.
@Test
void delete() {
final OffsetDateTime now = OffsetDateTime.now();
Mockito.when(repository.delete("lock")).thenReturn(CompletableFuture.completedFuture(Optional.of(AccountLockDO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build())));
final Optional<AccountLockBO> actual = service.delete("lock");
final AccountLockBO expected = AccountLockBO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build();
assertThat(actual).contains(expected);
}
Also used :
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
OffsetDateTime(java.time.OffsetDateTime)
Test(org.junit.jupiter.api.Test)
Aggregations
AccountLockBO (com.nexblocks.authguard.service.model.AccountLockBO)5
OffsetDateTime (java.time.OffsetDateTime)4
Test (org.junit.jupiter.api.Test)3
AuthMessage (com.nexblocks.authguard.service.messaging.AuthMessage)2
Inject (com.google.inject.Inject)1
Named (com.google.inject.name.Named)1
ConfigContext (com.nexblocks.authguard.config.ConfigContext)1
ExchangeAttemptsRepository (com.nexblocks.authguard.dal.persistence.ExchangeAttemptsRepository)1
MessageSubscriber (com.nexblocks.authguard.emb.MessageSubscriber)1
Channel (com.nexblocks.authguard.emb.annotations.Channel)1
EventType (com.nexblocks.authguard.emb.model.EventType)1
Message (com.nexblocks.authguard.emb.model.Message)1
ImmutableAccountLockerConfig (com.nexblocks.authguard.extensions.config.ImmutableAccountLockerConfig)1
AccountLocksService (com.nexblocks.authguard.service.AccountLocksService)1
ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)1
AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)1
EntityType (com.nexblocks.authguard.service.model.EntityType)1
Logger (org.slf4j.Logger)1
LoggerFactory (org.slf4j.LoggerFactory)1
