Search in sources :

Example 1 with AccountLockBO

use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.

the class AuthenticationServiceImpl method authenticate.

@Override
public Optional<AuthResponseBO> authenticate(final AuthRequestBO authRequest, final RequestContextBO requestContext) {
    final AuthResponseBO tokens = exchangeService.exchange(authRequest, FROM_TOKEN_TYPE, generateTokenType, requestContext);
    final Collection<AccountLockBO> locks = accountLocksService.getActiveLocksByAccountId(tokens.getEntityId());
    if (locks == null || locks.isEmpty()) {
        return Optional.of(tokens);
    } else {
        throw new ServiceAuthorizationException(ErrorCode.ACCOUNT_IS_LOCKED, "There is an active lock on account " + tokens.getEntityId());
    }
}
Also used : AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)

Example 2 with AccountLockBO

use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.

the class AccountLocker method processAuthMessage.

private void processAuthMessage(final AuthMessage authMessage) {
    if (authMessage.getEntityType() == EntityType.ACCOUNT) {
        final OffsetDateTime now = OffsetDateTime.now();
        final OffsetDateTime from = now.minusMinutes(config.getCheckPeriod());
        exchangeAttemptsRepository.findByEntityAndTimestamp(authMessage.getEntityId(), from).thenAccept(attempts -> {
            final long failedCount = attempts.stream().filter(attempt -> !attempt.isSuccessful()).count();
            if (failedCount >= config.getMaxAttempts()) {
                LOG.info("Account {} had {} failed attempts in the past {} minutes; a lock will be placed", authMessage.getEntityId(), attempts.size(), config.getCheckPeriod());
                final AccountLockBO lock = AccountLockBO.builder().accountId(authMessage.getEntityId()).expiresAt(now.plusMinutes(config.getLockPeriod())).build();
                accountLocksService.create(lock);
            }
        });
    } else {
        LOG.info("Skipping entity auth message for entity of type {}", authMessage.getEntityType());
    }
}
Also used : Logger(org.slf4j.Logger) EntityType(com.nexblocks.authguard.service.model.EntityType) Inject(com.google.inject.Inject) LoggerFactory(org.slf4j.LoggerFactory) EventType(com.nexblocks.authguard.emb.model.EventType) MessageSubscriber(com.nexblocks.authguard.emb.MessageSubscriber) OffsetDateTime(java.time.OffsetDateTime) AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage) Channel(com.nexblocks.authguard.emb.annotations.Channel) ExchangeAttemptsRepository(com.nexblocks.authguard.dal.persistence.ExchangeAttemptsRepository) Message(com.nexblocks.authguard.emb.model.Message) ConfigContext(com.nexblocks.authguard.config.ConfigContext) Named(com.google.inject.name.Named) ImmutableAccountLockerConfig(com.nexblocks.authguard.extensions.config.ImmutableAccountLockerConfig) AccountLocksService(com.nexblocks.authguard.service.AccountLocksService) AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO) AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO) OffsetDateTime(java.time.OffsetDateTime)

Example 3 with AccountLockBO

use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.

the class AccountLockerTest method onMessageLock.

@Test
void onMessageLock() {
    // data
    final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
    final Message<Object> message = Message.builder().eventType(EventType.AUTHENTICATION).bodyType(AuthMessage.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
    // mocks
    Mockito.when(exchangeAttemptsRepository.findByEntityAndTimestamp(Mockito.any(), Mockito.any())).thenReturn(CompletableFuture.completedFuture(Arrays.asList(ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build())));
    // call
    accountLocker.onMessage(message);
    // verify
    final ArgumentCaptor<OffsetDateTime> timeArgumentCaptor = ArgumentCaptor.forClass(OffsetDateTime.class);
    final ArgumentCaptor<AccountLockBO> accountLockArgumentCaptor = ArgumentCaptor.forClass(AccountLockBO.class);
    Mockito.verify(exchangeAttemptsRepository).findByEntityAndTimestamp(Mockito.eq("account"), timeArgumentCaptor.capture());
    assertThat(timeArgumentCaptor.getValue()).isBetween(OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).minusMinutes(1), OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).plusMinutes(1));
    Mockito.verify(accountLocksService).create(accountLockArgumentCaptor.capture());
    assertThat(accountLockArgumentCaptor.getValue().getAccountId()).isEqualTo(authMessage.getEntityId());
    assertThat(accountLockArgumentCaptor.getValue().getExpiresAt()).isBetween(OffsetDateTime.now().plusMinutes(config.getLockPeriod()).minusMinutes(1), OffsetDateTime.now().plusMinutes(config.getLockPeriod()).plusMinutes(1));
}
Also used : AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO) OffsetDateTime(java.time.OffsetDateTime) AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage) Test(org.junit.jupiter.api.Test)

Example 4 with AccountLockBO

use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.

the class AccountLocksServiceImplTest method getActiveLocksByAccountId.

@Test
void getActiveLocksByAccountId() {
    final OffsetDateTime now = OffsetDateTime.now();
    Mockito.when(repository.findByAccountId("account")).thenReturn(CompletableFuture.completedFuture(Arrays.asList(AccountLockDO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build(), AccountLockDO.builder().accountId("account").expiresAt(now.minusMinutes(1)).build())));
    final Collection<AccountLockBO> actual = service.getActiveLocksByAccountId("account");
    final Collection<AccountLockBO> expected = Collections.singletonList(AccountLockBO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build());
    assertThat(actual).isEqualTo(expected);
}
Also used : AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO) OffsetDateTime(java.time.OffsetDateTime) Test(org.junit.jupiter.api.Test)

Example 5 with AccountLockBO

use of com.nexblocks.authguard.service.model.AccountLockBO in project AuthGuard by AuthGuard.

the class AccountLocksServiceImplTest method delete.

@Test
void delete() {
    final OffsetDateTime now = OffsetDateTime.now();
    Mockito.when(repository.delete("lock")).thenReturn(CompletableFuture.completedFuture(Optional.of(AccountLockDO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build())));
    final Optional<AccountLockBO> actual = service.delete("lock");
    final AccountLockBO expected = AccountLockBO.builder().accountId("account").expiresAt(now.plusMinutes(5)).build();
    assertThat(actual).contains(expected);
}
Also used : AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO) OffsetDateTime(java.time.OffsetDateTime) Test(org.junit.jupiter.api.Test)

Aggregations

AccountLockBO (com.nexblocks.authguard.service.model.AccountLockBO)5 OffsetDateTime (java.time.OffsetDateTime)4 Test (org.junit.jupiter.api.Test)3 AuthMessage (com.nexblocks.authguard.service.messaging.AuthMessage)2 Inject (com.google.inject.Inject)1 Named (com.google.inject.name.Named)1 ConfigContext (com.nexblocks.authguard.config.ConfigContext)1 ExchangeAttemptsRepository (com.nexblocks.authguard.dal.persistence.ExchangeAttemptsRepository)1 MessageSubscriber (com.nexblocks.authguard.emb.MessageSubscriber)1 Channel (com.nexblocks.authguard.emb.annotations.Channel)1 EventType (com.nexblocks.authguard.emb.model.EventType)1 Message (com.nexblocks.authguard.emb.model.Message)1 ImmutableAccountLockerConfig (com.nexblocks.authguard.extensions.config.ImmutableAccountLockerConfig)1 AccountLocksService (com.nexblocks.authguard.service.AccountLocksService)1 ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)1 AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)1 EntityType (com.nexblocks.authguard.service.model.EntityType)1 Logger (org.slf4j.Logger)1 LoggerFactory (org.slf4j.LoggerFactory)1