use of com.serotonin.m2m2.web.mvc.spring.security.authentication.JwtAuthentication in project ma-core-public by MangoAutomation.
the class MangoTokenAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (!(authentication instanceof BearerAuthenticationToken)) {
return null;
}
String bearerToken = (String) authentication.getCredentials();
User user;
Jws<Claims> jws;
try {
jws = tokenAuthenticationService.parse(bearerToken);
user = tokenAuthenticationService.verify(jws);
} catch (ExpiredJwtException e) {
throw new CredentialsExpiredException("JWT token expired", e);
} catch (UnsupportedJwtException | MalformedJwtException | IllegalArgumentException e) {
// assume that this is not a JWT, allow the next AuthenticationProvider to process it
return null;
} catch (SignatureException | MissingClaimException | IncorrectClaimException e) {
throw new BadCredentialsException("JWT signature verification error or claim incorrect", e);
} catch (NotFoundException e) {
throw new BadCredentialsException("Invalid username", e);
} catch (Exception e) {
throw new InternalAuthenticationServiceException("Error authenticating with JWT token", e);
}
userDetailsChecker.check(user);
if (log.isDebugEnabled()) {
log.debug("Successfully authenticated user using JWT token, header: " + jws.getHeader() + ", body: " + jws.getBody());
}
return new JwtAuthentication(user, bearerToken, jws, user.getAuthorities());
}
use of com.serotonin.m2m2.web.mvc.spring.security.authentication.JwtAuthentication in project ma-modules-public by infiniteautomation.
the class MangoWebSocketSessionTracker method afterConnectionEstablished.
public void afterConnectionEstablished(WebSocketSession session) {
String httpSessionId = this.httpSessionIdForSession(session);
if (httpSessionId != null) {
sessionsByHttpSessionId.put(httpSessionId, session);
}
PermissionHolder permissionHolder = this.userForSession(session);
Authentication authentication = this.authenticationForSession(session);
boolean isJwt = authentication instanceof JwtAuthentication;
User user = permissionHolder.getUser();
if (user != null) {
int userId = user.getId();
if (isJwt) {
jwtSessionsByUserId.put(userId, session);
} else {
otherSessionsByUserId.put(userId, session);
}
}
if (isJwt) {
JwtAuthentication jwtAuthentication = (JwtAuthentication) authentication;
Date expiration = jwtAuthentication.getToken().getBody().getExpiration();
TimeoutTask closeTask = new TimeoutTask(expiration, new CloseSessionTask(session));
session.getAttributes().put(CLOSE_TIMEOUT_TASK_ATTR, closeTask);
jwtSessions.add(session);
}
}
use of com.serotonin.m2m2.web.mvc.spring.security.authentication.JwtAuthentication in project ma-modules-public by infiniteautomation.
the class MangoWebSocketSessionTracker method afterConnectionClosed.
public void afterConnectionClosed(WebSocketSession session, CloseStatus closeStatus) {
String httpSessionId = this.httpSessionIdForSession(session);
if (httpSessionId != null) {
sessionsByHttpSessionId.remove(httpSessionId, session);
}
PermissionHolder permissionHolder = this.userForSession(session);
Authentication authentication = this.authenticationForSession(session);
boolean isJwt = authentication instanceof JwtAuthentication;
User user = permissionHolder.getUser();
if (user != null) {
int userId = user.getId();
if (isJwt) {
jwtSessionsByUserId.remove(userId, session);
} else {
otherSessionsByUserId.remove(userId, session);
}
}
if (isJwt) {
TimeoutTask closeTask = (TimeoutTask) session.getAttributes().get(CLOSE_TIMEOUT_TASK_ATTR);
if (closeTask != null) {
closeTask.cancel();
}
jwtSessions.remove(session);
}
}
use of com.serotonin.m2m2.web.mvc.spring.security.authentication.JwtAuthentication in project ma-core-public by infiniteautomation.
the class MangoTokenAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (!(authentication instanceof BearerAuthenticationToken)) {
return null;
}
String bearerToken = (String) authentication.getCredentials();
User user;
Jws<Claims> jws;
try {
jws = tokenAuthenticationService.parse(bearerToken);
user = tokenAuthenticationService.verify(jws);
} catch (ExpiredJwtException e) {
throw new CredentialsExpiredException("JWT token expired", e);
} catch (UnsupportedJwtException | MalformedJwtException | IllegalArgumentException e) {
// assume that this is not a JWT, allow the next AuthenticationProvider to process it
return null;
} catch (SignatureException | MissingClaimException | IncorrectClaimException e) {
throw new BadCredentialsException("JWT signature verification error or claim incorrect", e);
} catch (NotFoundException e) {
throw new BadCredentialsException("Invalid username", e);
} catch (Exception e) {
throw new InternalAuthenticationServiceException("Error authenticating with JWT token", e);
}
userDetailsChecker.check(user);
if (log.isDebugEnabled()) {
log.debug("Successfully authenticated user using JWT token, header: " + jws.getHeader() + ", body: " + jws.getBody());
}
return new JwtAuthentication(user, bearerToken, jws, user.getAuthorities());
}
Aggregations