Example 36 with UserPrincipal
use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.
the class OidcRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
OidcToken t = (OidcToken) token;
OidcProfile profile = t.getProfile();
// TODO replace getOrCreate+update with a single method?
String username = profile.getEmail().toLowerCase();
UserEntry u = userManager.getOrCreate(username, null, UserType.LOCAL).orElseThrow(() -> new ConcordApplicationException("User not found: " + profile.getEmail()));
userManager.update(u.getId(), profile.getDisplayName(), profile.getEmail(), null, false, null);
UserPrincipal userPrincipal = new UserPrincipal(REALM_NAME, u);
return new SimpleAccount(Arrays.asList(userPrincipal, t), t, getName());
}
Also used :
SimpleAccount(org.apache.shiro.authc.SimpleAccount)
ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException)
OidcProfile(org.pac4j.oidc.profile.OidcProfile)
UserEntry(com.walmartlabs.concord.server.user.UserEntry)
UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal)
Example 37 with UserPrincipal
use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.
the class SsoRealm method doGetAuthenticationInfo.
@Override
@WithTimer
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
SsoToken t = (SsoToken) token;
if (t.getUsername() == null) {
return null;
}
UserEntry u = userManager.get(t.getUsername(), t.getDomain(), UserType.LDAP).orElse(null);
if (u == null) {
u = userManager.create(t.getUsername(), t.getDomain(), t.getDisplayName(), t.getMail(), UserType.SSO, null);
}
// we consider the account active if the authentication was successful
userManager.enable(u.getId());
auditLog.add(AuditObject.SYSTEM, AuditAction.ACCESS).userId(u.getId()).field("username", u.getName()).field("userDomain", u.getDomain()).field("realm", REALM_NAME).log();
UserPrincipal userPrincipal = new UserPrincipal(REALM_NAME, u);
LdapPrincipal ldapPrincipal = new LdapPrincipal(t.getUsername(), t.getDomain(), t.getNameInNamespace(), t.getUserPrincipalName(), t.getDisplayName(), t.getMail(), t.getGroups(), Collections.singletonMap("mail", t.getMail()));
return new SimpleAccount(Arrays.asList(userPrincipal, t, ldapPrincipal), t.getCredentials(), getName());
}
Also used :
SimpleAccount(org.apache.shiro.authc.SimpleAccount)
LdapPrincipal(com.walmartlabs.concord.server.security.ldap.LdapPrincipal)
UserEntry(com.walmartlabs.concord.server.user.UserEntry)
UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal)
WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)
Aggregations
UserPrincipal (com.walmartlabs.concord.server.security.UserPrincipal)37
UnauthorizedException (org.apache.shiro.authz.UnauthorizedException)15
WithTimer (com.walmartlabs.concord.server.sdk.metrics.WithTimer)14
ConcordApplicationException (com.walmartlabs.concord.server.sdk.ConcordApplicationException)9
UserEntry (com.walmartlabs.concord.server.user.UserEntry)8
UUID (java.util.UUID)8
PartialProcessKey (com.walmartlabs.concord.server.sdk.PartialProcessKey)7
ApiOperation (io.swagger.annotations.ApiOperation)6
OrganizationEntry (com.walmartlabs.concord.server.org.OrganizationEntry)3
EntryPoint (com.walmartlabs.concord.server.process.PayloadManager.EntryPoint)3
ProcessEntry (com.walmartlabs.concord.server.process.ProcessEntry)3
SessionKeyPrincipal (com.walmartlabs.concord.server.security.sessionkey.SessionKeyPrincipal)3
SimpleAccount (org.apache.shiro.authc.SimpleAccount)3
ValidationErrorsException (org.sonatype.siesta.ValidationErrorsException)3
ProcessKey (com.walmartlabs.concord.server.sdk.ProcessKey)2
LdapPrincipal (com.walmartlabs.concord.server.security.ldap.LdapPrincipal)2
SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)2
Subject (org.apache.shiro.subject.Subject)2
CacheBuilder (com.google.common.cache.CacheBuilder)1
Imports (com.walmartlabs.concord.imports.Imports)1
