Search in sources :

Example 36 with UserPrincipal

use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.

the class OidcRealm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    OidcToken t = (OidcToken) token;
    OidcProfile profile = t.getProfile();
    // TODO replace getOrCreate+update with a single method?
    String username = profile.getEmail().toLowerCase();
    UserEntry u = userManager.getOrCreate(username, null, UserType.LOCAL).orElseThrow(() -> new ConcordApplicationException("User not found: " + profile.getEmail()));
    userManager.update(u.getId(), profile.getDisplayName(), profile.getEmail(), null, false, null);
    UserPrincipal userPrincipal = new UserPrincipal(REALM_NAME, u);
    return new SimpleAccount(Arrays.asList(userPrincipal, t), t, getName());
}
Also used : SimpleAccount(org.apache.shiro.authc.SimpleAccount) ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) OidcProfile(org.pac4j.oidc.profile.OidcProfile) UserEntry(com.walmartlabs.concord.server.user.UserEntry) UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal)

Example 37 with UserPrincipal

use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.

the class SsoRealm method doGetAuthenticationInfo.

@Override
@WithTimer
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    SsoToken t = (SsoToken) token;
    if (t.getUsername() == null) {
        return null;
    }
    UserEntry u = userManager.get(t.getUsername(), t.getDomain(), UserType.LDAP).orElse(null);
    if (u == null) {
        u = userManager.create(t.getUsername(), t.getDomain(), t.getDisplayName(), t.getMail(), UserType.SSO, null);
    }
    // we consider the account active if the authentication was successful
    userManager.enable(u.getId());
    auditLog.add(AuditObject.SYSTEM, AuditAction.ACCESS).userId(u.getId()).field("username", u.getName()).field("userDomain", u.getDomain()).field("realm", REALM_NAME).log();
    UserPrincipal userPrincipal = new UserPrincipal(REALM_NAME, u);
    LdapPrincipal ldapPrincipal = new LdapPrincipal(t.getUsername(), t.getDomain(), t.getNameInNamespace(), t.getUserPrincipalName(), t.getDisplayName(), t.getMail(), t.getGroups(), Collections.singletonMap("mail", t.getMail()));
    return new SimpleAccount(Arrays.asList(userPrincipal, t, ldapPrincipal), t.getCredentials(), getName());
}
Also used : SimpleAccount(org.apache.shiro.authc.SimpleAccount) LdapPrincipal(com.walmartlabs.concord.server.security.ldap.LdapPrincipal) UserEntry(com.walmartlabs.concord.server.user.UserEntry) UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)

Aggregations

UserPrincipal (com.walmartlabs.concord.server.security.UserPrincipal)37 UnauthorizedException (org.apache.shiro.authz.UnauthorizedException)15 WithTimer (com.walmartlabs.concord.server.sdk.metrics.WithTimer)14 ConcordApplicationException (com.walmartlabs.concord.server.sdk.ConcordApplicationException)9 UserEntry (com.walmartlabs.concord.server.user.UserEntry)8 UUID (java.util.UUID)8 PartialProcessKey (com.walmartlabs.concord.server.sdk.PartialProcessKey)7 ApiOperation (io.swagger.annotations.ApiOperation)6 OrganizationEntry (com.walmartlabs.concord.server.org.OrganizationEntry)3 EntryPoint (com.walmartlabs.concord.server.process.PayloadManager.EntryPoint)3 ProcessEntry (com.walmartlabs.concord.server.process.ProcessEntry)3 SessionKeyPrincipal (com.walmartlabs.concord.server.security.sessionkey.SessionKeyPrincipal)3 SimpleAccount (org.apache.shiro.authc.SimpleAccount)3 ValidationErrorsException (org.sonatype.siesta.ValidationErrorsException)3 ProcessKey (com.walmartlabs.concord.server.sdk.ProcessKey)2 LdapPrincipal (com.walmartlabs.concord.server.security.ldap.LdapPrincipal)2 SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)2 Subject (org.apache.shiro.subject.Subject)2 CacheBuilder (com.google.common.cache.CacheBuilder)1 Imports (com.walmartlabs.concord.imports.Imports)1