use of com.walmartlabs.concord.server.security.ldap.LdapPrincipal in project concord by walmartlabs.
the class ConsoleService method whoami.
@GET
@Path("/whoami")
@Produces(MediaType.APPLICATION_JSON)
public UserResponse whoami() {
UserPrincipal p = UserPrincipal.getCurrent();
if (p == null) {
throw new ConcordApplicationException("Can't determine current user: pricipal not found", Status.INTERNAL_SERVER_ERROR);
}
UserEntry u = p.getUser();
if (u == null) {
throw new ConcordApplicationException("Can't determine current user: user entry not found", Status.INTERNAL_SERVER_ERROR);
}
String displayName = u.getDisplayName();
if (displayName == null) {
LdapPrincipal l = LdapPrincipal.getCurrent();
if (l != null) {
displayName = l.getDisplayName();
}
}
if (displayName == null) {
displayName = p.getUsername();
}
UserEntry user = userManager.get(p.getId()).orElseThrow(() -> new ConcordApplicationException("Unknown user: " + p.getId()));
return new UserResponse(p.getRealm(), user.getName(), user.getDomain(), displayName, user.getOrgs());
}
use of com.walmartlabs.concord.server.security.ldap.LdapPrincipal in project concord by walmartlabs.
the class SsoRealm method doGetAuthenticationInfo.
@Override
@WithTimer
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
SsoToken t = (SsoToken) token;
if (t.getUsername() == null) {
return null;
}
UserEntry u = userManager.get(t.getUsername(), t.getDomain(), UserType.LDAP).orElse(null);
if (u == null) {
u = userManager.create(t.getUsername(), t.getDomain(), t.getDisplayName(), t.getMail(), UserType.SSO, null);
}
// we consider the account active if the authentication was successful
userManager.enable(u.getId());
auditLog.add(AuditObject.SYSTEM, AuditAction.ACCESS).userId(u.getId()).field("username", u.getName()).field("userDomain", u.getDomain()).field("realm", REALM_NAME).log();
UserPrincipal userPrincipal = new UserPrincipal(REALM_NAME, u);
LdapPrincipal ldapPrincipal = new LdapPrincipal(t.getUsername(), t.getDomain(), t.getNameInNamespace(), t.getUserPrincipalName(), t.getDisplayName(), t.getMail(), t.getGroups(), Collections.singletonMap("mail", t.getMail()));
return new SimpleAccount(Arrays.asList(userPrincipal, t, ldapPrincipal), t.getCredentials(), getName());
}
Aggregations