Examples with AuthToken com.zimbra.cs.account.AuthToken used on opensource projects

Example 56 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class ExternalUserProvServlet method setCookieAndRedirect.

private static void setCookieAndRedirect(HttpServletRequest req, HttpServletResponse resp, Account grantee) throws ServiceException, IOException {
    AuthToken authToken = AuthProvider.getAuthToken(grantee);
    authToken.encode(resp, false, req.getScheme().equals("https"));
    resp.sendRedirect("/");
}

Example 57 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class CertAuthServlet method doGet.

@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    ZimbraLog.clearContext();
    addRemoteIpToLoggingContext(req);
    addUAToLoggingContext(req);
    String url = req.getRequestURI();
    Matcher matcher = allowedUrl.matcher(url);
    boolean isAdminRequest = false;
    if (!matcher.matches()) {
        String msg = "resource not allowed on the certauth servlet: " + url;
        ZimbraLog.account.error(msg);
        sendback403Message(req, resp, msg);
        return;
    } else {
        if (matcher.groupCount() > 3 && "admin".equals(matcher.group(3))) {
            isAdminRequest = true;
        }
    }
    try {
        SSOAuthenticator authenticator = new ClientCertAuthenticator(req, resp);
        ZimbraPrincipal principal = null;
        principal = authenticator.authenticate();
        AuthToken authToken = authorize(req, AuthContext.Protocol.client_certificate, principal, isAdminRequest);
        setAuthTokenCookieAndRedirect(req, resp, principal.getAccount(), authToken);
        return;
    } catch (ServiceException e) {
        String reason = "";
        if (e instanceof AuthFailedServiceException) {
            reason = ((AuthFailedServiceException) e).getReason(", %s");
        }
        ZimbraLog.account.debug("client certificate auth failed: " + e.getMessage() + reason, e);
        dispatchOnError(req, resp, isAdminRequest, e.getMessage());
    }
}

Example 58 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class ContentServlet method doGet.

@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
    ZimbraLog.clearContext();
    addRemoteIpToLoggingContext(req);
    mLog.debug("request url: %s, path info: ", req.getRequestURL(), req.getPathInfo());
    AuthToken authToken = getAuthTokenFromCookie(req, resp);
    if (authToken == null)
        return;
    if (isTrue(Provisioning.A_zimbraAttachmentsBlocked, authToken.getAccountId())) {
        sendbackBlockMessage(req, resp);
        return;
    }
    String pathInfo = req.getPathInfo();
    if (pathInfo != null && pathInfo.equals(PREFIX_GET)) {
        getCommand(req, resp, authToken);
    } else if (pathInfo != null && pathInfo.equals(PREFIX_PROXY)) {
        retrieveUpload(req, resp, authToken);
    } else {
        resp.sendError(HttpServletResponse.SC_BAD_REQUEST, L10nUtil.getMessage(MsgKey.errInvalidRequest, req));
    }
}

Example 59 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class AuthProvider method getAuthToken.

/**
     * Creates an AuthToken object from token string.
     *
     * @param encoded
     * @return
     * @throws AuthTokenException
     * @see #authToken(String)
     */
public static AuthToken getAuthToken(String encoded) throws AuthTokenException {
    AuthToken at = null;
    List<AuthProvider> providers = getProviders();
    AuthTokenException authTokenExp = null;
    for (AuthProvider ap : providers) {
        try {
            at = ap.authToken(encoded);
            if (at == null) {
                authTokenExp = new AuthTokenException("auth provider " + ap.getName() + " returned null");
            } else {
                return at;
            }
        } catch (AuthProviderException e) {
            // if there is no auth data for this provider, log and continue with next provider
            if (e.canIgnore()) {
                logger().warn(ap.getName() + ":" + e.getMessage());
            } else {
                authTokenExp = new AuthTokenException("auth provider error", e);
            }
        } catch (AuthTokenException e) {
            //log and store exception reference
            authTokenExp = e;
            logger().debug("getAuthToken error: provider=" + ap.getName() + ", err=" + e.getMessage(), e);
        }
    }
    //If multiple auth providers caused AuthTokenException, then last exception is rethrown from here.
    if (null != authTokenExp) {
        throw authTokenExp;
    }
    // there is no auth data for any of the enabled providers
    logger().error("unable to get AuthToken from encoded " + encoded);
    return null;
}

Example 60 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class AuthProvider method getAuthToken.

public static AuthToken getAuthToken(Account account, Usage usage) throws AuthProviderException {
    List<AuthProvider> providers = getProviders();
    AuthProviderException authProviderExp = null;
    for (AuthProvider ap : providers) {
        try {
            AuthToken at = ap.authToken(account, usage);
            if (at == null) {
                authProviderExp = AuthProviderException.FAILURE("auth provider " + ap.getName() + " returned null");
            } else {
                return at;
            }
        } catch (AuthProviderException e) {
            if (e.canIgnore()) {
                logger().debug(ap.getName() + ":" + e.getMessage());
            } else {
                authProviderExp = e;
            }
        }
    }
    if (null != authProviderExp) {
        throw authProviderExp;
    }
    throw AuthProviderException.FAILURE("cannot get authtoken from account " + account.getName());
}