Examples with AuthToken com.zimbra.cs.account.AuthToken used on opensource projects

Example 61 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class Auth method needTwoFactorAuth.

private Element needTwoFactorAuth(Account account, TwoFactorAuth auth, ZimbraSoapContext zsc) throws ServiceException {
    /* two cases here:
         * 1) the user needs to provide a two-factor code.
         *    in this case, the server returns a two-factor auth token in the response header that the client
         *    must send back, along with the code, in order to finish the authentication process.
         * 2) the user needs to set up two-factor auth.
         *    this can happen if it's required for the account but the user hasn't received a secret yet.
         */
    if (!auth.twoFactorAuthEnabled()) {
        throw AccountServiceException.TWO_FACTOR_SETUP_REQUIRED();
    } else {
        Element response = zsc.createElement(AccountConstants.AUTH_RESPONSE);
        AuthToken twoFactorToken = AuthProvider.getAuthToken(account, Usage.TWO_FACTOR_AUTH);
        response.addUniqueElement(AccountConstants.E_TWO_FACTOR_AUTH_REQUIRED).setText("true");
        response.addAttribute(AccountConstants.E_LIFETIME, twoFactorToken.getExpires() - System.currentTimeMillis(), Element.Disposition.CONTENT);
        twoFactorToken.encodeAuthResp(response, false);
        response.addUniqueElement(AccountConstants.E_TRUSTED_DEVICES_ENABLED).setText(account.isFeatureTrustedDevicesEnabled() ? "true" : "false");
        return response;
    }
}

Example 62 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class CsrfUtilTest method testDecodeValidCsrfToken.

@Test
public final void testDecodeValidCsrfToken() {
    try {
        Account acct = Provisioning.getInstance().getAccountByName("test@zimbra.com");
        AuthToken authToken = new ZimbraAuthToken(acct);
        String csrfToken = CsrfUtil.generateCsrfToken(acct.getId(), AUTH_TOKEN_EXPR, CSRFTOKEN_SALT, authToken);
        Pair<String, String> tokenParts = CsrfUtil.parseCsrfToken(csrfToken);
        assertNotNull(tokenParts.getFirst());
        assertNotNull(tokenParts.getSecond());
        assertEquals("0", tokenParts.getSecond());
    } catch (ServiceException | AuthTokenException e) {
        fail("Should not throw exception.");
    }
}

Example 63 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class GetDomainInfo method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext lc = getZimbraSoapContext(context);
    Provisioning prov = Provisioning.getInstance();
    AuthToken at = lc.getAuthToken();
    boolean hasAuth = at != null;
    boolean applyConfig = request.getAttributeBool(AdminConstants.A_APPLY_CONFIG, true);
    Element d = request.getElement(AdminConstants.E_DOMAIN);
    String key = d.getAttribute(AdminConstants.A_BY);
    String value = d.getText();
    Key.DomainBy domainBy = Key.DomainBy.fromString(key);
    Domain domain = prov.getDomain(domainBy, value, true);
    Element response = lc.createElement(AdminConstants.GET_DOMAIN_INFO_RESPONSE);
    if (domain == null && domainBy != Key.DomainBy.name && domainBy != Key.DomainBy.virtualHostname) {
        // domain not found, and we don't have info for walking up sub domains
        // return attributes on global config
        toXML(response, prov.getConfig(), applyConfig, hasAuth);
    } else {
        if (domain == null) {
            if (domainBy == Key.DomainBy.virtualHostname)
                domain = prov.getDomain(Key.DomainBy.name, value, true);
            if (domain == null)
                domain = findDomain(prov, value);
        }
        if (domain != null)
            toXML(response, domain, applyConfig, hasAuth);
        else
            toXML(response, prov.getConfig(), applyConfig, hasAuth);
    }
    return response;
}

Example 64 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class SendInviteReply method getRemoteZMailbox.

private static ZMailbox getRemoteZMailbox(OperationContext octxt, Account authAcct, Account targetAcct) throws ServiceException {
    AuthToken authToken = null;
    if (octxt != null)
        authToken = AuthToken.getCsrfUnsecuredAuthToken(octxt.getAuthToken());
    if (authToken == null)
        authToken = AuthProvider.getAuthToken(authAcct);
    String pxyAuthToken = authToken.getProxyAuthToken();
    ZAuthToken zat = pxyAuthToken == null ? authToken.toZAuthToken() : new ZAuthToken(pxyAuthToken);
    ZMailbox.Options zoptions = new ZMailbox.Options(zat, AccountUtil.getSoapUri(targetAcct));
    zoptions.setNoSession(true);
    zoptions.setTargetAccount(targetAcct.getId());
    zoptions.setTargetAccountBy(Key.AccountBy.id);
    return ZMailbox.getMailbox(zoptions);
}

Example 65 with AuthToken

use of com.zimbra.cs.account.AuthToken in project zm-mailbox by Zimbra.

the class TestAuthentication method testAdminAuthViaSOAPToken.

/**
     * test admin auth request with authtoken in SOAP instead of login/password
     * @throws Exception
     */
public void testAdminAuthViaSOAPToken() throws Exception {
    AuthToken at = AuthProvider.getAdminAuthToken();
    SoapTransport transport = TestUtil.getAdminSoapTransport();
    com.zimbra.soap.admin.message.AuthRequest req = new com.zimbra.soap.admin.message.AuthRequest();
    req.setAuthToken(at.getEncoded());
    Element resp = transport.invoke(JaxbUtil.jaxbToElement(req, SoapProtocol.SoapJS.getFactory()));
    com.zimbra.soap.admin.message.AuthResponse authResp = JaxbUtil.elementToJaxb(resp);
    String newAuthToken = authResp.getAuthToken();
    assertNotNull("should have received a new authtoken", newAuthToken);
    at = ZimbraAuthToken.getAuthToken(newAuthToken);
    assertTrue("new auth token should be registered", at.isRegistered());
    assertFalse("new auth token should not be expired yet", at.isExpired());
}