use of com.zimbra.cs.account.AuthTokenException in project zm-mailbox by Zimbra.
the class ZimbraAuthenticator method authenticate.
@Override
public Account authenticate(String username, String authenticateId, String authtoken, AuthContext.Protocol protocol, String origRemoteIp, String remoteIp, String userAgent) throws ServiceException {
if (authenticateId == null || authenticateId.equals(""))
return null;
// validate the auth token
Provisioning prov = Provisioning.getInstance();
AuthToken at;
try {
at = ZimbraAuthToken.getAuthToken(authtoken);
} catch (AuthTokenException e) {
return null;
}
try {
AuthProvider.validateAuthToken(prov, at, false);
} catch (ServiceException e) {
return null;
}
// make sure that the authentication account is valid
Account authAccount = prov.get(Key.AccountBy.name, authenticateId, at);
if (authAccount == null)
return null;
// make sure the auth token belongs to authenticatedId
if (!at.getAccountId().equalsIgnoreCase(authAccount.getId()))
return null;
// make sure the protocol is enabled for the user
if (!isProtocolEnabled(authAccount, protocol)) {
ZimbraLog.account.info("Authentication failed - %s not enabled for %s", protocol, authAccount.getName());
return null;
}
// if necessary, check that the authenticated user can authorize as the target user
Account targetAcct = authorize(authAccount, username, AuthToken.isAnyAdmin(at));
if (targetAcct != null)
prov.accountAuthed(authAccount);
return targetAcct;
}
use of com.zimbra.cs.account.AuthTokenException in project zm-mailbox by Zimbra.
the class CsrfUtil method getAuthTokenFromReq.
/**
*
* @param req
* @return
*/
public static AuthToken getAuthTokenFromReq(HttpServletRequest req) {
AuthToken at = null;
try {
boolean isAdminRequest = AuthUtil.isAdminRequest(req);
at = AuthProvider.getAuthToken(req, isAdminRequest);
} catch (ServiceException | AuthTokenException e) {
ZimbraLog.security.info("Error extracting auth token from the request. " + e.getMessage());
}
return at;
}
Aggregations