Examples with ZimbraAuthToken com.zimbra.cs.account.ZimbraAuthToken used on opensource projects

Search in sources :

Example 6 with ZimbraAuthToken

use of com.zimbra.cs.account.ZimbraAuthToken in project zm-mailbox by Zimbra.

the class CsrfUtilTest method testDecodeValidCsrfToken.

@Test
public final void testDecodeValidCsrfToken() {
    try {
        Account acct = Provisioning.getInstance().getAccountByName("test@zimbra.com");
        AuthToken authToken = new ZimbraAuthToken(acct);
        String csrfToken = CsrfUtil.generateCsrfToken(acct.getId(), AUTH_TOKEN_EXPR, CSRFTOKEN_SALT, authToken);
        Pair<String, String> tokenParts = CsrfUtil.parseCsrfToken(csrfToken);
        assertNotNull(tokenParts.getFirst());
        assertNotNull(tokenParts.getSecond());
        assertEquals("0", tokenParts.getSecond());
    } catch (ServiceException | AuthTokenException e) {
        fail("Should not throw exception.");
    }
}
Also used : Account(com.zimbra.cs.account.Account) ServiceException(com.zimbra.common.service.ServiceException) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) AuthTokenException(com.zimbra.cs.account.AuthTokenException) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) AuthToken(com.zimbra.cs.account.AuthToken) Test(org.junit.Test)

Example 7 with ZimbraAuthToken

use of com.zimbra.cs.account.ZimbraAuthToken in project zm-mailbox by Zimbra.

the class OAuthServiceProvider method markAsAuthorized.

/**
     * Mark OAuth consumer as authorized and update accessor properties.
     */
public static synchronized void markAsAuthorized(OAuthAccessor accessor, String userId, String zauthtoken) throws OAuthException {
    accessor.setProperty("user", userId);
    accessor.setProperty("authorized", Boolean.TRUE);
    accessor.setProperty("ZM_AUTH_TOKEN", zauthtoken);
    AuthToken zimbraAuthToken;
    try {
        zimbraAuthToken = ZimbraAuthToken.getAuthToken(zauthtoken);
        final Account account = zimbraAuthToken.getAccount();
        setAccountPropertiesForAccessor(account, accessor);
    } catch (AuthTokenException | UnsupportedEncodingException | ServiceException e) {
        throw new OAuthException(e);
    }
    accessor.consumer.setProperty("approved_on", Long.toString(System.currentTimeMillis()));
}
Also used : Account(com.zimbra.cs.account.Account) ServiceException(com.zimbra.common.service.ServiceException) AuthTokenException(com.zimbra.cs.account.AuthTokenException) OAuthException(net.oauth.OAuthException) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) AuthToken(com.zimbra.cs.account.AuthToken) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 8 with ZimbraAuthToken

use of com.zimbra.cs.account.ZimbraAuthToken in project zm-mailbox by Zimbra.

the class OAuthAccessorSerializer method deserialize.

@Override
public OAuthAccessor deserialize(Object obj) throws ServiceException {
    String value = (String) obj;
    LOG.debug("get value: " + value);
    String consumer_key = value.substring(0, value.indexOf(",token_secret")).substring(13);
    String token_secret = value.substring(value.indexOf(",token_secret"), value.indexOf(",callback")).substring(14);
    String callback = value.substring(value.indexOf(",callback"), value.indexOf(",user")).substring(10);
    String user = value.substring(value.indexOf(",user"), value.indexOf(",authorized")).substring(6);
    String authorized = value.substring(value.indexOf(",authorized"), value.indexOf(",zauthtoken")).substring(12);
    String zauthtoken = value.substring(value.indexOf(",zauthtoken"), value.indexOf(",verifier")).substring(12);
    String verifier = value.substring(value.indexOf(",verifier"), value.indexOf(",approved_on")).substring(10);
    String approved_on = value.substring(value.indexOf(",approved_on"), value.indexOf(",device")).substring(13);
    String device = value.substring(value.indexOf(",device")).substring(8);
    LOG.debug("[consumer_key:%s, callback:%s, user:%s, authorized:%s, zauthtoken:%s, verifier:%s, approved_on:%s, device:%s]", consumer_key, callback, user, authorized, zauthtoken, verifier, approved_on, device);
    try {
        OAuthConsumer consumer = OAuthServiceProvider.getConsumer(consumer_key);
        OAuthAccessor accessor = new OAuthAccessor(consumer);
        accessor.tokenSecret = token_secret;
        accessor.setProperty(OAuth.OAUTH_CALLBACK, callback);
        if (!user.equals("null")) {
            accessor.setProperty("user", user);
        }
        if (authorized.equalsIgnoreCase(Boolean.FALSE.toString())) {
            accessor.setProperty("authorized", Boolean.FALSE);
        } else if (authorized.equalsIgnoreCase(Boolean.TRUE.toString())) {
            accessor.setProperty("authorized", Boolean.TRUE);
        }
        if (!zauthtoken.equals("null")) {
            accessor.setProperty("ZM_AUTH_TOKEN", zauthtoken);
            AuthToken zimbraAuthToken = ZimbraAuthToken.getAuthToken(zauthtoken);
            final Account account = zimbraAuthToken.getAccount();
            OAuthServiceProvider.setAccountPropertiesForAccessor(account, accessor);
        }
        if (!verifier.equals("null")) {
            accessor.setProperty(OAuth.OAUTH_VERIFIER, verifier);
        }
        if (null != approved_on) {
            accessor.consumer.setProperty("approved_on", approved_on);
        }
        if (null != device) {
            accessor.consumer.setProperty("device", device);
        }
        return accessor;
    } catch (Exception e) {
        //need more hack here for hadnling IOException properly
        throw ServiceException.FAILURE("IOException", e);
    }
}
Also used : OAuthAccessor(net.oauth.OAuthAccessor) Account(com.zimbra.cs.account.Account) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) AuthToken(com.zimbra.cs.account.AuthToken) OAuthConsumer(net.oauth.OAuthConsumer) ServiceException(com.zimbra.common.service.ServiceException)

Example 9 with ZimbraAuthToken

use of com.zimbra.cs.account.ZimbraAuthToken in project zm-mailbox by Zimbra.

the class TestCookieReuse method testTokenDeregistration.

/**
     * test de-registering an authtoken
     * @throws Exception
     */
@Test
public void testTokenDeregistration() throws Exception {
    Account a = TestUtil.getAccount(USER_NAME);
    ZimbraAuthToken at = new ZimbraAuthToken(a);
    Assert.assertTrue("token should be registered", at.isRegistered());
    at.deRegister();
    Assert.assertFalse("token should not be registered", at.isRegistered());
}
Also used : Account(com.zimbra.cs.account.Account) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) Test(org.junit.Test)

Example 10 with ZimbraAuthToken

use of com.zimbra.cs.account.ZimbraAuthToken in project zm-mailbox by Zimbra.

the class TestCookieReuse method testOldClientSupport.

/**
     * Test old behavior: tokens appear to be registered even when they are not registered when lowest
     * supported auth version is set to 1
     * @throws Exception
     */
@Test
public void testOldClientSupport() throws Exception {
    Account a = TestUtil.getAccount(USER_NAME);
    ZimbraAuthToken at = new ZimbraAuthToken(a, System.currentTimeMillis() - 1000);
    Assert.assertTrue("token should be registered", at.isRegistered());
    at.deRegister();
    Assert.assertFalse("token should not be registered", at.isRegistered());
    //lowering supported auth version should allow unregistered cookies
    Provisioning.getInstance().getLocalServer().setLowestSupportedAuthVersion(1);
    Assert.assertTrue("token should appear to be registered", at.isRegistered());
    //raising supported auth version should not allow unregistered cookies
    Provisioning.getInstance().getLocalServer().setLowestSupportedAuthVersion(2);
    Assert.assertFalse("token should not be registered", at.isRegistered());
}
Also used : Account(com.zimbra.cs.account.Account) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) Test(org.junit.Test)

Aggregations

Account (com.zimbra.cs.account.Account)12 ZimbraAuthToken (com.zimbra.cs.account.ZimbraAuthToken)12 Test (org.junit.Test)8 AuthToken (com.zimbra.cs.account.AuthToken)7 ServiceException (com.zimbra.common.service.ServiceException)5 AuthTokenException (com.zimbra.cs.account.AuthTokenException)3 Server (com.zimbra.cs.account.Server)2 AccountBy (com.zimbra.common.account.Key.AccountBy)1 ZAuthToken (com.zimbra.common.auth.ZAuthToken)1 Element (com.zimbra.common.soap.Element)1 JSONElement (com.zimbra.common.soap.Element.JSONElement)1 XMLElement (com.zimbra.common.soap.Element.XMLElement)1 SoapHttpTransport (com.zimbra.common.soap.SoapHttpTransport)1 AccountServiceException (com.zimbra.cs.account.AccountServiceException)1 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)1 Domain (com.zimbra.cs.account.Domain)1 Provisioning (com.zimbra.cs.account.Provisioning)1 EmailAddress (com.zimbra.cs.account.names.NameUtil.EmailAddress)1 AuthRequest (com.zimbra.soap.account.message.AuthRequest)1 AuthResponse (com.zimbra.soap.account.message.AuthResponse)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial