Examples with UserNotActivatedException de.tum.in.www1.artemis.security.UserNotActivatedException used on opensource projects

Example 1 with UserNotActivatedException

use of de.tum.in.www1.artemis.security.UserNotActivatedException in project ArTEMiS by ls1intum.

the class UserJWTController method authorizeSAML2.

/**
 * Authorizes an User logged in with SAML2
 *
 * @param body the body of the request. "true" to remember the user.
 * @return a JWT Token if the authorization is successful
 */
@PostMapping("/saml2")
public ResponseEntity<JWTToken> authorizeSAML2(@RequestBody final String body) {
    if (saml2Service.isEmpty()) {
        throw new AccessForbiddenException("SAML2 is disabled");
    }
    final boolean rememberMe = Boolean.parseBoolean(body);
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null || !authentication.isAuthenticated() || !(authentication.getPrincipal() instanceof Saml2AuthenticatedPrincipal)) {
        return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
    }
    log.debug("SAML2 authentication: {}", authentication);
    final Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) authentication.getPrincipal();
    try {
        authentication = saml2Service.get().handleAuthentication(principal);
    } catch (UserNotActivatedException e) {
        // That does not match the actual reason and would trigger authentication in the client
        return ResponseEntity.status(HttpStatus.FORBIDDEN).header("X-artemisApp-error", e.getMessage()).build();
    }
    final String jwt = tokenProvider.createToken(authentication, rememberMe);
    final HttpHeaders httpHeaders = new HttpHeaders();
    httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer " + jwt);
    return new ResponseEntity<>(new JWTToken(jwt), httpHeaders, HttpStatus.OK);
}

Example 2 with UserNotActivatedException

use of de.tum.in.www1.artemis.security.UserNotActivatedException in project ArTEMiS by ls1intum.

the class SAML2Service method handleAuthentication.

/**
 * Handles an authentication via SAML2.
 *
 * Registers new users and returns a new {@link UsernamePasswordAuthenticationToken} matching the SAML2 user.
 *
 * @param principal the principal, containing the user information
 * @return a new {@link UsernamePasswordAuthenticationToken} matching the SAML2 user
 */
public Authentication handleAuthentication(final Saml2AuthenticatedPrincipal principal) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    log.debug("SAML2 User '{}' logged in, attributes {}", auth.getName(), principal.getAttributes());
    log.debug("SAML2 password-enabled: {}", saml2EnablePassword);
    final String username = substituteAttributes(properties.getUsernamePattern(), principal);
    Optional<User> user = userRepository.findOneWithGroupsAndAuthoritiesByLogin(username);
    if (user.isEmpty()) {
        // create User if not exists
        user = Optional.of(createUser(username, principal));
        if (saml2EnablePassword.isPresent() && Boolean.TRUE.equals(saml2EnablePassword.get())) {
            log.debug("Sending SAML2 creation mail");
            if (userService.prepareUserForPasswordReset(user.get())) {
                mailService.sendSAML2SetPasswordMail(user.get());
            } else {
                log.error("User {} was created but could not be found in the database!", user.get());
            }
        }
    }
    if (!user.get().getActivated()) {
        log.debug("Not activated SAML2 user {} attempted login.", user.get());
        throw new UserNotActivatedException("User was disabled.");
    }
    auth = new UsernamePasswordAuthenticationToken(user.get().getLogin(), user.get().getPassword(), toGrantedAuthorities(user.get().getAuthorities()));
    return auth;
}

Example 3 with UserNotActivatedException

use of de.tum.in.www1.artemis.security.UserNotActivatedException in project Artemis by ls1intum.

the class SAML2Service method handleAuthentication.

/**
 * Handles an authentication via SAML2.
 *
 * Registers new users and returns a new {@link UsernamePasswordAuthenticationToken} matching the SAML2 user.
 *
 * @param principal the principal, containing the user information
 * @return a new {@link UsernamePasswordAuthenticationToken} matching the SAML2 user
 */
public Authentication handleAuthentication(final Saml2AuthenticatedPrincipal principal) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    log.debug("SAML2 User '{}' logged in, attributes {}", auth.getName(), principal.getAttributes());
    log.debug("SAML2 password-enabled: {}", saml2EnablePassword);
    final String username = substituteAttributes(properties.getUsernamePattern(), principal);
    Optional<User> user = userRepository.findOneWithGroupsAndAuthoritiesByLogin(username);
    if (user.isEmpty()) {
        // create User if not exists
        user = Optional.of(createUser(username, principal));
        if (saml2EnablePassword.isPresent() && Boolean.TRUE.equals(saml2EnablePassword.get())) {
            log.debug("Sending SAML2 creation mail");
            if (userService.prepareUserForPasswordReset(user.get())) {
                mailService.sendSAML2SetPasswordMail(user.get());
            } else {
                log.error("User {} was created but could not be found in the database!", user.get());
            }
        }
    }
    if (!user.get().getActivated()) {
        log.debug("Not activated SAML2 user {} attempted login.", user.get());
        throw new UserNotActivatedException("User was disabled.");
    }
    auth = new UsernamePasswordAuthenticationToken(user.get().getLogin(), user.get().getPassword(), toGrantedAuthorities(user.get().getAuthorities()));
    return auth;
}

Example 4 with UserNotActivatedException

use of de.tum.in.www1.artemis.security.UserNotActivatedException in project Artemis by ls1intum.

the class UserJWTController method authorizeSAML2.

/**
 * Authorizes an User logged in with SAML2
 *
 * @param body the body of the request. "true" to remember the user.
 * @return a JWT Token if the authorization is successful
 */
@PostMapping("/saml2")
public ResponseEntity<JWTToken> authorizeSAML2(@RequestBody final String body) {
    if (saml2Service.isEmpty()) {
        throw new AccessForbiddenException("SAML2 is disabled");
    }
    final boolean rememberMe = Boolean.parseBoolean(body);
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null || !authentication.isAuthenticated() || !(authentication.getPrincipal() instanceof Saml2AuthenticatedPrincipal)) {
        return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
    }
    log.debug("SAML2 authentication: {}", authentication);
    final Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) authentication.getPrincipal();
    try {
        authentication = saml2Service.get().handleAuthentication(principal);
    } catch (UserNotActivatedException e) {
        // That does not match the actual reason and would trigger authentication in the client
        return ResponseEntity.status(HttpStatus.FORBIDDEN).header("X-artemisApp-error", e.getMessage()).build();
    }
    final String jwt = tokenProvider.createToken(authentication, rememberMe);
    final HttpHeaders httpHeaders = new HttpHeaders();
    httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer " + jwt);
    return new ResponseEntity<>(new JWTToken(jwt), httpHeaders, HttpStatus.OK);
}