use of edu.harvard.iq.dataverse.authorization.AuthenticationRequest in project dataverse by IQSS.
the class BuiltinAuthenticationProviderTest method testAuthenticate.
/**
* Test of authenticate method, of class BuiltinAuthenticationProvider.
*/
@Test
public void testAuthenticate() {
bean.save(makeBuiltInUser());
String crdUsername = sut.getRequiredCredentials().get(0).getTitle();
String crdPassword = sut.getRequiredCredentials().get(1).getTitle();
AuthenticationRequest req = new AuthenticationRequest();
req.putCredential(crdUsername, "username");
req.putCredential(crdPassword, "password");
AuthenticationResponse result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.SUCCESS, result.getStatus());
req = new AuthenticationRequest();
req.putCredential(crdUsername, "xxxxxxxx");
req.putCredential(crdPassword, "password");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
req = new AuthenticationRequest();
req.putCredential(crdUsername, "username");
req.putCredential(crdPassword, "xxxxxxxx");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
BuiltinUser u2 = makeBuiltInUser();
u2.setUserName("u2");
u2.updateEncryptedPassword(PasswordEncryption.getVersion(0).encrypt("password"), 0);
bean.save(u2);
req = new AuthenticationRequest();
req.putCredential(crdUsername, "u2");
req.putCredential(crdPassword, "xxxxxxxx");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
req = new AuthenticationRequest();
req.putCredential(crdUsername, "u2");
req.putCredential(crdPassword, "password");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.BREAKOUT, result.getStatus());
}
use of edu.harvard.iq.dataverse.authorization.AuthenticationRequest in project dataverse by IQSS.
the class LoginPage method login.
public String login() {
AuthenticationRequest authReq = new AuthenticationRequest();
List<FilledCredential> filledCredentialsList = getFilledCredentials();
if (filledCredentialsList == null) {
logger.info("Credential list is null!");
return null;
}
for (FilledCredential fc : filledCredentialsList) {
if (fc.getValue() == null || fc.getValue().isEmpty()) {
JH.addMessage(FacesMessage.SEVERITY_ERROR, "Please enter a " + fc.getCredential().getTitle());
}
authReq.putCredential(fc.getCredential().getTitle(), fc.getValue());
}
authReq.setIpAddress(dvRequestService.getDataverseRequest().getSourceAddress());
try {
AuthenticatedUser r = authSvc.getCreateAuthenticatedUser(credentialsAuthProviderId, authReq);
logger.log(Level.FINE, "User authenticated: {0}", r.getEmail());
session.setUser(r);
if ("dataverse.xhtml".equals(redirectPage)) {
redirectPage = redirectToRoot();
}
try {
redirectPage = URLDecoder.decode(redirectPage, "UTF-8");
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(LoginPage.class.getName()).log(Level.SEVERE, null, ex);
redirectPage = redirectToRoot();
}
logger.log(Level.FINE, "Sending user to = {0}", redirectPage);
return redirectPage + (!redirectPage.contains("?") ? "?" : "&") + "faces-redirect=true";
} catch (AuthenticationFailedException ex) {
numFailedLoginAttempts++;
op1 = new Long(random.nextInt(10));
op2 = new Long(random.nextInt(10));
AuthenticationResponse response = ex.getResponse();
switch(response.getStatus()) {
case FAIL:
JsfHelper.addErrorMessage(BundleUtil.getStringFromBundle("login.builtin.invalidUsernameEmailOrPassword"));
return null;
case ERROR:
/**
* @todo How do we exercise this part of the code? Something
* with password upgrade? See
* https://github.com/IQSS/dataverse/pull/2922
*/
JsfHelper.addErrorMessage(BundleUtil.getStringFromBundle("login.error"));
logger.log(Level.WARNING, "Error logging in: " + response.getMessage(), response.getError());
return null;
case BREAKOUT:
return response.getMessage();
default:
JsfHelper.addErrorMessage("INTERNAL ERROR");
return null;
}
}
}
use of edu.harvard.iq.dataverse.authorization.AuthenticationRequest in project dataverse by IQSS.
the class OAuth2FirstLoginPage method convertExistingAccount.
public String convertExistingAccount() {
BuiltinAuthenticationProvider biap = new BuiltinAuthenticationProvider(builtinUserSvc, passwordValidatorService);
AuthenticationRequest auReq = new AuthenticationRequest();
final List<CredentialsAuthenticationProvider.Credential> creds = biap.getRequiredCredentials();
auReq.putCredential(creds.get(0).getTitle(), getUsername());
auReq.putCredential(creds.get(1).getTitle(), getPassword());
try {
AuthenticatedUser existingUser = authenticationSvc.getCreateAuthenticatedUser(BuiltinAuthenticationProvider.PROVIDER_ID, auReq);
authenticationSvc.updateProvider(existingUser, newUser.getServiceId(), newUser.getIdInService());
builtinUserSvc.removeUser(existingUser.getUserIdentifier());
session.setUser(existingUser);
AuthenticationProvider newUserAuthProvider = authenticationSvc.getAuthenticationProvider(newUser.getServiceId());
JsfHelper.addSuccessMessage(BundleUtil.getStringFromBundle("oauth2.convertAccount.success", Arrays.asList(newUserAuthProvider.getInfo().getTitle())));
return "/dataverse.xhtml?faces-redirect=true";
} catch (AuthenticationFailedException ex) {
setAuthenticationFailed(true);
return null;
}
}
Aggregations