Search in sources :

Example 1 with AuthenticationRequest

use of edu.harvard.iq.dataverse.authorization.AuthenticationRequest in project dataverse by IQSS.

the class BuiltinAuthenticationProviderTest method testAuthenticate.

/**
 * Test of authenticate method, of class BuiltinAuthenticationProvider.
 */
@Test
public void testAuthenticate() {
    bean.save(makeBuiltInUser());
    String crdUsername = sut.getRequiredCredentials().get(0).getTitle();
    String crdPassword = sut.getRequiredCredentials().get(1).getTitle();
    AuthenticationRequest req = new AuthenticationRequest();
    req.putCredential(crdUsername, "username");
    req.putCredential(crdPassword, "password");
    AuthenticationResponse result = sut.authenticate(req);
    assertEquals(AuthenticationResponse.Status.SUCCESS, result.getStatus());
    req = new AuthenticationRequest();
    req.putCredential(crdUsername, "xxxxxxxx");
    req.putCredential(crdPassword, "password");
    result = sut.authenticate(req);
    assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
    req = new AuthenticationRequest();
    req.putCredential(crdUsername, "username");
    req.putCredential(crdPassword, "xxxxxxxx");
    result = sut.authenticate(req);
    assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
    BuiltinUser u2 = makeBuiltInUser();
    u2.setUserName("u2");
    u2.updateEncryptedPassword(PasswordEncryption.getVersion(0).encrypt("password"), 0);
    bean.save(u2);
    req = new AuthenticationRequest();
    req.putCredential(crdUsername, "u2");
    req.putCredential(crdPassword, "xxxxxxxx");
    result = sut.authenticate(req);
    assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
    req = new AuthenticationRequest();
    req.putCredential(crdUsername, "u2");
    req.putCredential(crdPassword, "password");
    result = sut.authenticate(req);
    assertEquals(AuthenticationResponse.Status.BREAKOUT, result.getStatus());
}
Also used : AuthenticationRequest(edu.harvard.iq.dataverse.authorization.AuthenticationRequest) AuthenticationResponse(edu.harvard.iq.dataverse.authorization.AuthenticationResponse) Test(org.junit.Test)

Example 2 with AuthenticationRequest

use of edu.harvard.iq.dataverse.authorization.AuthenticationRequest in project dataverse by IQSS.

the class LoginPage method login.

public String login() {
    AuthenticationRequest authReq = new AuthenticationRequest();
    List<FilledCredential> filledCredentialsList = getFilledCredentials();
    if (filledCredentialsList == null) {
        logger.info("Credential list is null!");
        return null;
    }
    for (FilledCredential fc : filledCredentialsList) {
        if (fc.getValue() == null || fc.getValue().isEmpty()) {
            JH.addMessage(FacesMessage.SEVERITY_ERROR, "Please enter a " + fc.getCredential().getTitle());
        }
        authReq.putCredential(fc.getCredential().getTitle(), fc.getValue());
    }
    authReq.setIpAddress(dvRequestService.getDataverseRequest().getSourceAddress());
    try {
        AuthenticatedUser r = authSvc.getCreateAuthenticatedUser(credentialsAuthProviderId, authReq);
        logger.log(Level.FINE, "User authenticated: {0}", r.getEmail());
        session.setUser(r);
        if ("dataverse.xhtml".equals(redirectPage)) {
            redirectPage = redirectToRoot();
        }
        try {
            redirectPage = URLDecoder.decode(redirectPage, "UTF-8");
        } catch (UnsupportedEncodingException ex) {
            Logger.getLogger(LoginPage.class.getName()).log(Level.SEVERE, null, ex);
            redirectPage = redirectToRoot();
        }
        logger.log(Level.FINE, "Sending user to = {0}", redirectPage);
        return redirectPage + (!redirectPage.contains("?") ? "?" : "&") + "faces-redirect=true";
    } catch (AuthenticationFailedException ex) {
        numFailedLoginAttempts++;
        op1 = new Long(random.nextInt(10));
        op2 = new Long(random.nextInt(10));
        AuthenticationResponse response = ex.getResponse();
        switch(response.getStatus()) {
            case FAIL:
                JsfHelper.addErrorMessage(BundleUtil.getStringFromBundle("login.builtin.invalidUsernameEmailOrPassword"));
                return null;
            case ERROR:
                /**
                 * @todo How do we exercise this part of the code? Something
                 * with password upgrade? See
                 * https://github.com/IQSS/dataverse/pull/2922
                 */
                JsfHelper.addErrorMessage(BundleUtil.getStringFromBundle("login.error"));
                logger.log(Level.WARNING, "Error logging in: " + response.getMessage(), response.getError());
                return null;
            case BREAKOUT:
                return response.getMessage();
            default:
                JsfHelper.addErrorMessage("INTERNAL ERROR");
                return null;
        }
    }
}
Also used : AuthenticationFailedException(edu.harvard.iq.dataverse.authorization.exceptions.AuthenticationFailedException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) AuthenticationRequest(edu.harvard.iq.dataverse.authorization.AuthenticationRequest) AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser) AuthenticationResponse(edu.harvard.iq.dataverse.authorization.AuthenticationResponse)

Example 3 with AuthenticationRequest

use of edu.harvard.iq.dataverse.authorization.AuthenticationRequest in project dataverse by IQSS.

the class OAuth2FirstLoginPage method convertExistingAccount.

public String convertExistingAccount() {
    BuiltinAuthenticationProvider biap = new BuiltinAuthenticationProvider(builtinUserSvc, passwordValidatorService);
    AuthenticationRequest auReq = new AuthenticationRequest();
    final List<CredentialsAuthenticationProvider.Credential> creds = biap.getRequiredCredentials();
    auReq.putCredential(creds.get(0).getTitle(), getUsername());
    auReq.putCredential(creds.get(1).getTitle(), getPassword());
    try {
        AuthenticatedUser existingUser = authenticationSvc.getCreateAuthenticatedUser(BuiltinAuthenticationProvider.PROVIDER_ID, auReq);
        authenticationSvc.updateProvider(existingUser, newUser.getServiceId(), newUser.getIdInService());
        builtinUserSvc.removeUser(existingUser.getUserIdentifier());
        session.setUser(existingUser);
        AuthenticationProvider newUserAuthProvider = authenticationSvc.getAuthenticationProvider(newUser.getServiceId());
        JsfHelper.addSuccessMessage(BundleUtil.getStringFromBundle("oauth2.convertAccount.success", Arrays.asList(newUserAuthProvider.getInfo().getTitle())));
        return "/dataverse.xhtml?faces-redirect=true";
    } catch (AuthenticationFailedException ex) {
        setAuthenticationFailed(true);
        return null;
    }
}
Also used : AuthenticationFailedException(edu.harvard.iq.dataverse.authorization.exceptions.AuthenticationFailedException) BuiltinAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider) CredentialsAuthenticationProvider(edu.harvard.iq.dataverse.authorization.CredentialsAuthenticationProvider) AuthenticationProvider(edu.harvard.iq.dataverse.authorization.AuthenticationProvider) BuiltinAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider) AuthenticationRequest(edu.harvard.iq.dataverse.authorization.AuthenticationRequest) AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)

Aggregations

AuthenticationRequest (edu.harvard.iq.dataverse.authorization.AuthenticationRequest)3 AuthenticationResponse (edu.harvard.iq.dataverse.authorization.AuthenticationResponse)2 AuthenticationFailedException (edu.harvard.iq.dataverse.authorization.exceptions.AuthenticationFailedException)2 AuthenticatedUser (edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)2 AuthenticationProvider (edu.harvard.iq.dataverse.authorization.AuthenticationProvider)1 CredentialsAuthenticationProvider (edu.harvard.iq.dataverse.authorization.CredentialsAuthenticationProvider)1 BuiltinAuthenticationProvider (edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 Test (org.junit.Test)1