use of edu.harvard.iq.dataverse.authorization.AuthenticationResponse in project dataverse by IQSS.
the class BuiltinAuthenticationProviderTest method testAuthenticate.
/**
* Test of authenticate method, of class BuiltinAuthenticationProvider.
*/
@Test
public void testAuthenticate() {
bean.save(makeBuiltInUser());
String crdUsername = sut.getRequiredCredentials().get(0).getTitle();
String crdPassword = sut.getRequiredCredentials().get(1).getTitle();
AuthenticationRequest req = new AuthenticationRequest();
req.putCredential(crdUsername, "username");
req.putCredential(crdPassword, "password");
AuthenticationResponse result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.SUCCESS, result.getStatus());
req = new AuthenticationRequest();
req.putCredential(crdUsername, "xxxxxxxx");
req.putCredential(crdPassword, "password");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
req = new AuthenticationRequest();
req.putCredential(crdUsername, "username");
req.putCredential(crdPassword, "xxxxxxxx");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
BuiltinUser u2 = makeBuiltInUser();
u2.setUserName("u2");
u2.updateEncryptedPassword(PasswordEncryption.getVersion(0).encrypt("password"), 0);
bean.save(u2);
req = new AuthenticationRequest();
req.putCredential(crdUsername, "u2");
req.putCredential(crdPassword, "xxxxxxxx");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.FAIL, result.getStatus());
req = new AuthenticationRequest();
req.putCredential(crdUsername, "u2");
req.putCredential(crdPassword, "password");
result = sut.authenticate(req);
assertEquals(AuthenticationResponse.Status.BREAKOUT, result.getStatus());
}
use of edu.harvard.iq.dataverse.authorization.AuthenticationResponse in project dataverse by IQSS.
the class LoginPage method login.
public String login() {
AuthenticationRequest authReq = new AuthenticationRequest();
List<FilledCredential> filledCredentialsList = getFilledCredentials();
if (filledCredentialsList == null) {
logger.info("Credential list is null!");
return null;
}
for (FilledCredential fc : filledCredentialsList) {
if (fc.getValue() == null || fc.getValue().isEmpty()) {
JH.addMessage(FacesMessage.SEVERITY_ERROR, "Please enter a " + fc.getCredential().getTitle());
}
authReq.putCredential(fc.getCredential().getTitle(), fc.getValue());
}
authReq.setIpAddress(dvRequestService.getDataverseRequest().getSourceAddress());
try {
AuthenticatedUser r = authSvc.getCreateAuthenticatedUser(credentialsAuthProviderId, authReq);
logger.log(Level.FINE, "User authenticated: {0}", r.getEmail());
session.setUser(r);
if ("dataverse.xhtml".equals(redirectPage)) {
redirectPage = redirectToRoot();
}
try {
redirectPage = URLDecoder.decode(redirectPage, "UTF-8");
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(LoginPage.class.getName()).log(Level.SEVERE, null, ex);
redirectPage = redirectToRoot();
}
logger.log(Level.FINE, "Sending user to = {0}", redirectPage);
return redirectPage + (!redirectPage.contains("?") ? "?" : "&") + "faces-redirect=true";
} catch (AuthenticationFailedException ex) {
numFailedLoginAttempts++;
op1 = new Long(random.nextInt(10));
op2 = new Long(random.nextInt(10));
AuthenticationResponse response = ex.getResponse();
switch(response.getStatus()) {
case FAIL:
JsfHelper.addErrorMessage(BundleUtil.getStringFromBundle("login.builtin.invalidUsernameEmailOrPassword"));
return null;
case ERROR:
/**
* @todo How do we exercise this part of the code? Something
* with password upgrade? See
* https://github.com/IQSS/dataverse/pull/2922
*/
JsfHelper.addErrorMessage(BundleUtil.getStringFromBundle("login.error"));
logger.log(Level.WARNING, "Error logging in: " + response.getMessage(), response.getError());
return null;
case BREAKOUT:
return response.getMessage();
default:
JsfHelper.addErrorMessage("INTERNAL ERROR");
return null;
}
}
}
Aggregations