Search in sources :

Example 1 with AuthSource

use of fi.otavanopisto.muikku.model.security.AuthSource in project muikku by otavanopisto.

the class AuthSourceController method listCredentialAuthSources.

public List<AuthSource> listCredentialAuthSources() {
    List<AuthSource> result = new ArrayList<>();
    List<AuthenticationProvider> authenticationProviders = listCredentialAuthenticationProviders();
    for (AuthenticationProvider authenticationProvider : authenticationProviders) {
        AuthSource authSource = findAuthSourceByStrategy(authenticationProvider.getName());
        if (authSource != null) {
            result.add(authSource);
        }
    }
    return result;
}
Also used : AuthSource(fi.otavanopisto.muikku.model.security.AuthSource) ArrayList(java.util.ArrayList)

Example 2 with AuthSource

use of fi.otavanopisto.muikku.model.security.AuthSource in project muikku by otavanopisto.

the class AuthSourceController method listCredentialessAuthSources.

public List<AuthSource> listCredentialessAuthSources() {
    List<AuthSource> result = new ArrayList<>();
    List<AuthenticationProvider> authenticationProviders = listCredentialessAuthenticationProviders();
    for (AuthenticationProvider authenticationProvider : authenticationProviders) {
        AuthSource authSource = findAuthSourceByStrategy(authenticationProvider.getName());
        if (authSource != null) {
            result.add(authSource);
        }
    }
    return result;
}
Also used : AuthSource(fi.otavanopisto.muikku.model.security.AuthSource) ArrayList(java.util.ArrayList)

Example 3 with AuthSource

use of fi.otavanopisto.muikku.model.security.AuthSource in project muikku by otavanopisto.

the class AuthSourceDAO method findByStrategy.

public AuthSource findByStrategy(String strategy) {
    EntityManager entityManager = getEntityManager();
    CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
    CriteriaQuery<AuthSource> criteria = criteriaBuilder.createQuery(AuthSource.class);
    Root<AuthSource> root = criteria.from(AuthSource.class);
    criteria.select(root);
    criteria.where(criteriaBuilder.equal(root.get(AuthSource_.strategy), strategy));
    return getSingleResult(entityManager.createQuery(criteria));
}
Also used : CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) AuthSource(fi.otavanopisto.muikku.model.security.AuthSource) EntityManager(javax.persistence.EntityManager)

Example 4 with AuthSource

use of fi.otavanopisto.muikku.model.security.AuthSource in project muikku by otavanopisto.

the class AuthSourceDAO method create.

public AuthSource create(String name, String strategy) {
    AuthSource authSource = new AuthSource();
    authSource.setName(name);
    authSource.setStrategy(strategy);
    return persist(authSource);
}
Also used : AuthSource(fi.otavanopisto.muikku.model.security.AuthSource)

Example 5 with AuthSource

use of fi.otavanopisto.muikku.model.security.AuthSource in project muikku by otavanopisto.

the class LoginBackingBean method init.

@RequestAction
@Deferred
public String init() {
    try {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext externalContext = facesContext.getExternalContext();
        Map<String, String[]> requestParameters = externalContext.getRequestParameterValuesMap();
        if (authSourceId == null) {
            authSourceId = loginSessionBean.getAuthSourceId();
        } else {
            loginSessionBean.setAuthSourceId(authSourceId);
        }
        if (StringUtils.isNotBlank(redirectUrl)) {
            loginSessionBean.setPostLoginRedirectUrl(redirectUrl);
        }
        if (authSourceId == null) {
            // authentication source id is not defined, which means that we need to ask the user which he or she is
            // going to use, unless only one source is defined and it's credentialess one, in which case we use that one.
            List<AuthSource> credentialAuthSources = authSourceController.listCredentialAuthSources();
            List<AuthSource> credentialessAuthSources = authSourceController.listCredentialessAuthSources();
            if (credentialAuthSources.isEmpty() && credentialessAuthSources.size() == 1) {
                authSourceId = credentialessAuthSources.get(0).getId();
            }
        }
        if (authSourceId != null) {
            AuthSource authSource = authSourceController.findAuthSourceById(authSourceId);
            if (authSource != null) {
                AuthenticationProvider authenticationProvider = authSourceController.findAuthenticationProvider(authSource);
                if (authenticationProvider != null) {
                    AuthenticationResult result = authenticationProvider.processLogin(authSource, requestParameters);
                    if (StringUtils.isNotBlank(result.getRedirectUrl())) {
                        externalContext.redirect(result.getRedirectUrl());
                    } else {
                        loginSessionBean.setAuthSourceId(null);
                        String postLoginRedirectUrl = loginSessionBean.getPostLoginRedirectUrl();
                        switch(result.getStatus()) {
                            case GRANT:
                                // User granted additional scopes in existing authentication source
                                break;
                            case LOGIN:
                                // User logged in
                                break;
                            case NEW_ACCOUNT:
                                // User created new account
                                break;
                            case CONFLICT:
                                switch(result.getConflictReason()) {
                                    case EMAIL_BELONGS_TO_ANOTHER_USER:
                                        // Could not login, one or more of the email addresses belong to another user
                                        break;
                                    case LOGGED_IN_AS_DIFFERENT_USER:
                                        // Could not login, user is already logged in as a another user
                                        break;
                                    case SEVERAL_USERS_BY_EMAILS:
                                        // Could not login, several users found by email addresses
                                        break;
                                }
                                logger.log(Level.SEVERE, String.format("Authentication failed on with following message: %s", result.getConflictReason().toString()));
                                return NavigationRules.INTERNAL_ERROR;
                            case INVALID_CREDENTIALS:
                                logger.log(Level.SEVERE, "Erroneous authentication provider status: INVALID_CREDENTIALS in external login page");
                                return NavigationRules.INTERNAL_ERROR;
                            case NO_EMAIL:
                                return NavigationRules.AUTH_NOEMAIL;
                            case PROCESSING:
                                logger.log(Level.SEVERE, "Erroneous authentication provider status: PROCESSING without redirectUrl");
                                return NavigationRules.INTERNAL_ERROR;
                            case ERROR:
                                return NavigationRules.INTERNAL_ERROR;
                        }
                        if (StringUtils.isBlank(postLoginRedirectUrl)) {
                            postLoginRedirectUrl = externalContext.getRequestContextPath() + "/";
                        }
                        externalContext.redirect(postLoginRedirectUrl);
                    }
                } else {
                    logger.log(Level.SEVERE, "Invalid authenticationProvider");
                    return NavigationRules.INTERNAL_ERROR;
                }
            } else {
                logger.log(Level.SEVERE, "Invalid authSourceId");
                return NavigationRules.INTERNAL_ERROR;
            }
        }
    } catch (IOException e) {
        logger.log(Level.SEVERE, "Login failed because of an internal error", e);
        return NavigationRules.INTERNAL_ERROR;
    }
    return null;
}
Also used : FacesContext(javax.faces.context.FacesContext) AuthSource(fi.otavanopisto.muikku.model.security.AuthSource) ExternalContext(javax.faces.context.ExternalContext) AuthenticationProvider(fi.otavanopisto.muikku.auth.AuthenticationProvider) IOException(java.io.IOException) AuthenticationResult(fi.otavanopisto.muikku.auth.AuthenticationResult) RequestAction(org.ocpsoft.rewrite.annotation.RequestAction) Deferred(org.ocpsoft.rewrite.faces.annotation.Deferred)

Aggregations

AuthSource (fi.otavanopisto.muikku.model.security.AuthSource)5 ArrayList (java.util.ArrayList)2 AuthenticationProvider (fi.otavanopisto.muikku.auth.AuthenticationProvider)1 AuthenticationResult (fi.otavanopisto.muikku.auth.AuthenticationResult)1 IOException (java.io.IOException)1 ExternalContext (javax.faces.context.ExternalContext)1 FacesContext (javax.faces.context.FacesContext)1 EntityManager (javax.persistence.EntityManager)1 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)1 RequestAction (org.ocpsoft.rewrite.annotation.RequestAction)1 Deferred (org.ocpsoft.rewrite.faces.annotation.Deferred)1