Examples with AuthenticationException - io.gravitee.am.common.exception.authentication.AuthenticationException

Example 1 with AuthenticationException

use of io.gravitee.am.common.exception.authentication.AuthenticationException in project gravitee-access-management by gravitee-io.

the class HttpAuthenticationProvider method loadUserByUsername.

@Override
public Maybe<User> loadUserByUsername(Authentication authentication) {
    try {
        // prepare request
        final HttpResourceConfiguration resourceConfiguration = configuration.getAuthenticationResource();
        final HttpMethod authenticationHttpMethod = HttpMethod.valueOf(resourceConfiguration.getHttpMethod().toString());
        final List<HttpHeader> authenticationHttpHeaders = resourceConfiguration.getHttpHeaders();
        final String authenticationBody = resourceConfiguration.getHttpBody();
        final Object principal = authentication.getPrincipal();
        final String encodedCredentials = passwordEncoder.encode((String) authentication.getCredentials());
        final Object credentials = SanitizeUtils.sanitize(encodedCredentials, authenticationBody, authenticationHttpHeaders);
        // prepare context
        TemplateEngine templateEngine = authentication.getContext().getTemplateEngine();
        templateEngine.getTemplateContext().setVariable(PRINCIPAL_CONTEXT_KEY, principal);
        templateEngine.getTemplateContext().setVariable(CREDENTIALS_CONTEXT_KEY, credentials);
        // process request
        final String authenticationURI = templateEngine.getValue(resourceConfiguration.getBaseURL(), String.class);
        final Single<HttpResponse<Buffer>> requestHandler = processRequest(templateEngine, authenticationURI, authenticationHttpMethod, authenticationHttpHeaders, authenticationBody);
        return requestHandler.toMaybe().map(httpResponse -> {
            final List<HttpResponseErrorCondition> errorConditions = resourceConfiguration.getHttpResponseErrorConditions();
            Map<String, Object> userAttributes = processResponse(templateEngine, errorConditions, httpResponse);
            return createUser(authentication.getContext(), userAttributes);
        }).onErrorResumeNext(ex -> {
            if (ex instanceof AuthenticationException) {
                return Maybe.error(ex);
            }
            LOGGER.error("An error has occurred while calling the remote HTTP identity provider {}", ex);
            return Maybe.error(new InternalAuthenticationServiceException("An error has occurred while calling the remote HTTP identity provider", ex));
        });
    } catch (Exception ex) {
        LOGGER.error("An error has occurred while authenticating the user {}", ex);
        return Maybe.error(new InternalAuthenticationServiceException("An error has occurred while authenticating the user", ex));
    }
}

Also used : HttpResourceConfiguration(io.gravitee.am.identityprovider.http.configuration.HttpResourceConfiguration) java.util(java.util) HttpHeaders(io.gravitee.common.http.HttpHeaders) HttpAuthenticationProviderConfiguration(io.gravitee.am.identityprovider.http.authentication.spring.HttpAuthenticationProviderConfiguration) InternalAuthenticationServiceException(io.gravitee.am.common.exception.authentication.InternalAuthenticationServiceException) HttpResponseErrorCondition(io.gravitee.am.identityprovider.http.configuration.HttpResponseErrorCondition) Maybe(io.reactivex.Maybe) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) Single(io.reactivex.Single) Constructor(java.lang.reflect.Constructor) HttpIdentityProviderConfiguration(io.gravitee.am.identityprovider.http.configuration.HttpIdentityProviderConfiguration) HttpHeader(io.gravitee.common.http.HttpHeader) TemplateEngine(io.gravitee.el.TemplateEngine) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) SanitizeUtils(io.gravitee.am.identityprovider.http.utils.SanitizeUtils) AuthenticationException(io.gravitee.am.common.exception.authentication.AuthenticationException) HttpRequest(io.vertx.reactivex.ext.web.client.HttpRequest) io.gravitee.am.identityprovider.api(io.gravitee.am.identityprovider.api) Qualifier(org.springframework.beans.factory.annotation.Qualifier) JsonObject(io.vertx.core.json.JsonObject) StandardClaims(io.gravitee.am.common.oidc.StandardClaims) Logger(org.slf4j.Logger) HttpResponse(io.vertx.reactivex.ext.web.client.HttpResponse) Import(org.springframework.context.annotation.Import) AbstractManagementException(io.gravitee.am.service.exception.AbstractManagementException) WebClient(io.vertx.reactivex.ext.web.client.WebClient) HttpAuthResourcePathsConfiguration(io.gravitee.am.identityprovider.http.configuration.HttpAuthResourcePathsConfiguration) JsonArray(io.vertx.core.json.JsonArray) MultiMap(io.vertx.reactivex.core.MultiMap) MediaType(io.gravitee.common.http.MediaType) PasswordEncoder(io.gravitee.am.service.authentication.crypto.password.PasswordEncoder) HttpMethod(io.vertx.core.http.HttpMethod) HttpIdentityProviderResponse(io.gravitee.am.identityprovider.http.HttpIdentityProviderResponse) Buffer(io.vertx.reactivex.core.buffer.Buffer) AuthenticationException(io.gravitee.am.common.exception.authentication.AuthenticationException) HttpResponse(io.vertx.reactivex.ext.web.client.HttpResponse) InternalAuthenticationServiceException(io.gravitee.am.common.exception.authentication.InternalAuthenticationServiceException) HttpResourceConfiguration(io.gravitee.am.identityprovider.http.configuration.HttpResourceConfiguration) InternalAuthenticationServiceException(io.gravitee.am.common.exception.authentication.InternalAuthenticationServiceException) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) AuthenticationException(io.gravitee.am.common.exception.authentication.AuthenticationException) AbstractManagementException(io.gravitee.am.service.exception.AbstractManagementException) TemplateEngine(io.gravitee.el.TemplateEngine) HttpHeader(io.gravitee.common.http.HttpHeader) JsonObject(io.vertx.core.json.JsonObject) MultiMap(io.vertx.reactivex.core.MultiMap) HttpMethod(io.vertx.core.http.HttpMethod)

Example 2 with AuthenticationException

use of io.gravitee.am.common.exception.authentication.AuthenticationException in project gravitee-access-management by gravitee-io.

the class LoginFailureHandler method handle.

@Override
public void handle(RoutingContext routingContext) {
    if (routingContext.failed()) {
        Throwable throwable = routingContext.failure();
        if (throwable instanceof PolicyChainException) {
            PolicyChainException policyChainException = (PolicyChainException) throwable;
            handleException(routingContext, policyChainException.key(), policyChainException.getMessage());
        } else if (throwable instanceof AccountPasswordExpiredException) {
            handleException(routingContext, ((AccountPasswordExpiredException) throwable).getErrorCode(), throwable.getMessage());
        } else if (throwable instanceof AuthenticationException) {
            handleException(routingContext, "invalid_user", "Invalid or unknown user");
        } else {
            // technical exception will be managed by the generic error handler, continue
            routingContext.next();
        }
    }
}

Also used : AccountPasswordExpiredException(io.gravitee.am.common.exception.authentication.AccountPasswordExpiredException) AuthenticationException(io.gravitee.am.common.exception.authentication.AuthenticationException) PolicyChainException(io.gravitee.am.gateway.policy.PolicyChainException)

Aggregations

AuthenticationException (io.gravitee.am.common.exception.authentication.AuthenticationException)2 AccountPasswordExpiredException (io.gravitee.am.common.exception.authentication.AccountPasswordExpiredException)1 InternalAuthenticationServiceException (io.gravitee.am.common.exception.authentication.InternalAuthenticationServiceException)1 StandardClaims (io.gravitee.am.common.oidc.StandardClaims)1 PolicyChainException (io.gravitee.am.gateway.policy.PolicyChainException)1 io.gravitee.am.identityprovider.api (io.gravitee.am.identityprovider.api)1 HttpIdentityProviderResponse (io.gravitee.am.identityprovider.http.HttpIdentityProviderResponse)1 HttpAuthenticationProviderConfiguration (io.gravitee.am.identityprovider.http.authentication.spring.HttpAuthenticationProviderConfiguration)1 HttpAuthResourcePathsConfiguration (io.gravitee.am.identityprovider.http.configuration.HttpAuthResourcePathsConfiguration)1 HttpIdentityProviderConfiguration (io.gravitee.am.identityprovider.http.configuration.HttpIdentityProviderConfiguration)1 HttpResourceConfiguration (io.gravitee.am.identityprovider.http.configuration.HttpResourceConfiguration)1 HttpResponseErrorCondition (io.gravitee.am.identityprovider.http.configuration.HttpResponseErrorCondition)1 SanitizeUtils (io.gravitee.am.identityprovider.http.utils.SanitizeUtils)1 PasswordEncoder (io.gravitee.am.service.authentication.crypto.password.PasswordEncoder)1 AbstractManagementException (io.gravitee.am.service.exception.AbstractManagementException)1 TechnicalManagementException (io.gravitee.am.service.exception.TechnicalManagementException)1 HttpHeader (io.gravitee.common.http.HttpHeader)1 HttpHeaders (io.gravitee.common.http.HttpHeaders)1 MediaType (io.gravitee.common.http.MediaType)1 TemplateEngine (io.gravitee.el.TemplateEngine)1