Examples with PASSWORD io.gravitee.am.common.oauth2.Parameters.PASSWORD used on opensource projects

Search in sources :

Example 1 with PASSWORD

use of io.gravitee.am.common.oauth2.Parameters.PASSWORD in project gravitee-access-management by gravitee-io.

the class LoginFormHandler method handle.

@Override
public void handle(RoutingContext context) {
    HttpServerRequest req = context.request();
    if (req.method() != HttpMethod.POST) {
        // Must be a POST
        context.fail(405);
    } else {
        if (!req.isExpectMultipart()) {
            throw new IllegalStateException("Form body not parsed - do you forget to include a BodyHandler?");
        }
        MultiMap params = req.formAttributes();
        String username = params.get(USERNAME_PARAM_KEY);
        String password = params.get(PASSWORD_PARAM_KEY);
        String clientId = params.get(Parameters.CLIENT_ID);
        if (username == null || password == null) {
            logger.warn("No username or password provided in form - did you forget to include a BodyHandler?");
            context.fail(400);
        } else if (clientId == null) {
            logger.warn("No client id in form - did you forget to include client_id query parameter ?");
            context.fail(400);
        } else {
            // build authentication object with ip address and user agent
            JsonObject authInfo = new JsonObject().put(USERNAME_PARAM_KEY, username).put(PASSWORD_PARAM_KEY, password).put(Claims.ip_address, RequestUtils.remoteAddress(req)).put(Claims.user_agent, RequestUtils.userAgent(req)).put(Parameters.CLIENT_ID, clientId);
            authProvider.authenticate(context, authInfo, res -> {
                if (res.failed()) {
                    logger.debug("An error has occurred during the authentication process", res.cause());
                    context.fail(res.cause());
                    return;
                }
                // authentication success
                // set user into the context and continue
                final User result = res.result();
                context.getDelegate().setUser(result);
                context.put(ConstantKeys.USER_CONTEXT_KEY, result.getUser());
                context.next();
            });
        }
    }
}
Also used : RequestUtils(io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils) Logger(org.slf4j.Logger) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) LoggerFactory(org.slf4j.LoggerFactory) ConstantKeys(io.gravitee.am.common.utils.ConstantKeys) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) MultiMap(io.vertx.reactivex.core.MultiMap) UserAuthProvider(io.gravitee.am.gateway.handler.common.vertx.web.auth.provider.UserAuthProvider) PASSWORD_PARAM_KEY(io.gravitee.am.common.utils.ConstantKeys.PASSWORD_PARAM_KEY) HttpMethod(io.vertx.core.http.HttpMethod) Claims(io.gravitee.am.common.jwt.Claims) User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) JsonObject(io.vertx.core.json.JsonObject) Handler(io.vertx.core.Handler) Parameters(io.gravitee.am.common.oauth2.Parameters) USERNAME_PARAM_KEY(io.gravitee.am.common.utils.ConstantKeys.USERNAME_PARAM_KEY) MultiMap(io.vertx.reactivex.core.MultiMap) User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) JsonObject(io.vertx.core.json.JsonObject)

Example 2 with PASSWORD

use of io.gravitee.am.common.oauth2.Parameters.PASSWORD in project gravitee-access-management by gravitee-io.

the class ResourceOwnerPasswordCredentialsTokenGranter method resolveResourceOwner.

@Override
protected Maybe<User> resolveResourceOwner(TokenRequest tokenRequest, Client client) {
    String username = tokenRequest.getUsername();
    String password = tokenRequest.getPassword();
    return userAuthenticationManager.authenticate(client, new EndUserAuthentication(username, password, new SimpleAuthenticationContext(tokenRequest))).onErrorResumeNext(ex -> Single.error(new InvalidGrantException(ex.getMessage()))).toMaybe();
}
Also used : InvalidGrantException(io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException) GrantType(io.gravitee.am.common.oauth2.GrantType) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) TokenRequest(io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequest) Client(io.gravitee.am.model.oidc.Client) MultiValueMap(io.gravitee.common.util.MultiValueMap) Maybe(io.reactivex.Maybe) AbstractTokenGranter(io.gravitee.am.gateway.handler.oauth2.service.granter.AbstractTokenGranter) TokenService(io.gravitee.am.gateway.handler.oauth2.service.token.TokenService) Single(io.reactivex.Single) InvalidRequestException(io.gravitee.am.common.exception.oauth2.InvalidRequestException) USERNAME(io.gravitee.am.common.oauth2.Parameters.USERNAME) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) TokenRequestResolver(io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequestResolver) PASSWORD(io.gravitee.am.common.oauth2.Parameters.PASSWORD) User(io.gravitee.am.model.User) SimpleAuthenticationContext(io.gravitee.am.identityprovider.api.SimpleAuthenticationContext) SimpleAuthenticationContext(io.gravitee.am.identityprovider.api.SimpleAuthenticationContext) InvalidGrantException(io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication)

Example 3 with PASSWORD

use of io.gravitee.am.common.oauth2.Parameters.PASSWORD in project gravitee-access-management by gravitee-io.

the class SocialAuthenticationProvider method authenticate.

@Override
public void authenticate(RoutingContext context, JsonObject authInfo, Handler<AsyncResult<User>> resultHandler) {
    final Client client = context.get(CLIENT_CONTEXT_KEY);
    final AuthenticationProvider authenticationProvider = context.get(PROVIDER_CONTEXT_KEY);
    final String authProvider = context.get(PROVIDER_ID_PARAM_KEY);
    final String username = authInfo.getString(USERNAME_PARAM_KEY);
    final String password = authInfo.getString(PASSWORD_PARAM_KEY);
    logger.debug("Authentication attempt using social identity provider {}", authProvider);
    // create authentication context
    SimpleAuthenticationContext authenticationContext = new SimpleAuthenticationContext(new VertxHttpServerRequest(context.request().getDelegate()));
    authenticationContext.attributes().putAll(context.data());
    authenticationContext.set(Parameters.REDIRECT_URI, authInfo.getString(Parameters.REDIRECT_URI));
    // create user authentication
    EndUserAuthentication endUserAuthentication = new EndUserAuthentication(username, password, authenticationContext);
    endUserAuthentication.getContext().set(Claims.ip_address, RequestUtils.remoteAddress(context.request()));
    endUserAuthentication.getContext().set(Claims.user_agent, RequestUtils.userAgent(context.request()));
    // authenticate the user via the social provider
    authenticationProvider.loadUserByUsername(endUserAuthentication).switchIfEmpty(Maybe.error(new BadCredentialsException("Unable to authenticate social provider, authentication provider has returned empty value"))).flatMapSingle(user -> {
        // set source and client for the current authenticated end-user
        Map<String, Object> additionalInformation = user.getAdditionalInformation() == null ? new HashMap<>() : new HashMap<>(user.getAdditionalInformation());
        additionalInformation.put("source", authProvider);
        additionalInformation.put(Parameters.CLIENT_ID, client.getClientId());
        var accessToken = ofNullable(endUserAuthentication.getContext().get(ACCESS_TOKEN_KEY));
        var idToken = ofNullable(endUserAuthentication.getContext().get(ID_TOKEN_KEY));
        accessToken.ifPresentOrElse(at -> {
            // If isStoreOriginalToken, we add both the access_token and id_token in profile since they are present
            additionalInformation.put(OIDC_PROVIDER_ID_ACCESS_TOKEN_KEY, at);
            idToken.ifPresent(it -> additionalInformation.put(OIDC_PROVIDER_ID_TOKEN_KEY, it));
        }, () -> {
            // We remove both otherwise
            additionalInformation.remove(OIDC_PROVIDER_ID_ACCESS_TOKEN_KEY);
            additionalInformation.remove(OIDC_PROVIDER_ID_TOKEN_KEY);
        });
        // If id_token is present and SSO is enabled we add the id_token in profile
        if (client.isSingleSignOut() && idToken.isPresent()) {
            logger.debug("Single SignOut enable for client '{}' store the id_token coming from the provider {} as additional information", client.getId(), authProvider);
            additionalInformation.put(OIDC_PROVIDER_ID_TOKEN_KEY, idToken.get());
        } else if (accessToken.isEmpty()) {
            // unless isStoreOriginalToken is enabled (e.g access_token isPresent) we can remove id_token from the profile
            additionalInformation.remove(OIDC_PROVIDER_ID_TOKEN_KEY);
        }
        ((DefaultUser) user).setAdditionalInformation(additionalInformation);
        return userAuthenticationManager.connect(user);
    }).subscribe(user -> {
        eventManager.publishEvent(AuthenticationEvent.SUCCESS, new AuthenticationDetails(endUserAuthentication, domain, client, user));
        resultHandler.handle(Future.succeededFuture(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(user)));
    }, error -> {
        logger.error("Unable to authenticate social provider", error);
        eventManager.publishEvent(AuthenticationEvent.FAILURE, new AuthenticationDetails(endUserAuthentication, domain, client, error));
        resultHandler.handle(Future.failedFuture(error));
    });
}
Also used : Client(io.gravitee.am.model.oidc.Client) Maybe(io.reactivex.Maybe) LoggerFactory(org.slf4j.LoggerFactory) HashMap(java.util.HashMap) ConstantKeys(io.gravitee.am.common.utils.ConstantKeys) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) Map(java.util.Map) User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) JsonObject(io.vertx.core.json.JsonObject) AsyncResult(io.vertx.core.AsyncResult) SimpleAuthenticationContext(io.gravitee.am.identityprovider.api.SimpleAuthenticationContext) RequestUtils(io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils) Logger(org.slf4j.Logger) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) Optional.ofNullable(java.util.Optional.ofNullable) Domain(io.gravitee.am.model.Domain) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) VertxHttpServerRequest(io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest) Future(io.vertx.core.Future) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) AuthenticationDetails(io.gravitee.am.gateway.handler.common.auth.AuthenticationDetails) AuthenticationEvent(io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent) UserAuthProvider(io.gravitee.am.gateway.handler.common.vertx.web.auth.provider.UserAuthProvider) EventManager(io.gravitee.common.event.EventManager) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) Claims(io.gravitee.am.common.jwt.Claims) Handler(io.vertx.core.Handler) Parameters(io.gravitee.am.common.oauth2.Parameters) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) HashMap(java.util.HashMap) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) SimpleAuthenticationContext(io.gravitee.am.identityprovider.api.SimpleAuthenticationContext) VertxHttpServerRequest(io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) Client(io.gravitee.am.model.oidc.Client) HashMap(java.util.HashMap) Map(java.util.Map) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) AuthenticationDetails(io.gravitee.am.gateway.handler.common.auth.AuthenticationDetails)

Example 4 with PASSWORD

use of io.gravitee.am.common.oauth2.Parameters.PASSWORD in project gravitee-access-management by gravitee-io.

the class PasswordPolicyRequestParseHandler method handle.

@Override
public void handle(RoutingContext context) {
    HttpServerRequest request = context.request();
    String password = request.getParam(ConstantKeys.PASSWORD_PARAM_KEY);
    MultiMap queryParams = RequestUtils.getCleanedQueryParams(request);
    Client client = context.get(ConstantKeys.CLIENT_CONTEXT_KEY);
    Optional<PasswordSettings> passwordSettings = PasswordSettings.getInstance(client, this.domain);
    try {
        User user = getUser(context);
        passwordService.validate(password, passwordSettings.orElse(null), user);
        context.next();
    } catch (InvalidPasswordException e) {
        Optional.ofNullable(context.request().getParam(Parameters.CLIENT_ID)).ifPresent(t -> queryParams.set(Parameters.CLIENT_ID, t));
        warningRedirection(context, queryParams, e.getErrorKey());
    }
}
Also used : PasswordSettings(io.gravitee.am.model.PasswordSettings) RequestUtils(io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) Client(io.gravitee.am.model.oidc.Client) ConstantKeys(io.gravitee.am.common.utils.ConstantKeys) Domain(io.gravitee.am.model.Domain) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) InvalidPasswordException(io.gravitee.am.service.exception.InvalidPasswordException) MultiMap(io.vertx.reactivex.core.MultiMap) PasswordService(io.gravitee.am.service.PasswordService) Optional(java.util.Optional) User(io.gravitee.am.model.User) Parameters(io.gravitee.am.common.oauth2.Parameters) MultiMap(io.vertx.reactivex.core.MultiMap) User(io.gravitee.am.model.User) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) InvalidPasswordException(io.gravitee.am.service.exception.InvalidPasswordException) Client(io.gravitee.am.model.oidc.Client) PasswordSettings(io.gravitee.am.model.PasswordSettings)

Aggregations

Parameters (io.gravitee.am.common.oauth2.Parameters)3 ConstantKeys (io.gravitee.am.common.utils.ConstantKeys)3 RequestUtils (io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils)3 Client (io.gravitee.am.model.oidc.Client)3 RoutingContext (io.vertx.reactivex.ext.web.RoutingContext)3 Claims (io.gravitee.am.common.jwt.Claims)2 EndUserAuthentication (io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication)2 UserAuthenticationManager (io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager)2 UserAuthProvider (io.gravitee.am.gateway.handler.common.vertx.web.auth.provider.UserAuthProvider)2 User (io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User)2 SimpleAuthenticationContext (io.gravitee.am.identityprovider.api.SimpleAuthenticationContext)2 Domain (io.gravitee.am.model.Domain)2 User (io.gravitee.am.model.User)2 Maybe (io.reactivex.Maybe)2 Handler (io.vertx.core.Handler)2 JsonObject (io.vertx.core.json.JsonObject)2 MultiMap (io.vertx.reactivex.core.MultiMap)2 HttpServerRequest (io.vertx.reactivex.core.http.HttpServerRequest)2 Logger (org.slf4j.Logger)2 LoggerFactory (org.slf4j.LoggerFactory)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial