Search in sources :

Example 1 with AuthenticationException

use of io.micronaut.security.authentication.AuthenticationException in project micronaut-security by micronaut-projects.

the class LdapAuthenticationProvider method authenticate.

@Override
public Publisher<AuthenticationResponse> authenticate(HttpRequest<?> httpRequest, AuthenticationRequest<?, ?> authenticationRequest) {
    Flux<AuthenticationResponse> reactiveSequence = Flux.create(emitter -> {
        String username = authenticationRequest.getIdentity().toString();
        String password = authenticationRequest.getSecret().toString();
        if (LOG.isDebugEnabled()) {
            LOG.debug("Starting authentication with configuration [{}]", configuration.getName());
            LOG.debug("Attempting to initialize manager context");
        }
        DirContext managerContext;
        try {
            managerContext = contextBuilder.build(configuration.getManagerSettings());
            debug(LOG, "Manager context initialized successfully");
        } catch (NamingException e) {
            debug(LOG, "Failed to create manager context. Returning unknown authentication failure. Encountered {}", e.getMessage());
            emitter.error(AuthenticationResponse.exception(AuthenticationFailureReason.UNKNOWN));
            return;
        }
        debug(LOG, "Attempting to authenticate with user [{}]", username);
        try {
            Optional<LdapSearchResult> optionalResult = ldapSearchService.searchFirst(managerContext, configuration.getSearch().getSettings(new Object[] { username }));
            if (optionalResult.isPresent()) {
                LdapSearchResult result = optionalResult.get();
                debug(LOG, "User found in context [{}]. Attempting to bind.", result.getDn());
                DirContext userContext = null;
                try {
                    String dn = result.getDn();
                    userContext = contextBuilder.build(configuration.getSettings(result.getDn(), password));
                    if (result.getAttributes() == null) {
                        result.setAttributes(userContext.getAttributes(dn));
                    }
                } finally {
                    contextBuilder.close(userContext);
                }
                debug(LOG, "Successfully bound user [{}]. Attempting to retrieving groups.", result.getDn());
                Set<String> groups = Collections.emptySet();
                LdapConfiguration.GroupConfiguration groupSettings = configuration.getGroups();
                if (groupSettings.isEnabled()) {
                    groups = ldapGroupProcessor.process(groupSettings.getAttribute(), result, () -> {
                        Object[] params = new Object[] { groupSettings.getFilterAttribute().map(attr -> result.getAttributes().getValue(attr)).orElse(result.getDn()) };
                        return ldapSearchService.search(managerContext, groupSettings.getSearchSettings(params));
                    });
                    debug(LOG, "Group search returned [{}] for user [{}]", groups, username);
                } else {
                    debug(LOG, "Group search is disabled for configuration [{}]", configuration.getName());
                }
                if (LOG.isTraceEnabled()) {
                    LOG.trace("Attempting to map [{}] with groups [{}] to an authentication response.", username, groups);
                }
                AuthenticationResponse response = contextAuthenticationMapper.map(result.getAttributes(), username, groups);
                if (response.isAuthenticated()) {
                    emitter.next(response);
                    emitter.complete();
                } else {
                    emitter.error(new AuthenticationException(response));
                }
                debug(LOG, "Response successfully created for [{}]. Response is authenticated: [{}]", username, response.isAuthenticated());
            } else {
                debug(LOG, "User not found [{}]", username);
                emitter.error(AuthenticationResponse.exception(AuthenticationFailureReason.USER_NOT_FOUND));
            }
        } catch (NamingException e) {
            debug(LOG, "Failed to authenticate with user [{}].  {}", username, e);
            if (e instanceof javax.naming.AuthenticationException) {
                emitter.error(AuthenticationResponse.exception(AuthenticationFailureReason.CREDENTIALS_DO_NOT_MATCH));
            } else {
                emitter.error(e);
            }
        } finally {
            contextBuilder.close(managerContext);
        }
    }, FluxSink.OverflowStrategy.ERROR);
    reactiveSequence = reactiveSequence.subscribeOn(scheduler);
    return reactiveSequence;
}
Also used : LdapSearchResult(io.micronaut.security.ldap.context.LdapSearchResult) AuthenticationException(io.micronaut.security.authentication.AuthenticationException) LdapConfiguration(io.micronaut.security.ldap.configuration.LdapConfiguration) DirContext(javax.naming.directory.DirContext) AuthenticationResponse(io.micronaut.security.authentication.AuthenticationResponse) NamingException(javax.naming.NamingException)

Example 2 with AuthenticationException

use of io.micronaut.security.authentication.AuthenticationException in project turbo-funicular by mrduckieduck.

the class UserDetailsMapper method authenticationError.

protected Void authenticationError(Emitter<AuthenticationResponse> responseEmitter, Throwable ex) {
    log.error(ex.getMessage(), ex);
    responseEmitter.onError(new AuthenticationException(new AuthenticationFailed(ex.getMessage())));
    return null;
}
Also used : AuthenticationException(io.micronaut.security.authentication.AuthenticationException) AuthenticationFailed(io.micronaut.security.authentication.AuthenticationFailed)

Aggregations

AuthenticationException (io.micronaut.security.authentication.AuthenticationException)2 AuthenticationFailed (io.micronaut.security.authentication.AuthenticationFailed)1 AuthenticationResponse (io.micronaut.security.authentication.AuthenticationResponse)1 LdapConfiguration (io.micronaut.security.ldap.configuration.LdapConfiguration)1 LdapSearchResult (io.micronaut.security.ldap.context.LdapSearchResult)1 NamingException (javax.naming.NamingException)1 DirContext (javax.naming.directory.DirContext)1