Examples with BasicPrincipal io.trino.spi.security.BasicPrincipal used on opensource projects

Example 11 with BasicPrincipal

use of io.trino.spi.security.BasicPrincipal in project trino by trinodb.

the class TestLdapAuthenticatorWithTimeouts method testConnectTimeout.

@Test
public void testConnectTimeout() throws Exception {
    try (DisposableSubContext organization = openLdapServer.createOrganization();
        DisposableSubContext ignored = openLdapServer.createUser(organization, "alice", "alice-pass")) {
        LdapConfig ldapConfig = new LdapConfig().setLdapUrl(proxyLdapUrl).setLdapConnectionTimeout(new Duration(1, SECONDS)).setUserBindSearchPatterns("uid=${USER}," + organization.getDistinguishedName());
        LdapAuthenticator ldapAuthenticator = new LdapAuthenticator(new JdkLdapAuthenticatorClient(ldapConfig), ldapConfig);
        assertThatThrownBy(() -> ldapAuthenticator.createAuthenticatedPrincipal("alice", "alice-pass")).isInstanceOf(RuntimeException.class).hasMessageMatching(".*Authentication error.*");
        LdapConfig withIncreasedTimeout = ldapConfig.setLdapConnectionTimeout(new Duration(30, SECONDS));
        assertEquals(new LdapAuthenticator(new JdkLdapAuthenticatorClient(withIncreasedTimeout), withIncreasedTimeout).createAuthenticatedPrincipal("alice", "alice-pass"), new BasicPrincipal("alice"));
    }
}

Example 12 with BasicPrincipal

use of io.trino.spi.security.BasicPrincipal in project trino by trinodb.

the class SalesforceBasicAuthenticator method doLogin.

// This does the work of logging into Salesforce.
private Principal doLogin(Credential credential) {
    log.debug("Logging into Salesforce.");
    String username = credential.getUser();
    String password = credential.getPassword();
    // Login requests must be POSTs
    String loginSoapMessage = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n" + "<env:Envelope xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"\n" + "xmlns:urn=\"urn:enterprise.soap.sforce.com\"\n" + "   xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n" + "   xmlns:env=\"http://schemas.xmlsoap.org/soap/envelope/\">\n" + " <env:Header>\n" + "     <urn:CallOptions>\n" + "       <urn:client>presto</urn:client>\n" + "     </urn:CallOptions>\n" + " </env:Header>\n" + " <env:Body>\n" + "   <n1:login xmlns:n1=\"urn:partner.soap.sforce.com\">\n" + "     <n1:username>%s</n1:username>\n" + "     <n1:password>%s</n1:password>\n" + "   </n1:login>\n" + " </env:Body>\n" + "</env:Envelope>\n";
    String apiVersion = "46.0";
    String loginUrl = "https://login.salesforce.com/services/Soap/u/";
    Escaper escaper = xmlContentEscaper();
    Request request = new Request.Builder().setUri(URI.create(loginUrl + apiVersion)).setHeader("Content-Type", "text/xml;charset=UTF-8").setHeader("SOAPAction", "login").setMethod("POST").setBodyGenerator(createStaticBodyGenerator(format(loginSoapMessage, escaper.escape(username), escaper.escape(password)), UTF_8)).build();
    StringResponseHandler.StringResponse response = httpClient.execute(request, StringResponseHandler.createStringResponseHandler());
    if (response.getStatusCode() != 200) {
        throw new AccessDeniedException(format("Invalid response for login\n.%s", response.getBody()));
    }
    Document xmlResponse;
    try {
        DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        DocumentBuilder builder = factory.newDocumentBuilder();
        xmlResponse = builder.parse(new InputSource(new StringReader(response.getBody())));
    } catch (ParserConfigurationException | SAXException | IOException e) {
        throw new RuntimeException(format("Error parsing response: %s\n\tReceived error message: %s", response.getBody(), e.getMessage()));
    }
    // Make sure a Session Id has been returned.
    getElementValue(xmlResponse, "sessionId");
    // We want the organizationId from the response to compare it to the configured org from password-authenticator.properties.
    String returnedOrg = getElementValue(xmlResponse, "organizationId");
    // The organizationId is always in Locale.US, regardless of the user's locale and language.
    if (!allowedOrganizations.equals(ImmutableSet.of("all"))) {
        if (!allowedOrganizations.contains(returnedOrg.toLowerCase(Locale.US))) {
            throw new AccessDeniedException(format("Login successful, but for wrong Salesforce org.  Got %s, but expected a different org.", returnedOrg));
        }
    }
    return new BasicPrincipal(username);
}