Example 1 with UsernamePasswordAuthenticationToken
use of io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken in project vertigo by KleeGroup.
the class TextAuthenticationPlugin method parseUserInfo.
private void parseUserInfo(final String line) {
final Matcher matcher = FILE_PATTERN.matcher(line);
final boolean matches = matcher.matches();
Assertion.checkState(matches, "No match found for entry '{0}' and pattern '{1}'", line, FILE_PATTERN_STR);
// ---
final String accountKey = matcher.group(1);
final String username = matcher.group(2);
final String password = matcher.group(3);
final AuthenticationToken authenticationToken;
if (password.isEmpty()) {
authenticationToken = new UsernameAuthenticationToken(username);
} else {
authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
}
users.put(username, new AuthenticationAccountInfo(accountKey, authenticationToken));
}
Also used :
UsernameAuthenticationToken(io.vertigo.account.impl.authentication.UsernameAuthenticationToken)
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
AuthenticationToken(io.vertigo.account.authentication.AuthenticationToken)
Matcher(java.util.regex.Matcher)
UsernameAuthenticationToken(io.vertigo.account.impl.authentication.UsernameAuthenticationToken)
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
Example 2 with UsernamePasswordAuthenticationToken
use of io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken in project vertigo by KleeGroup.
the class AuthenticationManagerTest method testLoginFail.
@Test
public void testLoginFail() {
final AuthenticationToken token = new UsernamePasswordAuthenticationToken("badUserName", "badPassword");
final Optional<Account> account = authenticationManager.login(token);
Assert.assertFalse("Shouldn't found any account with a bad login", account.isPresent());
final Optional<UserSession> userSession = securityManager.getCurrentUserSession();
Assert.assertTrue("No UserSession", userSession.isPresent());
Assert.assertFalse("Badly authenticated", userSession.get().isAuthenticated());
}
Also used :
Account(io.vertigo.account.account.Account)
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
AuthenticationToken(io.vertigo.account.authentication.AuthenticationToken)
UserSession(io.vertigo.persona.security.UserSession)
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
Test(org.junit.Test)
Example 3 with UsernamePasswordAuthenticationToken
use of io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken in project vertigo by KleeGroup.
the class LdapAuthenticationPlugin method authenticateAccount.
/**
* {@inheritDoc}
*/
@Override
public Optional<String> authenticateAccount(final AuthenticationToken token) {
Assertion.checkNotNull(token);
// ---
final UsernamePasswordAuthenticationToken usernamePasswordToken = (UsernamePasswordAuthenticationToken) token;
LdapContext ldapContext = null;
try {
final String userProtectedDn = userLoginPrefix + protectLdap(usernamePasswordToken.getPrincipal()) + userLoginSuffix;
ldapContext = createLdapContext(userProtectedDn, usernamePasswordToken.getPassword());
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Ouverture de connexion LDAP '" + ldapContext + "'");
}
return Optional.of(token.getPrincipal());
} catch (final NamingException e) {
if (LOGGER.isDebugEnabled()) {
LOGGER.info("Can't authenticate user '" + token.getPrincipal() + "'", e);
} else {
LOGGER.info("Can't authenticate user '" + token.getPrincipal() + "'");
}
// can't connect user
return Optional.empty();
} finally {
if (ldapContext != null) {
closeLdapContext(ldapContext);
}
}
}
Also used :
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
NamingException(javax.naming.NamingException)
InitialLdapContext(javax.naming.ldap.InitialLdapContext)
LdapContext(javax.naming.ldap.LdapContext)
Example 4 with UsernamePasswordAuthenticationToken
use of io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken in project vertigo by KleeGroup.
the class StoreAuthenticationPlugin method start.
/**
* {@inheritDoc}
*/
@Override
public void start() {
userCredentialDefinition = Home.getApp().getDefinitionSpace().resolve(userCredentialEntity, DtDefinition.class);
defaultUserTrustedCredential = new UsernamePasswordAuthenticationToken("defaultLogin", "defaultPassword");
}
Also used :
DtDefinition(io.vertigo.dynamo.domain.metamodel.DtDefinition)
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
Example 5 with UsernamePasswordAuthenticationToken
use of io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken in project vertigo by KleeGroup.
the class StoreAuthenticationPlugin method authenticateAccount.
/**
* {@inheritDoc}
*/
@Override
public Optional<String> authenticateAccount(final AuthenticationToken token) {
final Criteria criteriaByLogin = Criterions.isEqualTo(() -> userLoginField, token.getPrincipal());
final DtList<DtObject> results = storeManager.getDataStore().find(userCredentialDefinition, criteriaByLogin);
// may ensure, that valid or invalid login took the same time, so we don't assert no result here
Assertion.checkState(results.size() <= 1, "Too many matching credentials for {0}", token.getPrincipal());
final AuthenticationToken trustedAuthenticationToken;
if (token instanceof UsernamePasswordAuthenticationToken) {
if (results.isEmpty()) {
trustedAuthenticationToken = defaultUserTrustedCredential;
} else {
final String trustedEncodedPassword = (String) userCredentialDefinition.getField(userPasswordField).getDataAccessor().getValue(results.get(0));
trustedAuthenticationToken = new UsernamePasswordAuthenticationToken(token.getPrincipal(), trustedEncodedPassword);
}
} else {
if (results.isEmpty()) {
trustedAuthenticationToken = defaultUserTrustedCredential;
} else {
trustedAuthenticationToken = new UsernameAuthenticationToken(token.getPrincipal());
}
}
// may ensure, that valid or invalid login took the same time, so we don't assert no result here
if (// tokens match
token.match(trustedAuthenticationToken) && !results.isEmpty()) {
// and Username exists (after)
final String userTokenId = (String) userCredentialDefinition.getField(userTokenIdField).getDataAccessor().getValue(results.get(0));
return Optional.of(userTokenId);
}
return Optional.empty();
}
Also used :
UsernameAuthenticationToken(io.vertigo.account.impl.authentication.UsernameAuthenticationToken)
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
AuthenticationToken(io.vertigo.account.authentication.AuthenticationToken)
DtObject(io.vertigo.dynamo.domain.model.DtObject)
UsernameAuthenticationToken(io.vertigo.account.impl.authentication.UsernameAuthenticationToken)
UsernamePasswordAuthenticationToken(io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)
Criteria(io.vertigo.dynamo.criteria.Criteria)
Aggregations
UsernamePasswordAuthenticationToken (io.vertigo.account.impl.authentication.UsernamePasswordAuthenticationToken)6
AuthenticationToken (io.vertigo.account.authentication.AuthenticationToken)4
Account (io.vertigo.account.account.Account)2
UsernameAuthenticationToken (io.vertigo.account.impl.authentication.UsernameAuthenticationToken)2
UserSession (io.vertigo.persona.security.UserSession)2
Criteria (io.vertigo.dynamo.criteria.Criteria)1
DtDefinition (io.vertigo.dynamo.domain.metamodel.DtDefinition)1
DtObject (io.vertigo.dynamo.domain.model.DtObject)1
Matcher (java.util.regex.Matcher)1
NamingException (javax.naming.NamingException)1
InitialLdapContext (javax.naming.ldap.InitialLdapContext)1
LdapContext (javax.naming.ldap.LdapContext)1
Test (org.junit.Test)1
