Examples with Callback javax.security.auth.callback.Callback used on opensource projects

Example 31 with Callback

use of javax.security.auth.callback.Callback in project tdi-studio-se by Talend.

the class HardcodedPassword method handle.

@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback c : callbacks) {
        if (c instanceof WSPasswordCallback) {
            WSPasswordCallback passwordCallback = (WSPasswordCallback) c;
            passwordCallback.setPassword(password);
            continue;
        }
        throw new UnsupportedCallbackException(c);
    }
}

Example 32 with Callback

use of javax.security.auth.callback.Callback in project opennms by OpenNMS.

the class LoginModuleUtils method doLogin.

public static boolean doLogin(final OpenNMSLoginHandler handler, final Subject subject, final Map<String, ?> sharedState, final Map<String, ?> options) throws LoginException {
    LOG.debug("OpenNMSLoginModule: login(): handler={}, subject={}, sharedState={}, options={}", handler.getClass(), subject.getClass(), sharedState, options);
    final Callback[] callbacks = new Callback[2];
    callbacks[0] = new NameCallback("Username: ");
    callbacks[1] = new PasswordCallback("Password: ", false);
    try {
        handler.callbackHandler().handle(callbacks);
    } catch (final IOException ioe) {
        LOG.debug("IO exception while attempting to prompt for username and password.", ioe);
        throw new LoginException(ioe.getMessage());
    } catch (final UnsupportedCallbackException uce) {
        LOG.debug("Username or password prompt not supported.", uce);
        throw new LoginException(uce.getMessage() + " not available to obtain information from user.");
    }
    final String user = ((NameCallback) callbacks[0]).getName();
    handler.setUser(user);
    if (user == null) {
        final String msg = "Username can not be null.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    // password callback get value
    if (((PasswordCallback) callbacks[1]).getPassword() == null) {
        final String msg = "Password can not be null.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    final String password = new String(((PasswordCallback) callbacks[1]).getPassword());
    final User configUser;
    final SpringSecurityUser onmsUser;
    try {
        configUser = handler.userConfig().getUser(user);
        onmsUser = handler.springSecurityUserDao().getByUsername(user);
    } catch (final Exception e) {
        final String message = "Failed to retrieve user " + user + " from OpenNMS UserConfig.";
        LOG.debug(message, e);
        throw new LoginException(message);
    }
    if (configUser == null) {
        final String msg = "User  " + user + " does not exist.";
        LOG.debug(msg);
        throw new FailedLoginException(msg);
    }
    if (!handler.userConfig().comparePasswords(user, password)) {
        final String msg = "Login failed: passwords did not match.";
        LOG.debug(msg);
        throw new FailedLoginException(msg);
    }
    ;
    boolean allowed = true;
    final Set<Principal> principals = LoginModuleUtils.createPrincipals(handler, onmsUser.getAuthorities());
    handler.setPrincipals(principals);
    if (handler.requiresAdminRole()) {
        allowed = false;
        for (final Principal principal : principals) {
            final String name = principal.getName().toLowerCase().replaceAll("^role_", "");
            if ("admin".equals(name)) {
                allowed = true;
            }
        }
    }
    if (!allowed) {
        final String msg = "User " + user + " is not an administrator!  OSGi console access is forbidden.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    LOG.debug("Successfully logged in {}.", user);
    return true;
}

Example 33 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldLoginSuccessfullyWhenValidMatchingStoredDevicePrintProfilesFound.

/**
     * 3) first call ISAuthConstants.LOGIN_START - device print attr populated, with a valid stored profile - should return ISAuthConstants.LOGIN_SUCCEED
     */
@Test
public void shouldLoginSuccessfullyWhenValidMatchingStoredDevicePrintProfilesFound() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[1];
    NameCallback devicePrintCallback = mock(NameCallback.class);
    int state = ISAuthConstants.LOGIN_START;
    DevicePrint devicePrint = mock(DevicePrint.class);
    UserProfile validStoredMatchingProfile = mock(UserProfile.class);
    UserProfile selectedUserProfile = validStoredMatchingProfile;
    callbacks[0] = devicePrintCallback;
    given(devicePrintCallback.getName()).willReturn("DEVICE_PRINT_INFO");
    given(devicePrintService.getDevicePrint(request)).willReturn(devicePrint);
    given(devicePrintService.hasRequiredAttributes(devicePrint)).willReturn(true);
    given(devicePrintService.getBestMatchingUserProfile(devicePrint)).willReturn(selectedUserProfile);
    //When
    int nextState = devicePrintAuthenticationService.process(callbacks, state);
    //Then
    assertEquals(nextState, ISAuthConstants.LOGIN_SUCCEED);
}

Example 34 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldThrowExceptionWhenSubmittedtOTPWithIncorrectErrorCode.

/**
     * 6) third call, using OPT, 2 - OPT code submitted, with incorrect code - should throw exception
     */
@Test
public void shouldThrowExceptionWhenSubmittedtOTPWithIncorrectErrorCode() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[2];
    PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
    ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
    int state = 2;
    String otpCode = "OTPCODEWRONG";
    callbacks[0] = smsOTPCallback;
    callbacks[1] = confirmationCallback;
    given(smsOTPCallback.getPassword()).willReturn(otpCode.toCharArray());
    given(confirmationCallback.getSelectedIndex()).willReturn(0);
    given(hotpService.isValidHOTP("OTPCODEWRONG")).willReturn(false);
    //When
    boolean exceptionCaught = false;
    try {
        devicePrintAuthenticationService.process(callbacks, state);
        fail();
    } catch (AuthLoginException e) {
        exceptionCaught = true;
    }
    //Then
    assertTrue(exceptionCaught);
}

Example 35 with Callback

use of javax.security.auth.callback.Callback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldAutoSaveProfilePageWhenSubmittedOTPWithCorrectCodeWithAuthSaveProp.

/**
     * 5a) third call, using OPT, 2 - OPT code submitted, with correct code - with Auth Save Profile prop set to "true"
     */
@Test
public void shouldAutoSaveProfilePageWhenSubmittedOTPWithCorrectCodeWithAuthSaveProp() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[2];
    PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
    ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
    int state = 2;
    String otpCode = "OTPCODE";
    callbacks[0] = smsOTPCallback;
    callbacks[1] = confirmationCallback;
    given(smsOTPCallback.getPassword()).willReturn(otpCode.toCharArray());
    given(confirmationCallback.getSelectedIndex()).willReturn(0);
    given(hotpService.isValidHOTP("OTPCODE")).willReturn(true);
    given(devicePrintService.hasRequiredAttributes(Matchers.<DevicePrint>anyObject())).willReturn(true);
    given(devicePrintAuthenticationConfig.getBoolean(DevicePrintAuthenticationConfig.AUTO_STORE_PROFILES)).willReturn(true);
    //When
    int nextState = devicePrintAuthenticationService.process(callbacks, state);
    //Then
    assertEquals(nextState, ISAuthConstants.LOGIN_SUCCEED);
    verify(devicePrintService).createNewProfile(Matchers.<DevicePrint>anyObject());
}