Examples with PasswordCallback javax.security.auth.callback.PasswordCallback used on opensource projects

Example 26 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldNotSaveProfileIfRequiredAttributesNotSet.

@Test
public void shouldNotSaveProfileIfRequiredAttributesNotSet() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[2];
    PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
    ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
    int state = 2;
    String otpCode = "OTPCODE";
    callbacks[0] = smsOTPCallback;
    callbacks[1] = confirmationCallback;
    given(smsOTPCallback.getPassword()).willReturn(otpCode.toCharArray());
    given(confirmationCallback.getSelectedIndex()).willReturn(0);
    given(hotpService.isValidHOTP("OTPCODE")).willReturn(true);
    given(devicePrintService.hasRequiredAttributes(Matchers.<DevicePrint>anyObject())).willReturn(false);
    given(devicePrintAuthenticationConfig.getBoolean(DevicePrintAuthenticationConfig.AUTO_STORE_PROFILES)).willReturn(true);
    //When
    int nextState = devicePrintAuthenticationService.process(callbacks, state);
    //Then
    assertEquals(nextState, ISAuthConstants.LOGIN_SUCCEED);
    verify(devicePrintService, never()).createNewProfile(Matchers.<DevicePrint>anyObject());
}

Example 27 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class AuthXMLUtils method createPasswordCallback.

static PasswordCallback createPasswordCallback(Node childNode, Callback callback) {
    String prompt = getPrompt(childNode);
    boolean echoPassword = false;
    String echoPasswordAttr = XMLUtils.getNodeAttributeValue(childNode, AuthXMLTags.ECHO_PASSWORD);
    if ((echoPasswordAttr != null) && echoPasswordAttr.equals("true")) {
        echoPassword = true;
    }
    PasswordCallback passwordCallback = null;
    if (callback != null) {
        if (callback instanceof PasswordCallback) {
            passwordCallback = (PasswordCallback) callback;
        }
    }
    if (passwordCallback == null) {
        passwordCallback = new PasswordCallback(prompt, echoPassword);
    }
    String value = getValueNoTrim(childNode);
    if (value != null) {
        passwordCallback.setPassword(value.toCharArray());
    }
    return passwordCallback;
}

Example 28 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class Application method authenticateToDatastore.

/**
     * Authenticates to the datastore using idRepo API
     *
     * @param userName User Name
     * @param userPassword User Password
     * @return <code>true</code> if success. <code>false</code> if failure
     * @throws <code> AuthLoginException </code> 
     */
private boolean authenticateToDatastore(String userName, String userPassword) throws AuthLoginException {
    boolean retval = false;
    Callback[] callbacks = new Callback[2];
    NameCallback nameCallback = new NameCallback("NamePrompt");
    nameCallback.setName(userName);
    callbacks[0] = nameCallback;
    PasswordCallback passwordCallback = new PasswordCallback("PasswordPrompt", false);
    passwordCallback.setPassword(userPassword.toCharArray());
    callbacks[1] = passwordCallback;
    try {
        AMIdentityRepository idrepo = getAMIdentityRepository(getRequestOrg());
        retval = idrepo.authenticate(callbacks);
    } catch (IdRepoException idrepoExp) {
        if (debug.messageEnabled()) {
            debug.message("Application.authenticateToDatastore:  " + "IdRepo Exception", idrepoExp);
        }
    }
    return retval;
}

Example 29 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class DataStore method process.

public int process(Callback[] callbacks, int state) throws AuthLoginException {
    currentState = state;
    int retVal = 0;
    Callback[] idCallbacks = new Callback[2];
    try {
        if (currentState == ISAuthConstants.LOGIN_START) {
            if (callbacks != null && callbacks.length == 0) {
                userName = (String) sharedState.get(getUserKey());
                userPassword = (String) sharedState.get(getPwdKey());
                if (userName == null || userPassword == null) {
                    return ISAuthConstants.LOGIN_START;
                }
                NameCallback nameCallback = new NameCallback("dummy");
                nameCallback.setName(userName);
                idCallbacks[0] = nameCallback;
                PasswordCallback passwordCallback = new PasswordCallback("dummy", false);
                passwordCallback.setPassword(userPassword.toCharArray());
                idCallbacks[1] = passwordCallback;
            } else {
                idCallbacks = callbacks;
                //callbacks is not null
                userName = ((NameCallback) callbacks[0]).getName();
                char[] password = ((PasswordCallback) callbacks[1]).getPassword();
                userPassword = password == null ? null : String.valueOf(password);
            }
            if (userName == null) {
                debug.message("DataStore.process: Username is null/empty");
                throw new UserNamePasswordValidationException("amAuth", "InvalidUP", null);
            }
            if (userPassword == null || userPassword.length() == 0) {
                debug.message("DataStore.process: Password is null/empty");
                throw new InvalidPasswordException("amAuth", "invalidPasswd", null);
            }
            //store username password both in success and failure case
            storeUsernamePasswd(userName, userPassword);
            /*
                Fix for OPENAM-1872. Reject usernames with illegal characters (e.g. * or ! or ) or ( or & ), just
                like the LDAP LoginModule does. List of invalid characters comes from a new configuration entry (though
                the list of illegal characters does not seem to be processed in validateUserName). I want the invocation
                to be just like the LDAP LoginModule, and to handle the case in which the username format validator
                cannot be successfully loaded in validateUserName.
                 */
            validateUserName(userName, CollectionHelper.getMapAttr(currentConfig, INVALID_CHARS));
            AMIdentityRepository idrepo = getAMIdentityRepository(getRequestOrg());
            boolean success = idrepo.authenticate(idCallbacks);
            if (success) {
                retVal = ISAuthConstants.LOGIN_SUCCEED;
                validatedUserID = userName;
            } else {
                throw new AuthLoginException(amAuthDataStore, "authFailed", null);
            }
        } else {
            setFailureID(userName);
            throw new AuthLoginException(amAuthDataStore, "authFailed", null);
        }
    } catch (IdRepoException ex) {
        debug.message("idRepo Exception");
        setFailureID(userName);
        throw new AuthLoginException(amAuthDataStore, "authFailed", null, ex);
    }
    return retVal;
}

Example 30 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class ServerConfigMgr method authenticateDsameUser.

private static boolean authenticateDsameUser(SSOToken ssoToken, String oldPassword, String newPassword) {
    Callback[] idCallbacks = new Callback[2];
    NameCallback nameCallback = new NameCallback("dummy");
    nameCallback.setName("dsameuser");
    idCallbacks[0] = nameCallback;
    PasswordCallback passwordCallback = new PasswordCallback("dummy", false);
    passwordCallback.setPassword(oldPassword.toCharArray());
    idCallbacks[1] = passwordCallback;
    try {
        AMIdentityRepository amir = new AMIdentityRepository("/", ssoToken);
        if (!amir.authenticate(idCallbacks)) {
            passwordCallback.setPassword(newPassword.toCharArray());
            return amir.authenticate(idCallbacks);
        }
        return true;
    } catch (AuthLoginException ex) {
        return false;
    } catch (IdRepoException ex) {
        return false;
    }
}