Examples with PasswordCallback javax.security.auth.callback.PasswordCallback used on opensource projects

Example 31 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class Membership method loginUser.

private ModuleState loginUser(Callback[] callbacks) throws AuthLoginException {
    String password = null;
    Callback[] idCallbacks = new Callback[2];
    try {
        if (callbacks != null && callbacks.length == 0) {
            userName = (String) sharedState.get(getUserKey());
            password = (String) sharedState.get(getPwdKey());
            if (userName == null || password == null) {
                return ModuleState.LOGIN_START;
            }
            getCredentialsFromSharedState = true;
            NameCallback nameCallback = new NameCallback("dummy");
            nameCallback.setName(userName);
            idCallbacks[0] = nameCallback;
            PasswordCallback passwordCallback = new PasswordCallback("dummy", false);
            passwordCallback.setPassword(password.toCharArray());
            idCallbacks[1] = passwordCallback;
        } else {
            idCallbacks = callbacks;
            //callbacks is not null
            userName = ((NameCallback) callbacks[0]).getName();
            password = String.valueOf(((PasswordCallback) callbacks[1]).getPassword());
        }
        if (password == null || password.length() == 0) {
            if (debug.messageEnabled()) {
                debug.message("Membership.loginUser: Password is null/empty");
            }
            throw new InvalidPasswordException("amAuth", "invalidPasswd", null);
        }
        //store username password both in success and failure case
        storeUsernamePasswd(userName, password);
        initAuthConfig();
        AMIdentityRepository idrepo = getAMIdentityRepository(getRequestOrg());
        boolean success = idrepo.authenticate(idCallbacks);
        if (success) {
            validatedUserID = userName;
            return ModuleState.COMPLETE;
        } else {
            throw new AuthLoginException(amAuthMembership, "authFailed", null);
        }
    } catch (IdRepoException ex) {
        if (getCredentialsFromSharedState && !isUseFirstPassEnabled()) {
            getCredentialsFromSharedState = false;
            return ModuleState.LOGIN_START;
        }
        if (debug.warningEnabled()) {
            debug.warning("idRepo Exception");
        }
        setFailureID(userName);
        throw new AuthLoginException(amAuthMembership, "authFailed", null, ex);
    }
}

Example 32 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project opennms by OpenNMS.

the class LoginModuleUtils method doLogin.

public static boolean doLogin(final OpenNMSLoginHandler handler, final Subject subject, final Map<String, ?> sharedState, final Map<String, ?> options) throws LoginException {
    LOG.debug("OpenNMSLoginModule: login(): handler={}, subject={}, sharedState={}, options={}", handler.getClass(), subject.getClass(), sharedState, options);
    final Callback[] callbacks = new Callback[2];
    callbacks[0] = new NameCallback("Username: ");
    callbacks[1] = new PasswordCallback("Password: ", false);
    try {
        handler.callbackHandler().handle(callbacks);
    } catch (final IOException ioe) {
        LOG.debug("IO exception while attempting to prompt for username and password.", ioe);
        throw new LoginException(ioe.getMessage());
    } catch (final UnsupportedCallbackException uce) {
        LOG.debug("Username or password prompt not supported.", uce);
        throw new LoginException(uce.getMessage() + " not available to obtain information from user.");
    }
    final String user = ((NameCallback) callbacks[0]).getName();
    handler.setUser(user);
    if (user == null) {
        final String msg = "Username can not be null.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    // password callback get value
    if (((PasswordCallback) callbacks[1]).getPassword() == null) {
        final String msg = "Password can not be null.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    final String password = new String(((PasswordCallback) callbacks[1]).getPassword());
    final User configUser;
    final SpringSecurityUser onmsUser;
    try {
        configUser = handler.userConfig().getUser(user);
        onmsUser = handler.springSecurityUserDao().getByUsername(user);
    } catch (final Exception e) {
        final String message = "Failed to retrieve user " + user + " from OpenNMS UserConfig.";
        LOG.debug(message, e);
        throw new LoginException(message);
    }
    if (configUser == null) {
        final String msg = "User  " + user + " does not exist.";
        LOG.debug(msg);
        throw new FailedLoginException(msg);
    }
    if (!handler.userConfig().comparePasswords(user, password)) {
        final String msg = "Login failed: passwords did not match.";
        LOG.debug(msg);
        throw new FailedLoginException(msg);
    }
    ;
    boolean allowed = true;
    final Set<Principal> principals = LoginModuleUtils.createPrincipals(handler, onmsUser.getAuthorities());
    handler.setPrincipals(principals);
    if (handler.requiresAdminRole()) {
        allowed = false;
        for (final Principal principal : principals) {
            final String name = principal.getName().toLowerCase().replaceAll("^role_", "");
            if ("admin".equals(name)) {
                allowed = true;
            }
        }
    }
    if (!allowed) {
        final String msg = "User " + user + " is not an administrator!  OSGi console access is forbidden.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    LOG.debug("Successfully logged in {}.", user);
    return true;
}

Example 33 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldThrowExceptionWhenSubmittedtOTPWithIncorrectErrorCode.

/**
     * 6) third call, using OPT, 2 - OPT code submitted, with incorrect code - should throw exception
     */
@Test
public void shouldThrowExceptionWhenSubmittedtOTPWithIncorrectErrorCode() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[2];
    PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
    ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
    int state = 2;
    String otpCode = "OTPCODEWRONG";
    callbacks[0] = smsOTPCallback;
    callbacks[1] = confirmationCallback;
    given(smsOTPCallback.getPassword()).willReturn(otpCode.toCharArray());
    given(confirmationCallback.getSelectedIndex()).willReturn(0);
    given(hotpService.isValidHOTP("OTPCODEWRONG")).willReturn(false);
    //When
    boolean exceptionCaught = false;
    try {
        devicePrintAuthenticationService.process(callbacks, state);
        fail();
    } catch (AuthLoginException e) {
        exceptionCaught = true;
    }
    //Then
    assertTrue(exceptionCaught);
}

Example 34 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldAutoSaveProfilePageWhenSubmittedOTPWithCorrectCodeWithAuthSaveProp.

/**
     * 5a) third call, using OPT, 2 - OPT code submitted, with correct code - with Auth Save Profile prop set to "true"
     */
@Test
public void shouldAutoSaveProfilePageWhenSubmittedOTPWithCorrectCodeWithAuthSaveProp() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[2];
    PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
    ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
    int state = 2;
    String otpCode = "OTPCODE";
    callbacks[0] = smsOTPCallback;
    callbacks[1] = confirmationCallback;
    given(smsOTPCallback.getPassword()).willReturn(otpCode.toCharArray());
    given(confirmationCallback.getSelectedIndex()).willReturn(0);
    given(hotpService.isValidHOTP("OTPCODE")).willReturn(true);
    given(devicePrintService.hasRequiredAttributes(Matchers.<DevicePrint>anyObject())).willReturn(true);
    given(devicePrintAuthenticationConfig.getBoolean(DevicePrintAuthenticationConfig.AUTO_STORE_PROFILES)).willReturn(true);
    //When
    int nextState = devicePrintAuthenticationService.process(callbacks, state);
    //Then
    assertEquals(nextState, ISAuthConstants.LOGIN_SUCCEED);
    verify(devicePrintService).createNewProfile(Matchers.<DevicePrint>anyObject());
}

Example 35 with PasswordCallback

use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldNotSaveProfileIfRequiredAttributesNotSet.

@Test
public void shouldNotSaveProfileIfRequiredAttributesNotSet() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[2];
    PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
    ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
    int state = 2;
    String otpCode = "OTPCODE";
    callbacks[0] = smsOTPCallback;
    callbacks[1] = confirmationCallback;
    given(smsOTPCallback.getPassword()).willReturn(otpCode.toCharArray());
    given(confirmationCallback.getSelectedIndex()).willReturn(0);
    given(hotpService.isValidHOTP("OTPCODE")).willReturn(true);
    given(devicePrintService.hasRequiredAttributes(Matchers.<DevicePrint>anyObject())).willReturn(false);
    given(devicePrintAuthenticationConfig.getBoolean(DevicePrintAuthenticationConfig.AUTO_STORE_PROFILES)).willReturn(true);
    //When
    int nextState = devicePrintAuthenticationService.process(callbacks, state);
    //Then
    assertEquals(nextState, ISAuthConstants.LOGIN_SUCCEED);
    verify(devicePrintService, never()).createNewProfile(Matchers.<DevicePrint>anyObject());
}