use of org.apache.shiro.authc.SimpleAuthenticationInfo in project killbill by killbill.
the class KillbillJdbcTenantRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException {
final SimpleAuthenticationInfo authenticationInfo = (SimpleAuthenticationInfo) super.doGetAuthenticationInfo(token);
// We store the salt bytes in Base64 (because the JdbcRealm retrieves it as a String)
final ByteSource base64Salt = authenticationInfo.getCredentialsSalt();
final byte[] bytes = Base64.decode(base64Salt.getBytes());
// SimpleByteSource isn't Serializable
authenticationInfo.setCredentialsSalt(new SerializableSimpleByteSource(bytes));
return authenticationInfo;
}
use of org.apache.shiro.authc.SimpleAuthenticationInfo in project killbill by killbill.
the class KillBillAuth0Realm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException {
if (token instanceof UsernamePasswordToken) {
final UsernamePasswordToken upToken = (UsernamePasswordToken) token;
if (doAuthenticate(upToken)) {
// Credentials are valid
return new SimpleAuthenticationInfo(token.getPrincipal(), token.getCredentials(), getName());
}
} else {
final String bearerToken = (String) token.getPrincipal();
final Claims claims = verifyJWT(bearerToken);
// Credentials are valid
// This config must match the one in Kaui
final Object principal = claims.get(securityConfig.getShiroAuth0UsernameClaim());
// For the JWT to contains the permissions, the `Add Permissions in the Access Token` setting must be turned on in Auth0
if (claims.containsKey("permissions") && claims.get("permissions") instanceof Iterable) {
// In order to use the permissions from the JWT (and avoid calling Auth0 later on), we need to eagerly cache them,
// as doGetAuthorizationInfo won't have access to the token
final org.apache.shiro.cache.Cache<Object, AuthorizationInfo> authorizationCache = getAuthorizationCache();
// Should never be null (initialized via init())
if (authorizationCache != null) {
final SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(null);
final Set<String> permissions = new HashSet<String>();
for (final Object permission : (Iterable) claims.get("permissions")) {
permissions.add(permission.toString());
}
simpleAuthorizationInfo.setStringPermissions(permissions);
final MutablePrincipalCollection principals = new SimplePrincipalCollection();
principals.add(principal, getName());
final Object authorizationCacheKey = getAuthorizationCacheKey(principals);
authorizationCache.put(authorizationCacheKey, simpleAuthorizationInfo);
}
}
return new SimpleAuthenticationInfo(principal, token.getCredentials(), getName());
}
throw new AuthenticationException("Auth0 authentication failed");
}
use of org.apache.shiro.authc.SimpleAuthenticationInfo in project zeppelin by apache.
the class LdapRealm method createAuthenticationInfo.
@Override
protected AuthenticationInfo createAuthenticationInfo(AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext) throws NamingException {
HashRequest.Builder builder = new HashRequest.Builder();
Hash credentialsHash = hashService.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
return new SimpleAuthenticationInfo(token.getPrincipal(), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}
use of org.apache.shiro.authc.SimpleAuthenticationInfo in project SSM by Intel-bigdata.
the class LdapRealm method createAuthenticationInfo.
@Override
protected AuthenticationInfo createAuthenticationInfo(AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext) throws NamingException {
HashRequest.Builder builder = new HashRequest.Builder();
Hash credentialsHash = hashService.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
return new SimpleAuthenticationInfo(token.getPrincipal(), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}
use of org.apache.shiro.authc.SimpleAuthenticationInfo in project wechat by dllwh.
the class ShiroRealm method doGetAuthenticationInfo.
/**
* @方法描述: 验证当前登录的Subject
* @说明: 该方法的调用时机为LoginController.login()方法中执行Subject.login()时
* @param token
* @return
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authtoken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authtoken;
// ① 获取当前登录的用户名
String currentUsername = token.getUsername();
String passWord = String.valueOf(token.getPassword());
SysUser sysUser = new SysUser();
SysUser currentUser = null;
SimpleAuthenticationInfo authcInfo = null;
try {
sysUser.setUserName(currentUsername);
int userCount = userService.getCountForJdbcParam(sysUser);
if (userCount <= 0) {
throw new UnknownAccountException();
}
currentUser = userService.checkUserExits(currentUsername, passWord);
} catch (Exception e) {
throw new UnknownAccountException();
}
if (currentUser != null) {
// 账号未通过审核
if (currentUser.getIfEnabled() != 1) {
throw new DisabledAccountException();
}
// 账号未通过审核
if (currentUser.getIfVisible() != 1) {
throw new DisabledAccountException("账号未通过审核");
}
// 账号不允许登录
if (currentUser.getLoginFlag() != 1) {
throw new AuthenticationException("账号不允许登录");
}
// 账号被锁定
if (currentUser.getIfLocked() != 1) {
throw new ExcessiveAttemptsException("账号被锁定");
}
WebUtilHelper.setCurrentLoginUser(currentUser);
authcInfo = new SimpleAuthenticationInfo(currentUser, currentUser.getPassword(), getName());
} else {
throw new LockedAccountException("用户名或密码错误");
}
return authcInfo;
}
Aggregations