Examples with SimpleAuthenticationInfo org.apache.shiro.authc.SimpleAuthenticationInfo used on opensource projects

Example 11 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project killbill by killbill.

the class KillbillJdbcTenantRealm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException {
    final SimpleAuthenticationInfo authenticationInfo = (SimpleAuthenticationInfo) super.doGetAuthenticationInfo(token);
    // We store the salt bytes in Base64 (because the JdbcRealm retrieves it as a String)
    final ByteSource base64Salt = authenticationInfo.getCredentialsSalt();
    final byte[] bytes = Base64.decode(base64Salt.getBytes());
    // SimpleByteSource isn't Serializable
    authenticationInfo.setCredentialsSalt(new SerializableSimpleByteSource(bytes));
    return authenticationInfo;
}

Example 12 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project killbill by killbill.

the class KillBillAuth0Realm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException {
    if (token instanceof UsernamePasswordToken) {
        final UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        if (doAuthenticate(upToken)) {
            // Credentials are valid
            return new SimpleAuthenticationInfo(token.getPrincipal(), token.getCredentials(), getName());
        }
    } else {
        final String bearerToken = (String) token.getPrincipal();
        final Claims claims = verifyJWT(bearerToken);
        // Credentials are valid
        // This config must match the one in Kaui
        final Object principal = claims.get(securityConfig.getShiroAuth0UsernameClaim());
        // For the JWT to contains the permissions, the `Add Permissions in the Access Token` setting must be turned on in Auth0
        if (claims.containsKey("permissions") && claims.get("permissions") instanceof Iterable) {
            // In order to use the permissions from the JWT (and avoid calling Auth0 later on), we need to eagerly cache them,
            // as doGetAuthorizationInfo won't have access to the token
            final org.apache.shiro.cache.Cache<Object, AuthorizationInfo> authorizationCache = getAuthorizationCache();
            // Should never be null (initialized via init())
            if (authorizationCache != null) {
                final SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(null);
                final Set<String> permissions = new HashSet<String>();
                for (final Object permission : (Iterable) claims.get("permissions")) {
                    permissions.add(permission.toString());
                }
                simpleAuthorizationInfo.setStringPermissions(permissions);
                final MutablePrincipalCollection principals = new SimplePrincipalCollection();
                principals.add(principal, getName());
                final Object authorizationCacheKey = getAuthorizationCacheKey(principals);
                authorizationCache.put(authorizationCacheKey, simpleAuthorizationInfo);
            }
        }
        return new SimpleAuthenticationInfo(principal, token.getCredentials(), getName());
    }
    throw new AuthenticationException("Auth0 authentication failed");
}

Example 13 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project zeppelin by apache.

the class LdapRealm method createAuthenticationInfo.

@Override
protected AuthenticationInfo createAuthenticationInfo(AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext) throws NamingException {
    HashRequest.Builder builder = new HashRequest.Builder();
    Hash credentialsHash = hashService.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
    return new SimpleAuthenticationInfo(token.getPrincipal(), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}

Example 14 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project SSM by Intel-bigdata.

the class LdapRealm method createAuthenticationInfo.

@Override
protected AuthenticationInfo createAuthenticationInfo(AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext) throws NamingException {
    HashRequest.Builder builder = new HashRequest.Builder();
    Hash credentialsHash = hashService.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
    return new SimpleAuthenticationInfo(token.getPrincipal(), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}

Example 15 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project wechat by dllwh.

the class ShiroRealm method doGetAuthenticationInfo.

/**
 * @方法描述: 验证当前登录的Subject
 * @说明: 该方法的调用时机为LoginController.login()方法中执行Subject.login()时
 * @param token
 * @return
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authtoken) throws AuthenticationException {
    UsernamePasswordToken token = (UsernamePasswordToken) authtoken;
    // ① 获取当前登录的用户名
    String currentUsername = token.getUsername();
    String passWord = String.valueOf(token.getPassword());
    SysUser sysUser = new SysUser();
    SysUser currentUser = null;
    SimpleAuthenticationInfo authcInfo = null;
    try {
        sysUser.setUserName(currentUsername);
        int userCount = userService.getCountForJdbcParam(sysUser);
        if (userCount <= 0) {
            throw new UnknownAccountException();
        }
        currentUser = userService.checkUserExits(currentUsername, passWord);
    } catch (Exception e) {
        throw new UnknownAccountException();
    }
    if (currentUser != null) {
        // 账号未通过审核
        if (currentUser.getIfEnabled() != 1) {
            throw new DisabledAccountException();
        }
        // 账号未通过审核
        if (currentUser.getIfVisible() != 1) {
            throw new DisabledAccountException("账号未通过审核");
        }
        // 账号不允许登录
        if (currentUser.getLoginFlag() != 1) {
            throw new AuthenticationException("账号不允许登录");
        }
        // 账号被锁定
        if (currentUser.getIfLocked() != 1) {
            throw new ExcessiveAttemptsException("账号被锁定");
        }
        WebUtilHelper.setCurrentLoginUser(currentUser);
        authcInfo = new SimpleAuthenticationInfo(currentUser, currentUser.getPassword(), getName());
    } else {
        throw new LockedAccountException("用户名或密码错误");
    }
    return authcInfo;
}