use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class UsernamePasswordAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(final Authentication authentication) {
String domainKey = SyncopeAuthenticationDetails.class.cast(authentication.getDetails()).getDomain();
final String[] username = new String[1];
Boolean authenticated;
if (anonymousUser.equals(authentication.getName())) {
username[0] = anonymousUser;
credentialChecker.checkIsDefaultAnonymousKeyInUse();
authenticated = authentication.getCredentials().toString().equals(anonymousKey);
} else if (adminUser.equals(authentication.getName())) {
username[0] = adminUser;
if (SyncopeConstants.MASTER_DOMAIN.equals(domainKey)) {
credentialChecker.checkIsDefaultAdminPasswordInUse();
authenticated = ENCRYPTOR.verify(authentication.getCredentials().toString(), CipherAlgorithm.valueOf(adminPasswordAlgorithm), adminPassword);
} else {
final String domainToFind = domainKey;
authenticated = AuthContextUtils.execWithAuthContext(SyncopeConstants.MASTER_DOMAIN, () -> {
Domain domain = dataAccessor.findDomain(domainToFind);
return ENCRYPTOR.verify(authentication.getCredentials().toString(), domain.getAdminCipherAlgorithm(), domain.getAdminPwd());
});
}
} else {
final Pair<User, Boolean> authResult = AuthContextUtils.execWithAuthContext(domainKey, () -> dataAccessor.authenticate(authentication));
authenticated = authResult.getValue();
if (authResult.getLeft() != null && authResult.getRight() != null) {
username[0] = authResult.getLeft().getUsername();
if (!authResult.getRight()) {
AuthContextUtils.execWithAuthContext(domainKey, () -> {
provisioningManager.internalSuspend(authResult.getLeft().getKey());
return null;
});
}
}
}
if (username[0] == null) {
username[0] = authentication.getPrincipal().toString();
}
final boolean isAuthenticated = authenticated != null && authenticated;
UsernamePasswordAuthenticationToken token;
if (isAuthenticated) {
token = AuthContextUtils.execWithAuthContext(domainKey, () -> {
UsernamePasswordAuthenticationToken token1 = new UsernamePasswordAuthenticationToken(username[0], null, dataAccessor.getAuthorities(username[0]));
token1.setDetails(authentication.getDetails());
dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.SUCCESS, null, isAuthenticated, authentication, "Successfully authenticated, with entitlements: " + token1.getAuthorities());
return token1;
});
LOG.debug("User {} successfully authenticated, with entitlements {}", username[0], token.getAuthorities());
} else {
AuthContextUtils.execWithAuthContext(domainKey, () -> {
dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.FAILURE, null, isAuthenticated, authentication, "User " + username[0] + " not authenticated");
return null;
});
LOG.debug("User {} not authenticated", username[0]);
throw new BadCredentialsException("User " + username[0] + " not authenticated");
}
return token;
}
use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class DomainTest method save.
@Test
public void save() {
Domain domain = entityFactory.newEntity(Domain.class);
domain.setKey("new");
domain.setPassword("password", CipherAlgorithm.SSHA512);
Domain actual = domainDAO.save(domain);
assertNotNull(actual);
assertEquals(CipherAlgorithm.SSHA512, actual.getAdminCipherAlgorithm());
assertNotEquals("password", actual.getAdminPwd());
}
use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class DomainTest method delete.
@Test
public void delete() {
Domain domain = entityFactory.newEntity(Domain.class);
domain.setKey("todelete");
domain.setPassword("password", CipherAlgorithm.SSHA512);
Domain actual = domainDAO.save(domain);
assertNotNull(actual);
String id = actual.getKey();
assertNotNull(domainDAO.find(id));
domainDAO.delete(id);
assertNull(domainDAO.find(id));
}
use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class DomainTest method find.
@Test
public void find() {
Domain two = domainDAO.find("Two");
assertNotNull(two);
assertEquals(CipherAlgorithm.SHA, two.getAdminCipherAlgorithm());
assertNull(domainDAO.find("none"));
}
Aggregations