Example 6 with Domain
use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class UsernamePasswordAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(final Authentication authentication) {
String domainKey = SyncopeAuthenticationDetails.class.cast(authentication.getDetails()).getDomain();
final String[] username = new String[1];
Boolean authenticated;
if (anonymousUser.equals(authentication.getName())) {
username[0] = anonymousUser;
credentialChecker.checkIsDefaultAnonymousKeyInUse();
authenticated = authentication.getCredentials().toString().equals(anonymousKey);
} else if (adminUser.equals(authentication.getName())) {
username[0] = adminUser;
if (SyncopeConstants.MASTER_DOMAIN.equals(domainKey)) {
credentialChecker.checkIsDefaultAdminPasswordInUse();
authenticated = ENCRYPTOR.verify(authentication.getCredentials().toString(), CipherAlgorithm.valueOf(adminPasswordAlgorithm), adminPassword);
} else {
final String domainToFind = domainKey;
authenticated = AuthContextUtils.execWithAuthContext(SyncopeConstants.MASTER_DOMAIN, () -> {
Domain domain = dataAccessor.findDomain(domainToFind);
return ENCRYPTOR.verify(authentication.getCredentials().toString(), domain.getAdminCipherAlgorithm(), domain.getAdminPwd());
});
}
} else {
final Pair<User, Boolean> authResult = AuthContextUtils.execWithAuthContext(domainKey, () -> dataAccessor.authenticate(authentication));
authenticated = authResult.getValue();
if (authResult.getLeft() != null && authResult.getRight() != null) {
username[0] = authResult.getLeft().getUsername();
if (!authResult.getRight()) {
AuthContextUtils.execWithAuthContext(domainKey, () -> {
provisioningManager.internalSuspend(authResult.getLeft().getKey());
return null;
});
}
}
}
if (username[0] == null) {
username[0] = authentication.getPrincipal().toString();
}
final boolean isAuthenticated = authenticated != null && authenticated;
UsernamePasswordAuthenticationToken token;
if (isAuthenticated) {
token = AuthContextUtils.execWithAuthContext(domainKey, () -> {
UsernamePasswordAuthenticationToken token1 = new UsernamePasswordAuthenticationToken(username[0], null, dataAccessor.getAuthorities(username[0]));
token1.setDetails(authentication.getDetails());
dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.SUCCESS, null, isAuthenticated, authentication, "Successfully authenticated, with entitlements: " + token1.getAuthorities());
return token1;
});
LOG.debug("User {} successfully authenticated, with entitlements {}", username[0], token.getAuthorities());
} else {
AuthContextUtils.execWithAuthContext(domainKey, () -> {
dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.FAILURE, null, isAuthenticated, authentication, "User " + username[0] + " not authenticated");
return null;
});
LOG.debug("User {} not authenticated", username[0]);
throw new BadCredentialsException("User " + username[0] + " not authenticated");
}
return token;
}
Also used :
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Domain(org.apache.syncope.core.persistence.api.entity.Domain)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Pair(org.apache.commons.lang3.tuple.Pair)
Example 7 with Domain
use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class DomainTest method save.
@Test
public void save() {
Domain domain = entityFactory.newEntity(Domain.class);
domain.setKey("new");
domain.setPassword("password", CipherAlgorithm.SSHA512);
Domain actual = domainDAO.save(domain);
assertNotNull(actual);
assertEquals(CipherAlgorithm.SSHA512, actual.getAdminCipherAlgorithm());
assertNotEquals("password", actual.getAdminPwd());
}
Also used :
Domain(org.apache.syncope.core.persistence.api.entity.Domain)
Test(org.junit.jupiter.api.Test)
AbstractTest(org.apache.syncope.core.persistence.jpa.AbstractTest)
Example 8 with Domain
use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class DomainTest method delete.
@Test
public void delete() {
Domain domain = entityFactory.newEntity(Domain.class);
domain.setKey("todelete");
domain.setPassword("password", CipherAlgorithm.SSHA512);
Domain actual = domainDAO.save(domain);
assertNotNull(actual);
String id = actual.getKey();
assertNotNull(domainDAO.find(id));
domainDAO.delete(id);
assertNull(domainDAO.find(id));
}
Also used :
Domain(org.apache.syncope.core.persistence.api.entity.Domain)
Test(org.junit.jupiter.api.Test)
AbstractTest(org.apache.syncope.core.persistence.jpa.AbstractTest)
Example 9 with Domain
use of org.apache.syncope.core.persistence.api.entity.Domain in project syncope by apache.
the class DomainTest method find.
@Test
public void find() {
Domain two = domainDAO.find("Two");
assertNotNull(two);
assertEquals(CipherAlgorithm.SHA, two.getAdminCipherAlgorithm());
assertNull(domainDAO.find("none"));
}
Also used :
Domain(org.apache.syncope.core.persistence.api.entity.Domain)
Test(org.junit.jupiter.api.Test)
AbstractTest(org.apache.syncope.core.persistence.jpa.AbstractTest)
Aggregations
Domain (org.apache.syncope.core.persistence.api.entity.Domain)9
AbstractTest (org.apache.syncope.core.persistence.jpa.AbstractTest)4
Test (org.junit.jupiter.api.Test)4
NotFoundException (org.apache.syncope.core.persistence.api.dao.NotFoundException)2
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)2
Pair (org.apache.commons.lang3.tuple.Pair)1
DomainTO (org.apache.syncope.common.lib.to.DomainTO)1
JPADomain (org.apache.syncope.core.persistence.jpa.entity.JPADomain)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
