Search in sources :

Example 81 with UsernamePasswordCredential

use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.

the class RestPasswordManagementService method changeInternal.

@Override
public boolean changeInternal(final Credential c, final PasswordChangeBean bean) {
    final PasswordManagementProperties.Rest rest = properties.getRest();
    if (StringUtils.isBlank(rest.getEndpointUrlChange())) {
        return false;
    }
    final UsernamePasswordCredential upc = (UsernamePasswordCredential) c;
    final HttpHeaders headers = new HttpHeaders();
    headers.setAccept(CollectionUtils.wrap(MediaType.APPLICATION_JSON));
    headers.put("username", CollectionUtils.wrap(upc.getUsername()));
    headers.put("password", CollectionUtils.wrap(bean.getPassword()));
    headers.put("oldPassword", CollectionUtils.wrap(upc.getPassword()));
    final HttpEntity<String> entity = new HttpEntity<>(headers);
    final ResponseEntity<Boolean> result = restTemplate.exchange(rest.getEndpointUrlChange(), HttpMethod.POST, entity, Boolean.class);
    if (result.getStatusCodeValue() == HttpStatus.OK.value()) {
        return result.getBody();
    }
    return false;
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) PasswordManagementProperties(org.apereo.cas.configuration.model.support.pm.PasswordManagementProperties) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)

Example 82 with UsernamePasswordCredential

use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.

the class InitPasswordResetAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    final String token = requestContext.getFlowScope().getString("token");
    if (StringUtils.isBlank(token)) {
        LOGGER.error("Password reset token is missing");
        return error();
    }
    final String username = passwordManagementService.parseToken(token);
    if (StringUtils.isBlank(username)) {
        LOGGER.error("Password reset token could not be verified");
        return error();
    }
    final UsernamePasswordCredential c = new UsernamePasswordCredential();
    c.setUsername(username);
    WebUtils.putCredential(requestContext, c);
    return success();
}
Also used : UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)

Example 83 with UsernamePasswordCredential

use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.

the class PasswordChangeAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    try {
        final UsernamePasswordCredential c = (UsernamePasswordCredential) WebUtils.getCredential(requestContext);
        final PasswordChangeBean bean = requestContext.getFlowScope().get(PasswordManagementWebflowConfigurer.FLOW_VAR_ID_PASSWORD, PasswordChangeBean.class);
        if (!passwordValidationService.isValid(c, bean)) {
            return getErrorEvent(requestContext, PASSWORD_VALIDATION_FAILURE_CODE, DEFAULT_MESSAGE);
        }
        if (passwordManagementService.change(c, bean)) {
            WebUtils.putCredential(requestContext, new UsernamePasswordCredential(c.getUsername(), bean.getPassword()));
            return new EventFactorySupport().event(this, PASSWORD_UPDATE_SUCCESS);
        }
    } catch (final InvalidPasswordException e) {
        return getErrorEvent(requestContext, PASSWORD_VALIDATION_FAILURE_CODE + StringUtils.defaultIfBlank(e.getCode(), ""), StringUtils.defaultIfBlank(e.getValidationMessage(), DEFAULT_MESSAGE), e.getParams());
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return getErrorEvent(requestContext, "pm.updateFailure", DEFAULT_MESSAGE);
}
Also used : PasswordChangeBean(org.apereo.cas.pm.PasswordChangeBean) InvalidPasswordException(org.apereo.cas.pm.InvalidPasswordException) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport) InvalidPasswordException(org.apereo.cas.pm.InvalidPasswordException)

Example 84 with UsernamePasswordCredential

use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.

the class RegisteredServiceResource method authenticateRequest.

private Authentication authenticateRequest(final HttpServletRequest request, final HttpServletResponse response) {
    final BasicAuthExtractor extractor = new BasicAuthExtractor();
    final WebContext webContext = new J2EContext(request, response);
    final UsernamePasswordCredentials credentials = extractor.extract(webContext);
    if (credentials != null) {
        LOGGER.debug("Received basic authentication request from credentials [{}]", credentials);
        final Credential c = new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
        final Service serviceRequest = this.serviceFactory.createService(request);
        final AuthenticationResult result = authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(serviceRequest, c);
        return result.getAuthentication();
    }
    throw new BadRestRequestException("Could not authenticate request");
}
Also used : BasicAuthExtractor(org.pac4j.core.credentials.extractor.BasicAuthExtractor) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) Credential(org.apereo.cas.authentication.Credential) WebContext(org.pac4j.core.context.WebContext) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) BadRestRequestException(org.apereo.cas.rest.BadRestRequestException) J2EContext(org.pac4j.core.context.J2EContext) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)

Example 85 with UsernamePasswordCredential

use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.

the class QueryAndEncodeDatabaseAuthenticationHandlerTests method verifyAuthenticationSuccessful.

@Test
public void verifyAuthenticationSuccessful() throws Exception {
    final QueryAndEncodeDatabaseAuthenticationHandler q = new QueryAndEncodeDatabaseAuthenticationHandler("", null, null, null, dataSource, ALG_NAME, buildSql(), PASSWORD_FIELD_NAME, "salt", null, null, NUM_ITERATIONS_FIELD_NAME, 0, STATIC_SALT);
    final UsernamePasswordCredential c = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword("user1");
    final AuthenticationHandlerExecutionResult r = q.authenticate(c);
    assertNotNull(r);
    assertEquals("user1", r.getPrincipal().getId());
}
Also used : AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

UsernamePasswordCredential (org.apereo.cas.authentication.UsernamePasswordCredential)96 Test (org.junit.Test)58 Credential (org.apereo.cas.authentication.Credential)25 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)22 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)17 HashMap (java.util.HashMap)10 LinkedHashMap (java.util.LinkedHashMap)9 CachedData (net.spy.memcached.CachedData)9 Authentication (org.apereo.cas.authentication.Authentication)9 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)9 HttpBasedServiceCredential (org.apereo.cas.authentication.HttpBasedServiceCredential)9 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)9 Service (org.apereo.cas.authentication.principal.Service)8 ServiceTicket (org.apereo.cas.ticket.ServiceTicket)8 BasicCredentialMetaData (org.apereo.cas.authentication.BasicCredentialMetaData)6 DefaultAuthenticationBuilder (org.apereo.cas.authentication.DefaultAuthenticationBuilder)6 Assertion (org.apereo.cas.validation.Assertion)6 AuthenticationBuilder (org.apereo.cas.authentication.AuthenticationBuilder)5 PasswordChangeBean (org.apereo.cas.pm.PasswordChangeBean)5 ClassPathResource (org.springframework.core.io.ClassPathResource)5