use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.
the class RestPasswordManagementService method changeInternal.
@Override
public boolean changeInternal(final Credential c, final PasswordChangeBean bean) {
final PasswordManagementProperties.Rest rest = properties.getRest();
if (StringUtils.isBlank(rest.getEndpointUrlChange())) {
return false;
}
final UsernamePasswordCredential upc = (UsernamePasswordCredential) c;
final HttpHeaders headers = new HttpHeaders();
headers.setAccept(CollectionUtils.wrap(MediaType.APPLICATION_JSON));
headers.put("username", CollectionUtils.wrap(upc.getUsername()));
headers.put("password", CollectionUtils.wrap(bean.getPassword()));
headers.put("oldPassword", CollectionUtils.wrap(upc.getPassword()));
final HttpEntity<String> entity = new HttpEntity<>(headers);
final ResponseEntity<Boolean> result = restTemplate.exchange(rest.getEndpointUrlChange(), HttpMethod.POST, entity, Boolean.class);
if (result.getStatusCodeValue() == HttpStatus.OK.value()) {
return result.getBody();
}
return false;
}
use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.
the class InitPasswordResetAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
final String token = requestContext.getFlowScope().getString("token");
if (StringUtils.isBlank(token)) {
LOGGER.error("Password reset token is missing");
return error();
}
final String username = passwordManagementService.parseToken(token);
if (StringUtils.isBlank(username)) {
LOGGER.error("Password reset token could not be verified");
return error();
}
final UsernamePasswordCredential c = new UsernamePasswordCredential();
c.setUsername(username);
WebUtils.putCredential(requestContext, c);
return success();
}
use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.
the class PasswordChangeAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
try {
final UsernamePasswordCredential c = (UsernamePasswordCredential) WebUtils.getCredential(requestContext);
final PasswordChangeBean bean = requestContext.getFlowScope().get(PasswordManagementWebflowConfigurer.FLOW_VAR_ID_PASSWORD, PasswordChangeBean.class);
if (!passwordValidationService.isValid(c, bean)) {
return getErrorEvent(requestContext, PASSWORD_VALIDATION_FAILURE_CODE, DEFAULT_MESSAGE);
}
if (passwordManagementService.change(c, bean)) {
WebUtils.putCredential(requestContext, new UsernamePasswordCredential(c.getUsername(), bean.getPassword()));
return new EventFactorySupport().event(this, PASSWORD_UPDATE_SUCCESS);
}
} catch (final InvalidPasswordException e) {
return getErrorEvent(requestContext, PASSWORD_VALIDATION_FAILURE_CODE + StringUtils.defaultIfBlank(e.getCode(), ""), StringUtils.defaultIfBlank(e.getValidationMessage(), DEFAULT_MESSAGE), e.getParams());
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return getErrorEvent(requestContext, "pm.updateFailure", DEFAULT_MESSAGE);
}
use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.
the class RegisteredServiceResource method authenticateRequest.
private Authentication authenticateRequest(final HttpServletRequest request, final HttpServletResponse response) {
final BasicAuthExtractor extractor = new BasicAuthExtractor();
final WebContext webContext = new J2EContext(request, response);
final UsernamePasswordCredentials credentials = extractor.extract(webContext);
if (credentials != null) {
LOGGER.debug("Received basic authentication request from credentials [{}]", credentials);
final Credential c = new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
final Service serviceRequest = this.serviceFactory.createService(request);
final AuthenticationResult result = authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(serviceRequest, c);
return result.getAuthentication();
}
throw new BadRestRequestException("Could not authenticate request");
}
use of org.apereo.cas.authentication.UsernamePasswordCredential in project cas by apereo.
the class QueryAndEncodeDatabaseAuthenticationHandlerTests method verifyAuthenticationSuccessful.
@Test
public void verifyAuthenticationSuccessful() throws Exception {
final QueryAndEncodeDatabaseAuthenticationHandler q = new QueryAndEncodeDatabaseAuthenticationHandler("", null, null, null, dataSource, ALG_NAME, buildSql(), PASSWORD_FIELD_NAME, "salt", null, null, NUM_ITERATIONS_FIELD_NAME, 0, STATIC_SALT);
final UsernamePasswordCredential c = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword("user1");
final AuthenticationHandlerExecutionResult r = q.authenticate(c);
assertNotNull(r);
assertEquals("user1", r.getPrincipal().getId());
}
Aggregations