use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.
the class RejectUsersAuthenticationHandlerTests method verifySupportsProperUserCredentials.
@Test
public void verifySupportsProperUserCredentials() throws Exception {
val c = new UsernamePasswordCredential();
c.setUsername("fff");
c.setPassword("rutgers");
assertNotNull(this.authenticationHandler.authenticate(c));
}
use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.
the class RejectUsersAuthenticationHandlerTests method verifyPassesUserNotInMap.
@Test
public void verifyPassesUserNotInMap() throws Exception {
val c = new UsernamePasswordCredential();
c.setUsername("fds");
c.setPassword("rutgers");
assertNotNull(this.authenticationHandler.authenticate(c));
}
use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.
the class MongoDbAuthenticationHandler method authenticateUsernamePasswordInternal.
@Override
protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential, final String originalPassword) throws GeneralSecurityException {
val collection = mongoTemplate.getCollection(properties.getCollection());
val it = collection.find(Filters.eq(properties.getUsernameAttribute(), transformedCredential.getUsername())).iterator();
if (it.hasNext()) {
val result = it.next();
if (!result.containsKey(properties.getPasswordAttribute())) {
throw new FailedLoginException("No password attribute found for " + transformedCredential.getId());
}
val entryPassword = result.get(properties.getPasswordAttribute());
if (!getPasswordEncoder().matches(originalPassword, entryPassword.toString())) {
LOGGER.warn("Account password on record for [{}] does not match the given/encoded password", transformedCredential.getId());
throw new FailedLoginException();
}
val attributes = new HashMap<String, List<Object>>();
result.entrySet().stream().filter(s -> !s.getKey().equals(properties.getPasswordAttribute()) && !s.getKey().equals(properties.getUsernameAttribute())).forEach(entry -> attributes.put(entry.getKey(), CollectionUtils.toCollection(entry.getValue(), ArrayList.class)));
val principal = this.principalFactory.createPrincipal(transformedCredential.getId(), attributes);
return createHandlerResult(transformedCredential, principal, new ArrayList<>(0));
}
throw new AccountNotFoundException("Unable to locate user account");
}
use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.
the class OAuth20UsernamePasswordAuthenticator method validate.
@Override
public void validate(final Credentials credentials, final WebContext webContext, final SessionStore sessionStore) throws CredentialsException {
try {
val upc = (UsernamePasswordCredentials) credentials;
val casCredential = new UsernamePasswordCredential(upc.getUsername(), upc.getPassword());
val clientIdAndSecret = OAuth20Utils.getClientIdAndClientSecret(webContext, this.sessionStore);
if (StringUtils.isBlank(clientIdAndSecret.getKey())) {
throw new CredentialsException("No client credentials could be identified in this request");
}
val clientId = clientIdAndSecret.getKey();
val registeredService = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, clientId);
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService);
val clientSecret = clientIdAndSecret.getRight();
if (!OAuth20Utils.checkClientSecret(registeredService, clientSecret, registeredServiceCipherExecutor)) {
throw new CredentialsException("Client Credentials provided is not valid for registered service: " + Objects.requireNonNull(registeredService).getName());
}
val redirectUri = webContext.getRequestParameter(OAuth20Constants.REDIRECT_URI).map(String::valueOf).orElse(StringUtils.EMPTY);
val service = StringUtils.isNotBlank(redirectUri) ? this.webApplicationServiceFactory.createService(redirectUri) : null;
val authenticationResult = authenticationSystemSupport.finalizeAuthenticationTransaction(service, casCredential);
if (authenticationResult == null) {
throw new CredentialsException("Could not authenticate the provided credentials");
}
val authentication = authenticationResult.getAuthentication();
val principal = authentication.getPrincipal();
val context = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(service).principal(principal).build();
val attributes = Objects.requireNonNull(registeredService).getAttributeReleasePolicy().getAttributes(context);
val profile = new CommonProfile();
val id = registeredService.getUsernameAttributeProvider().resolveUsername(principal, service, registeredService);
LOGGER.debug("Created profile id [{}]", id);
profile.setId(id);
profile.addAttributes((Map) attributes);
LOGGER.debug("Authenticated user profile [{}]", profile);
credentials.setUserProfile(profile);
} catch (final Exception e) {
throw new CredentialsException("Cannot login user using CAS internal authentication", e);
}
}
use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.
the class PasswordlessTokenAuthenticationHandlerTests method verifyAction.
@Test
public void verifyAction() throws Exception {
val repository = new InMemoryPasswordlessTokenRepository(60);
repository.saveToken("casuser", "123456");
val h = new PasswordlessTokenAuthenticationHandler(null, mock(ServicesManager.class), PrincipalFactoryUtils.newPrincipalFactory(), 0, repository);
val c = new OneTimePasswordCredential("casuser", "123456");
assertNotNull(h.authenticate(c));
assertThrows(FailedLoginException.class, () -> h.authenticate(new OneTimePasswordCredential("1", "2")));
assertTrue(h.supports(c));
assertTrue(h.supports(c.getCredentialClass()));
assertFalse(h.supports(new UsernamePasswordCredential()));
}
Aggregations