Example 1 with SimplePrincipal
use of org.apereo.cas.authentication.principal.SimplePrincipal in project cas by apereo.
the class RestAuthenticationHandler method authenticateUsernamePasswordInternal.
@Override
protected HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential c, final String originalPassword) throws GeneralSecurityException, PreventedException {
try {
final UsernamePasswordCredential creds = new UsernamePasswordCredential(c.getUsername(), c.getPassword());
final ResponseEntity<SimplePrincipal> authenticationResponse = api.authenticate(creds);
if (authenticationResponse.getStatusCode() == HttpStatus.OK) {
final SimplePrincipal principalFromRest = authenticationResponse.getBody();
if (principalFromRest == null || StringUtils.isBlank(principalFromRest.getId())) {
throw new FailedLoginException("Could not determine authentication response from rest endpoint for " + c.getUsername());
}
return createHandlerResult(c, this.principalFactory.createPrincipal(principalFromRest.getId(), principalFromRest.getAttributes()), new ArrayList<>());
}
} catch (final HttpClientErrorException e) {
if (e.getStatusCode() == HttpStatus.FORBIDDEN) {
throw new AccountDisabledException("Could not authenticate forbidden account for " + c.getUsername());
}
if (e.getStatusCode() == HttpStatus.UNAUTHORIZED) {
throw new FailedLoginException("Could not authenticate account for " + c.getUsername());
}
if (e.getStatusCode() == HttpStatus.NOT_FOUND) {
throw new AccountNotFoundException("Could not locate account for " + c.getUsername());
}
if (e.getStatusCode() == HttpStatus.LOCKED) {
throw new AccountLockedException("Could not authenticate locked account for " + c.getUsername());
}
if (e.getStatusCode() == HttpStatus.PRECONDITION_REQUIRED) {
throw new AccountExpiredException("Could not authenticate expired account for " + c.getUsername());
}
throw new FailedLoginException("Rest endpoint returned an unknown status code " + e.getStatusCode() + " for " + c.getUsername());
}
throw new FailedLoginException("Rest endpoint returned an unknown response for " + c.getUsername());
}
Also used :
AccountLockedException(javax.security.auth.login.AccountLockedException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
HttpClientErrorException(org.springframework.web.client.HttpClientErrorException)
AccountExpiredException(javax.security.auth.login.AccountExpiredException)
UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)
AccountNotFoundException(javax.security.auth.login.AccountNotFoundException)
SimplePrincipal(org.apereo.cas.authentication.principal.SimplePrincipal)
AccountDisabledException(org.apereo.cas.authentication.exceptions.AccountDisabledException)
Aggregations
AccountExpiredException (javax.security.auth.login.AccountExpiredException)1
AccountLockedException (javax.security.auth.login.AccountLockedException)1
AccountNotFoundException (javax.security.auth.login.AccountNotFoundException)1
FailedLoginException (javax.security.auth.login.FailedLoginException)1
UsernamePasswordCredential (org.apereo.cas.authentication.UsernamePasswordCredential)1
AccountDisabledException (org.apereo.cas.authentication.exceptions.AccountDisabledException)1
SimplePrincipal (org.apereo.cas.authentication.principal.SimplePrincipal)1
HttpClientErrorException (org.springframework.web.client.HttpClientErrorException)1
