Search in sources :

Example 1 with UaaAuthenticationDetails

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.

the class ChangePasswordController method changePassword.

@RequestMapping(value = "/change_password.do", method = POST)
public String changePassword(Model model, @RequestParam("current_password") String currentPassword, @RequestParam("new_password") String newPassword, @RequestParam("confirm_password") String confirmPassword, HttpServletResponse response, HttpServletRequest request) {
    PasswordConfirmationValidation validation = new PasswordConfirmationValidation(newPassword, confirmPassword);
    if (!validation.valid()) {
        model.addAttribute("message_code", validation.getMessageCode());
        response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
        return "change_password";
    }
    SecurityContext securityContext = SecurityContextHolder.getContext();
    Authentication authentication = securityContext.getAuthentication();
    String username = authentication.getName();
    try {
        changePasswordService.changePassword(username, currentPassword, newPassword);
        request.getSession().invalidate();
        request.getSession(true);
        if (authentication instanceof UaaAuthentication) {
            UaaAuthentication uaaAuthentication = (UaaAuthentication) authentication;
            uaaAuthentication.setAuthenticatedTime(System.currentTimeMillis());
            uaaAuthentication.setAuthenticationDetails(new UaaAuthenticationDetails(request));
        }
        securityContext.setAuthentication(authentication);
        return "redirect:profile";
    } catch (BadCredentialsException e) {
        model.addAttribute("message_code", "unauthorized");
    } catch (InvalidPasswordException e) {
        model.addAttribute("message", e.getMessagesAsOneString());
    }
    response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
    return "change_password";
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) SecurityContext(org.springframework.security.core.context.SecurityContext) InvalidPasswordException(org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with UaaAuthenticationDetails

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.

the class ExternalLoginAuthenticationManagerTest method testNoUsernameOnlyEmail.

@Test
public void testNoUsernameOnlyEmail() {
    String email = "joe@test.org";
    userDetails = mock(UserDetails.class, withSettings().extraInterfaces(Mailable.class));
    when(((Mailable) userDetails).getEmailAddress()).thenReturn(email);
    mockUserDetails(userDetails);
    mockUaaWithUser();
    UaaAuthenticationDetails uaaAuthenticationDetails = mock(UaaAuthenticationDetails.class);
    when(uaaAuthenticationDetails.getOrigin()).thenReturn(origin);
    when(uaaAuthenticationDetails.getClientId()).thenReturn(null);
    when(uaaAuthenticationDetails.getSessionId()).thenReturn(new RandomValueStringGenerator().generate());
    when(inputAuth.getDetails()).thenReturn(uaaAuthenticationDetails);
    when(user.getUsername()).thenReturn(email);
    when(uaaUserDatabase.retrieveUserByName(email, origin)).thenReturn(user);
    when(userDetails.getUsername()).thenReturn(null);
    Authentication result = manager.authenticate(inputAuth);
    assertNotNull(result);
    assertEquals(UaaAuthentication.class, result.getClass());
    UaaAuthentication uaaAuthentication = (UaaAuthentication) result;
    assertEquals(email, uaaAuthentication.getPrincipal().getName());
    assertEquals(origin, uaaAuthentication.getPrincipal().getOrigin());
    assertEquals(userId, uaaAuthentication.getPrincipal().getId());
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Mailable(org.cloudfoundry.identity.uaa.user.Mailable) LdapUserDetails(org.springframework.security.ldap.userdetails.LdapUserDetails) UserDetails(org.springframework.security.core.userdetails.UserDetails) ExtendedLdapUserDetails(org.cloudfoundry.identity.uaa.provider.ldap.ExtendedLdapUserDetails) UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) Test(org.junit.Test)

Example 3 with UaaAuthenticationDetails

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.

the class ExternalLoginAuthenticationManagerTest method testAuthenticateWithAuthDetails.

@Test
public void testAuthenticateWithAuthDetails() {
    UaaAuthenticationDetails uaaAuthenticationDetails = mock(UaaAuthenticationDetails.class);
    when(uaaAuthenticationDetails.getOrigin()).thenReturn(origin);
    when(uaaAuthenticationDetails.getClientId()).thenReturn(null);
    when(uaaAuthenticationDetails.getSessionId()).thenReturn(new RandomValueStringGenerator().generate());
    when(inputAuth.getDetails()).thenReturn(uaaAuthenticationDetails);
    Authentication result = manager.authenticate(inputAuth);
    assertNotNull(result);
    assertEquals(UaaAuthentication.class, result.getClass());
    UaaAuthentication uaaAuthentication = (UaaAuthentication) result;
    assertEquals(userName, uaaAuthentication.getPrincipal().getName());
    assertEquals(origin, uaaAuthentication.getPrincipal().getOrigin());
    assertEquals(userId, uaaAuthentication.getPrincipal().getId());
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) Test(org.junit.Test)

Example 4 with UaaAuthenticationDetails

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.

the class UserAuthenticationSuccessEventTests method getOriginFromRequest.

@Test
void getOriginFromRequest() {
    MockHttpSession session = new MockHttpSession(null, "the-id");
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/oauth/authorize");
    request.setSession(session);
    request.setRemoteAddr("127.10.10.10");
    UaaAuthenticationDetails details = new UaaAuthenticationDetails(request, "client-id");
    UserAuthenticationSuccessEvent event = new UserAuthenticationSuccessEvent(mock(UaaUser.class), mock(Authentication.class), "foobar");
    String origin = event.getOrigin(details);
    assertThat(origin, containsString("remoteAddress=127.10.10.10"));
    assertThat(origin, containsString("clientId=client-id"));
    assertThat(origin, containsString("sessionId=<SESSION>"));
}
Also used : UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Authentication(org.springframework.security.core.Authentication) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) MockHttpSession(org.springframework.mock.web.MockHttpSession) Matchers.containsString(org.hamcrest.Matchers.containsString) Test(org.junit.jupiter.api.Test)

Example 5 with UaaAuthenticationDetails

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.

the class DefaultSecurityContextAccessorTests method zoneAdminUserIsNotAdmin_BecauseOriginIsNotUaa.

@Test
void zoneAdminUserIsNotAdmin_BecauseOriginIsNotUaa() {
    BaseClientDetails client = new BaseClientDetails();
    List<SimpleGrantedAuthority> authorities = new LinkedList<>();
    authorities.add(new SimpleGrantedAuthority("zones." + IdentityZoneHolder.get().getId() + ".admin"));
    client.setAuthorities(authorities);
    UaaPrincipal principal = new UaaPrincipal("id", "username", "email", OriginKeys.UAA, null, MultitenancyFixture.identityZone("test", "test").getId());
    UaaAuthentication userAuthentication = new UaaAuthentication(principal, authorities, new UaaAuthenticationDetails(new MockHttpServletRequest()));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("admin", UaaStringUtils.getStringsFromAuthorities(authorities));
    authorizationRequest.setResourceIdsAndAuthoritiesFromClientDetails(client);
    SecurityContextHolder.getContext().setAuthentication(new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication));
    assertFalse(defaultSecurityContextAccessor.isAdmin());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) LinkedList(java.util.LinkedList) Test(org.junit.jupiter.api.Test)

Aggregations

UaaAuthenticationDetails (org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails)34 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)22 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)13 Authentication (org.springframework.security.core.Authentication)13 Test (org.junit.jupiter.api.Test)10 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)10 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)10 HashMap (java.util.HashMap)7 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)7 UaaUser (org.cloudfoundry.identity.uaa.user.UaaUser)6 Test (org.junit.Test)6 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)5 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)5 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)5 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)5 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)5 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)5 AuthzAuthenticationRequest (org.cloudfoundry.identity.uaa.authentication.AuthzAuthenticationRequest)4 UaaLoginHint (org.cloudfoundry.identity.uaa.authentication.UaaLoginHint)4 Matchers.containsString (org.hamcrest.Matchers.containsString)4