use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.
the class ChangePasswordController method changePassword.
@RequestMapping(value = "/change_password.do", method = POST)
public String changePassword(Model model, @RequestParam("current_password") String currentPassword, @RequestParam("new_password") String newPassword, @RequestParam("confirm_password") String confirmPassword, HttpServletResponse response, HttpServletRequest request) {
PasswordConfirmationValidation validation = new PasswordConfirmationValidation(newPassword, confirmPassword);
if (!validation.valid()) {
model.addAttribute("message_code", validation.getMessageCode());
response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
return "change_password";
}
SecurityContext securityContext = SecurityContextHolder.getContext();
Authentication authentication = securityContext.getAuthentication();
String username = authentication.getName();
try {
changePasswordService.changePassword(username, currentPassword, newPassword);
request.getSession().invalidate();
request.getSession(true);
if (authentication instanceof UaaAuthentication) {
UaaAuthentication uaaAuthentication = (UaaAuthentication) authentication;
uaaAuthentication.setAuthenticatedTime(System.currentTimeMillis());
uaaAuthentication.setAuthenticationDetails(new UaaAuthenticationDetails(request));
}
securityContext.setAuthentication(authentication);
return "redirect:profile";
} catch (BadCredentialsException e) {
model.addAttribute("message_code", "unauthorized");
} catch (InvalidPasswordException e) {
model.addAttribute("message", e.getMessagesAsOneString());
}
response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
return "change_password";
}
use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.
the class ExternalLoginAuthenticationManagerTest method testNoUsernameOnlyEmail.
@Test
public void testNoUsernameOnlyEmail() {
String email = "joe@test.org";
userDetails = mock(UserDetails.class, withSettings().extraInterfaces(Mailable.class));
when(((Mailable) userDetails).getEmailAddress()).thenReturn(email);
mockUserDetails(userDetails);
mockUaaWithUser();
UaaAuthenticationDetails uaaAuthenticationDetails = mock(UaaAuthenticationDetails.class);
when(uaaAuthenticationDetails.getOrigin()).thenReturn(origin);
when(uaaAuthenticationDetails.getClientId()).thenReturn(null);
when(uaaAuthenticationDetails.getSessionId()).thenReturn(new RandomValueStringGenerator().generate());
when(inputAuth.getDetails()).thenReturn(uaaAuthenticationDetails);
when(user.getUsername()).thenReturn(email);
when(uaaUserDatabase.retrieveUserByName(email, origin)).thenReturn(user);
when(userDetails.getUsername()).thenReturn(null);
Authentication result = manager.authenticate(inputAuth);
assertNotNull(result);
assertEquals(UaaAuthentication.class, result.getClass());
UaaAuthentication uaaAuthentication = (UaaAuthentication) result;
assertEquals(email, uaaAuthentication.getPrincipal().getName());
assertEquals(origin, uaaAuthentication.getPrincipal().getOrigin());
assertEquals(userId, uaaAuthentication.getPrincipal().getId());
}
use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.
the class ExternalLoginAuthenticationManagerTest method testAuthenticateWithAuthDetails.
@Test
public void testAuthenticateWithAuthDetails() {
UaaAuthenticationDetails uaaAuthenticationDetails = mock(UaaAuthenticationDetails.class);
when(uaaAuthenticationDetails.getOrigin()).thenReturn(origin);
when(uaaAuthenticationDetails.getClientId()).thenReturn(null);
when(uaaAuthenticationDetails.getSessionId()).thenReturn(new RandomValueStringGenerator().generate());
when(inputAuth.getDetails()).thenReturn(uaaAuthenticationDetails);
Authentication result = manager.authenticate(inputAuth);
assertNotNull(result);
assertEquals(UaaAuthentication.class, result.getClass());
UaaAuthentication uaaAuthentication = (UaaAuthentication) result;
assertEquals(userName, uaaAuthentication.getPrincipal().getName());
assertEquals(origin, uaaAuthentication.getPrincipal().getOrigin());
assertEquals(userId, uaaAuthentication.getPrincipal().getId());
}
use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.
the class UserAuthenticationSuccessEventTests method getOriginFromRequest.
@Test
void getOriginFromRequest() {
MockHttpSession session = new MockHttpSession(null, "the-id");
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/oauth/authorize");
request.setSession(session);
request.setRemoteAddr("127.10.10.10");
UaaAuthenticationDetails details = new UaaAuthenticationDetails(request, "client-id");
UserAuthenticationSuccessEvent event = new UserAuthenticationSuccessEvent(mock(UaaUser.class), mock(Authentication.class), "foobar");
String origin = event.getOrigin(details);
assertThat(origin, containsString("remoteAddress=127.10.10.10"));
assertThat(origin, containsString("clientId=client-id"));
assertThat(origin, containsString("sessionId=<SESSION>"));
}
use of org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails in project uaa by cloudfoundry.
the class DefaultSecurityContextAccessorTests method zoneAdminUserIsNotAdmin_BecauseOriginIsNotUaa.
@Test
void zoneAdminUserIsNotAdmin_BecauseOriginIsNotUaa() {
BaseClientDetails client = new BaseClientDetails();
List<SimpleGrantedAuthority> authorities = new LinkedList<>();
authorities.add(new SimpleGrantedAuthority("zones." + IdentityZoneHolder.get().getId() + ".admin"));
client.setAuthorities(authorities);
UaaPrincipal principal = new UaaPrincipal("id", "username", "email", OriginKeys.UAA, null, MultitenancyFixture.identityZone("test", "test").getId());
UaaAuthentication userAuthentication = new UaaAuthentication(principal, authorities, new UaaAuthenticationDetails(new MockHttpServletRequest()));
AuthorizationRequest authorizationRequest = new AuthorizationRequest("admin", UaaStringUtils.getStringsFromAuthorities(authorities));
authorizationRequest.setResourceIdsAndAuthoritiesFromClientDetails(client);
SecurityContextHolder.getContext().setAuthentication(new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication));
assertFalse(defaultSecurityContextAccessor.isAdmin());
}
Aggregations