Search in sources :

Example 1 with UserNotFoundEvent

use of org.cloudfoundry.identity.uaa.authentication.event.UserNotFoundEvent in project uaa by cloudfoundry.

the class AuthzAuthenticationManager method authenticate.

@Override
public Authentication authenticate(Authentication req) throws AuthenticationException {
    logger.debug("Processing authentication request for " + req.getName());
    if (req.getCredentials() == null) {
        BadCredentialsException e = new BadCredentialsException("No password supplied");
        publish(new AuthenticationFailureBadCredentialsEvent(req, e));
        throw e;
    }
    UaaUser user = getUaaUser(req);
    if (user == null) {
        logger.debug("No user named '" + req.getName() + "' was found for origin:" + origin);
        publish(new UserNotFoundEvent(req, IdentityZoneHolder.getCurrentZoneId()));
    } else {
        if (!accountLoginPolicy.isAllowed(user, req)) {
            logger.warn("Login policy rejected authentication for " + user.getUsername() + ", " + user.getId() + ". Ignoring login request.");
            AuthenticationPolicyRejectionException e = new AuthenticationPolicyRejectionException("Your account has been locked because of too many failed attempts to login.");
            publish(new AuthenticationFailureLockedEvent(req, e));
            throw e;
        }
        boolean passwordMatches = ((CharSequence) req.getCredentials()).length() != 0 && encoder.matches((CharSequence) req.getCredentials(), user.getPassword());
        if (!passwordMatches) {
            logger.debug("Password did not match for user " + req.getName());
            publish(new IdentityProviderAuthenticationFailureEvent(req, req.getName(), OriginKeys.UAA, IdentityZoneHolder.getCurrentZoneId()));
            publish(new UserAuthenticationFailureEvent(user, req, IdentityZoneHolder.getCurrentZoneId()));
        } else {
            logger.debug("Password successfully matched for userId[" + user.getUsername() + "]:" + user.getId());
            boolean userMustBeVerified = !allowUnverifiedUsers || !user.isLegacyVerificationBehavior();
            if (userMustBeVerified && !user.isVerified()) {
                publish(new UnverifiedUserAuthenticationEvent(user, req, IdentityZoneHolder.getCurrentZoneId()));
                logger.debug("Account not verified: " + user.getId());
                throw new AccountNotVerifiedException("Account not verified");
            }
            UaaAuthentication uaaAuthentication = new UaaAuthentication(new UaaPrincipal(user), user.getAuthorities(), (UaaAuthenticationDetails) req.getDetails());
            uaaAuthentication.setAuthenticationMethods(Collections.singleton("pwd"));
            if (userMustUpdatePassword(user)) {
                logger.info("Password change required for user: " + user.getEmail());
                user.setPasswordChangeRequired(true);
                SessionUtils.setPasswordChangeRequired(httpSession, true);
            }
            publish(new IdentityProviderAuthenticationSuccessEvent(user, uaaAuthentication, OriginKeys.UAA, IdentityZoneHolder.getCurrentZoneId()));
            return uaaAuthentication;
        }
    }
    BadCredentialsException e = new BadCredentialsException("Bad credentials");
    publish(new AuthenticationFailureBadCredentialsEvent(req, e));
    throw e;
}
Also used : UserAuthenticationFailureEvent(org.cloudfoundry.identity.uaa.authentication.event.UserAuthenticationFailureEvent) IdentityProviderAuthenticationSuccessEvent(org.cloudfoundry.identity.uaa.authentication.event.IdentityProviderAuthenticationSuccessEvent) IdentityProviderAuthenticationFailureEvent(org.cloudfoundry.identity.uaa.authentication.event.IdentityProviderAuthenticationFailureEvent) AuthenticationFailureBadCredentialsEvent(org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) UnverifiedUserAuthenticationEvent(org.cloudfoundry.identity.uaa.authentication.event.UnverifiedUserAuthenticationEvent) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) AuthenticationFailureLockedEvent(org.springframework.security.authentication.event.AuthenticationFailureLockedEvent) UserNotFoundEvent(org.cloudfoundry.identity.uaa.authentication.event.UserNotFoundEvent) AuthenticationPolicyRejectionException(org.cloudfoundry.identity.uaa.authentication.AuthenticationPolicyRejectionException) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) AccountNotVerifiedException(org.cloudfoundry.identity.uaa.authentication.AccountNotVerifiedException)

Example 2 with UserNotFoundEvent

use of org.cloudfoundry.identity.uaa.authentication.event.UserNotFoundEvent in project uaa by cloudfoundry.

the class AuditListenerTests method userNotFoundIsAudited.

@Test
void userNotFoundIsAudited(final RandomStringGetter zoneId) {
    when(mockAuthentication.getName()).thenReturn("name");
    auditListener.onApplicationEvent(new UserNotFoundEvent(mockAuthentication, zoneId.get()));
    verify(mockUaaAuditService).log(isA(AuditEvent.class), eq(zoneId.get()));
}
Also used : UserNotFoundEvent(org.cloudfoundry.identity.uaa.authentication.event.UserNotFoundEvent) AuditEvent(org.cloudfoundry.identity.uaa.audit.AuditEvent) Test(org.junit.jupiter.api.Test)

Aggregations

UserNotFoundEvent (org.cloudfoundry.identity.uaa.authentication.event.UserNotFoundEvent)2 AuditEvent (org.cloudfoundry.identity.uaa.audit.AuditEvent)1 AccountNotVerifiedException (org.cloudfoundry.identity.uaa.authentication.AccountNotVerifiedException)1 AuthenticationPolicyRejectionException (org.cloudfoundry.identity.uaa.authentication.AuthenticationPolicyRejectionException)1 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)1 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)1 IdentityProviderAuthenticationFailureEvent (org.cloudfoundry.identity.uaa.authentication.event.IdentityProviderAuthenticationFailureEvent)1 IdentityProviderAuthenticationSuccessEvent (org.cloudfoundry.identity.uaa.authentication.event.IdentityProviderAuthenticationSuccessEvent)1 UnverifiedUserAuthenticationEvent (org.cloudfoundry.identity.uaa.authentication.event.UnverifiedUserAuthenticationEvent)1 UserAuthenticationFailureEvent (org.cloudfoundry.identity.uaa.authentication.event.UserAuthenticationFailureEvent)1 UaaUser (org.cloudfoundry.identity.uaa.user.UaaUser)1 Test (org.junit.jupiter.api.Test)1 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1 AuthenticationFailureBadCredentialsEvent (org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent)1 AuthenticationFailureLockedEvent (org.springframework.security.authentication.event.AuthenticationFailureLockedEvent)1