use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.
the class AuthenticationServiceIT method testRefreshPersistentLoginToken.
@Test
public void testRefreshPersistentLoginToken() throws Exception {
String profileId = profileService.getProfileByUsername(DEFAULT_TENANT_NAME, ADMIN_USERNAME).getId().toString();
PersistentLogin login = authenticationService.createPersistentLogin(profileId);
assertNotNull(login);
PersistentLogin refreshedLogin = authenticationService.refreshPersistentLoginToken(login.getId());
assertNotNull(refreshedLogin);
assertEquals(login.getId(), refreshedLogin.getId());
assertEquals(login.getProfileId(), refreshedLogin.getProfileId());
assertEquals(login.getTenant(), refreshedLogin.getTenant());
assertNotEquals(login.getToken(), refreshedLogin.getToken());
assertEquals(login.getTimestamp(), refreshedLogin.getTimestamp());
authenticationService.invalidateTicket(login.getId());
}
use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.
the class AuthenticationServiceIT method testGetExpiredPersistentLogin.
@Test
public void testGetExpiredPersistentLogin() throws Exception {
String profileId = profileService.getProfileByUsername(DEFAULT_TENANT_NAME, ADMIN_USERNAME).getId().toString();
PersistentLogin login = authenticationService.createPersistentLogin(profileId);
assertNotNull(login);
Thread.sleep(TimeUnit.SECONDS.toMillis(4));
login = authenticationService.getPersistentLogin(login.getId());
assertNull(login);
}
use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.
the class AuthenticationServiceIT method testGetPersistentLogin.
@Test
public void testGetPersistentLogin() throws Exception {
String profileId = profileService.getProfileByUsername(DEFAULT_TENANT_NAME, ADMIN_USERNAME).getId().toString();
PersistentLogin expectedLogin = authenticationService.createPersistentLogin(profileId);
assertNotNull(expectedLogin);
PersistentLogin login = authenticationService.getPersistentLogin(expectedLogin.getId());
assertNotNull(login);
assertEquals(expectedLogin.getId(), login.getId());
assertEquals(expectedLogin.getProfileId(), login.getProfileId());
assertEquals(expectedLogin.getTenant(), login.getTenant());
assertEquals(expectedLogin.getToken(), login.getToken());
assertEquals(expectedLogin.getTimestamp(), login.getTimestamp());
authenticationService.invalidateTicket(expectedLogin.getId());
}
use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.
the class AuthenticationServiceImplTest method testGetPersistentLogin.
@Test
public void testGetPersistentLogin() throws Exception {
PersistentLogin login = authenticationService.getPersistentLogin(PERSISTENT_LOGIN_ID);
assertNotNull(login);
assertEquals(PERSISTENT_LOGIN_ID, login.getId());
assertEquals(TENANT_NAME, login.getTenant());
assertEquals(PROFILE1_ID.toString(), login.getProfileId());
assertEquals(PERSISTENT_LOGIN_TOKEN, login.getToken());
assertNotNull(login.getTimestamp());
verify(persistentLoginRepository).findByStringId(PERSISTENT_LOGIN_ID);
}
use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.
the class RememberMeManagerImpl method autoLogin.
@Override
public Authentication autoLogin(RequestContext context) throws RememberMeException {
PersistentLogin login = getPersistentLoginFromCookie(context.getRequest());
if (login != null) {
PersistentLogin actualLogin;
try {
actualLogin = authenticationService.getPersistentLogin(login.getId());
} catch (ProfileException e) {
throw new RememberMeException("Error retrieving persistent login '" + login.getProfileId() + "'");
}
if (actualLogin != null) {
if (!login.getProfileId().equals(actualLogin.getProfileId())) {
throw new InvalidCookieException("Profile ID mismatch");
} else if (!login.getToken().equals(actualLogin.getToken())) {
throw new CookieTheftException("Token mismatch. Implies a cookie theft");
} else {
String loginId = actualLogin.getId();
String profileId = actualLogin.getProfileId();
logger.debug("Remember me cookie match for {}. Starting auto-login", actualLogin);
Authentication auth;
try {
auth = authenticate(profileId);
} catch (AuthenticationException e) {
// Delete remember me cookie so that we don't retry auto login in next request
disableRememberMe(loginId, context);
throw new RememberMeException("Unable to auto-login user '" + profileId + "'", e);
}
updateRememberMe(loginId, context);
return auth;
}
} else {
logger.debug("No persistent login found for ID '{}' (has possibly expired)", login.getId());
deleteRememberMeCookie(context.getResponse());
return null;
}
} else {
return null;
}
}
Aggregations