Examples with PersistentLogin - org.craftercms.profile.api.PersistentLogin

Example 6 with PersistentLogin

use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.

the class AuthenticationServiceIT method testRefreshPersistentLoginToken.

@Test
public void testRefreshPersistentLoginToken() throws Exception {
    String profileId = profileService.getProfileByUsername(DEFAULT_TENANT_NAME, ADMIN_USERNAME).getId().toString();
    PersistentLogin login = authenticationService.createPersistentLogin(profileId);
    assertNotNull(login);
    PersistentLogin refreshedLogin = authenticationService.refreshPersistentLoginToken(login.getId());
    assertNotNull(refreshedLogin);
    assertEquals(login.getId(), refreshedLogin.getId());
    assertEquals(login.getProfileId(), refreshedLogin.getProfileId());
    assertEquals(login.getTenant(), refreshedLogin.getTenant());
    assertNotEquals(login.getToken(), refreshedLogin.getToken());
    assertEquals(login.getTimestamp(), refreshedLogin.getTimestamp());
    authenticationService.invalidateTicket(login.getId());
}

Also used : PersistentLogin(org.craftercms.profile.api.PersistentLogin) Test(org.junit.Test)

Example 7 with PersistentLogin

use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.

the class AuthenticationServiceIT method testGetExpiredPersistentLogin.

@Test
public void testGetExpiredPersistentLogin() throws Exception {
    String profileId = profileService.getProfileByUsername(DEFAULT_TENANT_NAME, ADMIN_USERNAME).getId().toString();
    PersistentLogin login = authenticationService.createPersistentLogin(profileId);
    assertNotNull(login);
    Thread.sleep(TimeUnit.SECONDS.toMillis(4));
    login = authenticationService.getPersistentLogin(login.getId());
    assertNull(login);
}

Also used : PersistentLogin(org.craftercms.profile.api.PersistentLogin) Test(org.junit.Test)

Example 8 with PersistentLogin

use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.

the class AuthenticationServiceIT method testGetPersistentLogin.

@Test
public void testGetPersistentLogin() throws Exception {
    String profileId = profileService.getProfileByUsername(DEFAULT_TENANT_NAME, ADMIN_USERNAME).getId().toString();
    PersistentLogin expectedLogin = authenticationService.createPersistentLogin(profileId);
    assertNotNull(expectedLogin);
    PersistentLogin login = authenticationService.getPersistentLogin(expectedLogin.getId());
    assertNotNull(login);
    assertEquals(expectedLogin.getId(), login.getId());
    assertEquals(expectedLogin.getProfileId(), login.getProfileId());
    assertEquals(expectedLogin.getTenant(), login.getTenant());
    assertEquals(expectedLogin.getToken(), login.getToken());
    assertEquals(expectedLogin.getTimestamp(), login.getTimestamp());
    authenticationService.invalidateTicket(expectedLogin.getId());
}

Also used : PersistentLogin(org.craftercms.profile.api.PersistentLogin) Test(org.junit.Test)

Example 9 with PersistentLogin

use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.

the class AuthenticationServiceImplTest method testGetPersistentLogin.

@Test
public void testGetPersistentLogin() throws Exception {
    PersistentLogin login = authenticationService.getPersistentLogin(PERSISTENT_LOGIN_ID);
    assertNotNull(login);
    assertEquals(PERSISTENT_LOGIN_ID, login.getId());
    assertEquals(TENANT_NAME, login.getTenant());
    assertEquals(PROFILE1_ID.toString(), login.getProfileId());
    assertEquals(PERSISTENT_LOGIN_TOKEN, login.getToken());
    assertNotNull(login.getTimestamp());
    verify(persistentLoginRepository).findByStringId(PERSISTENT_LOGIN_ID);
}

Also used : PersistentLogin(org.craftercms.profile.api.PersistentLogin) Test(org.junit.Test)

Example 10 with PersistentLogin

use of org.craftercms.profile.api.PersistentLogin in project profile by craftercms.

the class RememberMeManagerImpl method autoLogin.

@Override
public Authentication autoLogin(RequestContext context) throws RememberMeException {
    PersistentLogin login = getPersistentLoginFromCookie(context.getRequest());
    if (login != null) {
        PersistentLogin actualLogin;
        try {
            actualLogin = authenticationService.getPersistentLogin(login.getId());
        } catch (ProfileException e) {
            throw new RememberMeException("Error retrieving persistent login '" + login.getProfileId() + "'");
        }
        if (actualLogin != null) {
            if (!login.getProfileId().equals(actualLogin.getProfileId())) {
                throw new InvalidCookieException("Profile ID mismatch");
            } else if (!login.getToken().equals(actualLogin.getToken())) {
                throw new CookieTheftException("Token mismatch. Implies a cookie theft");
            } else {
                String loginId = actualLogin.getId();
                String profileId = actualLogin.getProfileId();
                logger.debug("Remember me cookie match for {}. Starting auto-login", actualLogin);
                Authentication auth;
                try {
                    auth = authenticate(profileId);
                } catch (AuthenticationException e) {
                    // Delete remember me cookie so that we don't retry auto login in next request
                    disableRememberMe(loginId, context);
                    throw new RememberMeException("Unable to auto-login user '" + profileId + "'", e);
                }
                updateRememberMe(loginId, context);
                return auth;
            }
        } else {
            logger.debug("No persistent login found for ID '{}' (has possibly expired)", login.getId());
            deleteRememberMeCookie(context.getResponse());
            return null;
        }
    } else {
        return null;
    }
}

Also used : InvalidCookieException(org.craftercms.security.exception.rememberme.InvalidCookieException) CookieTheftException(org.craftercms.security.exception.rememberme.CookieTheftException) AuthenticationException(org.craftercms.security.exception.AuthenticationException) Authentication(org.craftercms.security.authentication.Authentication) ProfileException(org.craftercms.profile.api.exceptions.ProfileException) PersistentLogin(org.craftercms.profile.api.PersistentLogin) RememberMeException(org.craftercms.security.exception.rememberme.RememberMeException)

Aggregations

PersistentLogin (org.craftercms.profile.api.PersistentLogin)19 Test (org.junit.Test)7 ProfileException (org.craftercms.profile.api.exceptions.ProfileException)5 RememberMeException (org.craftercms.security.exception.rememberme.RememberMeException)4 MongoDataException (org.craftercms.commons.mongo.MongoDataException)3 I10nProfileException (org.craftercms.profile.api.exceptions.I10nProfileException)3 Date (java.util.Date)2 InvalidCookieException (org.craftercms.security.exception.rememberme.InvalidCookieException)2 RememberMeAuthenticationException (org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException)2 CryptoException (org.craftercms.commons.crypto.CryptoException)1 Profile (org.craftercms.profile.api.Profile)1 DisabledProfileException (org.craftercms.profile.exceptions.DisabledProfileException)1 NoSuchPersistentLoginException (org.craftercms.profile.exceptions.NoSuchPersistentLoginException)1 Authentication (org.craftercms.security.authentication.Authentication)1 AuthenticationException (org.craftercms.security.exception.AuthenticationException)1 CookieTheftException (org.craftercms.security.exception.rememberme.CookieTheftException)1 CookieTheftException (org.springframework.security.web.authentication.rememberme.CookieTheftException)1 InvalidCookieException (org.springframework.security.web.authentication.rememberme.InvalidCookieException)1