Examples with ProfileException org.craftercms.profile.api.exceptions.ProfileException used on opensource projects

Example 21 with ProfileException

use of org.craftercms.profile.api.exceptions.ProfileException in project engine by craftercms.

the class ProfileRememberMeServices method processAutoLoginCookie.

@Override
protected UserDetails processAutoLoginCookie(final String[] cookieTokens, final HttpServletRequest request, final HttpServletResponse response) throws RememberMeAuthenticationException, UsernameNotFoundException {
    if (cookieTokens.length != 2) {
        throw new InvalidCookieException("Cookie token did not contain 2 tokens, but contained '" + Arrays.asList(cookieTokens) + "'");
    }
    final String presentedId = cookieTokens[0];
    final String presentedToken = cookieTokens[1];
    try {
        PersistentLogin persistentLogin = authenticationService.getPersistentLogin(presentedId);
        if (persistentLogin == null) {
            // No series match, so we can't authenticate using this cookie
            throw new RememberMeAuthenticationException("No persistent token found for id: " + presentedId);
        }
        // We have a match for this user/series combination
        if (!presentedToken.equals(persistentLogin.getToken())) {
            // Token doesn't match series value. Delete all logins for this user and throw
            // an exception to warn them.
            authenticationService.deletePersistentLogin(presentedId);
            throw new CookieTheftException("Invalid remember-me token (id/token) mismatch. Implies previous cookie theft attack.");
        }
        if (persistentLogin.getTimestamp().getTime() + getTokenValiditySeconds() * 1000L < currentTimeMillis()) {
            throw new RememberMeAuthenticationException("Remember-me login has expired");
        }
        // *same* series number.
        if (logger.isDebugEnabled()) {
            logger.debug("Refreshing persistent login token for profile '" + persistentLogin.getProfileId() + "', id '" + persistentLogin.getId() + "'");
        }
        persistentLogin = authenticationService.refreshPersistentLoginToken(presentedId);
        setCookie(new String[] { persistentLogin.getId(), persistentLogin.getToken() }, getTokenValiditySeconds(), request, response);
        return ((ProfileUserDetailsService) getUserDetailsService()).loadUserById(persistentLogin.getProfileId());
    } catch (ProfileException e) {
        throw new RememberMeAuthenticationException("Error validating persistent login " + presentedId, e);
    }
}

Example 22 with ProfileException

use of org.craftercms.profile.api.exceptions.ProfileException in project engine by craftercms.

the class ProfileUserDetailsService method loadUserByUsername.

@Override
public UserDetails loadUserByUsername(final String username) throws UsernameNotFoundException {
    String[] tenants = tenantsResolver.getTenants();
    if (ArrayUtils.isEmpty(tenants)) {
        throw new IllegalStateException("No tenants resolved for authentication");
    }
    for (String tenant : tenants) {
        try {
            Profile profile = profileService.getProfileByUsername(tenant, username);
            return new ProfileUser(profile);
        } catch (ProfileException e) {
            logger.debug("Profile not found for '{}' in tenant '{}', will try next tenant", username, tenant);
        }
    }
    logger.error("Profile not found for '{}' in any tenant", username);
    return null;
}