use of org.eclipse.kapua.service.authentication.AccessTokenImpl in project kapua by eclipse.
the class AuthenticationServiceShiroImpl method login.
@Override
public AccessToken login(AuthenticationCredentials authenticationToken) throws KapuaException {
Subject currentUser = SecurityUtils.getSubject();
if (currentUser.isAuthenticated()) {
logger.info("Thread already authenticated for thread '{}' - '{}' - '{}'", new Object[] { Thread.currentThread().getId(), Thread.currentThread().getName(), currentUser.toString() });
throw new KapuaAuthenticationException(KapuaAuthenticationErrorCodes.SUBJECT_ALREADY_LOGGED);
}
// AccessToken accessToken = null;
if (authenticationToken instanceof UsernamePasswordTokenImpl) {
UsernamePasswordTokenImpl usernamePasswordToken = (UsernamePasswordTokenImpl) authenticationToken;
MDC.put(KapuaSecurityUtils.MDC_USERNAME, usernamePasswordToken.getUsername());
UsernamePasswordToken shiroToken = new UsernamePasswordToken(usernamePasswordToken.getUsername(), usernamePasswordToken.getPassword());
try {
currentUser.login(shiroToken);
Subject shiroSubject = SecurityUtils.getSubject();
Session shiroSession = shiroSubject.getSession();
KapuaEid scopeId = (KapuaEid) shiroSession.getAttribute("scopeId");
KapuaEid userScopeId = (KapuaEid) shiroSession.getAttribute("userScopeId");
KapuaEid userId = (KapuaEid) shiroSession.getAttribute("userId");
// create the access token
String generatedTokenKey = generateToken();
AccessToken accessToken = new AccessTokenImpl(userId, scopeId, userScopeId, generatedTokenKey);
KapuaSession kapuaSession = new KapuaSession(accessToken, scopeId, userScopeId, userId, usernamePasswordToken.getUsername());
KapuaSecurityUtils.setSession(kapuaSession);
shiroSubject.getSession().setAttribute(KapuaSession.KAPUA_SESSION_KEY, kapuaSession);
logger.info("Login for thread '{}' - '{}' - '{}'", new Object[] { Thread.currentThread().getId(), Thread.currentThread().getName(), shiroSubject.toString() });
return kapuaSession.getAccessToken();
} catch (ShiroException se) {
KapuaAuthenticationException kae = null;
if (se instanceof UnknownAccountException) {
kae = new KapuaAuthenticationException(KapuaAuthenticationErrorCodes.INVALID_USERNAME, se, usernamePasswordToken.getUsername());
} else if (se instanceof DisabledAccountException) {
kae = new KapuaAuthenticationException(KapuaAuthenticationErrorCodes.DISABLED_USERNAME, se, usernamePasswordToken.getUsername());
} else if (se instanceof LockedAccountException) {
kae = new KapuaAuthenticationException(KapuaAuthenticationErrorCodes.LOCKED_USERNAME, se, usernamePasswordToken.getUsername());
} else if (se instanceof IncorrectCredentialsException) {
kae = new KapuaAuthenticationException(KapuaAuthenticationErrorCodes.INVALID_CREDENTIALS, se, usernamePasswordToken.getUsername());
} else if (se instanceof ExpiredCredentialsException) {
kae = new KapuaAuthenticationException(KapuaAuthenticationErrorCodes.EXPIRED_CREDENTIALS, se, usernamePasswordToken.getUsername());
} else {
throw KapuaAuthenticationException.internalError(se);
}
currentUser.logout();
throw kae;
}
} else {
throw new KapuaAuthenticationException(KapuaAuthenticationErrorCodes.INVALID_CREDENTIALS_TOKEN_PROVIDED);
}
}
use of org.eclipse.kapua.service.authentication.AccessTokenImpl in project kapua by eclipse.
the class KapuaSessionAuthFilter method executeChain.
protected void executeChain(ServletRequest request, ServletResponse response, FilterChain origChain) throws IOException, ServletException {
// bind kapua session
// TODO workaround to fix the null kapua session on webconsole requests.
// to be removed and substitute with getToken or another solution?
KapuaSession kapuaSession = null;
Subject shiroSubject = SecurityUtils.getSubject();
if (shiroSubject != null && shiroSubject.isAuthenticated()) {
Session s = shiroSubject.getSession();
KapuaEid scopeId = (KapuaEid) s.getAttribute("scopeId");
KapuaEid userScopeId = (KapuaEid) s.getAttribute("userScopeId");
KapuaEid userId = (KapuaEid) s.getAttribute("userId");
// create the access token
String generatedTokenKey = UUID.randomUUID().toString();
AccessToken accessToken = new AccessTokenImpl(userId, scopeId, userScopeId, generatedTokenKey);
kapuaSession = new KapuaSession(accessToken, scopeId, userScopeId, userId, "");
}
try {
KapuaSecurityUtils.setSession(kapuaSession);
super.executeChain(request, response, origChain);
} finally {
// unbind kapua session
KapuaSecurityUtils.clearSession();
}
}
Aggregations