Search in sources :

Example 1 with CodedAuthException

use of org.eclipse.openvsx.security.CodedAuthException in project openvsx by eclipse.

the class OAuth2UserServices method loadGitHubUser.

private IdPrincipal loadGitHubUser(OAuth2UserRequest userRequest) {
    var authUser = delegate.loadUser(userRequest);
    String loginName = authUser.getAttribute("login");
    if (Strings.isNullOrEmpty(loginName))
        throw new CodedAuthException("Invalid login: missing 'login' field.", INVALID_GITHUB_USER);
    var userData = repositories.findUserByLoginName("github", loginName);
    if (userData == null)
        userData = users.registerNewUser(authUser);
    else
        users.updateExistingUser(userData, authUser);
    return new IdPrincipal(userData.getId(), authUser.getName(), getAuthorities(userData));
}
Also used : CodedAuthException(org.eclipse.openvsx.security.CodedAuthException)

Example 2 with CodedAuthException

use of org.eclipse.openvsx.security.CodedAuthException in project openvsx by eclipse.

the class UserAPI method getAuthError.

/**
 * Retrieve the last authentication error and return its details.
 */
@GetMapping(path = "/user/auth-error", produces = MediaType.APPLICATION_JSON_VALUE)
public ErrorJson getAuthError(HttpServletRequest request) {
    var authException = request.getSession().getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
    if (!(authException instanceof AuthenticationException))
        throw new ResponseStatusException(HttpStatus.NOT_FOUND);
    var json = new ErrorJson();
    json.message = ((AuthenticationException) authException).getMessage();
    if (authException instanceof CodedAuthException)
        json.code = ((CodedAuthException) authException).getCode();
    return json;
}
Also used : CodedAuthException(org.eclipse.openvsx.security.CodedAuthException) ErrorJson(org.eclipse.openvsx.json.ErrorJson) AuthenticationException(org.springframework.security.core.AuthenticationException) ResponseStatusException(org.springframework.web.server.ResponseStatusException) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 3 with CodedAuthException

use of org.eclipse.openvsx.security.CodedAuthException in project openvsx by eclipse.

the class OAuth2UserServices method loadEclipseUser.

private IdPrincipal loadEclipseUser(OAuth2UserRequest userRequest) {
    var authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null)
        throw new CodedAuthException("Please log in with GitHub before connecting your Eclipse account.", NEED_MAIN_LOGIN);
    if (!(authentication.getPrincipal() instanceof IdPrincipal))
        throw new CodedAuthException("The current authentication is invalid.", NEED_MAIN_LOGIN);
    var principal = (IdPrincipal) authentication.getPrincipal();
    var userData = entityManager.find(UserData.class, principal.getId());
    if (userData == null)
        throw new CodedAuthException("The current authentication has no backing data.", NEED_MAIN_LOGIN);
    try {
        var accessToken = userRequest.getAccessToken().getTokenValue();
        var profile = eclipse.getUserProfile(accessToken);
        if (Strings.isNullOrEmpty(profile.githubHandle))
            throw new CodedAuthException("Your Eclipse profile is missing a GitHub username.", ECLIPSE_MISSING_GITHUB_ID);
        if (!profile.githubHandle.equalsIgnoreCase(userData.getLoginName()))
            throw new CodedAuthException("The GitHub username setting in your Eclipse profile (" + profile.githubHandle + ") does not match your GitHub authentication (" + userData.getLoginName() + ").", ECLIPSE_MISMATCH_GITHUB_ID);
        eclipse.updateUserData(userData, profile);
        if (profile.publisherAgreements == null) {
            eclipse.getPublisherAgreement(userData, accessToken);
        }
        return principal;
    } catch (ErrorResultException exc) {
        throw new AuthenticationServiceException(exc.getMessage(), exc);
    }
}
Also used : ErrorResultException(org.eclipse.openvsx.util.ErrorResultException) CodedAuthException(org.eclipse.openvsx.security.CodedAuthException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)

Aggregations

CodedAuthException (org.eclipse.openvsx.security.CodedAuthException)3 ErrorJson (org.eclipse.openvsx.json.ErrorJson)1 ErrorResultException (org.eclipse.openvsx.util.ErrorResultException)1 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1 GetMapping (org.springframework.web.bind.annotation.GetMapping)1 ResponseStatusException (org.springframework.web.server.ResponseStatusException)1