Search in sources :

Example 1 with AccessTokenAuthToken

use of org.graylog2.shared.security.AccessTokenAuthToken in project graylog2-server by Graylog2.

the class AccessTokenAuthenticator method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    AccessTokenAuthToken authToken = (AccessTokenAuthToken) token;
    final AccessToken accessToken = accessTokenService.load(String.valueOf(authToken.getToken()));
    if (accessToken == null) {
        return null;
    }
    final User user = userService.load(accessToken.getUserName());
    if (user == null) {
        return null;
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("Found user {} for access token.", user);
    }
    try {
        accessTokenService.touch(accessToken);
    } catch (ValidationException e) {
        LOG.warn("Unable to update access token's last access date.", e);
    }
    ShiroSecurityContext.requestSessionCreation(false);
    return new SimpleAccount(user.getName(), null, "access token realm");
}
Also used : SimpleAccount(org.apache.shiro.authc.SimpleAccount) User(org.graylog2.plugin.database.users.User) ValidationException(org.graylog2.plugin.database.ValidationException) AccessTokenAuthToken(org.graylog2.shared.security.AccessTokenAuthToken) AccessToken(org.graylog2.security.AccessToken)

Aggregations

SimpleAccount (org.apache.shiro.authc.SimpleAccount)1 ValidationException (org.graylog2.plugin.database.ValidationException)1 User (org.graylog2.plugin.database.users.User)1 AccessToken (org.graylog2.security.AccessToken)1 AccessTokenAuthToken (org.graylog2.shared.security.AccessTokenAuthToken)1