Examples with DhisOidcUser org.hisp.dhis.security.oidc.DhisOidcUser used on opensource projects

Search in sources :

Example 1 with DhisOidcUser

use of org.hisp.dhis.security.oidc.DhisOidcUser in project dhis2-core by dhis2.

the class AuthenticationListener method handleAuthenticationSuccess.

@EventListener({ InteractiveAuthenticationSuccessEvent.class, AuthenticationSuccessEvent.class })
public void handleAuthenticationSuccess(AbstractAuthenticationEvent event) {
    Authentication auth = event.getAuthentication();
    String username = event.getAuthentication().getName();
    Object details = auth.getDetails();
    if (TwoFactorWebAuthenticationDetails.class.isAssignableFrom(details.getClass())) {
        TwoFactorWebAuthenticationDetails authDetails = (TwoFactorWebAuthenticationDetails) details;
        log.debug(String.format("Login attempt succeeded for remote IP: %s", authDetails.getIp()));
    }
    if (OAuth2LoginAuthenticationToken.class.isAssignableFrom(auth.getClass())) {
        OAuth2LoginAuthenticationToken authenticationToken = (OAuth2LoginAuthenticationToken) auth;
        DhisOidcUser principal = (DhisOidcUser) authenticationToken.getPrincipal();
        username = principal.getUser().getUsername();
        WebAuthenticationDetails tokenDetails = (WebAuthenticationDetails) authenticationToken.getDetails();
        String remoteAddress = tokenDetails.getRemoteAddress();
        log.debug(String.format("OIDC login attempt succeeded for remote IP: %s", remoteAddress));
    }
    registerSuccessfulLogin(username);
}
Also used : TwoFactorWebAuthenticationDetails(org.hisp.dhis.security.spring2fa.TwoFactorWebAuthenticationDetails) DhisOidcUser(org.hisp.dhis.security.oidc.DhisOidcUser) Authentication(org.springframework.security.core.Authentication) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) TwoFactorWebAuthenticationDetails(org.hisp.dhis.security.spring2fa.TwoFactorWebAuthenticationDetails) OAuth2LoginAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken) EventListener(org.springframework.context.event.EventListener)

Example 2 with DhisOidcUser

use of org.hisp.dhis.security.oidc.DhisOidcUser in project dhis2-core by dhis2.

the class AuthenticationLoggerListener method onApplicationEvent.

public void onApplicationEvent(AbstractAuthenticationEvent event) {
    if (!log.isWarnEnabled()) {
        return;
    }
    if (SessionFixationProtectionEvent.class.isAssignableFrom(event.getClass()) || InteractiveAuthenticationSuccessEvent.class.isAssignableFrom(event.getClass())) {
        return;
    }
    String eventClassName = String.format("Authentication event: %s; ", ClassUtils.getShortName(event.getClass()));
    String authName = StringUtils.firstNonEmpty(event.getAuthentication().getName(), "");
    String ipAddress = "";
    String sessionId = "";
    String exceptionMessage = "";
    if (event instanceof AbstractAuthenticationFailureEvent) {
        exceptionMessage = "exception: " + ((AbstractAuthenticationFailureEvent) event).getException().getMessage();
    }
    Object details = event.getAuthentication().getDetails();
    if (details != null && ForwardedIpAwareWebAuthenticationDetails.class.isAssignableFrom(details.getClass())) {
        ForwardedIpAwareWebAuthenticationDetails authDetails = (ForwardedIpAwareWebAuthenticationDetails) details;
        ipAddress = String.format("ip: %s; ", authDetails.getIp());
        sessionId = hashSessionId(authDetails.getSessionId());
    } else if (OAuth2LoginAuthenticationToken.class.isAssignableFrom(event.getAuthentication().getClass())) {
        OAuth2LoginAuthenticationToken authenticationToken = (OAuth2LoginAuthenticationToken) event.getAuthentication();
        DhisOidcUser principal = (DhisOidcUser) authenticationToken.getPrincipal();
        if (principal != null) {
            User user = principal.getUser();
            authName = user.getUsername();
        }
        WebAuthenticationDetails oauthDetails = (WebAuthenticationDetails) authenticationToken.getDetails();
        ipAddress = String.format("ip: %s; ", oauthDetails.getRemoteAddress());
        sessionId = hashSessionId(oauthDetails.getSessionId());
    } else if (OAuth2AuthenticationToken.class.isAssignableFrom(event.getSource().getClass())) {
        OAuth2AuthenticationToken authenticationToken = (OAuth2AuthenticationToken) event.getSource();
        DhisOidcUser principal = (DhisOidcUser) authenticationToken.getPrincipal();
        if (principal != null) {
            User user = principal.getUser();
            authName = user.getUsername();
        }
    }
    String userNamePrefix = Strings.isNullOrEmpty(authName) ? "" : String.format("username: %s; ", authName);
    log.info(TextUtils.removeNonEssentialChars(eventClassName + userNamePrefix + ipAddress + sessionId + exceptionMessage));
}
Also used : InteractiveAuthenticationSuccessEvent(org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent) DhisOidcUser(org.hisp.dhis.security.oidc.DhisOidcUser) DhisOidcUser(org.hisp.dhis.security.oidc.DhisOidcUser) User(org.hisp.dhis.user.User) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) SessionFixationProtectionEvent(org.springframework.security.web.authentication.session.SessionFixationProtectionEvent) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) OAuth2LoginAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken) AbstractAuthenticationFailureEvent(org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent)

Example 3 with DhisOidcUser

use of org.hisp.dhis.security.oidc.DhisOidcUser in project dhis2-core by dhis2.

the class AbstractSpringSecurityCurrentUserService method getCurrentUsername.

@Override
public String getCurrentUsername() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null || !authentication.isAuthenticated() || authentication.getPrincipal() == null) {
        return null;
    }
    Object principal = authentication.getPrincipal();
    // This is the state before the user is authenticated.
    if (principal instanceof String) {
        if (!"anonymousUser".equals(principal)) {
            return null;
        }
        return (String) principal;
    }
    if (principal instanceof UserDetails) {
        UserDetails userDetails = (UserDetails) authentication.getPrincipal();
        return userDetails.getUsername();
    }
    if (principal instanceof DhisOidcUser) {
        DhisOidcUser dhisOidcUser = (DhisOidcUser) authentication.getPrincipal();
        return dhisOidcUser.getUser().getUsername();
    }
    throw new RuntimeException("Authentication principal is not supported; principal:" + principal);
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) DhisOidcUser(org.hisp.dhis.security.oidc.DhisOidcUser) Authentication(org.springframework.security.core.Authentication)

Example 4 with DhisOidcUser

use of org.hisp.dhis.security.oidc.DhisOidcUser in project dhis2-core by dhis2.

the class AbstractSpringSecurityCurrentUserService method getCurrentUserAuthorities.

public Set<String> getCurrentUserAuthorities() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    Object principal = authentication.getPrincipal();
    if (principal instanceof UserDetails) {
        UserDetails userDetails = (UserDetails) authentication.getPrincipal();
        return userDetails.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet());
    }
    if (principal instanceof DhisOidcUser) {
        DhisOidcUser dhisOidcUser = (DhisOidcUser) authentication.getPrincipal();
        return dhisOidcUser.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet());
    }
    throw new RuntimeException("Authentication principal is not supported; principal:" + principal);
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) DhisOidcUser(org.hisp.dhis.security.oidc.DhisOidcUser) Authentication(org.springframework.security.core.Authentication)

Example 5 with DhisOidcUser

use of org.hisp.dhis.security.oidc.DhisOidcUser in project dhis2-core by dhis2.

the class AuthenticationListener method handleAuthenticationFailure.

@EventListener
public void handleAuthenticationFailure(AbstractAuthenticationFailureEvent event) {
    Authentication auth = event.getAuthentication();
    String username = event.getAuthentication().getName();
    Object details = auth.getDetails();
    if (details != null && TwoFactorWebAuthenticationDetails.class.isAssignableFrom(details.getClass())) {
        TwoFactorWebAuthenticationDetails authDetails = (TwoFactorWebAuthenticationDetails) details;
        log.debug(String.format("Login attempt failed for remote IP: %s", authDetails.getIp()));
    }
    if (OAuth2LoginAuthenticationToken.class.isAssignableFrom(auth.getClass())) {
        OAuth2LoginAuthenticationToken authenticationToken = (OAuth2LoginAuthenticationToken) auth;
        DhisOidcUser principal = (DhisOidcUser) authenticationToken.getPrincipal();
        if (principal != null) {
            username = principal.getUser().getUsername();
        }
        WebAuthenticationDetails tokenDetails = (WebAuthenticationDetails) authenticationToken.getDetails();
        String remoteAddress = tokenDetails.getRemoteAddress();
        log.debug(String.format("OIDC login attempt failed for remote IP: %s", remoteAddress));
    }
    securityService.registerFailedLogin(username);
}
Also used : TwoFactorWebAuthenticationDetails(org.hisp.dhis.security.spring2fa.TwoFactorWebAuthenticationDetails) DhisOidcUser(org.hisp.dhis.security.oidc.DhisOidcUser) Authentication(org.springframework.security.core.Authentication) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) TwoFactorWebAuthenticationDetails(org.hisp.dhis.security.spring2fa.TwoFactorWebAuthenticationDetails) OAuth2LoginAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken) EventListener(org.springframework.context.event.EventListener)

Aggregations

DhisOidcUser (org.hisp.dhis.security.oidc.DhisOidcUser)5 Authentication (org.springframework.security.core.Authentication)4 OAuth2LoginAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken)3 WebAuthenticationDetails (org.springframework.security.web.authentication.WebAuthenticationDetails)3 TwoFactorWebAuthenticationDetails (org.hisp.dhis.security.spring2fa.TwoFactorWebAuthenticationDetails)2 EventListener (org.springframework.context.event.EventListener)2 UserDetails (org.springframework.security.core.userdetails.UserDetails)2 User (org.hisp.dhis.user.User)1 AbstractAuthenticationFailureEvent (org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent)1 InteractiveAuthenticationSuccessEvent (org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent)1 OAuth2AuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken)1 SessionFixationProtectionEvent (org.springframework.security.web.authentication.session.SessionFixationProtectionEvent)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial