Examples with TwoFactorAuthenticationToken org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken used on opensource projects

Search in sources :

Example 1 with TwoFactorAuthenticationToken

use of org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken in project molgenis by molgenis.

the class TwoFactorAuthenticationController method authenticate.

@PostMapping(TWO_FACTOR_ACTIVATION_AUTHENTICATE_URI)
public String authenticate(Model model, @RequestParam String verificationCode, @RequestParam String secretKey) {
    String redirectUrl = "redirect:/menu/main/useraccount?showCodes=true#security";
    try {
        TwoFactorAuthenticationToken authToken = new TwoFactorAuthenticationToken(verificationCode, secretKey);
        Authentication authentication = authenticationProvider.authenticate(authToken);
        SecurityContextHolder.getContext().setAuthentication(authentication);
    } catch (AuthenticationException err) {
        model.addAttribute(ATTRIBUTE_2FA_SECRET_KEY, secretKey);
        model.addAttribute(ATTRIBUTE_2FA_AUTHENTICATOR_URI, otpService.getAuthenticatorURI(secretKey));
        model.addAttribute(MolgenisLoginController.ERROR_MESSAGE_ATTRIBUTE, determineErrorMessage(err));
        redirectUrl = VIEW_2FA_ACTIVATION_MODAL;
    }
    return redirectUrl;
}
Also used : AuthenticationException(org.springframework.security.core.AuthenticationException) Authentication(org.springframework.security.core.Authentication) TwoFactorAuthenticationToken(org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 2 with TwoFactorAuthenticationToken

use of org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken in project molgenis by molgenis.

the class AuthenticationAuthoritiesUpdaterImplTest method testUpdateAuthenticationTwoFactorAuthenticationToken.

@Test
public void testUpdateAuthenticationTwoFactorAuthenticationToken() {
    Object principal = mock(Object.class);
    Object credentials = mock(Object.class);
    String verificationCode = "dummyVerificationCode";
    String secretKey = "secretKey";
    TwoFactorAuthenticationToken twoFactorAuthenticationToken = new TwoFactorAuthenticationToken(principal, credentials, Collections.emptyList(), verificationCode, secretKey);
    Authentication updatedAuthentication = authenticationAuthoritiesUpdaterImpl.updateAuthentication(twoFactorAuthenticationToken, updatedAuthorities);
    assertEquals(updatedAuthentication, new TwoFactorAuthenticationToken(principal, credentials, updatedAuthorities, verificationCode, secretKey));
}
Also used : Authentication(org.springframework.security.core.Authentication) TwoFactorAuthenticationToken(org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken) Test(org.testng.annotations.Test)

Example 3 with TwoFactorAuthenticationToken

use of org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken in project molgenis by molgenis.

the class TwoFactorAuthenticationController method validate.

@PostMapping(TWO_FACTOR_VALIDATION_URI)
public String validate(Model model, @RequestParam String verificationCode) {
    String redirectUri = "redirect:/";
    try {
        TwoFactorAuthenticationToken authToken = new TwoFactorAuthenticationToken(verificationCode, null);
        Authentication authentication = authenticationProvider.authenticate(authToken);
        SecurityContextHolder.getContext().setAuthentication(authentication);
    } catch (AuthenticationException err) {
        model.addAttribute(MolgenisLoginController.ERROR_MESSAGE_ATTRIBUTE, determineErrorMessage(err));
        redirectUri = VIEW_2FA_CONFIGURED_MODAL;
    }
    return redirectUri;
}
Also used : AuthenticationException(org.springframework.security.core.AuthenticationException) Authentication(org.springframework.security.core.Authentication) TwoFactorAuthenticationToken(org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 4 with TwoFactorAuthenticationToken

use of org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken in project molgenis by molgenis.

the class AuthenticationAuthoritiesUpdaterImpl method updateAuthentication.

@Override
public Authentication updateAuthentication(Authentication authentication, List<GrantedAuthority> updatedAuthorities) {
    Authentication newAuthentication;
    if (authentication instanceof TwoFactorAuthenticationToken) {
        TwoFactorAuthenticationToken twoFactorAuthenticationToken = (TwoFactorAuthenticationToken) authentication;
        newAuthentication = new TwoFactorAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), updatedAuthorities, twoFactorAuthenticationToken.getVerificationCode(), twoFactorAuthenticationToken.getSecretKey());
    } else if (authentication instanceof SystemSecurityToken) {
        newAuthentication = authentication;
    } else if (authentication instanceof RestAuthenticationToken) {
        RestAuthenticationToken restAuthenticationToken = (RestAuthenticationToken) authentication;
        newAuthentication = new RestAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), updatedAuthorities, restAuthenticationToken.getToken());
    } else if (authentication instanceof RecoveryAuthenticationToken) {
        RecoveryAuthenticationToken recoveryAuthenticationToken = (RecoveryAuthenticationToken) authentication;
        newAuthentication = new RecoveryAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), updatedAuthorities, recoveryAuthenticationToken.getRecoveryCode());
    } else if (authentication instanceof UsernamePasswordAuthenticationToken) {
        newAuthentication = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), updatedAuthorities);
    } else if (authentication instanceof RunAsUserToken) {
        RunAsUserToken runAsUserToken = (RunAsUserToken) authentication;
        newAuthentication = new RunAsUserTokenDecorator(runAsUserToken, updatedAuthorities);
    } else if (authentication instanceof AnonymousAuthenticationToken) {
        AnonymousAuthenticationToken anonymousAuthenticationToken = (AnonymousAuthenticationToken) authentication;
        newAuthentication = new AnonymousAuthenticationTokenDecorator(anonymousAuthenticationToken, updatedAuthorities);
    } else {
        throw new SessionAuthenticationException(format("Unknown authentication type '%s'", authentication.getClass().getSimpleName()));
    }
    return newAuthentication;
}
Also used : RecoveryAuthenticationToken(org.molgenis.security.twofactor.auth.RecoveryAuthenticationToken) SessionAuthenticationException(org.springframework.security.web.authentication.session.SessionAuthenticationException) RunAsUserToken(org.springframework.security.access.intercept.RunAsUserToken) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SystemSecurityToken(org.molgenis.security.core.runas.SystemSecurityToken) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) RestAuthenticationToken(org.molgenis.security.token.RestAuthenticationToken) TwoFactorAuthenticationToken(org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken)

Aggregations

TwoFactorAuthenticationToken (org.molgenis.security.twofactor.auth.TwoFactorAuthenticationToken)4 Authentication (org.springframework.security.core.Authentication)4 AuthenticationException (org.springframework.security.core.AuthenticationException)2 PostMapping (org.springframework.web.bind.annotation.PostMapping)2 SystemSecurityToken (org.molgenis.security.core.runas.SystemSecurityToken)1 RestAuthenticationToken (org.molgenis.security.token.RestAuthenticationToken)1 RecoveryAuthenticationToken (org.molgenis.security.twofactor.auth.RecoveryAuthenticationToken)1 RunAsUserToken (org.springframework.security.access.intercept.RunAsUserToken)1 AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)1 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1 SessionAuthenticationException (org.springframework.security.web.authentication.session.SessionAuthenticationException)1 Test (org.testng.annotations.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial