Example 1 with Algorithm
use of org.olat.core.util.Encoder.Algorithm in project OpenOLAT by OpenOLAT.
the class WebDAVAuthManager method authenticate.
@Override
public Identity authenticate(Identity identity, String login, String password) {
List<String> providers = new ArrayList<>(3);
providers.add(PROVIDER_WEBDAV);
if (userModule.isEmailUnique()) {
providers.add(PROVIDER_HA1_EMAIL);
providers.add(PROVIDER_HA1_INSTITUTIONAL_EMAIL);
}
List<Authentication> authentications = null;
if (identity != null) {
authentications = securityManager.findAuthentications(identity, providers);
} else {
authentications = securityManager.findAuthenticationByAuthusername(login, providers);
}
if (authentications == null || authentications.isEmpty()) {
// fallback to standard OLAT authentication
return olatAuthenticationSpi.authenticate(identity, login, password);
}
Identity authenticatedIdentity = authentications.get(0).getIdentity();
boolean visible = securityManager.isIdentityVisible(authenticatedIdentity);
if (!visible) {
return null;
}
for (Authentication authentication : authentications) {
if (securityManager.checkCredentials(authentication, password)) {
Algorithm algorithm = Algorithm.find(authentication.getAlgorithm());
if (Algorithm.md5.equals(algorithm)) {
authentication = securityManager.updateCredentials(authentication, password, loginModule.getDefaultHashAlgorithm());
}
return authentication.getIdentity();
}
}
return null;
}
Also used :
Authentication(org.olat.basesecurity.Authentication)
ArrayList(java.util.ArrayList)
Identity(org.olat.core.id.Identity)
Algorithm(org.olat.core.util.Encoder.Algorithm)
Example 2 with Algorithm
use of org.olat.core.util.Encoder.Algorithm in project OpenOLAT by OpenOLAT.
the class BaseSecurityManager method checkCredentials.
@Override
public boolean checkCredentials(Authentication authentication, String password) {
Algorithm algorithm = Algorithm.find(authentication.getAlgorithm());
String hash = Encoder.encrypt(password, authentication.getSalt(), algorithm);
return authentication.getCredential() != null && authentication.getCredential().equals(hash);
}
Also used :
Algorithm(org.olat.core.util.Encoder.Algorithm)
Example 3 with Algorithm
use of org.olat.core.util.Encoder.Algorithm in project OpenOLAT by OpenOLAT.
the class OLATAuthManager method authenticate.
/**
* @param identity
* @param password
* @param provider
* @return
*/
@Override
public Identity authenticate(Identity ident, String login, String password) {
Authentication authentication;
if (ident == null) {
// check for email instead of username if ident is null
if (loginModule.isAllowLoginUsingEmail()) {
if (MailHelper.isValidEmailAddress(login)) {
List<Identity> identities = userManager.findIdentitiesByEmail(Collections.singletonList(login));
// check for email changed with verification workflow
if (identities.size() == 1) {
ident = identities.get(0);
} else if (identities.size() > 1) {
logError("more than one identity found with email::" + login, null);
}
if (ident == null) {
ident = findIdentInChangingEmailWorkflow(login);
}
}
}
if (ident == null) {
authentication = securityManager.findAuthenticationByAuthusername(login, "OLAT");
} else {
authentication = securityManager.findAuthentication(ident, "OLAT");
}
} else {
authentication = securityManager.findAuthentication(ident, "OLAT");
}
if (authentication == null) {
log.audit("Cannot authenticate user " + login + " via provider OLAT", OLATAuthenticationController.class.getName());
return null;
}
// find OLAT authentication provider
if (securityManager.checkCredentials(authentication, password)) {
Algorithm algorithm = Algorithm.find(authentication.getAlgorithm());
if (Algorithm.md5.equals(algorithm)) {
Algorithm defAlgorithm = loginModule.getDefaultHashAlgorithm();
authentication = securityManager.updateCredentials(authentication, password, defAlgorithm);
}
Identity identity = authentication.getIdentity();
if (identity != null && webDAVAuthManager != null) {
webDAVAuthManager.upgradePassword(identity, login, password);
}
return identity;
}
log.audit("Cannot authenticate user " + login + " via provider OLAT", OLATAuthenticationController.class.getName());
return null;
}
Also used :
OLATAuthenticationController(org.olat.login.OLATAuthenticationController)
Authentication(org.olat.basesecurity.Authentication)
Identity(org.olat.core.id.Identity)
Algorithm(org.olat.core.util.Encoder.Algorithm)
Example 4 with Algorithm
use of org.olat.core.util.Encoder.Algorithm in project openolat by klemens.
the class OLATAuthManager method authenticate.
/**
* @param identity
* @param password
* @param provider
* @return
*/
@Override
public Identity authenticate(Identity ident, String login, String password) {
Authentication authentication;
if (ident == null) {
// check for email instead of username if ident is null
if (loginModule.isAllowLoginUsingEmail()) {
if (MailHelper.isValidEmailAddress(login)) {
List<Identity> identities = userManager.findIdentitiesByEmail(Collections.singletonList(login));
// check for email changed with verification workflow
if (identities.size() == 1) {
ident = identities.get(0);
} else if (identities.size() > 1) {
logError("more than one identity found with email::" + login, null);
}
if (ident == null) {
ident = findIdentInChangingEmailWorkflow(login);
}
}
}
if (ident == null) {
authentication = securityManager.findAuthenticationByAuthusername(login, "OLAT");
} else {
authentication = securityManager.findAuthentication(ident, "OLAT");
}
} else {
authentication = securityManager.findAuthentication(ident, "OLAT");
}
if (authentication == null) {
log.audit("Cannot authenticate user " + login + " via provider OLAT", OLATAuthenticationController.class.getName());
return null;
}
// find OLAT authentication provider
if (securityManager.checkCredentials(authentication, password)) {
Algorithm algorithm = Algorithm.find(authentication.getAlgorithm());
if (Algorithm.md5.equals(algorithm)) {
Algorithm defAlgorithm = loginModule.getDefaultHashAlgorithm();
authentication = securityManager.updateCredentials(authentication, password, defAlgorithm);
}
Identity identity = authentication.getIdentity();
if (identity != null && webDAVAuthManager != null) {
webDAVAuthManager.upgradePassword(identity, login, password);
}
return identity;
}
log.audit("Cannot authenticate user " + login + " via provider OLAT", OLATAuthenticationController.class.getName());
return null;
}
Also used :
OLATAuthenticationController(org.olat.login.OLATAuthenticationController)
Authentication(org.olat.basesecurity.Authentication)
Identity(org.olat.core.id.Identity)
Algorithm(org.olat.core.util.Encoder.Algorithm)
Example 5 with Algorithm
use of org.olat.core.util.Encoder.Algorithm in project openolat by klemens.
the class ForumManager method createProtectedPseudonym.
public Pseudonym createProtectedPseudonym(String pseudonym, String password) {
PseudonymImpl pseudo = new PseudonymImpl();
pseudo.setCreationDate(new Date());
pseudo.setPseudonym(pseudonym);
Algorithm algorithm = loginModule.getDefaultHashAlgorithm();
String salt = algorithm.isSalted() ? Encoder.getSalt() : null;
String newCredentials = Encoder.encrypt(password, salt, algorithm);
pseudo.setSalt(salt);
pseudo.setCredential(newCredentials);
pseudo.setAlgorithm(algorithm.name());
dbInstance.getCurrentEntityManager().persist(pseudo);
return pseudo;
}
Also used :
PseudonymImpl(org.olat.modules.fo.model.PseudonymImpl)
Algorithm(org.olat.core.util.Encoder.Algorithm)
Date(java.util.Date)
Aggregations
Algorithm (org.olat.core.util.Encoder.Algorithm)10
Authentication (org.olat.basesecurity.Authentication)4
Identity (org.olat.core.id.Identity)4
ArrayList (java.util.ArrayList)2
Date (java.util.Date)2
OLATAuthenticationController (org.olat.login.OLATAuthenticationController)2
PseudonymImpl (org.olat.modules.fo.model.PseudonymImpl)2
