Examples with Authentication org.openhab.core.auth.Authentication used on opensource projects

Search in sources :

Example 6 with Authentication

use of org.openhab.core.auth.Authentication in project openhab-core by openhab.

the class ExpiringUserSecurityContextCacheTest method createValues.

private Map<String, UserSecurityContext> createValues(int count) {
    Map<String, UserSecurityContext> map = new LinkedHashMap<>();
    for (int i = 0; i < count; i++) {
        String userName = "user" + i;
        UserSecurityContext userSecurityContext = new UserSecurityContext(new GenericUser(userName), new Authentication(userName), userName + " token");
        map.put("key" + i, userSecurityContext);
    }
    return map;
}
Also used : GenericUser(org.openhab.core.auth.GenericUser) Authentication(org.openhab.core.auth.Authentication) LinkedHashMap(java.util.LinkedHashMap)

Example 7 with Authentication

use of org.openhab.core.auth.Authentication in project openhab-core by openhab.

the class UserRegistryImpl method authenticate.

@Override
public Authentication authenticate(Credentials credentials) throws AuthenticationException {
    if (credentials instanceof UsernamePasswordCredentials) {
        UsernamePasswordCredentials usernamePasswordCreds = (UsernamePasswordCredentials) credentials;
        User user = get(usernamePasswordCreds.getUsername());
        if (user == null) {
            throw new AuthenticationException("User not found: " + usernamePasswordCreds.getUsername());
        }
        ManagedUser managedUser = (ManagedUser) user;
        String hashedPassword = hash(usernamePasswordCreds.getPassword(), managedUser.getPasswordSalt(), PASSWORD_ITERATIONS).get();
        if (!hashedPassword.equals(managedUser.getPasswordHash())) {
            throw new AuthenticationException("Wrong password for user " + usernamePasswordCreds.getUsername());
        }
        return new Authentication(managedUser.getName(), managedUser.getRoles().stream().toArray(String[]::new));
    } else if (credentials instanceof UserApiTokenCredentials) {
        UserApiTokenCredentials apiTokenCreds = (UserApiTokenCredentials) credentials;
        String[] apiTokenParts = apiTokenCreds.getApiToken().split("\\.");
        if (apiTokenParts.length != 3 || !APITOKEN_PREFIX.equals(apiTokenParts[0])) {
            throw new AuthenticationException("Invalid API token format");
        }
        for (User user : getAll()) {
            ManagedUser managedUser = (ManagedUser) user;
            for (UserApiToken userApiToken : managedUser.getApiTokens()) {
                // only check if the name in the token matches
                if (!userApiToken.getName().equals(apiTokenParts[1])) {
                    continue;
                }
                String[] existingTokenHashAndSalt = userApiToken.getApiToken().split(":");
                String incomingTokenHash = hash(apiTokenCreds.getApiToken(), existingTokenHashAndSalt[1], APITOKEN_ITERATIONS).get();
                if (incomingTokenHash.equals(existingTokenHashAndSalt[0])) {
                    return new Authentication(managedUser.getName(), managedUser.getRoles().stream().toArray(String[]::new), userApiToken.getScope());
                }
            }
        }
        throw new AuthenticationException("Unknown API token");
    }
    throw new IllegalArgumentException("Invalid credential type");
}
Also used : UserApiTokenCredentials(org.openhab.core.auth.UserApiTokenCredentials) ManagedUser(org.openhab.core.auth.ManagedUser) User(org.openhab.core.auth.User) AuthenticationException(org.openhab.core.auth.AuthenticationException) ManagedUser(org.openhab.core.auth.ManagedUser) Authentication(org.openhab.core.auth.Authentication) UserApiToken(org.openhab.core.auth.UserApiToken) UsernamePasswordCredentials(org.openhab.core.auth.UsernamePasswordCredentials)

Aggregations

Authentication (org.openhab.core.auth.Authentication)7 AuthenticationException (org.openhab.core.auth.AuthenticationException)6 User (org.openhab.core.auth.User)4 UsernamePasswordCredentials (org.openhab.core.auth.UsernamePasswordCredentials)3 UserApiTokenCredentials (org.openhab.core.auth.UserApiTokenCredentials)2 LinkedHashMap (java.util.LinkedHashMap)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 JwtClaims (org.jose4j.jwt.JwtClaims)1 MalformedClaimException (org.jose4j.jwt.MalformedClaimException)1 InvalidJwtException (org.jose4j.jwt.consumer.InvalidJwtException)1 JwtConsumer (org.jose4j.jwt.consumer.JwtConsumer)1 JwtConsumerBuilder (org.jose4j.jwt.consumer.JwtConsumerBuilder)1 Credentials (org.openhab.core.auth.Credentials)1 GenericUser (org.openhab.core.auth.GenericUser)1 ManagedUser (org.openhab.core.auth.ManagedUser)1 UserApiToken (org.openhab.core.auth.UserApiToken)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial