Example 1 with AuthenticateResponse
use of org.platformlayer.auth.model.AuthenticateResponse in project platformlayer by platformlayer.
the class LoginService method authenticate.
public AuthenticateResponse authenticate(HttpServletRequest httpRequest, AuthenticateRequest request) {
AuthenticateResponse response = new AuthenticateResponse();
String username = null;
UserEntity user = null;
if (request.auth.passwordCredentials != null) {
username = request.auth.passwordCredentials.username;
String password = request.auth.passwordCredentials.password;
try {
user = userAuthenticator.authenticate(username, password);
} catch (AuthenticatorException e) {
// An exception indicates something went wrong (i.e. not just
// bad credentials)
log.warn("Error while getting user info", e);
throw new IllegalStateException("Error while getting user info", e);
}
} else if (request.auth.certificateCredentials != null) {
username = request.auth.certificateCredentials.username;
X509Certificate[] certificateChain = HttpUtils.getCertificateChain(httpRequest);
if (certificateChain == null) {
return null;
}
byte[] challengeResponse = request.auth.certificateCredentials.challengeResponse;
CertificateAuthenticationRequest details = new CertificateAuthenticationRequest();
details.certificateChain = certificateChain;
details.username = username;
// details.projectKey = projectKey;
details.challengeResponse = challengeResponse;
CertificateAuthenticationResponse result = null;
try {
result = userAuthenticator.authenticate(details);
} catch (AuthenticatorException e) {
log.warn("Error while authenticating by certificate", e);
throw new IllegalStateException("Error while authenticating by certificate", e);
}
if (result == null) {
return null;
}
if (challengeResponse != null) {
if (result.user == null) {
return null;
}
user = (UserEntity) result.user;
} else {
log.debug("Returning authentication challenge for user: " + username);
response.challenge = result.challenge;
return response;
}
} else {
return null;
}
if (user == null) {
log.debug("Authentication request failed. Username=" + username);
return null;
}
log.debug("Successful authentication for user: " + user.key);
response.access = tokenHelpers.buildAccess(user);
return response;
}
Also used :
AuthenticateResponse(org.platformlayer.auth.model.AuthenticateResponse)
CertificateAuthenticationResponse(org.platformlayer.auth.CertificateAuthenticationResponse)
CertificateAuthenticationRequest(org.platformlayer.auth.CertificateAuthenticationRequest)
AuthenticatorException(org.platformlayer.auth.AuthenticatorException)
UserEntity(org.platformlayer.auth.UserEntity)
Example 2 with AuthenticateResponse
use of org.platformlayer.auth.model.AuthenticateResponse in project platformlayer by platformlayer.
the class RestLoginServlet method processRequest.
protected void processRequest(final HttpServletRequest httpRequest, final HttpServletResponse httpResponse, final AuthenticateRequest request, boolean checkLimit) throws IOException {
try {
if (request.auth == null) {
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
String username = getUsername(request);
if (Strings.isNullOrEmpty(username)) {
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
if (checkLimit && limits.isOverLimit(httpRequest, username)) {
final AsyncContext asyncContext = httpRequest.startAsync(httpRequest, httpResponse);
asyncExecutor.schedule(LoginService.OVER_LIMIT_DELAY, new Runnable() {
@Override
public void run() {
try {
processRequest(httpRequest, httpResponse, request, false);
asyncContext.complete();
} catch (Exception e) {
log.error("Unexpected error caught in async task", e);
}
}
});
return;
}
AuthenticateResponse authenticateResponse = loginService.authenticate(httpRequest, request);
if (authenticateResponse == null) {
limits.recordFail(httpRequest, username);
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
marshaller.write(httpRequest, httpResponse, authenticateResponse);
} catch (WebApplicationException e) {
log.info("Returning exception from servlet", e);
httpResponse.sendError(e.getResponse().getStatus());
} catch (Exception e) {
log.warn("Unexpected error in servlet", e);
httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
Also used :
AuthenticateResponse(org.platformlayer.auth.model.AuthenticateResponse)
WebApplicationException(javax.ws.rs.WebApplicationException)
AsyncContext(javax.servlet.AsyncContext)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
WebApplicationException(javax.ws.rs.WebApplicationException)
Aggregations
AuthenticateResponse (org.platformlayer.auth.model.AuthenticateResponse)2
IOException (java.io.IOException)1
AsyncContext (javax.servlet.AsyncContext)1
ServletException (javax.servlet.ServletException)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
AuthenticatorException (org.platformlayer.auth.AuthenticatorException)1
CertificateAuthenticationRequest (org.platformlayer.auth.CertificateAuthenticationRequest)1
CertificateAuthenticationResponse (org.platformlayer.auth.CertificateAuthenticationResponse)1
UserEntity (org.platformlayer.auth.UserEntity)1
