use of org.platformlayer.auth.model.AuthenticateResponse in project platformlayer by platformlayer.
the class LoginService method authenticate.
public AuthenticateResponse authenticate(HttpServletRequest httpRequest, AuthenticateRequest request) {
AuthenticateResponse response = new AuthenticateResponse();
String username = null;
UserEntity user = null;
if (request.auth.passwordCredentials != null) {
username = request.auth.passwordCredentials.username;
String password = request.auth.passwordCredentials.password;
try {
user = userAuthenticator.authenticate(username, password);
} catch (AuthenticatorException e) {
// An exception indicates something went wrong (i.e. not just
// bad credentials)
log.warn("Error while getting user info", e);
throw new IllegalStateException("Error while getting user info", e);
}
} else if (request.auth.certificateCredentials != null) {
username = request.auth.certificateCredentials.username;
X509Certificate[] certificateChain = HttpUtils.getCertificateChain(httpRequest);
if (certificateChain == null) {
return null;
}
byte[] challengeResponse = request.auth.certificateCredentials.challengeResponse;
CertificateAuthenticationRequest details = new CertificateAuthenticationRequest();
details.certificateChain = certificateChain;
details.username = username;
// details.projectKey = projectKey;
details.challengeResponse = challengeResponse;
CertificateAuthenticationResponse result = null;
try {
result = userAuthenticator.authenticate(details);
} catch (AuthenticatorException e) {
log.warn("Error while authenticating by certificate", e);
throw new IllegalStateException("Error while authenticating by certificate", e);
}
if (result == null) {
return null;
}
if (challengeResponse != null) {
if (result.user == null) {
return null;
}
user = (UserEntity) result.user;
} else {
log.debug("Returning authentication challenge for user: " + username);
response.challenge = result.challenge;
return response;
}
} else {
return null;
}
if (user == null) {
log.debug("Authentication request failed. Username=" + username);
return null;
}
log.debug("Successful authentication for user: " + user.key);
response.access = tokenHelpers.buildAccess(user);
return response;
}
use of org.platformlayer.auth.model.AuthenticateResponse in project platformlayer by platformlayer.
the class RestLoginServlet method processRequest.
protected void processRequest(final HttpServletRequest httpRequest, final HttpServletResponse httpResponse, final AuthenticateRequest request, boolean checkLimit) throws IOException {
try {
if (request.auth == null) {
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
String username = getUsername(request);
if (Strings.isNullOrEmpty(username)) {
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
if (checkLimit && limits.isOverLimit(httpRequest, username)) {
final AsyncContext asyncContext = httpRequest.startAsync(httpRequest, httpResponse);
asyncExecutor.schedule(LoginService.OVER_LIMIT_DELAY, new Runnable() {
@Override
public void run() {
try {
processRequest(httpRequest, httpResponse, request, false);
asyncContext.complete();
} catch (Exception e) {
log.error("Unexpected error caught in async task", e);
}
}
});
return;
}
AuthenticateResponse authenticateResponse = loginService.authenticate(httpRequest, request);
if (authenticateResponse == null) {
limits.recordFail(httpRequest, username);
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
marshaller.write(httpRequest, httpResponse, authenticateResponse);
} catch (WebApplicationException e) {
log.info("Returning exception from servlet", e);
httpResponse.sendError(e.getResponse().getStatus());
} catch (Exception e) {
log.warn("Unexpected error in servlet", e);
httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
Aggregations