Examples with BadCredentialsException org.springframework.security.authentication.BadCredentialsException used on opensource projects

Example 86 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project gocd by gocd.

the class BasicAuthHeaderExtractor method extractBasicAuthenticationCredentials.

public static UsernamePassword extractBasicAuthenticationCredentials(String authorizationHeader) {
    if (isBlank(authorizationHeader)) {
        return null;
    }
    final Matcher matcher = BASIC_AUTH_EXTRACTOR_PATTERN.matcher(authorizationHeader);
    if (matcher.matches()) {
        final String encodedCredentials = matcher.group(1);
        final byte[] decode = Base64.getDecoder().decode(encodedCredentials);
        String decodedCredentials = new String(decode, StandardCharsets.UTF_8);
        final int indexOfSeparator = decodedCredentials.indexOf(':');
        if (indexOfSeparator == -1) {
            throw new BadCredentialsException("Invalid basic authentication credentials specified in request.");
        }
        final String username = decodedCredentials.substring(0, indexOfSeparator);
        final String password = decodedCredentials.substring(indexOfSeparator + 1);
        return new UsernamePassword(username, password);
    }
    return null;
}

Example 87 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project engine by craftercms.

the class ConfigAwareAuthenticationFailureHandlerTest method testProcessRequest.

@Test
public void testProcessRequest() throws Exception {
    HttpServletRequest request = RequestContext.getCurrent().getRequest();
    HttpServletResponse response = RequestContext.getCurrent().getResponse();
    handler.onAuthenticationFailure(request, response, new BadCredentialsException(""));
    assertEquals(config.getString(ConfigAwareAuthenticationFailureHandler.LOGIN_FAILURE_URL_KEY), ((MockHttpServletResponse) RequestContext.getCurrent().getResponse()).getRedirectedUrl());
}

Example 88 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project cas by apereo.

the class EndpointLdapAuthenticationProvider method authenticate.

@Override
public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
    try {
        val username = authentication.getPrincipal().toString();
        val credentials = authentication.getCredentials();
        val password = Optional.ofNullable(credentials).map(Object::toString).orElse(null);
        if (StringUtils.isBlank(password)) {
            throw new IllegalArgumentException("Password cannot be blank");
        }
        LOGGER.debug("Preparing LDAP authentication request for user [{}]", username);
        val request = new AuthenticationRequest(username, new Credential(password), ReturnAttributes.ALL.value());
        LOGGER.debug("Executing LDAP authentication request for user [{}]", username);
        val response = this.authenticator.authenticate(request);
        LOGGER.debug("LDAP response: [{}]", response);
        if (response.isSuccess()) {
            val roles = securityProperties.getUser().getRoles();
            if (roles.isEmpty()) {
                LOGGER.info("No user security roles are defined to enable authorization. User [{}] is considered authorized", username);
                return generateAuthenticationToken(authentication, new ArrayList<>(0));
            }
            val entry = response.getLdapEntry();
            val profile = new CommonProfile();
            profile.setId(username);
            entry.getAttributes().forEach(a -> profile.addAttribute(a.getName(), a.getStringValues()));
            LOGGER.debug("Collected user profile [{}]", profile);
            val context = new JEEContext(HttpRequestUtils.getHttpServletRequestFromRequestAttributes(), HttpRequestUtils.getHttpServletResponseFromRequestAttributes());
            val authZGen = buildAuthorizationGenerator();
            authZGen.generate(context, JEESessionStore.INSTANCE, profile);
            LOGGER.debug("Assembled user profile with roles after generating authorization claims [{}]", profile);
            val authorities = profile.getRoles().stream().map(SimpleGrantedAuthority::new).collect(Collectors.toCollection(ArrayList::new));
            LOGGER.debug("List of authorities remapped from profile roles are [{}]", authorities);
            val authorizer = new RequireAnyRoleAuthorizer(roles);
            LOGGER.debug("Executing authorization for expected admin roles [{}]", authorizer.getElements());
            if (authorizer.isAllAuthorized(context, JEESessionStore.INSTANCE, CollectionUtils.wrap(profile))) {
                return generateAuthenticationToken(authentication, authorities);
            }
            LOGGER.warn("User [{}] is not authorized to access the requested resource allowed to roles [{}]", username, authorizer.getElements());
        } else {
            LOGGER.warn("LDAP authentication response produced no results for [{}]", username);
        }
    } catch (final Exception e) {
        LoggingUtils.error(LOGGER, e);
        throw new InsufficientAuthenticationException("Unexpected LDAP error", e);
    }
    throw new BadCredentialsException("Could not authenticate provided credentials");
}

Example 89 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security-oauth by spring-projects.

the class PhotoServiceImpl method getPhotosForCurrentUser.

public Collection<PhotoInfo> getPhotosForCurrentUser() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication.getPrincipal() instanceof UserDetails) {
        UserDetails details = (UserDetails) authentication.getPrincipal();
        String username = details.getUsername();
        ArrayList<PhotoInfo> infos = new ArrayList<PhotoInfo>();
        for (PhotoInfo info : getPhotos()) {
            if (username.equals(info.getUserId())) {
                infos.add(info);
            }
        }
        return infos;
    } else {
        throw new BadCredentialsException("Bad credentials: not a username/password authentication.");
    }
}

Example 90 with BadCredentialsException

use of org.springframework.security.authentication.BadCredentialsException in project spring-security-oauth by spring-projects.

the class OAuth2ClientAuthenticationProcessingFilter method attemptAuthentication.

@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
    OAuth2AccessToken accessToken;
    try {
        accessToken = restTemplate.getAccessToken();
    } catch (OAuth2Exception e) {
        BadCredentialsException bad = new BadCredentialsException("Could not obtain access token", e);
        publish(new OAuth2AuthenticationFailureEvent(bad));
        throw bad;
    }
    try {
        OAuth2Authentication result = tokenServices.loadAuthentication(accessToken.getValue());
        if (authenticationDetailsSource != null) {
            request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, accessToken.getValue());
            request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_TYPE, accessToken.getTokenType());
            result.setDetails(authenticationDetailsSource.buildDetails(request));
        }
        publish(new AuthenticationSuccessEvent(result));
        return result;
    } catch (InvalidTokenException e) {
        BadCredentialsException bad = new BadCredentialsException("Could not obtain user details from token", e);
        publish(new OAuth2AuthenticationFailureEvent(bad));
        throw bad;
    }
}