Search in sources :

Example 76 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.

the class CustomTokenGranter method getOAuth2Authentication.

protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
    Map<String, String> params = tokenRequest.getRequestParameters();
    String username = params.containsKey("username") ? params.get("username") : "guest";
    List<GrantedAuthority> authorities = params.containsKey("authorities") ? AuthorityUtils.createAuthorityList(OAuth2Utils.parseParameterList(params.get("authorities")).toArray(new String[0])) : AuthorityUtils.NO_AUTHORITIES;
    Authentication user = new UsernamePasswordAuthenticationToken(username, "N/A", authorities);
    OAuth2Authentication authentication = new OAuth2Authentication(tokenRequest.createOAuth2Request(client), user);
    return authentication;
}
Also used : OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)

Example 77 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class AbstractLdapAuthenticationProvider method authenticate.

public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, this.messages.getMessage("LdapAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
    final UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken) authentication;
    String username = userToken.getName();
    String password = (String) authentication.getCredentials();
    if (this.logger.isDebugEnabled()) {
        this.logger.debug("Processing authentication request for user: " + username);
    }
    if (!StringUtils.hasLength(username)) {
        throw new BadCredentialsException(this.messages.getMessage("LdapAuthenticationProvider.emptyUsername", "Empty Username"));
    }
    if (!StringUtils.hasLength(password)) {
        throw new BadCredentialsException(this.messages.getMessage("AbstractLdapAuthenticationProvider.emptyPassword", "Empty Password"));
    }
    Assert.notNull(password, "Null password was supplied in authentication token");
    DirContextOperations userData = doAuthentication(userToken);
    UserDetails user = this.userDetailsContextMapper.mapUserFromContext(userData, authentication.getName(), loadUserAuthorities(userData, authentication.getName(), (String) authentication.getCredentials()));
    return createSuccessfulAuthentication(userToken, user);
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) DirContextOperations(org.springframework.ldap.core.DirContextOperations) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)

Example 78 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class AbstractLdapAuthenticationProvider method createSuccessfulAuthentication.

/**
	 * Creates the final {@code Authentication} object which will be returned from the
	 * {@code authenticate} method.
	 *
	 * @param authentication the original authentication request token
	 * @param user the <tt>UserDetails</tt> instance returned by the configured
	 * <tt>UserDetailsContextMapper</tt>.
	 * @return the Authentication object for the fully authenticated user.
	 */
protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken authentication, UserDetails user) {
    Object password = this.useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword();
    UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, this.authoritiesMapper.mapAuthorities(user.getAuthorities()));
    result.setDetails(authentication.getDetails());
    return result;
}
Also used : UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)

Example 79 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class BindAuthenticatorTests method testAuthenticationWithCorrectPasswordSucceeds.

@Test
public void testAuthenticationWithCorrectPasswordSucceeds() {
    this.authenticator.setUserDnPatterns(new String[] { "uid={0},ou=people", "cn={0},ou=people" });
    DirContextOperations user = this.authenticator.authenticate(this.bob);
    assertThat(user.getStringAttribute("uid")).isEqualTo("bob");
    this.authenticator.authenticate(new UsernamePasswordAuthenticationToken("mouse, jerry", "jerryspassword"));
}
Also used : DirContextOperations(org.springframework.ldap.core.DirContextOperations) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Test(org.junit.Test)

Example 80 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class BindAuthenticatorTests method setUp.

// ~ Methods
// ========================================================================================================
@Before
public void setUp() {
    this.authenticator = new BindAuthenticator(getContextSource());
    this.authenticator.setMessageSource(new SpringSecurityMessageSource());
    this.bob = new UsernamePasswordAuthenticationToken("bob", "bobspassword");
}
Also used : SpringSecurityMessageSource(org.springframework.security.core.SpringSecurityMessageSource) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Before(org.junit.Before)

Aggregations

UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)309 Test (org.junit.Test)156 Authentication (org.springframework.security.core.Authentication)114 GrantedAuthority (org.springframework.security.core.GrantedAuthority)37 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)34 UserDetails (org.springframework.security.core.userdetails.UserDetails)33 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)29 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)27 SecurityContext (org.springframework.security.core.context.SecurityContext)21 AuthenticationException (org.springframework.security.core.AuthenticationException)20 User (org.springframework.security.core.userdetails.User)17 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)15 ArrayList (java.util.ArrayList)14 OrcidProfileUserDetails (org.orcid.core.oauth.OrcidProfileUserDetails)13 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)13 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)13 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)12 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)11 Before (org.junit.Before)8 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8