Example 1 with InvalidPasswordException
use of org.summerb.microservices.users.api.exceptions.InvalidPasswordException in project summerb by skarpushin.
the class AuthTokenServiceImpl method authenticate.
@Override
@Transactional(rollbackFor = Throwable.class)
public AuthToken authenticate(String userEmail, String passwordPlain, String clientIp) throws UserNotFoundException, FieldValidationException, InvalidPasswordException {
Preconditions.checkArgument(userEmail != null);
Preconditions.checkArgument(passwordPlain != null);
Preconditions.checkArgument(clientIp != null);
try {
User user = validateAndGetUser(userEmail, passwordPlain);
return createAuthToken(user.getEmail(), clientIp, UUID.randomUUID().toString(), UUID.randomUUID().toString());
} catch (Throwable t) {
Throwables.throwIfInstanceOf(t, UserNotFoundException.class);
Throwables.throwIfInstanceOf(t, FieldValidationException.class);
Throwables.throwIfInstanceOf(t, InvalidPasswordException.class);
String msg = String.format("Failed to create auth otken for user '%s'", userEmail);
throw new UserServiceUnexpectedException(msg, t);
}
}
Also used :
UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException)
FieldValidationException(org.summerb.approaches.validation.FieldValidationException)
User(org.summerb.microservices.users.api.dto.User)
UserServiceUnexpectedException(org.summerb.microservices.users.api.exceptions.UserServiceUnexpectedException)
InvalidPasswordException(org.summerb.microservices.users.api.exceptions.InvalidPasswordException)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 2 with InvalidPasswordException
use of org.summerb.microservices.users.api.exceptions.InvalidPasswordException in project summerb by skarpushin.
the class AuthenticationProviderImpl method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// Ensure that all conditions apply
Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
// check we have credentials specified
if (authentication.getCredentials() == null) {
logger.debug("Authentication failed: no credentials provided");
throw new BadCredentialsException(getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
// Determine user-name
String username = (authentication.getPrincipal() == null) ? "" : authentication.getName();
// Encode password
String presentedPlainPassword = authentication.getCredentials().toString();
try {
if (loginEligibilityVerifier != null) {
loginEligibilityVerifier.validateUserAllowedToLogin(username);
}
// Proceed with authentication
// get user
User user = userService.getUserByEmail(username);
// check password
if (!passwordService.isUserPasswordValid(user.getUuid(), presentedPlainPassword)) {
throw new InvalidPasswordException();
}
// get user permission
List<String> permissions = permissionService.findUserPermissionsForSubject(SecurityConstants.DOMAIN, user.getUuid(), null);
UserDetailsImpl userDetails = new UserDetailsImpl(user, "[PASSWORD REMOVED]", permissions, null);
UsernamePasswordAuthenticationToken ret = new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(), userDetails.getAuthorities());
ret.setDetails(authentication.getDetails());
return ret;
} catch (FieldValidationException e) {
throw buildBadCredentialsExc(e);
} catch (UserNotFoundException e) {
throw buildBadCredentialsExc(new FieldValidationException(new UserNotFoundValidationError()));
} catch (InvalidPasswordException e) {
throw buildBadCredentialsExc(new FieldValidationException(new PasswordInvalidValidationError()));
} catch (Throwable t) {
throw new AuthenticationServiceException(getMessage(SecurityMessageCodes.AUTH_FATAL, "Fatal authentication exception"), t);
}
}
Also used :
FieldValidationException(org.summerb.approaches.validation.FieldValidationException)
UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException)
User(org.summerb.microservices.users.api.dto.User)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
PasswordInvalidValidationError(org.summerb.approaches.springmvc.security.ve.PasswordInvalidValidationError)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
UserDetailsImpl(org.summerb.approaches.springmvc.security.dto.UserDetailsImpl)
InvalidPasswordException(org.summerb.microservices.users.api.exceptions.InvalidPasswordException)
UserNotFoundValidationError(org.summerb.approaches.springmvc.security.ve.UserNotFoundValidationError)
Example 3 with InvalidPasswordException
use of org.summerb.microservices.users.api.exceptions.InvalidPasswordException in project summerb by skarpushin.
the class AuthTokenServiceImpl method validateAndGetUser.
private User validateAndGetUser(String userEmail, String passwordPlain) throws UserNotFoundException, FieldValidationException, InvalidPasswordException {
try {
User user = userService.getUserByEmail(userEmail);
boolean isPasswordValid = passwordService.isUserPasswordValid(user.getUuid(), passwordPlain);
if (!isPasswordValid) {
throw new InvalidPasswordException();
}
return user;
} catch (Throwable t) {
Throwables.throwIfInstanceOf(t, UserNotFoundException.class);
Throwables.throwIfInstanceOf(t, FieldValidationException.class);
Throwables.throwIfInstanceOf(t, InvalidPasswordException.class);
String msg = String.format("Failed to validate user '%s' and password '%s'", userEmail, passwordPlain);
throw new UserServiceUnexpectedException(msg, t);
}
}
Also used :
UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException)
FieldValidationException(org.summerb.approaches.validation.FieldValidationException)
User(org.summerb.microservices.users.api.dto.User)
UserServiceUnexpectedException(org.summerb.microservices.users.api.exceptions.UserServiceUnexpectedException)
InvalidPasswordException(org.summerb.microservices.users.api.exceptions.InvalidPasswordException)
Aggregations
FieldValidationException (org.summerb.approaches.validation.FieldValidationException)3
User (org.summerb.microservices.users.api.dto.User)3
InvalidPasswordException (org.summerb.microservices.users.api.exceptions.InvalidPasswordException)3
UserNotFoundException (org.summerb.microservices.users.api.exceptions.UserNotFoundException)3
UserServiceUnexpectedException (org.summerb.microservices.users.api.exceptions.UserServiceUnexpectedException)2
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
Transactional (org.springframework.transaction.annotation.Transactional)1
UserDetailsImpl (org.summerb.approaches.springmvc.security.dto.UserDetailsImpl)1
PasswordInvalidValidationError (org.summerb.approaches.springmvc.security.ve.PasswordInvalidValidationError)1
UserNotFoundValidationError (org.summerb.approaches.springmvc.security.ve.UserNotFoundValidationError)1
