Search in sources :

Example 6 with UserNotFoundException

use of org.summerb.microservices.users.api.exceptions.UserNotFoundException in project summerb by skarpushin.

the class AuthenticationProviderImpl method authenticate.

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    // Ensure that all conditions apply
    Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
    // check we have credentials specified
    if (authentication.getCredentials() == null) {
        logger.debug("Authentication failed: no credentials provided");
        throw new BadCredentialsException(getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
    }
    // Determine user-name
    String username = (authentication.getPrincipal() == null) ? "" : authentication.getName();
    // Encode password
    String presentedPlainPassword = authentication.getCredentials().toString();
    try {
        if (loginEligibilityVerifier != null) {
            loginEligibilityVerifier.validateUserAllowedToLogin(username);
        }
        // Proceed with authentication
        // get user
        User user = userService.getUserByEmail(username);
        // check password
        if (!passwordService.isUserPasswordValid(user.getUuid(), presentedPlainPassword)) {
            throw new InvalidPasswordException();
        }
        // get user permission
        List<String> permissions = permissionService.findUserPermissionsForSubject(SecurityConstants.DOMAIN, user.getUuid(), null);
        UserDetailsImpl userDetails = new UserDetailsImpl(user, "[PASSWORD REMOVED]", permissions, null);
        UsernamePasswordAuthenticationToken ret = new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(), userDetails.getAuthorities());
        ret.setDetails(authentication.getDetails());
        return ret;
    } catch (FieldValidationException e) {
        throw buildBadCredentialsExc(e);
    } catch (UserNotFoundException e) {
        throw buildBadCredentialsExc(new FieldValidationException(new UserNotFoundValidationError()));
    } catch (InvalidPasswordException e) {
        throw buildBadCredentialsExc(new FieldValidationException(new PasswordInvalidValidationError()));
    } catch (Throwable t) {
        throw new AuthenticationServiceException(getMessage(SecurityMessageCodes.AUTH_FATAL, "Fatal authentication exception"), t);
    }
}
Also used : FieldValidationException(org.summerb.approaches.validation.FieldValidationException) UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException) User(org.summerb.microservices.users.api.dto.User) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) PasswordInvalidValidationError(org.summerb.approaches.springmvc.security.ve.PasswordInvalidValidationError) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) UserDetailsImpl(org.summerb.approaches.springmvc.security.dto.UserDetailsImpl) InvalidPasswordException(org.summerb.microservices.users.api.exceptions.InvalidPasswordException) UserNotFoundValidationError(org.summerb.approaches.springmvc.security.ve.UserNotFoundValidationError)

Example 7 with UserNotFoundException

use of org.summerb.microservices.users.api.exceptions.UserNotFoundException in project summerb by skarpushin.

the class UserDetailsServiceDefaultImpl method loadUserByUsername.

@Override
public UserDetails loadUserByUsername(String userEmail) throws UsernameNotFoundException {
    try {
        User user = userService.getUserByEmail(userEmail);
        List<String> permissions = permissionService.findUserPermissionsForSubject(SecurityConstants.DOMAIN, user.getUuid(), null);
        AuthToken authToken = null;
        UserDetailsImpl ret = new UserDetailsImpl(user, null, permissions, authToken);
        return ret;
    } catch (UserNotFoundException e) {
        throw new UsernameNotFoundException("User not found", e);
    } catch (FieldValidationException e) {
        throw new UsernameNotFoundException("Email provided in invalid format", e);
    } catch (Throwable t) {
        throw new UsernameNotFoundException("Failed to get user by email", t);
    }
}
Also used : UserDetailsImpl(org.summerb.approaches.springmvc.security.dto.UserDetailsImpl) UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException) UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException) FieldValidationException(org.summerb.approaches.validation.FieldValidationException) User(org.summerb.microservices.users.api.dto.User) AuthToken(org.summerb.microservices.users.api.dto.AuthToken)

Example 8 with UserNotFoundException

use of org.summerb.microservices.users.api.exceptions.UserNotFoundException in project summerb by skarpushin.

the class AuthTokenServiceImpl method createAuthToken.

@Override
@Transactional(rollbackFor = Throwable.class)
public AuthToken createAuthToken(String userEmail, String clientIp, String tokenUuid, String tokenValueUuid) throws UserNotFoundException, FieldValidationException {
    Preconditions.checkArgument(userEmail != null);
    Preconditions.checkArgument(clientIp != null);
    Preconditions.checkArgument(StringUtils.hasText(tokenUuid));
    Preconditions.checkArgument(StringUtils.hasText(tokenValueUuid));
    try {
        User user = userService.getUserByEmail(userEmail);
        AuthToken authToken = buildNewAuthToken(user, clientIp, tokenUuid, tokenValueUuid);
        authTokenDao.createAuthToken(authToken);
        return authToken;
    } catch (Throwable t) {
        Throwables.throwIfInstanceOf(t, UserNotFoundException.class);
        Throwables.throwIfInstanceOf(t, FieldValidationException.class);
        String msg = String.format("Failed to create auth otken for user '%s'", userEmail);
        throw new UserServiceUnexpectedException(msg, t);
    }
}
Also used : UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException) FieldValidationException(org.summerb.approaches.validation.FieldValidationException) User(org.summerb.microservices.users.api.dto.User) UserServiceUnexpectedException(org.summerb.microservices.users.api.exceptions.UserServiceUnexpectedException) AuthToken(org.summerb.microservices.users.api.dto.AuthToken) Transactional(org.springframework.transaction.annotation.Transactional)

Example 9 with UserNotFoundException

use of org.summerb.microservices.users.api.exceptions.UserNotFoundException in project summerb by skarpushin.

the class AuthTokenServiceImpl method validateAndGetUser.

private User validateAndGetUser(String userEmail, String passwordPlain) throws UserNotFoundException, FieldValidationException, InvalidPasswordException {
    try {
        User user = userService.getUserByEmail(userEmail);
        boolean isPasswordValid = passwordService.isUserPasswordValid(user.getUuid(), passwordPlain);
        if (!isPasswordValid) {
            throw new InvalidPasswordException();
        }
        return user;
    } catch (Throwable t) {
        Throwables.throwIfInstanceOf(t, UserNotFoundException.class);
        Throwables.throwIfInstanceOf(t, FieldValidationException.class);
        Throwables.throwIfInstanceOf(t, InvalidPasswordException.class);
        String msg = String.format("Failed to validate user '%s' and password '%s'", userEmail, passwordPlain);
        throw new UserServiceUnexpectedException(msg, t);
    }
}
Also used : UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException) FieldValidationException(org.summerb.approaches.validation.FieldValidationException) User(org.summerb.microservices.users.api.dto.User) UserServiceUnexpectedException(org.summerb.microservices.users.api.exceptions.UserServiceUnexpectedException) InvalidPasswordException(org.summerb.microservices.users.api.exceptions.InvalidPasswordException)

Example 10 with UserNotFoundException

use of org.summerb.microservices.users.api.exceptions.UserNotFoundException in project summerb by skarpushin.

the class UserServiceImpl method deleteUserByUuid.

@Override
@Transactional(rollbackFor = Throwable.class)
public void deleteUserByUuid(String userUuid) throws UserNotFoundException {
    Preconditions.checkArgument(userUuid != null, "User uuid required");
    Preconditions.checkArgument(StringUtils.hasText(userUuid), "User uuid must be provided");
    boolean isDeletedSucceessfully = false;
    try {
        User userToDelete = userDao.findUserByUuid(userUuid);
        if (userToDelete != null) {
            isDeletedSucceessfully = userDao.deleteUser(userUuid);
            // NOTE: Assumed, that all related stuff will be deleted
            // automatically using CASCADE DELETE in the database
            eventBus.post(EntityChangedEvent.removedObject(userToDelete));
        }
    } catch (Throwable t) {
        String msg = String.format("Failed to delete user '%s'", userUuid);
        throw new UserServiceUnexpectedException(msg, t);
    }
    if (!isDeletedSucceessfully) {
        throw new UserNotFoundException(userUuid);
    }
}
Also used : UserNotFoundException(org.summerb.microservices.users.api.exceptions.UserNotFoundException) User(org.summerb.microservices.users.api.dto.User) UserServiceUnexpectedException(org.summerb.microservices.users.api.exceptions.UserServiceUnexpectedException) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

UserNotFoundException (org.summerb.microservices.users.api.exceptions.UserNotFoundException)14 User (org.summerb.microservices.users.api.dto.User)13 UserServiceUnexpectedException (org.summerb.microservices.users.api.exceptions.UserServiceUnexpectedException)9 FieldValidationException (org.summerb.approaches.validation.FieldValidationException)7 Transactional (org.springframework.transaction.annotation.Transactional)6 AuthToken (org.summerb.microservices.users.api.dto.AuthToken)3 InvalidPasswordException (org.summerb.microservices.users.api.exceptions.InvalidPasswordException)3 Test (org.junit.Test)2 UserDetailsImpl (org.summerb.approaches.springmvc.security.dto.UserDetailsImpl)2 DuplicateKeyException (org.springframework.dao.DuplicateKeyException)1 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)1 UserStatus (org.summerb.approaches.springmvc.security.dto.UserStatus)1 PasswordInvalidValidationError (org.summerb.approaches.springmvc.security.ve.PasswordInvalidValidationError)1 RegistrationAlreadyRequestedValidationError (org.summerb.approaches.springmvc.security.ve.RegistrationAlreadyRequestedValidationError)1 UserNotFoundValidationError (org.summerb.approaches.springmvc.security.ve.UserNotFoundValidationError)1 ValidationContext (org.summerb.approaches.validation.ValidationContext)1 AuthTokenNotFoundException (org.summerb.microservices.users.api.exceptions.AuthTokenNotFoundException)1