Example 16 with User
use of org.summerb.users.api.dto.User in project summerb by skarpushin.
the class AuthenticationProviderImpl method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// Ensure that all conditions apply
Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
// check we have credentials specified
if (authentication.getCredentials() == null) {
logger.debug("Authentication failed: no credentials provided");
throw new BadCredentialsException(getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
// Determine user-name
String username = (authentication.getPrincipal() == null) ? "" : authentication.getName();
// Encode password
String presentedPlainPassword = authentication.getCredentials().toString();
try {
if (loginEligibilityVerifier != null) {
loginEligibilityVerifier.validateUserAllowedToLogin(username);
}
// Proceed with authentication
// get user
User user = userService.getUserByEmail(username);
// check password
if (!passwordService.isUserPasswordValid(user.getUuid(), presentedPlainPassword)) {
throw new InvalidPasswordException();
}
// get user permission
List<String> permissions = permissionService.findUserPermissionsForSubject(SecurityConstants.DOMAIN, user.getUuid(), null);
UserDetailsImpl userDetails = new UserDetailsImpl(user, "[PASSWORD REMOVED]", permissions, null);
UsernamePasswordAuthenticationToken ret = new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(), userDetails.getAuthorities());
ret.setDetails(authentication.getDetails());
return ret;
} catch (FieldValidationException e) {
throw buildBadCredentialsExc(e);
} catch (UserNotFoundException e) {
throw buildBadCredentialsExc(new FieldValidationException(new UserNotFoundValidationError()));
} catch (InvalidPasswordException e) {
throw buildBadCredentialsExc(new FieldValidationException(new PasswordInvalidValidationError()));
} catch (Throwable t) {
throw new AuthenticationServiceException(getMessage(SecurityMessageCodes.AUTH_FATAL, "Fatal authentication exception"), t);
}
}
Also used :
FieldValidationException(org.summerb.validation.FieldValidationException)
UserNotFoundException(org.summerb.users.api.exceptions.UserNotFoundException)
User(org.summerb.users.api.dto.User)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
PasswordInvalidValidationError(org.summerb.webappboilerplate.security.ve.PasswordInvalidValidationError)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
InvalidPasswordException(org.summerb.users.api.exceptions.InvalidPasswordException)
UserNotFoundValidationError(org.summerb.webappboilerplate.security.ve.UserNotFoundValidationError)
Example 17 with User
use of org.summerb.users.api.dto.User in project summerb by skarpushin.
the class SecurityMailsMessageBuilderFactoryImpl method getAccountOperationsSender.
@Override
public User getAccountOperationsSender() {
if (registrationEmailSender == null) {
registrationEmailSender = new User();
registrationEmailSender.setEmail(emailSenderAddress);
registrationEmailSender.setDisplayName(emailSenderName);
}
return registrationEmailSender;
}
Also used :
User(org.summerb.users.api.dto.User)
Example 18 with User
use of org.summerb.users.api.dto.User in project summerb by skarpushin.
the class UsersServiceFacadeImpl method registerUser.
@Transactional(rollbackFor = Throwable.class)
@Override
public User registerUser(Registration registration) throws FieldValidationException {
try {
Preconditions.checkArgument(registration != null, "Registration param must be not null");
// Validate display name
validateRegistration(registration);
// Validate user status
UserStatus userStatus = getUserStatusByEmail(registration.getEmail());
if (userStatus == UserStatus.AwaitingActivation) {
throw new FieldValidationException(new RegistrationAlreadyRequestedValidationError());
}
// Create user
User user = null;
if (userStatus == UserStatus.Provisioned) {
user = userService.getUserByEmail(registration.getEmail());
user.setDisplayName(registration.getDisplayName());
user.setLocale(CurrentRequestUtils.getLocale().toString());
user.setTimeZone(TimeZone.getDefault().getID());
userService.updateUser(user);
} else {
user = new User();
user.setEmail(registration.getEmail());
user.setDisplayName(registration.getDisplayName());
user.setLocale(CurrentRequestUtils.getLocale().toString());
user.setTimeZone(TimeZone.getDefault().getID());
user = userService.createUser(user);
}
// Create password
passwordService.setUserPassword(user.getUuid(), registration.getPassword());
// Create user account permissions
permissionService.grantPermission(SecurityConstants.DOMAIN, user.getUuid(), null, SecurityConstants.MARKER_AWAITING_ACTIVATION);
runUserRegisteredHandler(user);
//
return user;
} catch (UserNotFoundException e) {
throw new UserServiceUnexpectedException("User was just created, but not found", e);
} catch (Throwable t) {
Throwables.throwIfInstanceOf(t, FieldValidationException.class);
throw new RuntimeException("Unexpected error while registering user", t);
}
}
Also used :
FieldValidationException(org.summerb.validation.FieldValidationException)
UserNotFoundException(org.summerb.users.api.exceptions.UserNotFoundException)
RegistrationAlreadyRequestedValidationError(org.summerb.webappboilerplate.security.ve.RegistrationAlreadyRequestedValidationError)
User(org.summerb.users.api.dto.User)
UserServiceUnexpectedException(org.summerb.users.api.exceptions.UserServiceUnexpectedException)
UserStatus(org.summerb.webappboilerplate.security.dto.UserStatus)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 19 with User
use of org.summerb.users.api.dto.User in project summerb by skarpushin.
the class UsersServiceFacadeImpl method validatePasswordChangeRequestValid.
protected User validatePasswordChangeRequestValid(String email, PasswordChange passwordChange) throws UserNotFoundException, FieldValidationException {
ValidationContext ctx = new ValidationContext();
ctx.lengthEqOrGreater(passwordChange.getPassword(), 4, LoginParams.FN_PASSWORD);
ctx.equals(passwordChange.getPassword(), SecurityMessageCodes.NEW_PASSWORD, passwordChange.getNewPasswordAgain(), SecurityMessageCodes.NEW_PASSWORD_AGAIN, PasswordChange.FN_NEW_PASSWORD_AGAIN);
User user = null;
if (ctx.hasText(passwordChange.getCurrentPassword(), PasswordChange.FN_CURRENT_PASSWORD)) {
user = userService.getUserByEmail(email);
ctx.isTrue(passwordService.isUserPasswordValid(user.getUuid(), passwordChange.getCurrentPassword()), InvalidPasswordException.ERROR_LOGIN_INVALID_PASSWORD, PasswordChange.FN_CURRENT_PASSWORD);
}
ctx.throwIfHasErrors();
return user;
}
Also used :
User(org.summerb.users.api.dto.User)
ValidationContext(org.summerb.validation.ValidationContext)
Example 20 with User
use of org.summerb.users.api.dto.User in project summerb by skarpushin.
the class UsersServiceFacadeImpl method runUserRegisteredHandler.
protected void runUserRegisteredHandler(final User user) {
if (userRegisteredHandler == null) {
return;
}
List<String> perms = permissionService.findUserPermissionsForSubject(SecurityConstants.DOMAIN, user.getUuid(), null);
ElevationRunnerImpl runAs = new ElevationRunnerImpl(new ElevationStrategyRunAsUserImpl<User>(user, perms));
runAs.runElevated(new Runnable() {
@Override
public void run() {
userRegisteredHandler.onUserRegistered(user);
}
});
}
Also used :
User(org.summerb.users.api.dto.User)
ElevationRunnerImpl(org.summerb.security.elevation.impl.ElevationRunnerImpl)
Aggregations
User (org.summerb.users.api.dto.User)61
Test (org.junit.Test)33
UserNotFoundException (org.summerb.users.api.exceptions.UserNotFoundException)13
AuthToken (org.summerb.users.api.dto.AuthToken)11
UserServiceUnexpectedException (org.summerb.users.api.exceptions.UserServiceUnexpectedException)11
FieldValidationException (org.summerb.validation.FieldValidationException)11
Transactional (org.springframework.transaction.annotation.Transactional)8
Date (java.util.Date)4
PagerParams (org.summerb.easycrud.api.dto.PagerParams)4
DuplicateKeyException (org.springframework.dao.DuplicateKeyException)3
InvalidPasswordException (org.summerb.users.api.exceptions.InvalidPasswordException)3
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
GenericException (org.summerb.utils.exceptions.GenericException)2
ValidationContext (org.summerb.validation.ValidationContext)2
CacheBuilder (com.google.common.cache.CacheBuilder)1
EventBus (com.google.common.eventbus.EventBus)1
Locale (java.util.Locale)1
Secured (org.springframework.security.access.annotation.Secured)1
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1
