Search in sources :

Example 1 with RawAccessJwtToken

use of org.thingsboard.server.service.security.model.token.RawAccessJwtToken in project thingsboard by thingsboard.

the class RefreshTokenAuthenticationProvider method authenticate.

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    Assert.notNull(authentication, "No authentication data provided");
    RawAccessJwtToken rawAccessToken = (RawAccessJwtToken) authentication.getCredentials();
    SecurityUser unsafeUser = tokenFactory.parseRefreshToken(rawAccessToken);
    UserPrincipal principal = unsafeUser.getUserPrincipal();
    SecurityUser securityUser;
    if (principal.getType() == UserPrincipal.Type.USER_NAME) {
        securityUser = authenticateByUserId(unsafeUser.getId());
    } else {
        securityUser = authenticateByPublicId(principal.getValue());
    }
    return new RefreshAuthenticationToken(securityUser);
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) RefreshAuthenticationToken(org.thingsboard.server.service.security.auth.RefreshAuthenticationToken) RawAccessJwtToken(org.thingsboard.server.service.security.model.token.RawAccessJwtToken) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal)

Example 2 with RawAccessJwtToken

use of org.thingsboard.server.service.security.model.token.RawAccessJwtToken in project thingsboard by thingsboard.

the class JwtAuthenticationProvider method authenticate.

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    RawAccessJwtToken rawAccessToken = (RawAccessJwtToken) authentication.getCredentials();
    SecurityUser securityUser = tokenFactory.parseAccessJwtToken(rawAccessToken);
    return new JwtAuthenticationToken(securityUser);
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) JwtAuthenticationToken(org.thingsboard.server.service.security.auth.JwtAuthenticationToken) RawAccessJwtToken(org.thingsboard.server.service.security.model.token.RawAccessJwtToken)

Example 3 with RawAccessJwtToken

use of org.thingsboard.server.service.security.model.token.RawAccessJwtToken in project thingsboard by thingsboard.

the class RefreshTokenProcessingFilter method attemptAuthentication.

@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
    if (!HttpMethod.POST.name().equals(request.getMethod())) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication method not supported. Request method: " + request.getMethod());
        }
        throw new AuthMethodNotSupportedException("Authentication method not supported");
    }
    RefreshTokenRequest refreshTokenRequest;
    try {
        refreshTokenRequest = objectMapper.readValue(request.getReader(), RefreshTokenRequest.class);
    } catch (Exception e) {
        throw new AuthenticationServiceException("Invalid refresh token request payload");
    }
    if (StringUtils.isBlank(refreshTokenRequest.getRefreshToken())) {
        throw new AuthenticationServiceException("Refresh token is not provided");
    }
    RawAccessJwtToken token = new RawAccessJwtToken(refreshTokenRequest.getRefreshToken());
    return this.getAuthenticationManager().authenticate(new RefreshAuthenticationToken(token));
}
Also used : AuthMethodNotSupportedException(org.thingsboard.server.service.security.exception.AuthMethodNotSupportedException) RefreshAuthenticationToken(org.thingsboard.server.service.security.auth.RefreshAuthenticationToken) RawAccessJwtToken(org.thingsboard.server.service.security.model.token.RawAccessJwtToken) ServletException(javax.servlet.ServletException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) IOException(java.io.IOException) AuthMethodNotSupportedException(org.thingsboard.server.service.security.exception.AuthMethodNotSupportedException) AuthenticationException(org.springframework.security.core.AuthenticationException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)

Aggregations

RawAccessJwtToken (org.thingsboard.server.service.security.model.token.RawAccessJwtToken)3 RefreshAuthenticationToken (org.thingsboard.server.service.security.auth.RefreshAuthenticationToken)2 SecurityUser (org.thingsboard.server.service.security.model.SecurityUser)2 IOException (java.io.IOException)1 ServletException (javax.servlet.ServletException)1 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1 JwtAuthenticationToken (org.thingsboard.server.service.security.auth.JwtAuthenticationToken)1 AuthMethodNotSupportedException (org.thingsboard.server.service.security.exception.AuthMethodNotSupportedException)1 UserPrincipal (org.thingsboard.server.service.security.model.UserPrincipal)1