Example 1 with AuthenticationException
use of run.halo.app.exception.AuthenticationException in project halo by ruibaby.
the class ContentAuthenticationManager method authenticateCategory.
private CategoryAuthentication authenticateCategory(ContentAuthenticationRequest authRequest) {
Category category = categoryService.getById(authRequest.getId());
if (category.getPassword() == null) {
String parentPassword = categoryService.lookupFirstEncryptedBy(category.getId()).map(Category::getPassword).orElse(null);
if (parentPassword == null) {
return categoryAuthentication;
}
category.setPassword(parentPassword);
}
if (StringUtils.equals(category.getPassword(), authRequest.getPassword())) {
categoryAuthentication.setAuthenticated(category.getId(), true);
return categoryAuthentication;
}
// Finds the first encrypted parent category to authenticate
Category parentCategory = categoryService.lookupFirstEncryptedBy(authRequest.getId()).orElseThrow(() -> new AuthenticationException("密码不正确"));
if (!Objects.equals(parentCategory.getPassword(), authRequest.getPassword())) {
throw new AuthenticationException("密码不正确");
}
categoryAuthentication.setAuthenticated(category.getId(), true);
return categoryAuthentication;
}
Also used :
Category(run.halo.app.model.entity.Category)
AuthenticationException(run.halo.app.exception.AuthenticationException)
Example 2 with AuthenticationException
use of run.halo.app.exception.AuthenticationException in project halo by ruibaby.
the class ContentContentController method authenticateCategory.
private String authenticateCategory(String slug, String type, String password, HttpServletRequest request) {
ContentAuthenticationRequest authRequest = new ContentAuthenticationRequest();
authRequest.setPassword(password);
Category category = categoryService.getBySlugOfNonNull(slug);
authRequest.setId(category.getId());
authRequest.setPrincipal(EncryptTypeEnum.CATEGORY.getName());
try {
providerManager.authenticate(authRequest);
CategoryDTO categoryDto = categoryService.convertTo(category);
return "redirect:" + buildRedirectUrl(categoryDto.getFullPath());
} catch (AuthenticationException e) {
request.setAttribute("errorMsg", e.getMessage());
request.setAttribute("type", type);
request.setAttribute("slug", slug);
return getPasswordPageUriToForward();
}
}
Also used :
CategoryDTO(run.halo.app.model.dto.CategoryDTO)
Category(run.halo.app.model.entity.Category)
AuthenticationException(run.halo.app.exception.AuthenticationException)
ContentAuthenticationRequest(run.halo.app.controller.content.auth.ContentAuthenticationRequest)
Example 3 with AuthenticationException
use of run.halo.app.exception.AuthenticationException in project halo by ruibaby.
the class ContentContentController method authenticatePost.
private String authenticatePost(String slug, String type, String password, HttpServletRequest request) {
ContentAuthenticationRequest authRequest = new ContentAuthenticationRequest();
authRequest.setPassword(password);
Post post = postService.getBy(PostStatus.INTIMATE, slug);
authRequest.setId(post.getId());
authRequest.setPrincipal(EncryptTypeEnum.POST.getName());
try {
providerManager.authenticate(authRequest);
BasePostMinimalDTO basePostMinimal = postRenderAssembler.convertToMinimal(post);
return "redirect:" + buildRedirectUrl(basePostMinimal.getFullPath());
} catch (AuthenticationException e) {
request.setAttribute("errorMsg", e.getMessage());
request.setAttribute("type", type);
request.setAttribute("slug", slug);
return getPasswordPageUriToForward();
}
}
Also used :
BasePostMinimalDTO(run.halo.app.model.dto.post.BasePostMinimalDTO)
AuthenticationException(run.halo.app.exception.AuthenticationException)
Post(run.halo.app.model.entity.Post)
ContentAuthenticationRequest(run.halo.app.controller.content.auth.ContentAuthenticationRequest)
Example 4 with AuthenticationException
use of run.halo.app.exception.AuthenticationException in project halo by halo-dev.
the class ApiAuthenticationFilter method doAuthenticate.
@Override
protected void doAuthenticate(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
if (!haloProperties.isAuthEnabled()) {
filterChain.doFilter(request, response);
return;
}
// Get api_enable from option
Boolean apiEnabled = optionService.getByPropertyOrDefault(ApiProperties.API_ENABLED, Boolean.class, false);
if (!apiEnabled) {
throw new ForbiddenException("API has been disabled by blogger currently");
}
// Get access key
String accessKey = getTokenFromRequest(request);
if (StringUtils.isBlank(accessKey)) {
// If the access key is missing
throw new AuthenticationException("Missing API access key");
}
// Get access key from option
Optional<String> optionalAccessKey = optionService.getByProperty(ApiProperties.API_ACCESS_KEY, String.class);
if (optionalAccessKey.isEmpty()) {
// If the access key is not set
throw new AuthenticationException("API access key hasn't been set by blogger");
}
if (!StringUtils.equals(accessKey, optionalAccessKey.get())) {
// If the access key is mismatch
throw new AuthenticationException("API access key is mismatch").setErrorData(accessKey);
}
// Do filter
filterChain.doFilter(request, response);
}
Also used :
ForbiddenException(run.halo.app.exception.ForbiddenException)
AuthenticationException(run.halo.app.exception.AuthenticationException)
Example 5 with AuthenticationException
use of run.halo.app.exception.AuthenticationException in project halo by halo-dev.
the class ContentContentController method authenticatePost.
private String authenticatePost(String slug, String type, String password, HttpServletRequest request) {
ContentAuthenticationRequest authRequest = new ContentAuthenticationRequest();
authRequest.setPassword(password);
Post post = postService.getBy(PostStatus.INTIMATE, slug);
post.setSlug(URLEncoder.encode(post.getSlug(), StandardCharsets.UTF_8));
authRequest.setId(post.getId());
authRequest.setPrincipal(EncryptTypeEnum.POST.getName());
try {
providerManager.authenticate(authRequest);
BasePostMinimalDTO basePostMinimal = postRenderAssembler.convertToMinimal(post);
return "redirect:" + buildRedirectUrl(basePostMinimal.getFullPath());
} catch (AuthenticationException e) {
request.setAttribute("errorMsg", e.getMessage());
request.setAttribute("type", type);
request.setAttribute("slug", slug);
return getPasswordPageUriToForward();
}
}
Also used :
BasePostMinimalDTO(run.halo.app.model.dto.post.BasePostMinimalDTO)
AuthenticationException(run.halo.app.exception.AuthenticationException)
Post(run.halo.app.model.entity.Post)
ContentAuthenticationRequest(run.halo.app.controller.content.auth.ContentAuthenticationRequest)
Aggregations
AuthenticationException (run.halo.app.exception.AuthenticationException)15
UserDetail (run.halo.app.security.support.UserDetail)6
ContentAuthenticationRequest (run.halo.app.controller.content.auth.ContentAuthenticationRequest)4
Category (run.halo.app.model.entity.Category)4
Nullable (org.springframework.lang.Nullable)3
ForbiddenException (run.halo.app.exception.ForbiddenException)3
User (run.halo.app.model.entity.User)3
Authentication (run.halo.app.security.authentication.Authentication)3
AuthenticationImpl (run.halo.app.security.authentication.AuthenticationImpl)3
SecurityContextImpl (run.halo.app.security.context.SecurityContextImpl)3
CategoryDTO (run.halo.app.model.dto.CategoryDTO)2
BasePostMinimalDTO (run.halo.app.model.dto.post.BasePostMinimalDTO)2
Post (run.halo.app.model.entity.Post)2
