@Override public User authenticate(Credentials credentials) throws JasDBStorageException { return credentialsProvider.getUser(credentials.getUsername(), credentials.getSourceHost(), credentials.getPassword()); }
@Override protected void authenticate(Credentials credentials) throws JasDBStorageException { if(credentials != null) { TokenConnector tokenConnector = RemoteConnectorFactory.createConnector(getNodeInformation(), TokenConnector.class); UserSession session = tokenConnector.loadSession(credentials.getUsername(), credentials.getPassword()); if(StringUtils.stringNotEmpty(session.getAccessToken()) && StringUtils.stringNotEmpty(session.getSessionId())) { context = new RemotingContext(true); context.setUserSession(session); LOG.debug("Token: {} session: {}", session.getAccessToken(), session.getSessionId()); } else { throw new JasDBSecurityException("Unable to obtain access token to service"); } } else { context = new RemotingContext(true); } }
@Override public UserSession startSession(Credentials credentials) throws JasDBStorageException { User user = userManager.authenticate(credentials); String sessionId = UUID.randomUUID().toString(); String token = UUID.randomUUID().toString(); CryptoEngine userEncryptionEngine = CryptoFactory.getEngine(user.getEncryptionEngine()); String encryptedContentKey = user.getEncryptedContentKey(); String contentKey = userEncryptionEngine.decrypt(user.getPasswordSalt(), credentials.getPassword(), encryptedContentKey); encryptedContentKey = userEncryptionEngine.encrypt(user.getPasswordSalt(), token, contentKey); UserSession session = new UserSessionImpl(sessionId, token, encryptedContentKey, user); userManager.authorize(session, "/", AccessMode.CONNECT); secureUserSessionMap.put(sessionId, new SecureUserSession(session)); return session; }