private void checkCorrectAuthLink(AuthenticationProvider authProvider, AuthenticationProviderModel providerModel, AuthenticationLinkModel authLinkModel, String username) throws AuthenticationProviderException { AuthUser authUser = authProvider.getUser(realm, providerModel.getConfig(), username); if (authUser == null) { throw new AuthenticationProviderException("User " + username + " not found in authentication provider " + providerModel.getProviderName()); } String userExternalId = authUser.getId(); if (!userExternalId.equals(authLinkModel.getAuthUserId())) { throw new AuthenticationProviderException("ID did not match! ID from provider: " + userExternalId + ", ID from authentication link: " + authLinkModel.getAuthUserId()); } } }
public AuthProviderStatus validatePassword(UserModel user, String password) { AuthenticationLinkModel authLink = user.getAuthenticationLink(); if (authLink == null) { // User not yet linked with any authenticationProvider. Find provider with biggest priority where he is and link AuthUser authUser = getUser(user.getLoginName()); authLink = new AuthenticationLinkModel(authUser.getProviderName(), authUser.getId()); user.setAuthenticationLink(authLink); logger.infof("User '%s' linked with provider '%s'", authUser.getUsername(), authUser.getProviderName()); } String providerName = authLink.getAuthProvider(); AuthenticationProviderModel providerModel = getConfiguredProviderModel(realm, providerName); AuthenticationProvider delegate = getProvider(providerName); if (delegate == null || providerModel == null) { return AuthProviderStatus.FAILED; } try { checkCorrectAuthLink(delegate, providerModel, authLink, user.getLoginName()); AuthProviderStatus currentResult = delegate.validatePassword(realm, providerModel.getConfig(), user.getLoginName(), password); logger.debugf("Authentication provider '%s' finished with '%s' for authentication of '%s'", delegate.getName(), currentResult.toString(), user.getLoginName()); return currentResult; } catch (AuthenticationProviderException ape) { logger.warn(ape.getMessage(), ape); return AuthProviderStatus.FAILED; } }
AuthenticationLinkModel authLinkModel = new AuthenticationLinkModel(); this.propertiesManager.setBasicPropertiesToModel(authLinkModel, authLinkEntity);
authLink = new AuthenticationLinkModel(providerModel.getProviderName(), authUser.getId()); user.setAuthenticationLink(authLink); logger.infof("User '%s' linked with provider '%s'", authUser.getUsername(), authUser.getProviderName()); authLink = new AuthenticationLinkModel(providerModel.getProviderName(), userIdInProvider); user.setAuthenticationLink(authLink); logger.infof("User '%s' registered in provider '%s' and linked", user.getLoginName(), providerModel.getProviderName()); String providerName = authLink.getAuthProvider();