How to use

getUsername

method

in

de.otto.edison.authentication.Credentials

String userDnFrom(final Credentials credentials, String baseDN) {
  return format("%s=%s,%s", ldapProperties.getRdnIdentifier(), credentials.getUsername(), baseDN);
}

@Bean
@ConditionalOnMissingBean(UserProvider.class)
public UserProvider userProvider() {
  return () -> {
    final HttpServletRequest request = HttpServletRequestHolder.get();
    final Optional<Credentials> credentials = Credentials.readFrom(request);
    final boolean isAdmin = true; // "admin".equals(username);
    return new SimpleFeatureUser((credentials.isPresent() ? credentials.get().getUsername() : null), isAdmin);
  };
}

private Optional<HttpServletRequest> tryToGetAuthenticatedRequest(final HttpServletRequest request, final Credentials credentials) {
  try (final LDAPConnection ldap = ldapConnectionFactory.buildLdapConnection()) {
    for (String baseDN : ldapProperties.getBaseDn()) {
      final String userDN = userDnFrom(credentials, baseDN);
      try {
        if (authenticate(ldap, userDN, credentials.getPassword())) {
          return ldapProperties.getRoleBaseDn() != null
              ? Optional.of(new LdapRoleCheckingRequest(request, ldap, userDN, ldapProperties))
              : Optional.of(request);
        }
      } catch (LDAPBindException e) {
        LOG.debug("LDAPBindException for userDN: {}", userDN);
      }
    }
    LOG.warn("Could not bind to LDAP: {}", credentials.getUsername());
  } catch (LDAPException | GeneralSecurityException e) {
    LOG.warn("Authentication error: ", e);
  }
  return Optional.empty();
}

  @Test
  public void shouldReturnCorrectCredentialsIfPasswordContainsColons() {
    // given
    mockHttpServletRequestWithAuthentication("user:pass:word");

    // when
    final Optional<Credentials> credentials = Credentials.readFrom(httpServletRequest);

    // then
    assertThat(credentials.isPresent(), is(true));
    assertThat(credentials.get().getUsername(), is("user"));
    assertThat(credentials.get().getPassword(), is("pass:word"));
  }
}

@Test
public void shouldBeAbleToReadCredentialsFromRequest() {
  // given
  mockHttpServletRequestWithAuthentication("someUsername:somePassword");
  // when
  final Optional<Credentials> credentials = Credentials.readFrom(httpServletRequest);
  // then
  assertThat(credentials.isPresent(), is(true));
  assertThat(credentials.get().getUsername(), is("someUsername"));
  assertThat(credentials.get().getPassword(), is("somePassword"));
}