private boolean authorize(String username) throws AuthenticationMechanismException { AuthorizeCallback authorizeCallback = new AuthorizeCallback(username, username); try { callbackHandler.handle(new Callback[] {authorizeCallback}); return authorizeCallback.isAuthorized(); } catch (UnsupportedCallbackException e) { return false; } catch (Throwable t) { throw httpDigest.mechCallbackHandlerFailedForUnknownReason(t); } }
PasswordCallback pc = new PasswordCallback("SASL PLAIN", false); pc.setPassword(parts[2].toCharArray()); AuthorizeCallback ac = new AuthorizeCallback(parts[1], parts[0]); cbh.handle(new Callback[]{ nc, pc, ac }); if (ac.isAuthorized()) {
PasswordCallback passwordCallback = new PasswordCallback("Password", false); passwordCallback.setPassword(passwd.toCharArray()); AuthorizeCallback authCallback = new AuthorizeCallback(authenticationId, authorizationId);
protected boolean authorize(String username) throws HttpAuthenticationException { httpUserPass.debugf("Username authorization. Username: [%s].", username); AuthorizeCallback authorizeCallback = new AuthorizeCallback(username, username); try { callbackHandler.handle(new Callback[] {authorizeCallback}); return authorizeCallback.isAuthorized(); } catch (UnsupportedCallbackException e) { return false; } catch (IOException e) { throw new HttpAuthenticationException(e); } }
PasswordCallback pc = new PasswordCallback("SASL PLAIN", false); pc.setPassword(parts[2].toCharArray()); AuthorizeCallback ac = new AuthorizeCallback(parts[1], parts[0]); cbh.handle(new Callback[]{nc, pc, ac}); if (ac.isAuthorized()) {
/** * Tests that the authentication callbacks matches. */ @Test public void authenticateNameMatch() throws Exception { String authenticateId = "alluxio-1"; NameCallback ncb = new NameCallback(" authentication id: "); ncb.setName(authenticateId); PasswordCallback pcb = new PasswordCallback(" password: ", false); pcb.setPassword("password".toCharArray()); Callback[] callbacks = new Callback[] {ncb, pcb, new AuthorizeCallback(authenticateId, authenticateId)}; mPlainServerCBHandler.handle(callbacks); }
PasswordCallback pcCallback = new PasswordCallback("Password", false); pcCallback.setPassword(passwd.toCharArray()); AuthorizeCallback acCallback = new AuthorizeCallback(user, authzId);
/** * Tests that the incorrect password should fail the authentication. */ @Test public void authenticateCorrectPassword() throws Exception { mThrown.expect(AuthenticationException.class); mThrown.expectMessage("Wrong password"); String authenticateId = "alluxio-1"; NameCallback ncb = new NameCallback(" authentication id: "); ncb.setName(authenticateId); PasswordCallback pcb = new PasswordCallback(" password: ", false); pcb.setPassword("not-password".toCharArray()); Callback[] callbacks = new Callback[] {ncb, pcb, new AuthorizeCallback(authenticateId, authenticateId)}; mPlainServerCBHandler.handle(callbacks); }
/** * Tests that the authentication callbacks do not match. */ @Test public void authenticateNameNotMatch() throws Exception { mThrown.expect(AuthenticationException.class); mThrown.expectMessage("Only allow the user starting with alluxio"); String authenticateId = "not-alluxio-1"; NameCallback ncb = new NameCallback(" authentication id: "); ncb.setName(authenticateId); PasswordCallback pcb = new PasswordCallback(" password: ", false); pcb.setPassword("password".toCharArray()); Callback[] callbacks = new Callback[] {ncb, pcb, new AuthorizeCallback(authenticateId, authenticateId)}; mPlainServerCBHandler.handle(callbacks); }
AuthorizeCallback acb = new AuthorizeCallback(principal,username); cbh.handle(new Callback[]{acb}); if(acb.isAuthorized()) {
final AuthorizeCallback authorizeCallback = new AuthorizeCallback(username, authzid); try { tryHandleCallbacks(authorizeCallback);
public byte[] evaluateResponse(final byte[] response) throws SaslException { if (complete) { throw saslExternal.mechMessageAfterComplete().toSaslException(); } complete = true; String authorizationId; if (response.length == 0) { authorizationId = null; } else { authorizationId = Normalizer.normalize(new String(response, StandardCharsets.UTF_8), Normalizer.Form.NFKC); if (authorizationId.indexOf(0) != -1) { throw saslExternal.mechUserNameContainsInvalidCharacter().toSaslException(); } } final AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, authorizationId); try { cbh.handle(Arrays2.of(authorizeCallback)); } catch (SaslException e) { throw e; } catch (IOException e) { throw saslExternal.mechAuthorizationFailed(e).toSaslException(); } catch (UnsupportedCallbackException e) { throw saslExternal.mechAuthorizationFailed(e).toSaslException(); } if (!authorizeCallback.isAuthorized()) { throw saslExternal.mechAuthorizationFailed(null, authorizationId).toSaslException(); } this.authorizationID = authorizeCallback.getAuthorizedID(); return null; }
private void checkAuthorizationID() throws SaslException { final String authenticationID; try { authenticationID = gssContext.getSrcName().toString(); } catch (GSSException e) { throw saslGs2.mechUnableToDeterminePeerName(e).toSaslException(); } saslGs2.tracef("checking if [%s] is authorized to act as [%s]...", authenticationID, authorizationID); if (authorizationID == null || authorizationID.isEmpty()) { authorizationID = authenticationID; } AuthorizeCallback authorizeCallback = new AuthorizeCallback(authenticationID, authorizationID); handleCallbacks(authorizeCallback); if (! authorizeCallback.isAuthorized()) { throw saslGs2.mechAuthorizationFailed(authenticationID, authorizationID).toSaslException(); } saslGs2.trace("authorization id check successful"); }
final AuthorizeCallback authorizeCallback = new AuthorizeCallback(authenticationId, authorizationId); if (authenticationRealm == null) { handleCallbacks(nameCallback, authorizeCallback);
AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null);
@Override public void evaluateRequest(HttpServerRequest request) throws HttpAuthenticationException { List<String> authorizationValues = request.getRequestHeaderValues(HttpConstants.AUTHORIZATION); if (authorizationValues != null) { Matcher matcher; for (String current : authorizationValues) { if ((matcher = BEARER_TOKEN_PATTERN.matcher(current)).matches()) { BearerTokenEvidence tokenEvidence = new BearerTokenEvidence(matcher.group(1)); EvidenceVerifyCallback verifyCallback = new EvidenceVerifyCallback(tokenEvidence); handleCallback(verifyCallback); if (verifyCallback.isVerified()) { AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null); handleCallback(authorizeCallback); if (authorizeCallback.isAuthorized()) { httpBearer.debugf("Token authentication successful."); handleCallback(new IdentityCredentialCallback(new BearerTokenCredential(tokenEvidence.getToken()), true)); handleCallback(AuthenticationCompleteCallback.SUCCEEDED); request.authenticationComplete(); return; } } httpBearer.debugf("Token authentication failed."); request.authenticationFailed("Invalid bearer token", response -> response.setStatusCode(FORBIDDEN)); return; } } } request.noAuthenticationInProgress(this::unauthorizedResponse); }
authorizationID = new String(bsb.toArray(), StandardCharsets.UTF_8); final AuthorizeCallback authorizeCallback = new AuthorizeCallback(userName, authorizationID); try { MechanismUtil.handleCallbacks(saslScram, callbackHandler, authorizeCallback);
AuthorizeCallback acb = new AuthorizeCallback(loginName, authorizationId); try { callbackHandler.handle(new Callback[] { acb });
} else { String name = evidence.getPrincipal().getName(); AuthorizeCallback plainCallback = new AuthorizeCallback(name, name); authorizedFunction = plainCallback::isAuthorized; authorizeCallBack = plainCallback;
authorizeCallBack = cacheCallback; } else { AuthorizeCallback plainCallback = new AuthorizeCallback(clientName, clientName); authorizedFunction = plainCallback::isAuthorized; authorizeCallBack = plainCallback;