/** * Returns the user identifier. * * @param request * The request to inspect. * @param response * The response to inspect. * @return The user identifier. */ protected String getIdentifier(Request request, Response response) { return request.getChallengeResponse().getIdentifier(); }
/** * Returns the authentication response sent by a client to an origin server. * * @return The authentication response sent by a client to an origin server. */ @Override public ChallengeResponse getChallengeResponse() { return getWrappedRequest().getChallengeResponse(); }
/** * Returns the secret provided by the user. * * @param request * The request to inspect. * @param response * The response to inspect. * @return The secret provided by the user. */ protected char[] getSecret(Request request, Response response) { return request.getChallengeResponse().getSecret(); }
/** * Returns a <code>java.security.Principal</code> object containing the name * of the current authenticated user. If the user has not been * authenticated, the method returns null. * * @return a <code>java.security.Principal</code> containing the name of the * user making this request; null if the user has not been * authenticated * @see SecurityContext#getUserPrincipal() */ public Principal getUserPrincipal() { Principal foundPrincipal = (request.getChallengeResponse() == null) ? null : request.getChallengeResponse().getPrincipal(); if (foundPrincipal != null) return foundPrincipal; return SecurityUtil.getSslClientCertPrincipal(this.request); }
/** * Returns the authentication response sent by a client to an origin server. * * @return The authentication response sent by a client to an origin server. * @see Request#getChallengeResponse() */ public ChallengeResponse getChallengeResponse() { return getRequest() == null ? null : getRequest() .getChallengeResponse(); }
/** * Returns the request URI. * * @param resourceRef * The resource reference. * @param request * The parent request. * @return The absolute request URI. */ public static Reference update(Reference resourceRef, Request request) { Reference result = resourceRef.isAbsolute() ? resourceRef : resourceRef.getTargetRef(); // Optionally update the request before formatting its URI result = AuthenticatorUtils.updateReference(result, request.getChallengeResponse(), request); return result; }
/** * Invoked upon failed authentication. By default, it updates the request's * clientInfo and challengeResponse "authenticated" properties, and returns * {@link Filter#STOP}. * * @param request * The request sent. * @param response * The response to update. * @return The filter continuation code. */ protected int unauthenticated(Request request, Response response) { boolean loggable = request.isLoggable() && getLogger().isLoggable(Level.FINE); if (request.getChallengeResponse() != null && loggable) { getLogger().log( Level.FINE, "The authentication failed for the identifer \"" + request.getChallengeResponse().getIdentifier() + "\" using the " + request.getChallengeResponse().getScheme() + " scheme."); } // Update the client info accordingly if (request.getClientInfo() != null) { request.getClientInfo().setAuthenticated(false); } // Stop the filtering chain return STOP; }
&& getLogger().isLoggable(Level.FINE); if (loggable && request.getChallengeResponse() != null) { getLogger().log( Level.FINE, "The authentication succeeded for the identifer \"" + request.getChallengeResponse().getIdentifier() + "\" using the " + request.getChallengeResponse().getScheme() + " scheme.");
credentialsCookie.setValue(this.formatCredentials(request.getChallengeResponse())); credentialsCookie.setMaxAge(this.getMaxCookieAge()); .getChallengeResponse().getIdentifier(), request.getChallengeResponse().getScheme());
String userInfo = null; if ((request.getChallengeResponse() != null) && ChallengeScheme.FTP_PLAIN.equals(request .getChallengeResponse().getScheme()) && (request.getChallengeResponse().getIdentifier() != null)) { userInfo = request.getChallengeResponse() .getIdentifier(); if (request.getChallengeResponse().getSecret() != null) { userInfo += ":" + new String(request.getChallengeResponse() .getSecret());
String userInfo = null; if ((request.getChallengeResponse() != null) && ChallengeScheme.FTP_PLAIN.equals(request .getChallengeResponse().getScheme()) && (request.getChallengeResponse().getIdentifier() != null)) { userInfo = request.getChallengeResponse() .getIdentifier(); if (request.getChallengeResponse().getSecret() != null) { userInfo += ":" + new String(request.getChallengeResponse() .getSecret());
String userInfo = null; if ((request.getChallengeResponse() != null) && ChallengeScheme.FTP_PLAIN.equals(request .getChallengeResponse().getScheme()) && (request.getChallengeResponse().getIdentifier() != null)) { userInfo = request.getChallengeResponse() .getIdentifier(); if (request.getChallengeResponse().getSecret() != null) { userInfo += ":" + new String(request.getChallengeResponse() .getSecret());
@Override protected void afterHandle(Request request, Response response) { super.afterHandle(request, response); Cookie cookie = request.getCookies().getFirst("Credentials"); if (request.getClientInfo().isAuthenticated() && (cookie == null)) { String identifier = request.getChallengeResponse().getIdentifier(); String secret = new String(request.getChallengeResponse() .getSecret()); CookieSetting cookieSetting = new CookieSetting("Credentials", identifier + "=" + secret); cookieSetting.setAccessRestricted(true); cookieSetting.setPath("/"); cookieSetting.setComment("Unsecured cookie based authentication"); cookieSetting.setMaxAge(30); response.getCookieSettings().add(cookieSetting); } }
@Override protected void afterHandle(Request request, Response response) { super.afterHandle(request, response); Cookie cookie = request.getCookies().getFirst("Credentials"); if (request.getClientInfo().isAuthenticated() && (cookie == null)) { String identifier = request.getChallengeResponse().getIdentifier(); String secret = new String(request.getChallengeResponse() .getSecret()); CookieSetting cookieSetting = new CookieSetting("Credentials", identifier + "=" + secret); cookieSetting.setAccessRestricted(true); cookieSetting.setPath("/"); cookieSetting.setComment("Unsecured cookie based authentication"); cookieSetting.setMaxAge(30); response.getCookieSettings().add(cookieSetting); } }
@Override public ChallengeResponse getChallengeResponse() { ChallengeResponse result = super.getChallengeResponse(); if (!this.securityAdded) { // Extract the header value String authorization = getHttpCall().getRequestHeaders().getValues( HeaderConstants.HEADER_AUTHORIZATION); // Set the challenge response result = AuthenticatorUtils.parseResponse(this, authorization, getHttpCall().getRequestHeaders()); setChallengeResponse(result); this.securityAdded = true; } return result; }
/** * Verifies that the proposed secret is correct for the specified request. * By default, it compares the inputSecret of the request's authentication * response with the one obtain by the {@link ChallengeResponse#getSecret()} * method and sets the {@link org.restlet.security.User} instance of the * request's {@link ClientInfo} if successful. * * @param request * The request to inspect. * @param response * The response to inspect. * @return Result of the verification based on the RESULT_* constants. */ public int verify(Request request, Response response) { int result = RESULT_VALID; if (request.getChallengeResponse() == null) { result = RESULT_MISSING; } else { String identifier = getIdentifier(request, response); char[] secret = getSecret(request, response); result = verify(identifier, secret); if (result == RESULT_VALID) { request.getClientInfo().setUser( createUser(identifier, request, response)); } } return result; }
@Override public int verify(Request request, Response response) { final String token; try { ChallengeResponse cr = request.getChallengeResponse(); if (cr == null) { return RESULT_MISSING; } else if (ChallengeScheme.HTTP_OAUTH_BEARER.equals(cr.getScheme())) { final String bearer = cr.getRawValue(); if (bearer == null || bearer.isEmpty()) { return RESULT_MISSING; } token = bearer; } else { return RESULT_UNSUPPORTED; } } catch (Exception ex) { return RESULT_INVALID; } Try<User> user = accessTokenVerificationCommandFactory.createVerificationCommand(token).executeCommand(); return user.map(u -> { org.restlet.security.User restletUser = createRestletUser(u); request.getClientInfo().setUser(restletUser); request.getAttributes().put("token", token); return RESULT_VALID; }).orElse(RESULT_INVALID); }
@SubResource public void administration() { ChallengeResponse challenge = Request.getCurrent().getChallengeResponse(); if( challenge == null ) { Response.getCurrent() .setChallengeRequests( Collections.singletonList( new ChallengeRequest( ChallengeScheme.HTTP_BASIC, "Forum" ) ) ); throw new ResourceException( Status.CLIENT_ERROR_UNAUTHORIZED ); } User user = select( Users.class, Users.USERS_ID ).userNamed( challenge.getIdentifier() ); if( user == null || !user.isCorrectPassword( new String( challenge.getSecret() ) ) ) { throw new ResourceException( Status.CLIENT_ERROR_UNAUTHORIZED ); } current().select( user ); subResource( AdministrationResource.class ); }
return SecurityContext.CLIENT_CERT_AUTH; ChallengeResponse challengeResponse = request.getChallengeResponse(); if (challengeResponse == null) { return null;
public int verify(Request request, Response response) { final String clientId; final char[] clientSecret; ChallengeResponse cr = request.getChallengeResponse(); if (cr == null) { if (!isAcceptBodyMethod()) {