public UserDto authenticate(Credentials credentials, HttpServletRequest request, Method method) { try (DbSession dbSession = dbClient.openSession(false)) { return authenticate(dbSession, credentials, request, method); } }
private UserDto authenticate(HttpServletRequest request) { String login = request.getParameter("login"); String password = request.getParameter("password"); if (isEmpty(login) || isEmpty(password)) { throw AuthenticationException.newBuilder() .setSource(Source.local(Method.FORM)) .setLogin(login) .setMessage("Empty login and/or password") .build(); } return credentialsAuthentication.authenticate(new Credentials(login, password), request, Method.FORM); }
private UserDto executeAuthenticate(AuthenticationEvent.Method method) { return underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, method); }
@Test public void authenticate_from_basic_http_header() { when(request.getHeader("Authorization")).thenReturn("Basic " + CREDENTIALS_IN_BASE64); Credentials credentials = new Credentials(A_LOGIN, A_PASSWORD); when(credentialsAuthentication.authenticate(credentials, request, BASIC)).thenReturn(USER); underTest.authenticate(request); verify(credentialsAuthentication).authenticate(credentials, request, BASIC); verifyNoMoreInteractions(authenticationEvent); }
@Test public void authenticate_from_basic_http_header_with_password_containing_semi_colon() { String password = "!ascii-only:-)@"; when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(A_LOGIN + ":" + password)); when(credentialsAuthentication.authenticate(new Credentials(A_LOGIN, password), request, BASIC)).thenReturn(USER); underTest.authenticate(request); verify(credentialsAuthentication).authenticate(new Credentials(A_LOGIN, password), request, BASIC); verifyNoMoreInteractions(authenticationEvent); }
private UserDto authenticate(Credentials credentials, HttpServletRequest request) { if (!credentials.getPassword().isPresent()) { UserDto userDto = authenticateFromUserToken(credentials.getLogin()); authenticationEvent.loginSuccess(request, userDto.getLogin(), Source.local(Method.BASIC_TOKEN)); return userDto; } return credentialsAuthentication.authenticate(credentials, request, Method.BASIC); }
@Test public void do_authenticate() throws Exception { when(credentialsAuthentication.authenticate(new Credentials(LOGIN, PASSWORD), request, FORM)).thenReturn(user); executeRequest(LOGIN, PASSWORD); assertThat(threadLocalUserSession.isLoggedIn()).isTrue(); verify(credentialsAuthentication).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM); verify(jwtHttpHandler).generateToken(user, request, response); verifyZeroInteractions(chain); verifyZeroInteractions(authenticationEvent); }
@Test public void return_authorized_code_when_unauthorized_exception_is_thrown() throws Exception { doThrow(new UnauthorizedException("error !")).when(credentialsAuthentication).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM); executeRequest(LOGIN, PASSWORD); verify(response).setStatus(401); assertThat(threadLocalUserSession.hasSession()).isFalse(); verifyZeroInteractions(authenticationEvent); }