/** * @see org.springframework.ldap.core.AuthenticationSource#getCredentials() */ public String getCredentials() { Authentication authentication = SecurityContextHolder.getContext() .getAuthentication(); if (authentication == null) { log.warn("No Authentication object set in SecurityContext - returning empty String as Credentials"); return ""; } return (String) authentication.getCredentials(); } }
public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = authentication.getPrincipal().toString(); Object credentials = authentication.getCredentials(); String password = credentials == null ? null : credentials.toString(); Collection<? extends GrantedAuthority> authorities = remoteAuthenticationManager .attemptAuthentication(username, password); return new UsernamePasswordAuthenticationToken(username, password, authorities); }
public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = authentication.getPrincipal().toString(); Object credentials = authentication.getCredentials(); String password = credentials == null ? null : credentials.toString(); Collection<? extends GrantedAuthority> authorities = remoteAuthenticationManager .attemptAuthentication(username, password); return new UsernamePasswordAuthenticationToken(username, password, authorities); }
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = (String) authentication.getPrincipal(); String password = (String) authentication.getCredentials(); UserDetails userDetails = userDetailsService.loadUserByUsername(username); if (!password.equals(userDetails.getPassword())) { return new UsernamePasswordAuthenticationToken(username, null, null); } return null; }
@GetMapping("/password") public String password(@AuthenticationPrincipal Authentication authentication) { return (String) authentication.getCredentials(); }
private CasAuthenticationToken authenticateNow(final Authentication authentication) throws AuthenticationException { try { final Assertion assertion = this.ticketValidator.validate(authentication .getCredentials().toString(), getServiceUrl(authentication)); final UserDetails userDetails = loadUserByAssertion(assertion); userDetailsChecker.check(userDetails); return new CasAuthenticationToken(this.key, userDetails, authentication.getCredentials(), authoritiesMapper.mapAuthorities(userDetails.getAuthorities()), userDetails, assertion); } catch (final TicketValidationException e) { throw new BadCredentialsException(e.getMessage(), e); } }
@Override protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(user.getPassword()); if (upgradeEncoding) { String presentedPassword = authentication.getCredentials().toString(); String newPassword = this.passwordEncoder.encode(presentedPassword); user = this.userDetailsPasswordService.updatePassword(user, newPassword); } return super.createSuccessAuthentication(principal, authentication, user); }
@Test public void securityContextDeserializeTest() throws IOException { SecurityContext context = mapper.readValue(SECURITY_CONTEXT_JSON, SecurityContextImpl.class); assertThat(context).isNotNull(); assertThat(context.getAuthentication()).isNotNull().isInstanceOf(UsernamePasswordAuthenticationToken.class); assertThat(context.getAuthentication().getPrincipal()).isEqualTo("admin"); assertThat(context.getAuthentication().getCredentials()).isEqualTo("1234"); assertThat(context.getAuthentication().isAuthenticated()).isTrue(); Collection authorities = context.getAuthentication().getAuthorities(); assertThat(authorities).hasSize(1); assertThat(authorities).contains(new SimpleGrantedAuthority("ROLE_USER")); } }
@Test public void authenticateSuccess() throws Exception { Authentication auth = provider.authenticate(token); assertThat(auth.getPrincipal()).isEqualTo(token.getPrincipal()); assertThat(auth.getCredentials()).isEqualTo(token.getCredentials()); assertThat(auth.isAuthenticated()).isEqualTo(true); assertThat(auth.getAuthorities().isEmpty()).isEqualTo(false); verify(publisher).publishEvent(isA(JaasAuthenticationSuccessEvent.class)); verifyNoMoreInteractions(publisher); }
@Override protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(user.getPassword()); if (upgradeEncoding) { String presentedPassword = authentication.getCredentials().toString(); String newPassword = this.passwordEncoder.encode(presentedPassword); user = this.userDetailsPasswordService.updatePassword(user, newPassword); } return super.createSuccessAuthentication(principal, authentication, user); }
public Authentication authenticate(Authentication authentication) { return new TestingAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), AuthorityUtils.createAuthorityList("ROLE_USER")); } }
@Test public void credentialsAreClearedByDefault() throws Exception { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( "Test", "Password"); ProviderManager mgr = makeProviderManager(); Authentication result = mgr.authenticate(token); assertThat(result.getCredentials()).isNull(); mgr.setEraseCredentialsAfterAuthentication(false); token = new UsernamePasswordAuthenticationToken("Test", "Password"); result = mgr.authenticate(token); assertThat(result.getCredentials()).isNotNull(); }
public Authentication authenticate(Authentication authentication) throws AuthenticationException { Object principal = authentication.getPrincipal(); String username = String.valueOf(principal); User user = myUserRepository.findByUsername(username); if (user == null) { throw new UsernameNotFoundException("No user for principal " + principal); } if (!authentication.getCredentials().equals(user.getPassword())) { throw new BadCredentialsException("Invalid password"); } return new TestingAuthenticationToken(principal, null, "ROLE_USER"); } };
@Test public void testSuccessfulAuthenticationCreatesObject() { RemoteAuthenticationProvider provider = new RemoteAuthenticationProvider(); provider.setRemoteAuthenticationManager( new MockRemoteAuthenticationManager(true)); Authentication result = provider .authenticate(new UsernamePasswordAuthenticationToken("rod", "password")); assertThat(result.getPrincipal()).isEqualTo("rod"); assertThat(result.getCredentials()).isEqualTo("password"); assertThat(AuthorityUtils.authorityListToSet(result.getAuthorities())).contains("foo"); }
@Test public void createNewAuthenticationUsesNullPasswordToKeepPassordsSave() { insertJoe(); UsernamePasswordAuthenticationToken currentAuth = new UsernamePasswordAuthenticationToken( "joe", null, AuthorityUtils.createAuthorityList("ROLE_USER")); Authentication updatedAuth = manager.createNewAuthentication(currentAuth, "new"); assertThat(updatedAuth.getCredentials()).isNull(); }
@Test public void detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider() throws Exception { Object details = new Object(); ProviderManager authMgr = makeProviderManager(); TestingAuthenticationToken request = createAuthenticationToken(); request.setDetails(details); Authentication result = authMgr.authenticate(request); assertThat(result.getCredentials()).isNotNull(); assertThat(result.getDetails()).isSameAs(details); }
@Test public void authenticationMangerWhenEraseCredentialsIsFalseThenCredentialsNotNull() throws Exception { this.spring.register(EraseCredentialsFalseConfig.class).autowire(); this.mockMvc.perform(formLogin()) .andExpect(authenticated().withAuthentication(a-> assertThat(a.getCredentials()).isNotNull())); this.mockMvc.perform(formLogin()) .andExpect(authenticated().withAuthentication(a-> assertThat(a.getCredentials()).isNotNull())); // no exception due to username being cleared out }
@Test public void passwordIsSetFromUserDataIfUseAuthenticationRequestCredentialsIsFalse() { LdapAuthenticationProvider ldapProvider = new LdapAuthenticationProvider( new MockAuthenticator(), new MockAuthoritiesPopulator()); ldapProvider.setUseAuthenticationRequestCredentials(false); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( "ben", "benspassword"); Authentication authResult = ldapProvider.authenticate(authRequest); assertThat(authResult.getCredentials()).isEqualTo("{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ="); }
@Test // SEC-2533 public void authenticationManagerWhenGlobalAndEraseCredentialsIsFalseThenCredentialsNotNull() throws Exception { this.spring.register(GlobalEraseCredentialsFalseConfig.class).autowire(); this.mockMvc.perform(formLogin()) .andExpect(authenticated().withAuthentication(a-> assertThat(a.getCredentials()).isNotNull())); }
@Test public void authenticationMangerWhenDefaultThenEraseCredentialsIsTrue() throws Exception { this.spring.register(EraseCredentialsTrueDefaultConfig.class).autowire(); this.mockMvc.perform(formLogin()) .andExpect(authenticated().withAuthentication(a-> assertThat(a.getCredentials()).isNull())); this.mockMvc.perform(formLogin()) .andExpect(authenticated().withAuthentication(a-> assertThat(a.getCredentials()).isNull())); // no exception due to username being cleared out }