/** * Copies the authentication details from a source Authentication object to a * destination one, provided the latter does not already have one set. * * @param source source authentication * @param dest the destination authentication object */ private void copyDetails(Authentication source, Authentication dest) { if ((dest instanceof AbstractAuthenticationToken) && (dest.getDetails() == null)) { AbstractAuthenticationToken token = (AbstractAuthenticationToken) dest; token.setDetails(source.getDetails()); } }
protected UaaLoginHint extractLoginHint(Authentication authentication) { UaaLoginHint loginHint = null; if (authentication != null && authentication.getDetails() instanceof UaaAuthenticationDetails) { UaaAuthenticationDetails uaaAuthenticationDetails = (UaaAuthenticationDetails) authentication.getDetails(); loginHint = uaaAuthenticationDetails.getLoginHint(); } return loginHint; }
protected boolean setLoginHint(Authentication authentication, UaaLoginHint loginHint) { if (authentication != null && authentication.getDetails() instanceof UaaAuthenticationDetails) { UaaAuthenticationDetails uaaAuthenticationDetails = (UaaAuthenticationDetails) authentication.getDetails(); uaaAuthenticationDetails.setLoginHint(loginHint); return true; } return false; }
/** * Copies the authentication details from a source Authentication object to a * destination one, provided the latter does not already have one set. * * @param source source authentication * @param dest the destination authentication object */ private void copyDetails(Authentication source, Authentication dest) { if ((dest instanceof AbstractAuthenticationToken) && (dest.getDetails() == null)) { AbstractAuthenticationToken token = (AbstractAuthenticationToken) dest; token.setDetails(source.getDetails()); } }
public static boolean isOAuthConsumerAuth(SecurityExpressionRoot root) { Authentication authentication = root.getAuthentication(); if (authentication.getDetails() instanceof OAuthAuthenticationDetails) { return true; } return false; }
@RequestMapping(value = "/authentication", method = RequestMethod.GET, produces = { "application/json" }) public UserDetails authenticatedUser() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { logger.debug("authentication is null."); return null; } if (authentication.getPrincipal() instanceof UserDetails) { return (UserDetails) authentication.getPrincipal(); } if (authentication.getDetails() instanceof UserDetails) { return (UserDetails) authentication.getDetails(); } return null; } }
UaaAuthenticationDetails getAuthenticationDetails() { return (UaaAuthenticationDetails) getAuthentication().getDetails(); }
/** A proper {@link GeoServerWebAuthenticationDetails} object must be present */ protected String retrieveUserName(Authentication authentication) { if (authentication.getDetails() instanceof GeoServerWebAuthenticationDetails) { String userGroupServiceName = ((GeoServerWebAuthenticationDetails) authentication.getDetails()) .getUserGroupServiceName(); if (userGroupServiceName == null || userGroupServiceName.trim().length() == 0) return ""; // no service specified --> no remember me return encode(super.retrieveUserName(authentication), userGroupServiceName); } else return ""; // no remember me feature without a user group service name };
protected Authentication createNewAuthentication(Authentication currentAuth, String newPassword) { UserDetails user = loadUserByUsername(currentAuth.getName()); UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken( user, null, user.getAuthorities()); newAuthentication.setDetails(currentAuth.getDetails()); return newAuthentication; }
public String getAuthenticationZoneId() { if (authentication.getPrincipal() instanceof UaaPrincipal) { return ((UaaPrincipal) authentication.getPrincipal()).getZoneId(); } else if (authentication instanceof UaaOauth2Authentication) { return ((UaaOauth2Authentication)authentication).getZoneId(); } else if (authentication.getDetails() instanceof OAuth2AuthenticationDetails) { String tokenValue = ((OAuth2AuthenticationDetails)authentication.getDetails()).getTokenValue(); return getZoneIdFromToken(tokenValue); } else { return null; } }
public static boolean consumerHasAnyRole(SecurityExpressionRoot root, String... roles) { Authentication authentication = root.getAuthentication(); if (authentication.getDetails() instanceof OAuthAuthenticationDetails) { OAuthAuthenticationDetails details = (OAuthAuthenticationDetails) authentication.getDetails(); List<GrantedAuthority> consumerAuthorities = details.getConsumerDetails().getAuthorities(); if (consumerAuthorities != null) { Set<String> roleSet = AuthorityUtils.authorityListToSet(consumerAuthorities); for (String role : roles) { if (roleSet.contains(role)) { return true; } } } } return false; }
public void onApplicationEvent(AbstractAuthenticationEvent event) { if (!logInteractiveAuthenticationSuccessEvents && event instanceof InteractiveAuthenticationSuccessEvent) { return; } if (logger.isWarnEnabled()) { final StringBuilder builder = new StringBuilder(); builder.append("Authentication event "); builder.append(ClassUtils.getShortName(event.getClass())); builder.append(": "); builder.append(event.getAuthentication().getName()); builder.append("; details: "); builder.append(event.getAuthentication().getDetails()); if (event instanceof AbstractAuthenticationFailureEvent) { builder.append("; exception: "); builder.append(((AbstractAuthenticationFailureEvent) event) .getException().getMessage()); } logger.warn(builder.toString()); } }
protected Authentication createNewAuthentication(Authentication currentAuth, String newPassword) { UserDetails user = loadUserByUsername(currentAuth.getName()); UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken( user, null, user.getAuthorities()); newAuthentication.setDetails(currentAuth.getDetails()); return newAuthentication; }
@GetMapping("/details") public String details(@AuthenticationPrincipal Authentication authentication) { return authentication.getDetails().getClass().getName(); } }
@Override public void onApplicationEvent(AuthenticationFailureBadCredentialsEvent event) { AuthenticationFailureBadCredentialsEvent bce = event; String principal = bce.getAuthentication().getName(); UaaAuthenticationDetails details = (UaaAuthenticationDetails) bce.getAuthentication().getDetails(); if (bce.getException() instanceof UsernameNotFoundException) { publisher.publishEvent(new PrincipalNotFoundEvent(principal, details)); } else { publisher.publishEvent(new PrincipalAuthenticationFailureEvent(principal, details)); } }
@Test public void changePasswordSucceedsWithIfReAuthenticationSucceeds() { insertJoe(); Authentication currentAuth = authenticateJoe(); AuthenticationManager am = mock(AuthenticationManager.class); when(am.authenticate(currentAuth)).thenReturn(currentAuth); manager.setAuthenticationManager(am); manager.changePassword("password", "newPassword"); UserDetails newJoe = manager.loadUserByUsername("joe"); assertThat(newJoe.getPassword()).isEqualTo("newPassword"); // The password in the context should also be altered Authentication newAuth = SecurityContextHolder.getContext().getAuthentication(); assertThat(newAuth.getName()).isEqualTo("joe"); assertThat(newAuth.getDetails()).isEqualTo(currentAuth.getDetails()); assertThat(newAuth.getCredentials()).isNull(); assertThat(cache.getUserMap().containsKey("joe")).isFalse(); }
@Test(expected = BadCredentialsException.class) public void testNoUsernameNoEmail() throws Exception { UaaAuthenticationDetails uaaAuthenticationDetails = mock(UaaAuthenticationDetails.class); when(uaaAuthenticationDetails.getOrigin()).thenReturn(origin); when(uaaAuthenticationDetails.getClientId()).thenReturn(null); when(uaaAuthenticationDetails.getSessionId()).thenReturn(new RandomValueStringGenerator().generate()); when(inputAuth.getDetails()).thenReturn(uaaAuthenticationDetails); when(uaaUserDatabase.retrieveUserByName(anyString(), eq(origin))).thenReturn(null); when(userDetails.getUsername()).thenReturn(null); manager.authenticate(inputAuth); }
@Test public void detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider() throws Exception { Object details = new Object(); ProviderManager authMgr = makeProviderManager(); TestingAuthenticationToken request = createAuthenticationToken(); request.setDetails(details); Authentication result = authMgr.authenticate(request); assertThat(result.getCredentials()).isNotNull(); assertThat(result.getDetails()).isSameAs(details); }
@Test public void testExtractLoginHint() { DynamicZoneAwareAuthenticationManager manager = getDynamicZoneAwareAuthenticationManager(true); UaaAuthenticationDetails mockDetails = mock(UaaAuthenticationDetails.class); UaaLoginHint loginHint = mock(UaaLoginHint.class); when(loginHint.getOrigin()).thenReturn("uaa"); when(success.getDetails()).thenReturn(mockDetails); assertNull(manager.extractLoginHint(null)); assertNull(manager.extractLoginHint(success)); when(mockDetails.getLoginHint()).thenReturn(loginHint); assertEquals(loginHint, manager.extractLoginHint(success)); }
@Test public void detailsAreNotSetOnAuthenticationTokenIfAlreadySetByProvider() throws Exception { Object requestDetails = "(Request Details)"; final Object resultDetails = "(Result Details)"; // A provider which sets the details object AuthenticationProvider provider = new AuthenticationProvider() { public Authentication authenticate(Authentication authentication) throws AuthenticationException { ((TestingAuthenticationToken) authentication).setDetails(resultDetails); return authentication; } public boolean supports(Class<?> authentication) { return true; } }; ProviderManager authMgr = new ProviderManager(Arrays.asList(provider)); TestingAuthenticationToken request = createAuthenticationToken(); request.setDetails(requestDetails); Authentication result = authMgr.authenticate(request); assertThat(result.getDetails()).isEqualTo(resultDetails); }