/** * Determines if a user is already authenticated. * @return */ private boolean authenticated() { Authentication authentication = SecurityContextHolder.getContext() .getAuthentication(); return authentication != null && authentication.isAuthenticated() && !(authentication instanceof AnonymousAuthenticationToken); }
/** * Check if current user is authenticated * * @return true/false */ public boolean isLogin() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); return null != authentication && authentication.isAuthenticated() && !(authentication instanceof AnonymousAuthenticationToken); }
public static boolean isOAuthUserAuth(Authentication authentication) { if (authentication instanceof OAuth2Authentication) { return authentication.isAuthenticated() && !((OAuth2Authentication)authentication).isClientOnly(); } return false; }
@Override public boolean isAuthenticated() { return this.storedRequest.isApproved() && (this.userAuthentication == null || this.userAuthentication.isAuthenticated()); }
public static boolean isOAuthClientAuth(Authentication authentication) { if (authentication instanceof OAuth2Authentication) { return authentication.isAuthenticated() && ((OAuth2Authentication)authentication).isClientOnly(); } return false; }
private boolean isPrincipalAuthenticated(Authentication authentication) { return authentication != null && !this.authenticationTrustResolver.isAnonymous(authentication) && authentication.isAuthenticated(); } }
private boolean isPrincipalAuthenticated(Authentication authentication) { return authentication != null && !this.authenticationTrustResolver.isAnonymous(authentication) && authentication.isAuthenticated(); } }
@Override protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest clientToken) { Authentication userAuth = SecurityContextHolder.getContext().getAuthentication(); if (userAuth==null || !userAuth.isAuthenticated()) { throw new InsufficientAuthenticationException("There is no currently logged in user"); } Assert.state(clientToken instanceof ImplicitTokenRequest, "An ImplicitTokenRequest is required here. Caller needs to wrap the TokenRequest."); OAuth2Request requestForStorage = ((ImplicitTokenRequest)clientToken).getOAuth2Request(); return new OAuth2Authentication(requestForStorage, userAuth); }
@Override public Mono<Authentication> authenticate(Authentication token) { return Mono.just(token) .publishOn(Schedulers.elastic()) .flatMap( t -> { try { return Mono.just(authenticationManager.authenticate(t)); } catch(Throwable error) { return Mono.error(error); } }) .filter( a -> a.isAuthenticated()); } }
@Override public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object) { return authentication .filter(a -> a.isAuthenticated()) .flatMapIterable( a -> a.getAuthorities()) .map(g -> g.getAuthority()) .any(a -> this.authorities.contains(a)) .map( hasAuthority -> new AuthorizationDecision(hasAuthority)) .defaultIfEmpty(new AuthorizationDecision(false)); }
/** * Returns the uppercase string, followed by security environment information. * * @param input the message to make uppercase * * @return the uppercase message, a space, the <code>Authentication</code> class that * was on the <code>SecurityContext</code> at the time of method invocation, and a * boolean indicating if the <code>Authentication</code> object is authenticated or * not */ public String makeUpperCase(String input) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); return input.toUpperCase() + " " + auth.getClass().getName() + " " + auth.isAuthenticated(); }
@Override public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object) { return authentication .filter(this::isNotAnonymous) .map(a -> new AuthorizationDecision(a.isAuthenticated())) .defaultIfEmpty(new AuthorizationDecision(false)); }
@Test public void authenticateWhenSuccessThenSucces() { when(delegate.authenticate(any())).thenReturn(authentication); when(authentication.isAuthenticated()).thenReturn(true); Authentication result = manager.authenticate(authentication).block(); assertThat(result).isEqualTo(authentication); }
@Test public void checkWhenHasAuthorityAndAuthenticatedAndNoAuthoritiesThenReturnFalse() { when(authentication.isAuthenticated()).thenReturn(true); when(authentication.getAuthorities()).thenReturn(Collections.emptyList()); boolean granted = manager.check(Mono.just(authentication), null).block().isGranted(); assertThat(granted).isFalse(); }
@Test public void securityContextDeserializeTest() throws IOException { SecurityContext context = mapper.readValue(SECURITY_CONTEXT_JSON, SecurityContextImpl.class); assertThat(context).isNotNull(); assertThat(context.getAuthentication()).isNotNull().isInstanceOf(UsernamePasswordAuthenticationToken.class); assertThat(context.getAuthentication().getPrincipal()).isEqualTo("admin"); assertThat(context.getAuthentication().getCredentials()).isEqualTo("1234"); assertThat(context.getAuthentication().isAuthenticated()).isTrue(); Collection authorities = context.getAuthentication().getAuthorities(); assertThat(authorities).hasSize(1); assertThat(authorities).contains(new SimpleGrantedAuthority("ROLE_USER")); } }
@Test public void checkWhenAuthenticatedThenReturnTrue() { when(authentication.isAuthenticated()).thenReturn(true); boolean granted = manager.check(Mono.just(authentication), null).block().isGranted(); assertThat(granted).isTrue(); }
@Test public void authenticateSuccess() throws Exception { Authentication auth = provider.authenticate(token); assertThat(auth.getPrincipal()).isEqualTo(token.getPrincipal()); assertThat(auth.getCredentials()).isEqualTo(token.getCredentials()); assertThat(auth.isAuthenticated()).isEqualTo(true); assertThat(auth.getAuthorities().isEmpty()).isEqualTo(false); verify(publisher).publishEvent(isA(JaasAuthenticationSuccessEvent.class)); verifyNoMoreInteractions(publisher); }
@Test public void configureWhenOverrideAuthenticationManagerBeanThenAuthenticationManagerBeanRegistered() throws Exception { this.spring.register(SecurityConfig.class).autowire(); AuthenticationManager authenticationManager = this.spring.getContext().getBean(AuthenticationManager.class); Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password")); assertThat(authentication.isAuthenticated()).isTrue(); }
@Test public void authenticateWhenJwtThenSuccess() { BearerTokenAuthenticationToken token = new BearerTokenAuthenticationToken("token-1"); when(this.jwtDecoder.decode(token.getToken())).thenReturn(Mono.just(this.jwt)); Authentication authentication = this.manager.authenticate(token).block(); assertThat(authentication).isNotNull(); assertThat(authentication.isAuthenticated()).isTrue(); assertThat(authentication.getAuthorities()).extracting(GrantedAuthority::getAuthority).containsOnly("SCOPE_message:read", "SCOPE_message:write"); } }
@Test public void testAuthenticateError() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); Authentication preAuth = new OpenIDAuthenticationToken( OpenIDAuthenticationStatus.ERROR, USERNAME, "", null); assertThat(preAuth.isAuthenticated()).isFalse(); try { provider.authenticate(preAuth); fail("Should throw an AuthenticationException"); } catch (AuthenticationServiceException expected) { assertThat(expected.getMessage()).isEqualTo("Error message from server: "); } }