static void handleAuthenticationError(AuthenticationException e, HttpServletResponse response, String contextPath) { redirectTo(response, getPath(e, contextPath)); }
/** * Method used to store the password as a hash in database. * The crypted_password, salt and hash_method are set */ public void storeHashPassword(UserDto user, String password) { DEFAULT.storeHashPassword(user, password); }
@Override public void storeHashPassword(UserDto user, String password) { hashFunction.storeHashPassword(user, password); } }
@Override public void delete(HttpServletRequest request, HttpServletResponse response) { response.addCookie(newCookieBuilder(request) .setName(AUTHENTICATION_COOKIE_NAME) .setValue(null) .setHttpOnly(true) .setExpiry(0) .build()); }
private void refreshToken(Claims token, HttpServletRequest request, HttpServletResponse response) { String refreshToken = jwtSerializer.refresh(token, sessionTimeoutInSeconds); response.addCookie(createCookie(request, JWT_COOKIE, refreshToken, sessionTimeoutInSeconds)); jwtCsrfVerifier.refreshState(request, response, (String) token.get(CSRF_JWT_PARAM), sessionTimeoutInSeconds); }
private Optional<UserDto> loadUser(HttpServletRequest request, HttpServletResponse response) { // Try first to authenticate from SSO, then JWT token, then try from basic http header // SSO authentication should come first in order to update JWT if user from header is not the same is user from JWT Optional<UserDto> user = httpHeadersAuthentication.authenticate(request, response); if (user.isPresent()) { return user; } user = jwtHttpHandler.validateToken(request, response); if (user.isPresent()) { return user; } return basicAuthentication.authenticate(request); } }
public Optional<UserDto> validateToken(HttpServletRequest request, HttpServletResponse response) { Optional<Token> token = getToken(request, response); if (token.isPresent()) { return Optional.of(token.get().getUserDto()); } return Optional.empty(); }
@Test public void verify_state() { mockRequestCsrf(CSRF_STATE); mockPostJavaWsRequest(); underTest.verifyState(request, CSRF_STATE, LOGIN); }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; IdentityProvider provider = resolveProviderOrHandleResponse(httpRequest, httpResponse, INIT_CONTEXT); if (provider != null) { handleProvider(httpRequest, httpResponse, provider); } }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; IdentityProvider provider = resolveProviderOrHandleResponse(httpRequest, httpResponse, CALLBACK_PATH); if (provider != null) { handleProvider(httpRequest, (HttpServletResponse) response, provider); } }
private UserDto executeAuthenticate(AuthenticationEvent.Method method) { return underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, method); }
@Override public String generateCsrfState() { return csrfVerifier.generateState(request, response); }
@Override public void verifyCsrfState() { csrfVerifier.verifyState(request, response, identityProvider); }
FailingIdentityProvider() { this.setKey("failing"); this.setName("Failing"); this.setEnabled(true); }
public FakeBasicIdentityProvider(String key, boolean enabled) { setKey(key); setName("name of " + key); setEnabled(enabled); }
public FakeOAuth2IdentityProvider(String key, boolean enabled) { setKey(key); setName("name of " + key); setEnabled(enabled); }
public JwtHttpHandler(System2 system2, DbClient dbClient, Configuration config, JwtSerializer jwtSerializer, JwtCsrfVerifier jwtCsrfVerifier) { this.jwtSerializer = jwtSerializer; this.dbClient = dbClient; this.system2 = system2; this.sessionTimeoutInSeconds = getSessionTimeoutInSeconds(config); this.jwtCsrfVerifier = jwtCsrfVerifier; }
@Override public Optional<String> getReturnTo(HttpServletRequest request) { return getParameter(request, RETURN_TO_PARAMETER); }
@Override public String getName() { return getKey(); }
private Claims createToken(String userUuid, long createdAt) { // Expired in 5 minutes by default return createToken(userUuid, createdAt, NOW + 5 * 60 * 1000); }