@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String name = authentication.getName();
String password = authentication.getCredentials().toString();
Query query = new Query();
query.addCriteria(Criteria.where("userId").is(name));
MyUser user = operations.findOne(query, MyUser.class).block();
String encryptedPw = null;
try {
encryptedPw = this.passwordEncryption.getEncryptedPassword(password, user.getSalt());
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
log.error("Pw decrytion error: ",e);
}
if(encryptedPw == null || !encryptedPw.equals(user.getPassword())) {
throw new AuthenticationCredentialsNotFoundException("User: "+name+" not found.");
}
log.info("User: "+name+" logged in.");
return new UsernamePasswordAuthenticationToken(
name, password, user.getAuthorities());
}
java类org.springframework.security.authentication.AuthenticationCredentialsNotFoundException的实例源码
MyAuthenticationProvider.java 文件源码
项目:AngularAndSpring
阅读 61
收藏 0
点赞 0
评论 0
WebSocketAuthenticatorService.java 文件源码
项目:joal
阅读 29
收藏 0
点赞 0
评论 0
public UsernamePasswordAuthenticationToken getAuthenticatedOrFail(final CharSequence username, final CharSequence authToken) throws AuthenticationException {
if (StringUtils.isBlank(username)) {
throw new AuthenticationCredentialsNotFoundException("Username was null or empty.");
}
if (StringUtils.isBlank(authToken)) {
throw new AuthenticationCredentialsNotFoundException("Authentication token was null or empty.");
}
if (!appSecretToken.equals(authToken)) {
throw new BadCredentialsException("Authentication token does not match the expected token");
}
// Everithing is fine, return an authenticated Authentication. (the constructor with grantedAuthorities auto set authenticated = true)
// null credentials, we do not pass the password along to prevent security flaw
return new UsernamePasswordAuthenticationToken(
username,
null,
Collections.singleton((GrantedAuthority) () -> "USER")
);
}
AjaxAuthenticationProvider.java 文件源码
项目:OpenLRW
阅读 30
收藏 0
点赞 0
评论 0
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
Assert.notNull(authentication, "No authentication data provided");
String key = (String) authentication.getPrincipal();
String secret = (String) authentication.getCredentials();
Org org;
try {
org = orgService.findByApiKeyAndApiSecret(key, secret);
}
catch (OrgNotFoundException e) {
throw new AuthenticationCredentialsNotFoundException(e.getMessage());
}
List<GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_ORG_ADMIN"));
UserContext userContext = UserContext.create(org.getMetadata().get(Vocabulary.TENANT), org.getSourcedId(), authorities);
return new UsernamePasswordAuthenticationToken(userContext, null, userContext.getAuthorities());
}
AuthorizationWebFilter.java 文件源码
项目:item-shop-reactive-backend
阅读 29
收藏 0
点赞 0
评论 0
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return exchange.getPrincipal()
.filter(p -> p instanceof Authentication)
.then( p-> Mono.just((Authentication) p))
.filter(authentication -> {
return authentication != null && authentication.isAuthenticated();
})
.then(authentication -> {
return source.getConfigAttributes(exchange).as( (Function<? super Flux<ConfigAttribute>, Mono<Boolean>>) a -> {
return accessDecisionManager.decide(authentication, exchange, a);
});
})
.filter(t -> t)
.otherwiseIfEmpty(Mono.defer(() -> {
return entryPoint.commence(exchange, new AuthenticationCredentialsNotFoundException("Not Found"));
}))
.then(sc -> {
return chain.filter(exchange);
});
}
JwtTokenService.java 文件源码
项目:secrets-proxy
阅读 29
收藏 0
点赞 0
评论 0
/**
* Retrieves the JWT authentication token from http request.
*
* @param req http request.
* @return {@link JwtAuthToken} or <code>null</code> if the Bearer token is not present or empty.
*/
public @Nullable
JwtAuthToken getAccessToken(@Nonnull HttpServletRequest req) {
log.debug("Getting the access token for " + req.getRequestURI());
String bearerToken = req.getHeader(tokenHeader);
if (bearerToken != null) {
// Make sure it's valid token type.
if (!bearerToken.startsWith(tokenType)) {
throw new AuthenticationCredentialsNotFoundException("Invalid Authorization Token.");
}
String jwtToken = bearerToken.replaceFirst(tokenType, "").trim();
if (!isEmpty(jwtToken)) {
return new JwtAuthToken("JwtToken", jwtToken, Collections.emptyList());
}
}
log.debug("JWT Bearer token is null/empty for " + req.getRequestURI());
return null;
}
AuthorizationWebFilter.java 文件源码
项目:spring-security-reactive
阅读 21
收藏 0
点赞 0
评论 0
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return exchange.getPrincipal()
.filter(p -> p instanceof Authentication)
.flatMap( p-> Mono.just((Authentication) p))
.filter(authentication -> {
return authentication != null && authentication.isAuthenticated();
})
.flatMap(authentication -> {
return source.getConfigAttributes(exchange).as( (Function<? super Flux<ConfigAttribute>, Mono<Boolean>>) a -> {
return accessDecisionManager.decide(authentication, exchange, a);
});
})
.filter(t -> t)
.switchIfEmpty(Mono.defer(() -> {
return entryPoint.commence(exchange, new AuthenticationCredentialsNotFoundException("Not Found"));
}))
.flatMap(sc -> {
return chain.filter(exchange);
});
}
AuthenticationEvaluatorImpl.java 文件源码
项目:engerek
阅读 26
收藏 0
点赞 0
评论 0
@Override
public UsernamePasswordAuthenticationToken authenticate(ConnectionEnvironment connEnv, T authnCtx)
throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {
checkEnteredCredentials(connEnv, authnCtx);
MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), true);
UserType userType = principal.getUser();
CredentialsType credentials = userType.getCredentials();
CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
if (checkCredentials(principal, authnCtx, connEnv)) {
recordPasswordAuthenticationSuccess(principal, connEnv, getCredential(credentials), credentialsPolicy);
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal,
authnCtx.getEnteredCredential(), principal.getAuthorities());
return token;
} else {
recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
throw new BadCredentialsException("web.security.provider.invalid");
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:engerek
阅读 24
收藏 0
点赞 0
评论 0
@Override
public UserType checkCredentials(ConnectionEnvironment connEnv, T authnCtx)
throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {
checkEnteredCredentials(connEnv, authnCtx);
MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), false);
UserType userType = principal.getUser();
CredentialsType credentials = userType.getCredentials();
CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
if (checkCredentials(principal, authnCtx, connEnv)) {
return userType;
} else {
recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
throw new BadCredentialsException("web.security.provider.invalid");
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:engerek
阅读 23
收藏 0
点赞 0
评论 0
private <P extends CredentialPolicyType> void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, C credentials,
P passwordCredentialsPolicy) {
if (credentials == null) {
recordAuthenticationFailure(principal, connEnv, "no stored credential value");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.credential.bad");
}
validateCredentialNotNull(connEnv, principal, credentials);
if (passwordCredentialsPolicy == null) {
return;
}
Duration maxAge = passwordCredentialsPolicy.getMaxAge();
if (maxAge != null) {
MetadataType credentialMetedata = credentials.getMetadata();
XMLGregorianCalendar changeTimestamp = MiscSchemaUtil.getChangeTimestamp(credentialMetedata);
if (changeTimestamp != null) {
XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
if (clock.isPast(passwordValidUntil)) {
recordAuthenticationFailure(principal, connEnv, "password expired");
throw new CredentialsExpiredException("web.security.provider.password.bad");
}
}
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:engerek
阅读 27
收藏 0
点赞 0
评论 0
private void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, ProtectedStringType protectedString, MetadataType passwordMetadata,
CredentialPolicyType passwordCredentialsPolicy) {
if (protectedString == null) {
recordAuthenticationFailure(principal, connEnv, "no stored password value");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.password.bad");
}
if (passwordCredentialsPolicy == null) {
return;
}
Duration maxAge = passwordCredentialsPolicy.getMaxAge();
if (maxAge != null) {
XMLGregorianCalendar changeTimestamp = MiscSchemaUtil.getChangeTimestamp(passwordMetadata);
if (changeTimestamp != null) {
XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
if (clock.isPast(passwordValidUntil)) {
recordAuthenticationFailure(principal, connEnv, "password expired");
throw new CredentialsExpiredException("web.security.provider.password.bad");
}
}
}
}
SpringSecurityActuator.java 文件源码
项目:cibet
阅读 32
收藏 0
点赞 0
评论 0
private Authentication swapAuthentication() {
if (secondPrincipal) {
Object secP = Context.internalSessionScope().getProperty(InternalSessionScope.SECOND_PRINCIPAL);
if (secP == null) {
throw new AuthenticationCredentialsNotFoundException(
"No Authentication object found in CibetContext.getSecondPrincipal()");
}
if (!(secP instanceof Authentication)) {
throw new AccessDeniedException("CibetContext.getSecondPrincipal() is expected to be of type "
+ Authentication.class.getName() + " but is of type " + secP.getClass().getName());
}
log.debug("SpringSecurity actuator for second principal " + secP);
Authentication auth = (Authentication) secP;
Authentication original = SecurityContextHolder.getContext().getAuthentication();
SecurityContextHolder.getContext().setAuthentication(auth);
return original;
}
return null;
}
ListStudiesResponseHandler.java 文件源码
项目:Open-Clinica-Data-Uploader
阅读 22
收藏 0
点赞 0
评论 0
public static List<Study> parseListStudiesResponse(SOAPMessage response) throws Exception { //TODO: handle exception
Document document = toDocument(response);
String result = isAuthFailure(document);
if (! StringUtils.isEmpty(result)) {
throw new AuthenticationCredentialsNotFoundException("Problem calling OpenClinica web-services: " + result);
}
XPath xpath = XPathFactory.newInstance().newXPath();
NodeList studyNodes = (NodeList) xpath.evaluate("//listAllResponse/studies/study", document, XPathConstants.NODESET);
List<Study> studiesParsed = new ArrayList<>();
for (int i = 0; i < studyNodes.getLength(); i++) {
Node studyNode = studyNodes.item(i);
Study study = parseStudy(studyNode);
studiesParsed.add(study);
}
return studiesParsed;
}
SOAPResponseHandler.java 文件源码
项目:Open-Clinica-Data-Uploader
阅读 27
收藏 0
点赞 0
评论 0
/**
* Checks if an error occurred on the OpenClinica-side and reports it back as the
* return value
*
* @param response the SOAP-response.
* @return a non <code>null</code> error code.message if an error occurred. Some are reported by the OpenClinica-WS
* instance at url. Returns <code>null</code> if everything went OK.
* @throws Exception if a technical error occurs.
*/
public static String parseOpenClinicaResponse(SOAPMessage response, String xPathToResponse) throws Exception {
Document document = toDocument(response);
System.out.println("SOAP:----->\n" + SoapUtils.soapMessageToString(response));
String result = isAuthFailure(document);
if (! StringUtils.isEmpty(result)) {
throw new AuthenticationCredentialsNotFoundException("Problem calling OpenClinica web-services: " + result);
}
XPath xpath = XPathFactory.newInstance().newXPath();
Node importDataResponseNode = (Node) xpath.evaluate(xPathToResponse, document, XPathConstants.NODE);
Node resultNode = (Node) xpath.evaluate("//result", importDataResponseNode, XPathConstants.NODE);
if ("fail".equalsIgnoreCase(resultNode.getTextContent())) {
Node errorNode = (Node) xpath.evaluate("//error", importDataResponseNode, XPathConstants.NODE);
return errorNode.getTextContent();
}
return null;
}
IsStudySubjectResponseHandler.java 文件源码
项目:Open-Clinica-Data-Uploader
阅读 26
收藏 0
点赞 0
评论 0
/**
* Retrieve the study subjects technical ID; <code>studuSubjectOID</code> in OpenClinica
* terminology.
* @param response the SOAP-response
* @return <code>null</code> if the provided subject label does not exist in the study otherwise
* the <code>studySubjectOID</code>
* @throws Exception on authentication failures or response structure mismatch
*/
public static String parseIsStudySubjectResponse(SOAPMessage response) throws Exception {
if (response == null) {
return null;
}
Document document = toDocument(response);
String result = isAuthFailure(document);
if (! StringUtils.isEmpty(result)) {
throw new AuthenticationCredentialsNotFoundException("Problem calling OpenClinica web-services: " + result);
}
XPath xpath = XPathFactory.newInstance().newXPath();
Node createResponseNode = (Node) xpath.evaluate("//createResponse", document, XPathConstants.NODE);
Node resultNode = (Node) xpath.evaluate("//result", createResponseNode, XPathConstants.NODE);
if ("Success".equals(resultNode.getTextContent())) {
Node subjectOIDNode = (Node) xpath.evaluate("//subjectOID", createResponseNode, XPathConstants.NODE);
if (subjectOIDNode != null) {
return subjectOIDNode.getTextContent();
}
throw new IllegalStateException("SubjectOID node is null");
}
else {
return null;
}
}
SMS.java 文件源码
项目:spring-json-sms-gateway
阅读 30
收藏 0
点赞 0
评论 0
public SMS(JSON_SMS jsonSMS, int user_id) throws GatewayException {
if (user_id < 1)
throw new AuthenticationCredentialsNotFoundException("no user id on sms repository");
this.id = jsonSMS.getId();
this.user_id = user_id;
this.sender = jsonSMS.getSender();
this.msisdn = jsonSMS.getMsisdn();
this.text = jsonSMS.getText();
this.subid = jsonSMS.getSubid();
this.ackurl = jsonSMS.getAck_url();
this.datetimeScheduled = jsonSMS.getDatetime();
this.test = jsonSMS.isTest();
if (datetimeScheduled != null)
sms_status = SMS_Status.SCHEDULED;
else
sms_status = SMS_Status.ACCEPTD;
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 23
收藏 0
点赞 0
评论 0
@Override
public UsernamePasswordAuthenticationToken authenticate(ConnectionEnvironment connEnv, T authnCtx)
throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {
checkEnteredCredentials(connEnv, authnCtx);
MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), true);
UserType userType = principal.getUser();
CredentialsType credentials = userType.getCredentials();
CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
if (checkCredentials(principal, authnCtx, connEnv)) {
recordPasswordAuthenticationSuccess(principal, connEnv, getCredential(credentials), credentialsPolicy);
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal,
authnCtx.getEnteredCredential(), principal.getAuthorities());
return token;
} else {
recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
throw new BadCredentialsException("web.security.provider.invalid");
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 27
收藏 0
点赞 0
评论 0
@Override
public UserType checkCredentials(ConnectionEnvironment connEnv, T authnCtx)
throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {
checkEnteredCredentials(connEnv, authnCtx);
MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), false);
UserType userType = principal.getUser();
CredentialsType credentials = userType.getCredentials();
CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
if (checkCredentials(principal, authnCtx, connEnv)) {
return userType;
} else {
recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
throw new BadCredentialsException("web.security.provider.invalid");
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 24
收藏 0
点赞 0
评论 0
private <P extends CredentialPolicyType> void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, C credentials,
P passwordCredentialsPolicy) {
if (credentials == null) {
recordAuthenticationFailure(principal, connEnv, "no stored credential value");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.credential.bad");
}
validateCredentialNotNull(connEnv, principal, credentials);
if (passwordCredentialsPolicy == null) {
return;
}
Duration maxAge = passwordCredentialsPolicy.getMaxAge();
if (maxAge != null) {
MetadataType credentialMetedata = credentials.getMetadata();
XMLGregorianCalendar changeTimestamp = MiscSchemaUtil.getChangeTimestamp(credentialMetedata);
if (changeTimestamp != null) {
XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
if (clock.isPast(passwordValidUntil)) {
recordAuthenticationFailure(principal, connEnv, "password expired");
throw new CredentialsExpiredException("web.security.provider.credential.expired");
}
}
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 25
收藏 0
点赞 0
评论 0
private void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, ProtectedStringType protectedString, MetadataType passwordMetadata,
CredentialPolicyType passwordCredentialsPolicy) {
if (protectedString == null) {
recordAuthenticationFailure(principal, connEnv, "no stored password value");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.password.bad");
}
if (passwordCredentialsPolicy == null) {
return;
}
Duration maxAge = passwordCredentialsPolicy.getMaxAge();
if (maxAge != null) {
XMLGregorianCalendar changeTimestamp = MiscSchemaUtil.getChangeTimestamp(passwordMetadata);
if (changeTimestamp != null) {
XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
if (clock.isPast(passwordValidUntil)) {
recordAuthenticationFailure(principal, connEnv, "password expired");
throw new CredentialsExpiredException("web.security.provider.credential.expired");
}
}
}
}
AuthDataAccessor.java 文件源码
项目:syncope
阅读 40
收藏 0
点赞 0
评论 0
public JWTSSOProvider getJWTSSOProvider(final String issuer) {
synchronized (this) {
if (jwtSSOProviders == null) {
jwtSSOProviders = new HashMap<>();
implementationLookup.getJWTSSOProviderClasses().stream().
map(clazz -> (JWTSSOProvider) ApplicationContextProvider.getBeanFactory().
createBean(clazz, AbstractBeanDefinition.AUTOWIRE_BY_TYPE, true)).
forEachOrdered(jwtSSOProvider -> {
jwtSSOProviders.put(jwtSSOProvider.getIssuer(), jwtSSOProvider);
});
}
}
if (issuer == null) {
throw new AuthenticationCredentialsNotFoundException("A null issuer is not permitted");
}
JWTSSOProvider provider = jwtSSOProviders.get(issuer);
if (provider == null) {
throw new AuthenticationCredentialsNotFoundException(
"Could not find any registered JWTSSOProvider for issuer " + issuer);
}
return provider;
}
AbstractVaadinSecurityConfiguration.java 文件源码
项目:vaadin4spring
阅读 24
收藏 0
点赞 0
评论 0
@Bean(name = CURRENT_USER_BEAN)
Authentication currentUser() {
return ProxyFactory.getProxy(Authentication.class, new MethodInterceptor() {
@Override
public Object invoke(MethodInvocation invocation) throws Throwable {
SecurityContext securityContext = SecurityContextHolder.getContext();
Authentication authentication = securityContext.getAuthentication();
if (authentication == null) {
throw new AuthenticationCredentialsNotFoundException("No authentication found in current security context");
}
return invocation.getMethod().invoke(authentication, invocation.getArguments());
}
});
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 27
收藏 0
点赞 0
评论 0
@Override
public UsernamePasswordAuthenticationToken authenticate(ConnectionEnvironment connEnv, T authnCtx)
throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {
checkEnteredCredentials(connEnv, authnCtx);
MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), true);
UserType userType = principal.getUser();
CredentialsType credentials = userType.getCredentials();
CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
if (checkCredentials(principal, authnCtx, connEnv)) {
recordPasswordAuthenticationSuccess(principal, connEnv, getCredential(credentials), credentialsPolicy);
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal,
authnCtx.getEnteredCredential(), principal.getAuthorities());
return token;
} else {
recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
throw new BadCredentialsException("web.security.provider.invalid");
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 26
收藏 0
点赞 0
评论 0
@Override
public UserType checkCredentials(ConnectionEnvironment connEnv, T authnCtx)
throws BadCredentialsException, AuthenticationCredentialsNotFoundException, DisabledException, LockedException,
CredentialsExpiredException, AuthenticationServiceException, AccessDeniedException, UsernameNotFoundException {
checkEnteredCredentials(connEnv, authnCtx);
MidPointPrincipal principal = getAndCheckPrincipal(connEnv, authnCtx.getUsername(), false);
UserType userType = principal.getUser();
CredentialsType credentials = userType.getCredentials();
CredentialPolicyType credentialsPolicy = getCredentialsPolicy(principal, authnCtx);
if (checkCredentials(principal, authnCtx, connEnv)) {
return userType;
} else {
recordPasswordAuthenticationFailure(principal, connEnv, getCredential(credentials), credentialsPolicy, "password mismatch");
throw new BadCredentialsException("web.security.provider.invalid");
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 25
收藏 0
点赞 0
评论 0
private <P extends CredentialPolicyType> void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, C credentials,
P passwordCredentialsPolicy) {
if (credentials == null) {
recordAuthenticationFailure(principal, connEnv, "no stored credential value");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.credential.bad");
}
validateCredentialNotNull(connEnv, principal, credentials);
if (passwordCredentialsPolicy == null) {
return;
}
Duration maxAge = passwordCredentialsPolicy.getMaxAge();
if (maxAge != null) {
MetadataType credentialMetedata = credentials.getMetadata();
XMLGregorianCalendar changeTimestamp = MiscSchemaUtil.getChangeTimestamp(credentialMetedata);
if (changeTimestamp != null) {
XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
if (clock.isPast(passwordValidUntil)) {
recordAuthenticationFailure(principal, connEnv, "password expired");
throw new CredentialsExpiredException("web.security.provider.credential.expired");
}
}
}
}
AuthenticationEvaluatorImpl.java 文件源码
项目:midpoint
阅读 25
收藏 0
点赞 0
评论 0
private void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, ProtectedStringType protectedString, MetadataType passwordMetadata,
CredentialPolicyType passwordCredentialsPolicy) {
if (protectedString == null) {
recordAuthenticationFailure(principal, connEnv, "no stored password value");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.password.bad");
}
if (passwordCredentialsPolicy == null) {
return;
}
Duration maxAge = passwordCredentialsPolicy.getMaxAge();
if (maxAge != null) {
XMLGregorianCalendar changeTimestamp = MiscSchemaUtil.getChangeTimestamp(passwordMetadata);
if (changeTimestamp != null) {
XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
if (clock.isPast(passwordValidUntil)) {
recordAuthenticationFailure(principal, connEnv, "password expired");
throw new CredentialsExpiredException("web.security.provider.credential.expired");
}
}
}
}
AuthenticationUtil.java 文件源码
项目:metka
阅读 24
收藏 0
点赞 0
评论 0
public static boolean authenticate(MetkaAuthenticationDetails details) {
SecurityContext context = SecurityContextHolder.getContext();
if(context == null) {
Logger.error(AuthenticationUtil.class, "Authentication was requested but no SecurityContext was found");
throw new AuthenticationCredentialsNotFoundException("Couldn't find security context");
}
/*Authentication authentication = context.getAuthentication();
if(authentication != null && authentication.getDetails() != null) {
logger.error("Authentication details already set");
throw new AuthenticationCredentialsNotFoundException("Authentication details already set");
}*/
PreAuthenticatedAuthenticationToken auth = new PreAuthenticatedAuthenticationToken(details.getUserName(), "credentials", details.getGrantedAuthorities());
auth.setDetails(details);
context.setAuthentication(auth);
return true;
}
AuthenticationUtil.java 文件源码
项目:metka
阅读 24
收藏 0
点赞 0
评论 0
private static MetkaAuthenticationDetails getDetails() throws AuthenticationCredentialsNotFoundException {
SecurityContext context = SecurityContextHolder.getContext();
if(context == null) {
Logger.error(AuthenticationUtil.class, "User name was requested but no SecurityContext was found");
throw new AuthenticationCredentialsNotFoundException("Couldn't find security context");
}
Authentication authentication = context.getAuthentication();
if(authentication == null) {
Logger.error(AuthenticationUtil.class, "SecurityContext was found but no authentication details were set");
throw new AuthenticationCredentialsNotFoundException("Couldn't find Authentication information");
}
if(authentication.getDetails() == null || !(authentication.getDetails() instanceof MetkaAuthenticationDetails)) {
Logger.error(AuthenticationUtil.class, "Authentication details are null or don't match expected format");
throw new AuthenticationCredentialsNotFoundException("Authentication details are null or not in expected format");
}
return (MetkaAuthenticationDetails)authentication.getDetails();
}
ContextUtils.java 文件源码
项目:spring-boot-start-current
阅读 29
收藏 0
点赞 0
评论 0
/**
* 得到凭证
*/
private static Authentication getAuthentication () {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if ( Objects.isNull( authentication ) ) {
throw new AuthenticationCredentialsNotFoundException( "未授权" );
}
return authentication;
}
AuthenticationController.java 文件源码
项目:spring-boot-start-current
阅读 35
收藏 0
点赞 0
评论 0
/**
* 刷新并认证token
*
* @return token
*/
@PutMapping
public ResponseEntity refreshAndGetAuthenticationToken ( @RequestHeader( "${jwt.header:Authorization}" ) final String token ) {
String username = jwtTokenUtil.getUsernameFromToken( token );
if ( StringUtils.isBlank( username ) ) {
throw new AuthenticationCredentialsNotFoundException( "无效token" );
}
JwtUser user = ( JwtUser ) userDetailsService.loadUserByUsername( username );
if ( jwtTokenUtil.canTokenBeRefreshed( token , user.getLastPasswordResetDate() ) ) {
String refreshedToken = jwtTokenUtil.refreshToken( token );
return new ResponseEntityPro().add( "token" , refreshedToken ).buildOk();
} else {
return ResponseEntityPro.badRequest( "原 token 无效" );
}
}
AuthenticationCredentialsNotFoundExceptionMapper.java 文件源码
项目:nifi-registry
阅读 53
收藏 0
点赞 0
评论 0
@Override
public Response toResponse(AuthenticationCredentialsNotFoundException exception) {
// log the error
logger.info(String.format("No valid credentials were found in the request: %s. Returning %s response.", exception, Response.Status.FORBIDDEN));
if (logger.isDebugEnabled()) {
logger.debug(StringUtils.EMPTY, exception);
}
return Response.status(Response.Status.FORBIDDEN).entity("Access is denied.").type("text/plain").build();
}
