@Override
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
try {
UserEntity user = userService.findByName(username, true);
if (RepositoryIdentityProvider.PROVIDER_TYPE.equals(user.getSource())) {
return mapUserEntityToUserDetails(user);
} else {
throw new UserNotFoundException(username);
}
} catch (UserNotFoundException notFound) {
throw new UsernameNotFoundException(String.format("User '%s' not found", username), notFound);
} catch (Exception repositoryProblem) {
LOGGER.error("Failed to retrieveUser : {}", username, repositoryProblem);
throw new InternalAuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem);
}
}
java类org.springframework.security.authentication.InternalAuthenticationServiceException的实例源码
RepositoryAuthenticationProvider.java 文件源码
项目:gravitee-management-rest-api
阅读 23
收藏 0
点赞 0
评论 0
CustomTokenServices.java 文件源码
项目:cf-mta-deploy-service
阅读 25
收藏 0
点赞 0
评论 0
@SuppressWarnings("unchecked")
private URL readTokenEndpoint(URL targetURL) {
try {
String infoURL = targetURL.toString() + "/v2/info";
Map<String, Object> infoMap = restTemplate.getForEntity(infoURL, Map.class).getBody();
if (infoMap == null) {
throw new InternalAuthenticationServiceException("Invalid response returned from /v2/info");
}
Object endpoint = infoMap.get("token_endpoint");
if (endpoint == null)
endpoint = infoMap.get("authorizationEndpoint");
if (endpoint == null) {
throw new InternalAuthenticationServiceException("Response from /v2/info does not contain a valid token endpoint");
}
return new URL(endpoint.toString());
} catch (Exception e) {
throw new InternalAuthenticationServiceException("Could not read token endpoint", e);
}
}
CustomTokenServices.java 文件源码
项目:cf-mta-deploy-service
阅读 26
收藏 0
点赞 0
评论 0
@SuppressWarnings("unchecked")
private Pair<String, String> readTokenKey(URL uaaUrl) {
try {
String tokenKeyURL = uaaUrl.toString() + "/token_key";
Map<String, Object> tokenKeyMap = null;
tokenKeyMap = restTemplate.getForEntity(tokenKeyURL, Map.class).getBody();
if (tokenKeyMap == null) {
throw new InternalAuthenticationServiceException("Invalid response returned from /token_key");
}
Object value = tokenKeyMap.get("value");
Object alg = tokenKeyMap.get("alg");
if (value == null || alg == null) {
throw new InternalAuthenticationServiceException("Response from /token_key does not contain a key value or an algorithm");
}
return new Pair<>(value.toString(), alg.toString());
} catch (Exception e) {
throw new InternalAuthenticationServiceException("Could not read token verification key", e);
}
}
RemoteAddressBlocker.java 文件源码
项目:oma-riista-web
阅读 26
收藏 0
点赞 0
评论 0
@Nonnull
private static String getRemoteAddress(@Nonnull final Authentication authentication) {
final Object details = authentication.getDetails();
if (details != null) {
if (details instanceof WebAuthenticationDetails) {
final WebAuthenticationDetails webAuthenticationDetails = (WebAuthenticationDetails) details;
return webAuthenticationDetails.getRemoteAddress();
} else if (details instanceof ExternalAuthenticationDetails) {
final ExternalAuthenticationDetails externalAuthenticationDetails =
(ExternalAuthenticationDetails) details;
return externalAuthenticationDetails.getRemoteAddress();
}
}
throw new InternalAuthenticationServiceException("Authentication details is missing");
}
CustomAuthenticationProvider.java 文件源码
项目:springboot-jersey-example
阅读 32
收藏 0
点赞 0
评论 0
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// get username and password
String username = (authentication.getPrincipal() == null) ? "" : authentication.getName();
String password = (authentication.getCredentials() == null) ? "" : authentication.getCredentials().toString();
// check credentials
if (userService.checkCredentials(username, password)) {
// init return value
AbstractAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, null, new ArrayList<>());
// set user object
authenticationToken.setDetails(userService.getUserByUsername(username));
// return user details
return authenticationToken;
}
// indicate invalid credentials
throw new InternalAuthenticationServiceException("Unable to authenticate");
}
TwoFactorAuthenticationServiceImpl.java 文件源码
项目:molgenis
阅读 26
收藏 0
点赞 0
评论 0
@Override
public void saveSecretForUser(String secret)
{
if (secret == null)
{
throw new InternalAuthenticationServiceException("No secretKey found");
}
else
{
User user = getUser();
UserSecret userSecret = userSecretFactory.create();
userSecret.setUserId(user.getId());
userSecret.setSecret(secret);
runAsSystem(() -> dataService.add(USER_SECRET, userSecret));
}
}
TwoFactorAuthenticationServiceImpl.java 文件源码
项目:molgenis
阅读 29
收藏 0
点赞 0
评论 0
@Override
public boolean isConfiguredForUser()
{
boolean isConfigured = false;
try
{
UserSecret secret = getSecret();
if (StringUtils.hasText(secret.getSecret()))
{
isConfigured = true;
}
}
catch (InternalAuthenticationServiceException err)
{
LOG.warn(err.getMessage());
}
return isConfigured;
}
TwoFactorAuthenticationServiceImpl.java 文件源码
项目:molgenis
阅读 29
收藏 0
点赞 0
评论 0
private UserSecret getSecret()
{
User user = getUser();
UserSecret secret = runAsSystem(() -> dataService.query(USER_SECRET, UserSecret.class)
.eq(UserSecretMetaData.USER_ID, user.getId())
.findOne());
if (secret != null)
{
return secret;
}
else
{
throw new InternalAuthenticationServiceException(
format("Secret not found, user: [{0}] is not configured for two factor authentication",
user.getUsername()));
}
}
LoginFilter.java 文件源码
项目:springuni-particles
阅读 36
收藏 0
点赞 0
评论 0
public Authentication attemptAuthentication(HttpServletRequest request,
HttpServletResponse response) throws AuthenticationException {
if (!request.getMethod().equals("POST")) {
throw new AuthenticationServiceException(
"Authentication method not supported: " + request.getMethod());
}
try {
LoginRequest loginRequest =
objectMapper.readValue(request.getInputStream(), LoginRequest.class);
String username = Optional
.ofNullable(loginRequest.getUsername())
.map(String::trim)
.orElse("");
String password = Optional
.ofNullable(loginRequest.getPassword())
.orElse("");
request.setAttribute(REMEMBER_ME_ATTRIBUTE, loginRequest.getRememberMe());
UsernamePasswordAuthenticationToken authRequest =
new UsernamePasswordAuthenticationToken(username, password);
return this.getAuthenticationManager().authenticate(authRequest);
} catch (AuthenticationException ae) {
throw ae;
} catch (Exception e) {
throw new InternalAuthenticationServiceException(e.getMessage(), e);
}
}
AuthenticatedUser.java 文件源码
项目:jwala
阅读 26
收藏 0
点赞 0
评论 0
/**
*
* @return user
*/
public User getUser() {
if(context.getUserPrincipal() == null) {
throw new InternalAuthenticationServiceException("User not found");
}
return new User(context.getUserPrincipal().getName());
}
RemoteAddressBlocker.java 文件源码
项目:oma-riista-web
阅读 24
收藏 0
点赞 0
评论 0
public static void assertNotBlocked(UserDetails userDetails, Authentication authentication) {
try {
if (isAllowedRemote(userDetails, authentication)) {
return;
}
} catch (RuntimeException ex) {
throw new InternalAuthenticationServiceException("Internal error", ex);
}
throw new RemoteAddressBlockedException("Remote address is not allowed");
}
LdapAuthenticationProvider.java 文件源码
项目:graviteeio-access-management
阅读 23
收藏 0
点赞 0
评论 0
@Override
public User loadUserByUsername(Authentication authentication) {
try {
ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
DirContextOperations authenticate;
try {
Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
// authenticate user
authenticate = authenticator.authenticate(new UsernamePasswordAuthenticationToken(
authentication.getPrincipal(), authentication.getCredentials()));
// fetch user groups
try {
List<String> groups = authoritiesPopulator
.getGrantedAuthorities(authenticate, authenticate.getNameInNamespace()).stream()
.map(a -> a.getAuthority())
.collect(Collectors.toList());
authenticate.setAttributeValue(MEMBEROF_ATTRIBUTE, groups);
} catch (Exception e) {
LOGGER.warn("No group found for user {}", authenticate.getNameInNamespace(), e);
}
} finally {
Thread.currentThread().setContextClassLoader(classLoader);
}
return createUser(authenticate);
} catch (UsernameNotFoundException notFound) {
throw notFound;
} catch (NamingException ldapAccessFailure) {
throw new InternalAuthenticationServiceException(
ldapAccessFailure.getMessage(), ldapAccessFailure);
}
}
LdapAuthenticationProvider.java 文件源码
项目:graviteeio-access-management
阅读 28
收藏 0
点赞 0
评论 0
@Override
public User loadUserByUsername(String username) {
try {
ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
DirContextOperations authenticate;
try {
Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
// find user
authenticate = userSearch.searchForUser(username);
// fetch user groups
try {
List<String> groups = authoritiesPopulator
.getGrantedAuthorities(authenticate, authenticate.getNameInNamespace()).stream()
.map(a -> a.getAuthority())
.collect(Collectors.toList());
authenticate.setAttributeValue(MEMBEROF_ATTRIBUTE, groups);
} catch (Exception e) {
LOGGER.warn("No group found for user {}", authenticate.getNameInNamespace(), e);
}
} finally {
Thread.currentThread().setContextClassLoader(classLoader);
}
return createUser(authenticate);
} catch (UsernameNotFoundException notFound) {
throw notFound;
} catch (NamingException ldapAccessFailure) {
throw new InternalAuthenticationServiceException(
ldapAccessFailure.getMessage(), ldapAccessFailure);
}
}
ManagementEndpointAuthenticationFilter.java 文件源码
项目:payment-api
阅读 28
收藏 0
点赞 0
评论 0
private Authentication tryToAuthenticate(Authentication requestAuthentication) {
Authentication responseAuthentication = authenticationManager.authenticate(requestAuthentication);
if (responseAuthentication == null || !responseAuthentication.isAuthenticated()) {
throw new InternalAuthenticationServiceException("Unable to authenticate Backend Admin for provided credentials");
}
logger.debug("Backend Admin successfully authenticated");
return responseAuthentication;
}
AuthenticationFilter.java 文件源码
项目:payment-api
阅读 43
收藏 0
点赞 0
评论 0
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = asHttp(request);
HttpServletResponse httpResponse = asHttp(response);
Optional<String> username = Optional.fromNullable(httpRequest.getParameter("username"));
Optional<String> password = Optional.fromNullable(httpRequest.getParameter("password"));
Optional<String> token = Optional.fromNullable(httpRequest.getHeader("Authorization"));
String resourcePath = new UrlPathHelper().getPathWithinApplication(httpRequest);
try {
if (postToAuthenticate(httpRequest, resourcePath)) {
logger.debug("Trying to authenticate user {} by Username method", username);
processUsernamePasswordAuthentication(httpResponse, username, password);
return;
}
if (token.isPresent()) {
logger.debug("Trying to authenticate user by Token method. Token: {}", token);
processTokenAuthentication(token);
}
logger.debug("AuthenticationFilter is passing request down the filter chain");
addSessionContextToLogging();
chain.doFilter(request, response);
} catch (InternalAuthenticationServiceException internalAuthenticationServiceException) {
SecurityContextHolder.clearContext();
logger.error("Internal authentication service exception", internalAuthenticationServiceException);
httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
} catch (AuthenticationException authenticationException) {
SecurityContextHolder.clearContext();
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, authenticationException.getMessage());
} finally {
MDC.remove(TOKEN_SESSION_KEY);
MDC.remove(USER_SESSION_KEY);
}
}
AuthenticationFilter.java 文件源码
项目:payment-api
阅读 31
收藏 0
点赞 0
评论 0
private Authentication tryToAuthenticate(Authentication requestAuthentication) {
Authentication responseAuthentication = authenticationManager.authenticate(requestAuthentication);
if (responseAuthentication == null || !responseAuthentication.isAuthenticated()) {
throw new InternalAuthenticationServiceException("Unable to authenticate Domain User for provided credentials");
}
logger.debug("User successfully authenticated");
return responseAuthentication;
}
ExAuthenticationProvider.java 文件源码
项目:security-stateless-samples
阅读 32
收藏 0
点赞 0
评论 0
@Override
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
UserDetails loadedUser;
try {
loadedUser = loadUser(username, authentication.getCredentials().toString());
} catch (Exception repositoryProblem) {
throw new InternalAuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem);
}
return loadedUser;
}
DashboardAuthenticationProvider.java 文件源码
项目:cf-sample-service
阅读 24
收藏 0
点赞 0
评论 0
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
final String name = authentication.getName();
final Object details = authentication.getDetails();
if (!(details instanceof DashboardAuthenticationDetails)) {
throw new InternalAuthenticationServiceException("The authentication details [" + details
+ "] are not an instance of " + DashboardAuthenticationDetails.class.getSimpleName());
}
try {
final DashboardUser byName = userRepository.findByName(name);
if (byName == null) {
final DashboardAuthenticationDetails oauthDetails = (DashboardAuthenticationDetails) details;
final DashboardUser user = new DashboardUser();
user.setName(name);
user.setFullName(oauthDetails.getUserFullName());
userRepository.save(user);
}
} catch (Exception e) {
throw new InternalAuthenticationServiceException("Error while creating a user based on [" + name + "]", e);
}
return authentication;
}
DashboardAuthenticationDetailsSource.java 文件源码
项目:cf-sample-service
阅读 23
收藏 0
点赞 0
评论 0
/**
* Returns the current service instance id.
*/
private String getServiceInstance() {
final File config = new File(serviceInstanceIdFile);
try {
return new String(FileCopyUtils.copyToByteArray(config));
} catch (IOException e) {
throw new InternalAuthenticationServiceException("Error while retrieving the service instance", e);
}
}
DashboardAuthenticationProviderTest.java 文件源码
项目:cf-sample-service
阅读 23
收藏 0
点赞 0
评论 0
@Test(expected = InternalAuthenticationServiceException.class)
public void authenticateErrorSave(){
final DashboardUserRepository mock = mock(DashboardUserRepository.class);
when(mock.save(Matchers.<DashboardUser>any()))
.thenThrow(new RuntimeException("Planned exception"));
createProvider(mock).authenticate(createAuthentication(johnUser()));
}
TotpAuthenticationProvider.java 文件源码
项目:springsecuritytotp
阅读 23
收藏 0
点赞 0
评论 0
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails,
UsernamePasswordAuthenticationToken authentication)
throws AuthenticationException {
super.additionalAuthenticationChecks(userDetails, authentication);
if (authentication.getDetails() instanceof TotpWebAuthenticationDetails) {
String secret = ((JpaUserDetails) userDetails).getSecret();
if (StringUtils.hasText(secret)) {
Integer totpKey = ((TotpWebAuthenticationDetails) authentication
.getDetails()).getTotpKey();
if (totpKey != null) {
try {
if (!TotpAuthenticatorUtil.verifyCode(secret, totpKey, 2)) {
throw new BadCredentialsException(
"Google Authenticator Code is not valid");
}
}
catch (InvalidKeyException | NoSuchAlgorithmException e) {
throw new InternalAuthenticationServiceException(
"Google Authenticator Code verify failed", e);
}
}
else {
throw new MissingTotpKeyAuthenticatorException(
"Google Authenticator Code is mandatory");
}
}
}
}
ManagementEndpointAuthenticationFilter.java 文件源码
项目:spring-boot-security-example
阅读 34
收藏 0
点赞 0
评论 0
private Authentication tryToAuthenticate(Authentication requestAuthentication) {
Authentication responseAuthentication = authenticationManager.authenticate(requestAuthentication);
if (responseAuthentication == null || !responseAuthentication.isAuthenticated()) {
throw new InternalAuthenticationServiceException("Unable to authenticate Backend Admin for provided credentials");
}
logger.debug("Backend Admin successfully authenticated");
return responseAuthentication;
}
AuthenticationFilter.java 文件源码
项目:spring-boot-security-example
阅读 36
收藏 0
点赞 0
评论 0
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = asHttp(request);
HttpServletResponse httpResponse = asHttp(response);
Optional<String> username = Optional.fromNullable(httpRequest.getHeader("X-Auth-Username"));
Optional<String> password = Optional.fromNullable(httpRequest.getHeader("X-Auth-Password"));
Optional<String> token = Optional.fromNullable(httpRequest.getHeader("X-Auth-Token"));
String resourcePath = new UrlPathHelper().getPathWithinApplication(httpRequest);
try {
if (postToAuthenticate(httpRequest, resourcePath)) {
logger.debug("Trying to authenticate user {} by X-Auth-Username method", username);
processUsernamePasswordAuthentication(httpResponse, username, password);
return;
}
if (token.isPresent()) {
logger.debug("Trying to authenticate user by X-Auth-Token method. Token: {}", token);
processTokenAuthentication(token);
}
logger.debug("AuthenticationFilter is passing request down the filter chain");
addSessionContextToLogging();
chain.doFilter(request, response);
} catch (InternalAuthenticationServiceException internalAuthenticationServiceException) {
SecurityContextHolder.clearContext();
logger.error("Internal authentication service exception", internalAuthenticationServiceException);
httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
} catch (AuthenticationException authenticationException) {
SecurityContextHolder.clearContext();
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, authenticationException.getMessage());
} finally {
MDC.remove(TOKEN_SESSION_KEY);
MDC.remove(USER_SESSION_KEY);
}
}
AuthenticationFilter.java 文件源码
项目:spring-boot-security-example
阅读 48
收藏 0
点赞 0
评论 0
private Authentication tryToAuthenticate(Authentication requestAuthentication) {
Authentication responseAuthentication = authenticationManager.authenticate(requestAuthentication);
if (responseAuthentication == null || !responseAuthentication.isAuthenticated()) {
throw new InternalAuthenticationServiceException("Unable to authenticate Domain User for provided credentials");
}
logger.debug("User successfully authenticated");
return responseAuthentication;
}
MolgenisLoginController.java 文件源码
项目:molgenis
阅读 29
收藏 0
点赞 0
评论 0
private String determineErrorMessagesFromInternalAuthenticationExceptions(Object attribute)
{
String errorMessage = "";
if (attribute instanceof InternalAuthenticationServiceException)
{
Throwable throwable = ((InternalAuthenticationServiceException) attribute).getCause();
if (throwable.getCause() instanceof UsernameNotFoundException)
{
errorMessage = ERROR_MESSAGE_BAD_CREDENTIALS;
}
}
return errorMessage;
}
HttpAuthenticationFilter.java 文件源码
项目:devicehive-java-server
阅读 23
收藏 0
点赞 0
评论 0
private void tryAuthenticate(Authentication requestAuth) {
Authentication authentication = authenticationManager.authenticate(requestAuth);
if (authentication == null || !authentication.isAuthenticated()) {
throw new InternalAuthenticationServiceException("Unable to authenticate user with provided credentials");
}
logger.debug("Successfully authenticated");
SecurityContextHolder.getContext().setAuthentication(authentication);
}
DashboardAuthenticationDetailsSourceTest.java 文件源码
项目:cf-sample-service
阅读 25
收藏 0
点赞 0
评论 0
@Test(expected = InternalAuthenticationServiceException.class)
public void isManagingFailToLoadSuidFile() {
final DashboardAuthenticationDetailsSource source = createSource(createRestTemplate(), "/does-not-exist.txt");
source.buildDetails(new MockHttpServletRequest());
}
DashboardAuthenticationProviderTest.java 文件源码
项目:cf-sample-service
阅读 30
收藏 0
点赞 0
评论 0
@Test(expected = InternalAuthenticationServiceException.class)
public void authenticationNotOauth() {
provider.authenticate(new TestingAuthenticationToken("user", "pwd"));
}
