@Override public String getToken() { return wrapped.getToken(); }
/** * Required. Returns the {@link UserPrincipal}. */ public UserPrincipal getUser() { return null == authentication ? null : authentication.getUser(); }
/** * Returns <code>true</code> if the user is authenticated and not remember-me. */ default boolean isFullyAuthenticated() { return isAuthenticated() && !isRememberMe(); } }
/** * Returns <code>true</code> if the authentication is authenticated. */ default boolean isAuthenticated() { return isUserAuthenticated() || isClientAuthenticated(); }
@Override public State postResolveAuthentication(Request request, Response response, AuthenticationContext context) throws Throwable { if(!request.getPath().equals(config.getAuthzEndpointPath())) { return State.CONTINUE; } OAuth2Params params = new RequestOAuth2Params(request); ResponseTypeHandler handler = getResponseTypeHandler(request, response, params); if(null == handler) { return State.INTERCEPTED; } Result<AuthzClient> result = handler.validateRequest(request, response, params); if(result.isIntercepted()) { return State.INTERCEPTED; } AuthzClient client = result.get(); //If user not authenticated, redirect to login url. Authentication authc = context.getAuthentication(); if(null == authc || !authc.isAuthenticated() || (authc instanceof ResAuthentication)) { //Expose view data. exposeViewData(request, params, client); return State.CONTINUE; } //Handle authentication. handleAuthenticated(request, response, new SimpleAuthzAuthentication(params, client, um.getUserDetails(authc.getUser()), authc), handler); //Intercepted. return State.INTERCEPTED; }
protected AuthzSSOSession newSession(Request request, Response response, AuthzAuthentication authc) { SimpleAuthzSSOSession session = new SimpleAuthzSSOSession(); UserPrincipal user = authc.getAuthentication().getUser(); String token = authc.getAuthentication().getToken(); Map<String, Object> claims = verifier.verify(token); session.setId((String) claims.get(JWT.CLAIM_JWT_ID)); session.setUserId(user.getIdAsString()); session.setUsername(user.getLoginName()); session.setToken(authc.getAuthentication().getToken()); session.setExpiresIn(config.getDefaultLoginSessionExpires()); session.setCreated(System.currentTimeMillis()); return session; }
if(authc == null || !authc.isAuthenticated()){ return false; if(authc.isRememberMe() && (null == route.getAllowRememberMe() || !route.getAllowRememberMe())){ return false; if(authc.isClientOnly() && (null == route.getAllowClientOnly() || !route.getAllowClientOnly())) { context.setDenyMessage("client only authentication not allowed"); return false;
if(null == authc.getUser()) { authc = new WrappedAuthentication(authc,createAnonymous(request, response, context)); if(authc.isAuthenticated() && !authc.isClientOnly()) { loginImmediately(request, response, authc);
@Override public boolean isAuthenticated() { return wrapped.isAuthenticated(); }
@Override public void onLoginSuccess(Request request, Response response, Authentication authc) { if(authc instanceof TokenAuthentication) { return; } if(null == authc.getToken()){ String token = tokenAuthenticator.generateAuthenticationToken(request, response, authc); authc.setToken(token); } setCookie(request, response, authc.getToken()); }
@Override public void loginImmediately(Request request, Response response, Authentication authc) { log.debug("User {} logged in", authc.getUser().getLoginName()); saveAuthentication(request, response, authc); if(securityConfig.isAuthenticationTokenEnabled()) { tokenAuthenticationManager.onLoginSuccess(request, response, authc); } if(securityConfig.isRememberMeEnabled() && !authc.isRememberMe()) { rememberMeManager.onLoginSuccess(request, response, authc); } for(AuthenticationResolver h : resolvers) { h.onLoginSuccess(request, response, authc); } }
protected String getAuthorizationDenyMessage(Authentication authc, SimpleSecurity[] securities) { StringBuilder s = new StringBuilder(); s.append("Expected one of authorizations [ "); for(int i=0;i<securities.length;i++) { SimpleSecurity sec = securities[i]; if(i > 0) { s.append(" , "); } s.append("("); s.append(" perms: ").append(Strings.join(sec.getPermissions(), ' ')); s.append(", roles: ").append(Strings.join(sec.getRoles(), ' ')); s.append(")"); } s.append(" ], Actual "); s.append("("); s.append("perms: ").append(Strings.join(authc.getPermissions(), ' ')); s.append(", roles: ").append(Strings.join(authc.getRoles(), ' ')); s.append(")"); return s.toString(); }
/** * Returns true if the client is not null. */ default boolean hasClient() { return null != getClient(); }
@Override public String[] getPermissions() { return wrapped.getPermissions(); }
@Override public String[] getRoles() { return wrapped.getRoles(); }
@Override public Object getCredentials() { return wrapped.getCredentials(); }
@Override public boolean isRememberMe() { return wrapped.isRememberMe(); }
@Override public boolean isClientAuthenticated() { return wrapped.isClientAuthenticated(); }