protected AuthzUserInfo createAuthzUserInfo(Request request, Response response, AuthzAccessToken at, UserDetails details){ SimpleAuthzUserInfo userInfo = new SimpleAuthzUserInfo(); userInfo.setSubject(details.getIdAsString()); userInfo.setFullName(details.getName()); userInfo.putExtProperty("login_name",details.getLoginName()); return userInfo; }
claims.put(JWT.CLAIM_SUBJECT, user.getId().toString()); claims.put(JWT.CLAIM_EXPIRATION_TIME, System.currentTimeMillis()/1000L+expiresIn); claims.put("name", user.getName()); claims.put("username", user.getLoginName());
/** * Returns the {@link UserDetails} or <code>null</code>. * * <p> * Checks the returned {@link UserDetails} is not <code>null</code>. * * @throws IllegalStateException if {@link UserDetails#getLoginName()} or {@link UserDetails#getName()} is null. */ default UserDetails findAndCheckUserDetails(Object userId) throws IllegalStateException { UserDetails ud = loadUserDetailsById(userId); if(null != ud) { Assert.notNull(ud.getName(), "The 'name' in 'UserDetails:" + ud.getClass() + "' cannot be null"); Assert.notNull(ud.getLoginName(),"The 'loginName' in 'UserDetails:" + ud.getClass() + "' cannot be null"); } return ud; }
at.setUserId(user.getId().toString()); rt.setUserId(at.getUserId()); at.setUsername(user.getLoginName());
protected UserDetails resolveUserDetails(ValidationContext context, String username, Map<String, Object> params) { UserDetails details = sc.getUserStore().loadUserDetailsByLoginName(username); //User not found if(null == details){ log.debug("User '{}' not found",username); context.validation().addError(UsernamePasswordCredentials.USERNAME, USER_NOT_FOUND_MESSAGE_KEY, "User not found"); return null; } //Check enabled if(!details.isEnabled()){ log.debug("User '{}' was disabled",username); context.validation().addError(UsernamePasswordCredentials.USERNAME, USER_NOT_ENABLED_MESSAGE_KEY,"User was disabled"); return null; } return details; }
@Override public void onOAuth2LoginSuccess(Request request, Response response, AuthzAuthentication authc) throws Throwable { if(!config.isSingleLoginEnabled()) { return; } Authentication secAuthc = authc.getAuthentication(); String token = secAuthc.getToken(); if(null == token) { throw new IllegalStateException("The authentication token must be exists"); } AuthzSSOStore ss = config.getSSOStore(); AuthzSSOSession session = ss.loadSessionByToken(authc.getUserDetails().getLoginName(), token); if(null == session) { //Creates a new sso session and save it. session = newSession(request, response, authc); AuthzSSOLogin login = newLogin(request, response, authc, session, true); ss.saveSession(session, login); setCurrentSSOLogin(login,request,authc); }else{ //Creates a new login and save it in session. AuthzSSOLogin login = newLogin(request, response, authc, session, false); ss.saveLogin(session, login); setCurrentSSOLogin(login,request,authc); } setSSOSession(session,request,authc); }
protected SimpleAuthzCode genAuthorizationCode(AuthzAuthentication authc, AuthzSSOSession session){ //Geneate code string String codeString = codeGenerator.generateAuthorizationCode(authc); //Creates code object. SimpleAuthzCode code = new SimpleAuthzCode(); code.setCode(codeString); if(session != null){ code.setSessionId(session.getId()); } code.setExpiresIn(config.getDefaultAuthorizationCodeExpires()); code.setCreated(System.currentTimeMillis()); AuthzClient client = authc.getClientDetails(); if(null != client) { code.setClientId(client.getId()); } UserDetails user = authc.getUserDetails(); code.setUserId(user.getId().toString()); return code; }
return Result.EMPTY; resAccessTokenDetails.setUserId(ud==null?null:ud.getIdAsString()); resAccessTokenDetails.setScope((String)jwtDetail.remove("scope")); resAccessTokenDetails.setClientId((String)jwtDetail.remove("client_id"));
@Override public void onLoginSuccess(Request request, Response response, Authentication authentication) { UserPrincipal user = authentication.getUser(); if(user instanceof UserDetails){ String rememberMe = request.getParameter(securityConfig.getRememberMeParameterName()); if(Converts.toBoolean(rememberMe, false)){ setRememberMeCookie(request,response,user.getLoginName(),((UserDetails) user).getPassword()); }else{ removeCookie(request, response); } } }
at.setUserId(user.getId().toString()); rt.setUserId(at.getUserId()); at.setUsername(user.getLoginName());
if(!userDetails.isEnabled()) { OAuth2Errors.invalidToken(request,response,null,"User disabled"); return;
@Override public void onOAuth2LoginSuccess(Request request, Response response, AuthzAuthentication authc) throws Throwable { if(!config.isSingleLoginEnabled()) { return; } Authentication secAuthc = authc.getAuthentication(); String token = secAuthc.getToken(); if(null == token) { throw new IllegalStateException("The authentication token must be exists"); } AuthzSSOStore ss = config.getSSOStore(); AuthzSSOSession session = ss.loadSessionByToken(authc.getUserDetails().getLoginName(), token); if(null == session) { //Creates a new sso session and save it. session = newSession(request, response, authc); AuthzSSOLogin login = newLogin(request, response, authc, session, true); ss.saveSession(session, login); setCurrentSSOLogin(login,request,authc); }else{ //Creates a new login and save it in session. AuthzSSOLogin login = newLogin(request, response, authc, session, false); ss.saveLogin(session, login); setCurrentSSOLogin(login,request,authc); } setSSOSession(session,request,authc); }
protected SimpleAuthzCode genAuthorizationCode(AuthzAuthentication authc, AuthzSSOSession session){ //Geneate code string String codeString = codeGenerator.generateAuthorizationCode(authc); //Creates code object. SimpleAuthzCode code = new SimpleAuthzCode(); code.setCode(codeString); if(session != null){ code.setSessionId(session.getId()); } code.setExpiresIn(config.getDefaultAuthorizationCodeExpires()); code.setCreated(System.currentTimeMillis()); AuthzClient client = authc.getClientDetails(); if(null != client) { code.setClientId(client.getId()); } UserDetails user = authc.getUserDetails(); code.setUserId(user.getId().toString()); return code; }
String signed = sign(username, user.getPassword(), expires); if(null == signed){ return null;
protected AuthzUserInfo createAuthzUserInfo(Request request, Response response, UserDetails details){ SimpleAuthzUserInfo userInfo = new SimpleAuthzUserInfo(); userInfo.setSubject(details.getIdAsString()); userInfo.setFullName(details.getName()); userInfo.putExtProperty("login_name",details.getLoginName()); return userInfo; }
claims.put(JWT.CLAIM_SUBJECT, user.getId().toString()); claims.put(JWT.CLAIM_EXPIRATION_TIME, System.currentTimeMillis()/1000L+expiresIn); claims.put("name", user.getName()); claims.put("login_name", user.getLoginName());
if(!userDetails.isEnabled()) { OAuth2Errors.invalidToken(request,response,null,"User disabled"); return;
protected AuthzAccessToken createAccessTokenFromEntity(AuthzAccessTokenEntity entity) { SimpleAuthzAccessToken token = new SimpleAuthzAccessToken(); // add user login name UserDetails ud = sc.getUserStore().loadUserDetailsById(entity.getUserId()); if(ud != null){ token.setUsername(ud.getLoginName()); } token.setToken(entity.getToken()); token.setClientId(entity.getClientId()); token.setUserId(entity.getUserId()); token.setRefreshToken(entity.getRefreshToken()); token.setScope(entity.getScope()); token.setCreated(entity.getCreatedMs()); token.setExpiresIn(entity.getExpiresIn()); token.setAuthenticated(entity.getAuthenticated()); token.setExtendedParameters(entity.getExData()); return token; }
@Override public boolean authenticate(CredentialsAuthenticationContext context, Credentials credentials, Out<UserPrincipal> principal) throws AuthenticationException { if(credentials instanceof UsernamePasswordCredentials){ UsernamePasswordCredentials usernamePassword = (UsernamePasswordCredentials)credentials; UserDetails details = resolveUserDetails(context, usernamePassword.getUsername(), usernamePassword.getParameters()); if(null == details) { return true; } //Check password String rawPassword = Strings.nullToEmpty(usernamePassword.getPassword()); if(!sc.getPasswordEncoder().matches(rawPassword, details.getPassword())){ log.debug("Incorrect password of user '{}'",usernamePassword.getUsername()); context.validation().addError(UsernamePasswordCredentials.PASSWORD, INCORRECT_PASSWORD_MESSAGE_KEY,"Incorrect password"); }else{ principal.set(details); } return true; } return false; } }
if(null == ud || !ud.isEnabled()) { tokenManager.removeRefreshToken(token); handleError(request,response,params,