Refine search
@Override public Authentication authenticate(Authentication auth) throws AuthenticationException { if (auth.getName() != null && auth.getCredentials() != null) { User user = getUserInfo(auth.getName()); return new UsernamePasswordAuthenticationToken(user, null, AUTHORITIES); } throw new BadCredentialsException("Bad Credentials"); }
@Override protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters()); String username = parameters.get("username"); String password = parameters.get("password"); // Protect from downstream leaks of password parameters.remove("password"); Authentication userAuth = new UsernamePasswordAuthenticationToken(username, password); ((AbstractAuthenticationToken) userAuth).setDetails(parameters); try { userAuth = authenticationManager.authenticate(userAuth); } catch (AccountStatusException ase) { //covers expired, locked, disabled cases (mentioned in section 5.2, draft 31) throw new InvalidGrantException(ase.getMessage()); } catch (BadCredentialsException e) { // If the username/password are wrong the spec says we should send 400/invalid grant throw new InvalidGrantException(e.getMessage()); } if (userAuth == null || !userAuth.isAuthenticated()) { throw new InvalidGrantException("Could not authenticate user: " + username); } OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest); return new OAuth2Authentication(storedOAuth2Request, userAuth); } }
private BadCredentialsException badCredentials(Throwable cause) { return (BadCredentialsException) badCredentials().initCause(cause); }
@Test public void deserializeBadCredentialsExceptionMixinTest() throws IOException { BadCredentialsException exception = mapper.readValue(EXCEPTION_JSON, BadCredentialsException.class); assertThat(exception).isNotNull(); assertThat(exception.getCause()).isNull(); assertThat(exception.getMessage()).isEqualTo("message"); assertThat(exception.getLocalizedMessage()).isEqualTo("message"); } }
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { Assert.notNull(authentication, "No authentication data provided"); String username = (String) authentication.getPrincipal(); String password = (String) authentication.getCredentials(); User user = userService.getByUsername(username).orElseThrow(() -> new UsernameNotFoundException("User not found: " + username)); if (!encoder.matches(password, user.getPassword())) { throw new BadCredentialsException("Authentication Failed. Username or Password not valid."); } if (user.getRoles() == null) throw new InsufficientAuthenticationException("User has no roles assigned"); List<GrantedAuthority> authorities = user.getRoles().stream() .map(authority -> new SimpleGrantedAuthority(authority.getRole().authority())) .collect(Collectors.toList()); UserContext userContext = UserContext.create(user.getUsername(), authorities); return new UsernamePasswordAuthenticationToken(userContext, null, userContext.getAuthorities()); }
String principal = principalPrefix + authentication.getName(); String password = ""; if (authentication.getCredentials() != null) { password = authentication.getCredentials().toString(); throw new BadCredentialsException("Blank username and/or password!");
String username = (authentication.getPrincipal() == null) ? "NONE_PROVIDED" : authentication.getName(); throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
.equals(authentication.getPrincipal().toString()) && !CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER .equals(authentication.getPrincipal().toString()))) { throw new BadCredentialsException( messages.getMessage("CasAuthenticationProvider.incorrectKey", "The presented CasAuthenticationToken does not contain the expected key")); if ((authentication.getCredentials() == null) || "".equals(authentication.getCredentials())) { throw new BadCredentialsException(messages.getMessage( "CasAuthenticationProvider.noServiceTicket", "Failed to provide a CAS service ticket to validate"));
@RequestHeader(value = "Authorization", required = false) String auth) throws Exception { if (mfaChecker.isMfaEnabled(IdentityZoneHolder.get(), "uaa")) { throw new BadCredentialsException("MFA is required"); throw new BadCredentialsException("No basic authorization client information in request"); throw new BadCredentialsException("No username in request"); String password = request.getPassword(); if (!hasText(password)) { throw new BadCredentialsException("No password in request"); throw new BadCredentialsException("Invalid authorization header."); codeData.put("client_id", clientId); codeData.put("username", username); if (userAuthentication!=null && userAuthentication.getPrincipal() instanceof UaaPrincipal) { UaaPrincipal p = (UaaPrincipal)userAuthentication.getPrincipal(); if (p!=null) { codeData.put("user_id", p.getId());
public AccessToken(Map<String, String> credentials) { if (credentials == null || credentials.isEmpty()) { throw new BadCredentialsException("Credentials cannot be empty!"); } this.credentials = credentials; }
@Test public void testOIDCPasswordGrantNoIdToken() { UaaLoginHint loginHint = mock(UaaLoginHint.class); when(loginHint.getOrigin()).thenReturn("oidcprovider"); Authentication auth = mock(Authentication.class); when(auth.getPrincipal()).thenReturn("marissa"); when(auth.getCredentials()).thenReturn("koala"); when(zoneAwareAuthzAuthenticationManager.extractLoginHint(auth)).thenReturn(loginHint); RestTemplate rt = mock(RestTemplate.class); when(restTemplateConfig.nonTrustingRestTemplate()).thenReturn(rt); ResponseEntity<Map<String,String>> response = mock(ResponseEntity.class); when(response.hasBody()).thenReturn(true); when(response.getBody()).thenReturn(Collections.emptyMap()); when(rt.exchange(anyString(),any(HttpMethod.class),any(HttpEntity.class),any(ParameterizedTypeReference.class))).thenReturn(response); try { instance.authenticate(auth); fail(); } catch (BadCredentialsException e) { assertEquals("Could not obtain id_token from external OpenID Connect provider.", e.getMessage()); } }
@Override public Authentication authenticate(Authentication authentication, HttpServletRequest request) throws AuthenticationException { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication; // check if name is root if (GeoServerUser.ROOT_USERNAME.equals(token.getPrincipal()) == false) return null; // check password if (token.getCredentials() != null) { if (getSecurityManager().checkMasterPassword(token.getCredentials().toString())) { Collection<GrantedAuthority> roles = new ArrayList<GrantedAuthority>(); roles.add(GeoServerRole.ADMIN_ROLE); UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken( GeoServerUser.ROOT_USERNAME, null, roles); result.setDetails(token.getDetails()); return result; } } // not BadCredentialException is thrown, maybe there is another user with // the same name log(new BadCredentialsException("Bad credentials for: " + token.getPrincipal())); return null; } }
logger.debug("Authentication credentials found for '" + credentials.getName() + "'"); logger.debug("Authentication success: " + authResult.getName()); throw new BadCredentialsException( "No client authentication found. Remember to put a filter upstream of the TokenEndpointAuthenticationFilter."); map.put(OAuth2Utils.CLIENT_ID, clientAuth.getName()); AuthorizationRequest authorizationRequest = oAuth2RequestFactory.createAuthorizationRequest(map);
@Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException { if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) { throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" }); } String clientId = request.getParameter("client_id"); String clientSecret = request.getParameter("client_secret"); // If the request is already authenticated we can assume that this // filter is not needed Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { return authentication; } if (clientId == null) { throw new BadCredentialsException("No client credentials presented"); } if (clientSecret == null) { clientSecret = ""; } clientId = clientId.trim(); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, clientSecret); return this.getAuthenticationManager().authenticate(authRequest); }
private Authentication performClientAuthentication(HttpServletRequest req, Map<String, String> loginInfo, String clientId) { String clientSecret = loginInfo.get(CLIENT_SECRET); UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(clientId, clientSecret); authentication.setDetails(new UaaAuthenticationDetails(req, clientId)); try { Authentication auth = clientAuthenticationManager.authenticate(authentication); if (auth == null || !auth.isAuthenticated()) { throw new BadCredentialsException("Client Authentication failed."); } loginInfo.remove(CLIENT_SECRET); AuthorizationRequest authorizationRequest = new AuthorizationRequest(clientId, getScope(req)); authorizationRequest.setRequestParameters(getSingleValueMap(req)); authorizationRequest.setApproved(true); //must set this to true in order for //Authentication.isAuthenticated to return true OAuth2Authentication result = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), null); result.setAuthenticated(true); return result; } catch (AuthenticationException e) { throw new BadCredentialsException(e.getMessage(), e); } catch (Exception e) { logger.debug("Unable to authenticate client: " + clientId, e); throw new BadCredentialsException(e.getMessage(), e); } }
@Test public void successfulLoginAuthenticationInvokesLoginAuthManager() throws Exception { SecurityContextHolder.getContext().setAuthentication(loginAuthentication); when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException("Invalid authentication manager invoked")); when(loginAuthMgr.authenticate(any(Authentication.class))).thenReturn(new UsernamePasswordAuthenticationToken("joe", null)); when(loginAuthentication.isClientOnly()).thenReturn(Boolean.TRUE); @SuppressWarnings("rawtypes") ResponseEntity response = (ResponseEntity) endpoint.authenticate(new MockHttpServletRequest(), "joe","origin", null); assertEquals(HttpStatus.OK, response.getStatusCode()); }
public Authentication authenticate(Authentication authentication) throws AuthenticationException { Object principal = authentication.getPrincipal(); String username = String.valueOf(principal); User user = myUserRepository.findByUsername(username); if (user == null) { throw new UsernameNotFoundException("No user for principal " + principal); } if (!authentication.getCredentials().equals(user.getPassword())) { throw new BadCredentialsException("Invalid password"); } return new TestingAuthenticationToken(principal, null, "ROLE_USER"); } };
public Authentication authenticate(Authentication authentication) throws AuthenticationException { Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, () -> this.messages.getMessage("LdapAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported")); final UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken) authentication; String username = userToken.getName(); String password = (String) authentication.getCredentials(); if (this.logger.isDebugEnabled()) { this.logger.debug("Processing authentication request for user: " + username); } if (!StringUtils.hasLength(username)) { throw new BadCredentialsException(this.messages.getMessage( "LdapAuthenticationProvider.emptyUsername", "Empty Username")); } if (!StringUtils.hasLength(password)) { throw new BadCredentialsException(this.messages.getMessage( "AbstractLdapAuthenticationProvider.emptyPassword", "Empty Password")); } Assert.notNull(password, "Null password was supplied in authentication token"); DirContextOperations userData = doAuthentication(userToken); UserDetails user = this.userDetailsContextMapper.mapUserFromContext(userData, authentication.getName(), loadUserAuthorities(userData, authentication.getName(), (String) authentication.getCredentials())); return createSuccessfulAuthentication(userToken, user); }
@SuppressWarnings("deprecation") protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { if (authentication.getCredentials() == null) { logger.debug("Authentication failed: no credentials provided"); throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials")); } String presentedPassword = authentication.getCredentials().toString(); if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) { logger.debug("Authentication failed: password does not match stored value"); throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials")); } }
@Override public Authentication authenticate(Authentication req) throws AuthenticationException { logger.debug("Processing authentication request for " + req.getName()); if (req.getCredentials() == null) { BadCredentialsException e = new BadCredentialsException("No password supplied"); publish(new AuthenticationFailureBadCredentialsEvent(req, e)); throw e; logger.debug("No user named '" + req.getName() + "' was found for origin:"+ origin); publish(new UserNotFoundEvent(req)); } else { BadCredentialsException e = new BadCredentialsException("Bad credentials"); publish(new AuthenticationFailureBadCredentialsEvent(req, e)); throw e;