@Override public void init(H http) throws Exception { super.init(http); OpenIDAuthenticationProvider authenticationProvider = new OpenIDAuthenticationProvider(); authenticationProvider.setAuthenticationUserDetailsService( getAuthenticationUserDetailsService(http)); authenticationProvider = postProcess(authenticationProvider); http.authenticationProvider(authenticationProvider); initDefaultLoginFilter(http); }
@Test public void testDoesntSupport() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); assertThat( provider.supports(UsernamePasswordAuthenticationToken.class)).isFalse(); }
@Test public void testIgnoresUserPassAuthToken() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( USERNAME, "password"); assertThat(provider.authenticate(token)).isNull(); }
@Test public void testValidation() throws Exception { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); try { provider.afterPropertiesSet(); fail("IllegalArgumentException expected, ssoAuthoritiesPopulator is null"); } catch (IllegalArgumentException e) { // expected } provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); provider.afterPropertiesSet(); }
@Test public void testAuthenticateFailure() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setAuthenticationUserDetailsService( new UserDetailsByNameServiceWrapper<>( new MockUserDetailsService())); Authentication preAuth = new OpenIDAuthenticationToken( OpenIDAuthenticationStatus.FAILURE, USERNAME, "", null); assertThat(preAuth.isAuthenticated()).isFalse(); try { provider.authenticate(preAuth); fail("Should throw an AuthenticationException"); } catch (BadCredentialsException expected) { assertThat("Log in failed - identity could not be verified").isEqualTo( expected.getMessage()); } }
@Test public void testAuthenticateCancel() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); provider.setAuthoritiesMapper(new NullAuthoritiesMapper()); Authentication preAuth = new OpenIDAuthenticationToken( OpenIDAuthenticationStatus.CANCELLED, USERNAME, "", null); assertThat(preAuth.isAuthenticated()).isFalse(); try { provider.authenticate(preAuth); fail("Should throw an AuthenticationException"); } catch (AuthenticationCancelledException expected) { assertThat(expected.getMessage()).isEqualTo("Log in cancelled"); } }
@Test public void testDetectsMissingAuthoritiesPopulator() throws Exception { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); try { provider.afterPropertiesSet(); fail("Should have thrown Exception"); } catch (IllegalArgumentException expected) { // ignored } }
public Authentication authenticate(final Authentication authentication) throws AuthenticationException { if (!supports(authentication.getClass())) { return null; .loadUserDetails(response); return createSuccessfulAuthentication(userDetails, response);
@Override public void validateTokenAndLoginUser(String token, HttpServletRequest request, HttpServletResponse response) throws IOException { PasswordRecovery recovery = allPasswordRecoveries.findForToken(token); if (validateRecovery(recovery)) { MotechUser user = allMotechUsers.findUserByEmail(recovery.getEmail()); OpenIDAuthenticationToken openIDToken = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, user.getOpenId(), "one time login ", new ArrayList<OpenIDAttribute>()); Authentication authentication = authenticationManager.authenticate(openIDToken); SecurityContextHolder.getContext().setAuthentication(authentication); request.getSession(true).setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext()); allPasswordRecoveries.remove(recovery); redirectStrategy.sendRedirect(request, response, "/server/home"); } else { redirectStrategy.sendRedirect(request, response, "/server/login"); } }
public Authentication authenticate(final Authentication authentication) throws AuthenticationException { if (!supports(authentication.getClass())) { return null; .loadUserDetails(response); return createSuccessfulAuthentication(userDetails, response);
@Override public void init(H http) throws Exception { super.init(http); OpenIDAuthenticationProvider authenticationProvider = new OpenIDAuthenticationProvider(); authenticationProvider.setAuthenticationUserDetailsService( getAuthenticationUserDetailsService(http)); authenticationProvider = postProcess(authenticationProvider); http.authenticationProvider(authenticationProvider); initDefaultLoginFilter(http); }
@Test public void testAuthenticateError() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); Authentication preAuth = new OpenIDAuthenticationToken( OpenIDAuthenticationStatus.ERROR, USERNAME, "", null); assertThat(preAuth.isAuthenticated()).isFalse(); try { provider.authenticate(preAuth); fail("Should throw an AuthenticationException"); } catch (AuthenticationServiceException expected) { assertThat(expected.getMessage()).isEqualTo("Error message from server: "); } }
@Test public void testSupports() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); assertThat(provider.supports(OpenIDAuthenticationToken.class)).isTrue(); }
/** * Configures the authentication providers * * @param auth a builder * @throws Exception ex */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { OpenIDAuthenticationProvider openidProvider = new OpenIDAuthenticationProvider(); openidProvider.setAuthenticationUserDetailsService(new SimpleUserService()); auth.authenticationProvider(openidProvider); RememberMeAuthenticationProvider rmeProvider = new RememberMeAuthenticationProvider(Config.APP_SECRET_KEY); auth.authenticationProvider(rmeProvider); }
@Test public void testAuthenticateSuccess() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); Authentication preAuth = new OpenIDAuthenticationToken( OpenIDAuthenticationStatus.SUCCESS, USERNAME, "", null); assertThat(preAuth.isAuthenticated()).isFalse(); Authentication postAuth = provider.authenticate(preAuth); assertThat(postAuth).isNotNull(); assertThat(postAuth instanceof OpenIDAuthenticationToken).isTrue(); assertThat(postAuth.isAuthenticated()).isTrue(); assertThat(postAuth.getPrincipal()).isNotNull(); assertThat(postAuth.getPrincipal() instanceof UserDetails).isTrue(); assertThat(postAuth.getAuthorities()).isNotNull(); assertThat(postAuth.getAuthorities().size() > 0).isTrue(); assertThat( ((OpenIDAuthenticationToken) postAuth).getStatus() == OpenIDAuthenticationStatus.SUCCESS).isTrue(); assertThat(((OpenIDAuthenticationToken) postAuth).getMessage() == null).isTrue(); }
@Override public void init(H http) throws Exception { super.init(http); OpenIDAuthenticationProvider authenticationProvider = new OpenIDAuthenticationProvider(); authenticationProvider.setAuthenticationUserDetailsService( getAuthenticationUserDetailsService(http)); authenticationProvider = postProcess(authenticationProvider); http.authenticationProvider(authenticationProvider); initDefaultLoginFilter(http); }
@Test public void testAuthenticateSetupNeeded() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); Authentication preAuth = new OpenIDAuthenticationToken( OpenIDAuthenticationStatus.SETUP_NEEDED, USERNAME, "", null); assertThat(preAuth.isAuthenticated()).isFalse(); try { provider.authenticate(preAuth); fail("Should throw an AuthenticationException"); } catch (AuthenticationServiceException expected) { assertThat( "The server responded setup was needed, which shouldn't happen").isEqualTo( expected.getMessage()); } }
@Override public void init(H http) throws Exception { super.init(http); OpenIDAuthenticationProvider authenticationProvider = new OpenIDAuthenticationProvider(); authenticationProvider.setAuthenticationUserDetailsService(getAuthenticationUserDetailsService(http)); authenticationProvider = postProcess(authenticationProvider); http.authenticationProvider(authenticationProvider); initDefaultLoginFilter(http); }
/** * Configures the authentication providers. * * @param auth a builder * @throws Exception ex */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { OpenIDAuthenticationProvider openidProvider = new OpenIDAuthenticationProvider(); openidProvider.setAuthenticationUserDetailsService(new SimpleUserService()); auth.authenticationProvider(openidProvider); RememberMeAuthenticationProvider rmeProvider = new RememberMeAuthenticationProvider(Config.APP_SECRET_KEY); auth.authenticationProvider(rmeProvider); JWTAuthenticationProvider jwtProvider = new JWTAuthenticationProvider(); auth.authenticationProvider(jwtProvider); LDAPAuthenticationProvider ldapProvider = new LDAPAuthenticationProvider(); auth.authenticationProvider(ldapProvider); }
/** * Configures the authentication providers. * * @param auth a builder * @throws Exception ex */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { OpenIDAuthenticationProvider openidProvider = new OpenIDAuthenticationProvider(); openidProvider.setAuthenticationUserDetailsService(new SimpleUserService()); auth.authenticationProvider(openidProvider); RememberMeAuthenticationProvider rmeProvider = new RememberMeAuthenticationProvider(Config.APP_SECRET_KEY); auth.authenticationProvider(rmeProvider); JWTAuthenticationProvider jwtProvider = new JWTAuthenticationProvider(); auth.authenticationProvider(jwtProvider); LDAPAuthenticationProvider ldapProvider = new LDAPAuthenticationProvider(); auth.authenticationProvider(ldapProvider); }