@Override public void populateAttributes(final AuthenticationBuilder builder, final AuthenticationTransaction transaction) { transaction.getPrimaryCredential().ifPresent(r -> { if (RememberMeCredential.class.cast(r).isRememberMe()) { LOGGER.debug("Credential is configured to be remembered. Captured this as [{}] attribute", RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME); builder.addAttribute(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME, Boolean.TRUE); } }); }
/** * Add authentication method attribute. * * @param builder the builder * @param authentication the authentication */ protected void addAuthenticationMethodAttribute(final AuthenticationBuilder builder, final Authentication authentication) { authentication.getSuccesses().values().forEach(result -> builder.addAttribute(AUTHENTICATION_METHOD_ATTRIBUTE, result.getHandlerName())); }
@Override public void populateAttributes(final AuthenticationBuilder builder, final AuthenticationTransaction transaction) { val credential = transaction.getPrimaryCredential(); if (credential.isEmpty()) { throw new SurrogateAuthenticationException("The authentication transaction does not have a primary principal associated with it"); } val current = SurrogateUsernamePasswordCredential.class.cast(credential.get()); LOGGER.debug("Recording surrogate username [{}] as an authentication attribute", current.getSurrogateUsername()); builder.addAttribute(SurrogateAuthenticationService.AUTHENTICATION_ATTR_SURROGATE_USER, current.getSurrogateUsername()); builder.addAttribute(SurrogateAuthenticationService.AUTHENTICATION_ATTR_SURROGATE_PRINCIPAL, current.getId()); builder.addAttribute(SurrogateAuthenticationService.AUTHENTICATION_ATTR_SURROGATE_ENABLED, Boolean.TRUE.toString()); }
@Override public void populateAttributes(final AuthenticationBuilder builder, final AuthenticationTransaction transaction) { transaction.getPrimaryCredential().ifPresent(credential -> { LOGGER.debug("Processing request to capture the credential for [{}]", credential.getId()); val c = (UsernamePasswordCredential) credential; val psw = this.cipherExecutor == null ? c.getPassword() : this.cipherExecutor.encode(c.getPassword(), ArrayUtils.EMPTY_OBJECT_ARRAY); builder.addAttribute(UsernamePasswordCredential.AUTHENTICATION_ATTRIBUTE_PASSWORD, psw); LOGGER.debug("Credential is added as the authentication attribute [{}] to the authentication", UsernamePasswordCredential.AUTHENTICATION_ATTRIBUTE_PASSWORD); }); }
/** * Track trusted multifactor authentication attribute. * * @param authn the authn * @param attributeName the attribute name */ public static void trackTrustedMultifactorAuthenticationAttribute( final Authentication authn, final String attributeName) { val newAuthn = DefaultAuthenticationBuilder.newInstance(authn) .addAttribute(attributeName, Boolean.TRUE) .build(); LOGGER.debug("Updated authentication session to remember trusted multifactor record via [{}]", attributeName); authn.update(newAuthn); }
.addAttribute("permissions", new LinkedHashSet<>(profile.getPermissions())) .addAttribute("roles", new LinkedHashSet<>(profile.getRoles())) .addAttribute("scopes", scopes) .addAttribute(OAuth20Constants.STATE, state) .addAttribute(OAuth20Constants.NONCE, nonce) .addAttribute(OAuth20Constants.CLIENT_ID, registeredService.getClientId()) .addCredential(metadata) .setPrincipal(newPrincipal)
/** * Generate access token OAuth grant types pair. * * @param holder the holder * @return the pair */ protected Pair<AccessToken, RefreshToken> generateAccessTokenOAuthGrantTypes(final AccessTokenRequestDataHolder holder) { LOGGER.debug("Creating access token for [{}]", holder.getService()); val authn = DefaultAuthenticationBuilder .newInstance(holder.getAuthentication()) .addAttribute(OAuth20Constants.GRANT_TYPE, holder.getGrantType().toString()) .addAttribute(OAuth20Constants.SCOPE, holder.getScopes()) .addAttribute(OAuth20Constants.CLIENT_ID, holder.getRegisteredService().getClientId()) .build(); LOGGER.debug("Creating access token for [{}]", holder); val ticketGrantingTicket = holder.getTicketGrantingTicket(); val accessToken = this.accessTokenFactory.create(holder.getService(), authn, ticketGrantingTicket, holder.getScopes()); LOGGER.debug("Created access token [{}]", accessToken); addTicketToRegistry(accessToken, ticketGrantingTicket); LOGGER.debug("Added access token [{}] to registry", accessToken); updateOAuthCode(holder); val refreshToken = FunctionUtils.doIf(holder.isGenerateRefreshToken(), () -> generateRefreshToken(holder), () -> { LOGGER.debug("Service [{}] is not able/allowed to receive refresh tokens", holder.getService()); return null; }).get(); return Pair.of(accessToken, refreshToken); }