@Override public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) { final String jwt = ((JwtCredentialsImpl) authenticationToken).getJwt(); if (jwt == null) { // we don't have a JWT return false; } // check for correct credentials type final Object credentialsValue = authenticationInfo.getCredentials(); if (!(credentialsValue instanceof Credential)) { return false; } // extract credentials final Credential credentials = (Credential) credentialsValue; // Match token with info if (!jwt.equals(credentials.getCredentialKey())) { return false; } try { // validate the JWT return this.jwtProcessor.validate(jwt); } catch (Exception e) { logger.error("Error while validating JWT credentials", e); } return false; }
@Override public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) { final String jwt = ((JwtCredentialsImpl) authenticationToken).getJwt(); if (jwt == null) { // we don't have a JWT return false; } // check for correct credentials type final Object credentialsValue = authenticationInfo.getCredentials(); if (!(credentialsValue instanceof Credential)) { return false; } // extract credentials final Credential credentials = (Credential) credentialsValue; // Match token with info if (!jwt.equals(credentials.getCredentialKey())) { return false; } try { // validate the JWT return this.jwtProcessor.validate(jwt); } catch (Exception e) { logger.error("Error while validating JWT credentials", e); } return false; }
String fullApiKey = infoCredential.getCredentialKey();
String fullApiKey = infoCredential.getCredentialKey();
@Override public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) { // // Token data UsernamePasswordCredentials token = (UsernamePasswordCredentials) authenticationToken; String tokenUsername = token.getUsername(); String tokenPassword = token.getPassword(); // // Info data LoginAuthenticationInfo info = (LoginAuthenticationInfo) authenticationInfo; User infoUser = (User) info.getPrincipals().getPrimaryPrincipal(); Credential infoCredential = (Credential) info.getCredentials(); // // Match token with info boolean credentialMatch = false; if (tokenUsername.equals(infoUser.getName()) && CredentialType.PASSWORD.equals(infoCredential.getCredentialType()) && BCrypt.checkpw(tokenPassword, infoCredential.getCredentialKey())) { credentialMatch = true; // FIXME: if true cache token password for authentication performance improvement } return credentialMatch; }
@Override public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) { // // Token data UsernamePasswordCredentials token = (UsernamePasswordCredentials) authenticationToken; String tokenUsername = token.getUsername(); String tokenPassword = token.getPassword(); // // Info data LoginAuthenticationInfo info = (LoginAuthenticationInfo) authenticationInfo; User infoUser = (User) info.getPrincipals().getPrimaryPrincipal(); Credential infoCredential = (Credential) info.getCredentials(); // // Match token with info boolean credentialMatch = false; if (tokenUsername.equals(infoUser.getName()) && CredentialType.PASSWORD.equals(infoCredential.getCredentialType()) && BCrypt.checkpw(tokenPassword, infoCredential.getCredentialKey())) { credentialMatch = true; // FIXME: if true cache token password for authentication performance improvement } return credentialMatch; }
@Override public Credential update(Credential credential) throws KapuaException { // // Argument Validation ArgumentValidator.notNull(credential, "credential"); ArgumentValidator.notNull(credential.getId(), "credential.id"); ArgumentValidator.notNull(credential.getScopeId(), "credential.scopeId"); ArgumentValidator.notNull(credential.getUserId(), "credential.userId"); ArgumentValidator.notNull(credential.getCredentialType(), "credential.credentialType"); ArgumentValidator.notEmptyOrNull(credential.getCredentialKey(), "credential.credentialKey"); // // Check access KapuaLocator locator = KapuaLocator.getInstance(); AuthorizationService authorizationService = locator.getService(AuthorizationService.class); PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class); authorizationService.checkPermission(permissionFactory.newPermission(AuthenticationDomains.CREDENTIAL_DOMAIN, Actions.write, credential.getScopeId())); return entityManagerSession.onTransactedResult(em -> { Credential currentCredential = CredentialDAO.find(em, credential.getScopeId(), credential.getId()); if (currentCredential == null) { throw new KapuaEntityNotFoundException(Credential.TYPE, credential.getId()); } if (currentCredential.getCredentialType() != credential.getCredentialType()) { throw new KapuaIllegalArgumentException("credentialType", credential.getCredentialType().toString()); } // Passing attributes?? return CredentialDAO.update(em, credential); }); }
@Override public Credential update(Credential credential) throws KapuaException { // // Argument Validation ArgumentValidator.notNull(credential, "credential"); ArgumentValidator.notNull(credential.getId(), "credential.id"); ArgumentValidator.notNull(credential.getScopeId(), "credential.scopeId"); ArgumentValidator.notNull(credential.getUserId(), "credential.userId"); ArgumentValidator.notNull(credential.getCredentialType(), "credential.credentialType"); ArgumentValidator.notEmptyOrNull(credential.getCredentialKey(), "credential.credentialKey"); // // Check access KapuaLocator locator = KapuaLocator.getInstance(); AuthorizationService authorizationService = locator.getService(AuthorizationService.class); PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class); authorizationService.checkPermission(permissionFactory.newPermission(AuthenticationDomains.CREDENTIAL_DOMAIN, Actions.write, credential.getScopeId())); return entityManagerSession.onTransactedResult(em -> { Credential currentCredential = CredentialDAO.find(em, credential.getScopeId(), credential.getId()); if (currentCredential == null) { throw new KapuaEntityNotFoundException(Credential.TYPE, credential.getId()); } if (currentCredential.getCredentialType() != credential.getCredentialType()) { throw new KapuaIllegalArgumentException("credentialType", credential.getCredentialType().toString()); } // Passing attributes?? return CredentialDAO.update(em, credential); }); }