private void verify(AccountsDao dao) { if ( account != null ) { if ( challengedKey != null ) // Compare both the plaintext version of the token and md5'ed version of it if ( challengedKey.equals(account.getAuthToken()) || DigestUtils.md5Hex(challengedKey).equals(account.getAuthToken()) ) { verified = true; } } }
private void writeAuthToken(final Account account, final JsonObject object) { object.addProperty("auth_token", account.getAuthToken()); }
public static String getAuthenticationHeader(Sid sid, DaoManager storage) { Account requestingAccount = storage.getAccountsDao().getAccount(sid); String authenticationHeader = null; if(requestingAccount != null) { String auth = requestingAccount.getSid() + ":" + requestingAccount.getAuthToken(); byte[] encodedAuth = Base64.encodeBase64(auth.getBytes(Charset.forName("ISO-8859-1"))); authenticationHeader = "Basic " + new String(encodedAuth); } return authenticationHeader; }
private void writeAuthToken(final Account account, final HierarchicalStreamWriter writer) { writer.startNode("AuthToken"); writer.setValue(account.getAuthToken()); writer.endNode(); }
private Map<String, Object> toMap(final Account account) { final Map<String, Object> map = new HashMap<String, Object>(); map.put("sid", writeSid(account.getSid())); map.put("date_created", writeDateTime(account.getDateCreated())); map.put("date_updated", writeDateTime(account.getDateUpdated())); map.put("email_address", account.getEmailAddress()); map.put("friendly_name", account.getFriendlyName()); map.put("parent_sid", writeSid(account.getParentSid())); map.put("type", writeAccountType(account.getType())); map.put("status", writeAccountStatus(account.getStatus())); map.put("auth_token", account.getAuthToken()); map.put("role", account.getRole()); map.put("uri", writeUri(account.getUri())); map.put("organization_sid", writeSid(account.getOrganizationSid())); return map; } }
private void sendRVDStatusNotification(Account updatedAccount) { logger.debug("sendRVDStatusNotification"); // set rcmlserverApi in case we need to also notify the application sever (RVD) RestcommConfiguration rcommConfiguration = RestcommConfiguration.getInstance(); RcmlserverConfigurationSet config = rcommConfiguration.getRcmlserver(); if (config != null && config.getNotify()) { logger.debug("notification enabled"); // first send account removal notification to RVD now that the applications of the account still exist RcmlserverApi rcmlServerApi = new RcmlserverApi(rcommConfiguration.getMain(), rcommConfiguration.getRcmlserver()); RcmlserverNotifications notifications = new RcmlserverNotifications(); notifications.add(rcmlServerApi.buildAccountStatusNotification(updatedAccount)); Account notifier = userIdentityContext.getEffectiveAccount(); rcmlServerApi.transmitNotifications(notifications, notifier.getSid().toString(), notifier.getAuthToken()); } }
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { final UsernamePasswordToken authenticationToken = (UsernamePasswordToken) token; String username = authenticationToken.getUsername(); Sid sid = null; Account account = null; String authToken = null; final ShiroResources services = ShiroResources.getInstance(); final DaoManager daos = services.get(DaoManager.class); final AccountsDao accounts = daos.getAccountsDao(); try { if (Sid.pattern.matcher(username).matches()) { sid = new Sid(username); account = accounts.getAccount(sid); } else { account = accounts.getAccountToAuthenticate(username); sid = account.getSid(); } if (account != null) { authToken = account.getAuthToken(); return new SimpleAuthenticationInfo(sid.toString(), authToken.toCharArray(), getName()); } else { return null; } } catch (Exception ignored) { return null; } }
public Builder copy(Account account) { sid = account.getSid(); parentSid = account.getParentSid(); organizationSid = account.getOrganizationSid(); type = account.getType(); uri = account.getUri(); authToken = account.getAuthToken(); emailAddress = account.getEmailAddress(); friendlyName = account.getFriendlyName(); role = account.getRole(); status = account.getStatus(); return this; }