@Override public boolean upgradeEncoding(String encodedPassword) { return getPasswordEncoder().upgradeEncoding(encodedPassword); }
@Override public boolean upgradeEncoding(String encodedPassword) { return getPasswordEncoder().upgradeEncoding(encodedPassword); }
@Override protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(user.getPassword()); if (upgradeEncoding) { String presentedPassword = authentication.getCredentials().toString(); String newPassword = this.passwordEncoder.encode(presentedPassword); user = this.userDetailsPasswordService.updatePassword(user, newPassword); } return super.createSuccessAuthentication(principal, authentication, user); }
@Override protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(user.getPassword()); if (upgradeEncoding) { String presentedPassword = authentication.getCredentials().toString(); String newPassword = this.passwordEncoder.encode(presentedPassword); user = this.userDetailsPasswordService.updatePassword(user, newPassword); } return super.createSuccessAuthentication(principal, authentication, user); }
@Test public void authenticateWhenPasswordServiceAndUpgradeFalseThenNotUpdated() { when(this.userDetailsService.findByUsername(any())).thenReturn(Mono.just(this.user)); when(this.encoder.matches(any(), any())).thenReturn(true); when(this.encoder.upgradeEncoding(any())).thenReturn(false); this.manager.setPasswordEncoder(this.encoder); this.manager.setUserDetailsPasswordService(this.userDetailsPasswordService); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( this.user, this.user.getPassword()); Authentication result = this.manager.authenticate(token).block(); verifyZeroInteractions(this.userDetailsPasswordService); }
@Test public void authenticateWhenPasswordServiceThenUpdated() { String encodedPassword = "encoded"; when(this.userDetailsService.findByUsername(any())).thenReturn(Mono.just(this.user)); when(this.encoder.matches(any(), any())).thenReturn(true); when(this.encoder.upgradeEncoding(any())).thenReturn(true); when(this.encoder.encode(any())).thenReturn(encodedPassword); when(this.userDetailsPasswordService.updatePassword(any(), any())).thenReturn(Mono.just(this.user)); this.manager.setPasswordEncoder(this.encoder); this.manager.setUserDetailsPasswordService(this.userDetailsPasswordService); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( this.user, this.user.getPassword()); Authentication result = this.manager.authenticate(token).block(); verify(this.encoder).encode(this.user.getPassword()); verify(this.userDetailsPasswordService).updatePassword(eq(this.user), eq(encodedPassword)); }
@Override public Mono<Authentication> authenticate(Authentication authentication) { final String username = authentication.getName(); final String presentedPassword = (String) authentication.getCredentials(); return this.userDetailsService.findByUsername(username) .publishOn(this.scheduler) .filter(u -> this.passwordEncoder.matches(presentedPassword, u.getPassword())) .switchIfEmpty(Mono.defer(() -> Mono.error(new BadCredentialsException("Invalid Credentials")))) .flatMap(u -> { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(u.getPassword()); if (upgradeEncoding) { String newPassword = this.passwordEncoder.encode(presentedPassword); return this.userDetailsPasswordService.updatePassword(u, newPassword); } return Mono.just(u); }) .doOnNext(this.postAuthenticationChecks::check) .map(u -> new UsernamePasswordAuthenticationToken(u, u.getPassword(), u.getAuthorities()) ); }
@Test public void authenticateWhenNotUpgradeAndPasswordManagerThenNoUpdate() { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( "user", "password"); PasswordEncoder encoder = mock(PasswordEncoder.class); UserDetailsService userDetailsService = mock(UserDetailsService.class); UserDetailsPasswordService passwordManager = mock(UserDetailsPasswordService.class); DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); provider.setPasswordEncoder(encoder); provider.setUserDetailsService(userDetailsService); provider.setUserDetailsPasswordService(passwordManager); UserDetails user = PasswordEncodedUser.user(); when(encoder.matches(any(), any())).thenReturn(true); when(encoder.upgradeEncoding(any())).thenReturn(false); when(userDetailsService.loadUserByUsername(any())).thenReturn(user); Authentication result = provider.authenticate(token); verifyZeroInteractions(passwordManager); }
@Override public Mono<Authentication> authenticate(Authentication authentication) { final String username = authentication.getName(); final String presentedPassword = (String) authentication.getCredentials(); return this.userDetailsService.findByUsername(username) .publishOn(this.scheduler) .filter(u -> this.passwordEncoder.matches(presentedPassword, u.getPassword())) .switchIfEmpty(Mono.defer(() -> Mono.error(new BadCredentialsException("Invalid Credentials")))) .flatMap(u -> { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(u.getPassword()); if (upgradeEncoding) { String newPassword = this.passwordEncoder.encode(presentedPassword); return this.userDetailsPasswordService.updatePassword(u, newPassword); } return Mono.just(u); }) .map(u -> new UsernamePasswordAuthenticationToken(u, u.getPassword(), u.getAuthorities()) ); }
@Test public void authenticateWhenSuccessAndPasswordManagerThenUpdates() { String password = "password"; String encodedPassword = "encoded"; UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( "user", password); PasswordEncoder encoder = mock(PasswordEncoder.class); UserDetailsService userDetailsService = mock(UserDetailsService.class); UserDetailsPasswordService passwordManager = mock(UserDetailsPasswordService.class); DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); provider.setPasswordEncoder(encoder); provider.setUserDetailsService(userDetailsService); provider.setUserDetailsPasswordService(passwordManager); UserDetails user = PasswordEncodedUser.user(); when(encoder.matches(any(), any())).thenReturn(true); when(encoder.upgradeEncoding(any())).thenReturn(true); when(encoder.encode(any())).thenReturn(encodedPassword); when(userDetailsService.loadUserByUsername(any())).thenReturn(user); when(passwordManager.updatePassword(any(), any())).thenReturn(user); Authentication result = provider.authenticate(token); verify(encoder).encode(password); verify(passwordManager).updatePassword(eq(user), eq(encodedPassword)); }
@Override public boolean upgradeEncoding(String encodedPassword) { return getPasswordEncoder().upgradeEncoding(encodedPassword); }
@Override public boolean upgradeEncoding(String encodedPassword) { return getPasswordEncoder().upgradeEncoding(encodedPassword); }
@Override public boolean upgradeEncoding(String encodedPassword) { return getPasswordEncoder().upgradeEncoding(encodedPassword); }
@Override public boolean upgradeEncoding(String encodedPassword) { return getPasswordEncoder().upgradeEncoding(encodedPassword); }
@Override protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(user.getPassword()); if (upgradeEncoding) { String presentedPassword = authentication.getCredentials().toString(); String newPassword = this.passwordEncoder.encode(presentedPassword); user = this.userDetailsPasswordService.updatePassword(user, newPassword); } return super.createSuccessAuthentication(principal, authentication, user); }
@Override public Mono<Authentication> authenticate(Authentication authentication) { final String username = authentication.getName(); final String presentedPassword = (String) authentication.getCredentials(); return this.userDetailsService.findByUsername(username) .publishOn(this.scheduler) .filter(u -> this.passwordEncoder.matches(presentedPassword, u.getPassword())) .switchIfEmpty(Mono.defer(() -> Mono.error(new BadCredentialsException("Invalid Credentials")))) .flatMap(u -> { boolean upgradeEncoding = this.userDetailsPasswordService != null && this.passwordEncoder.upgradeEncoding(u.getPassword()); if (upgradeEncoding) { String newPassword = this.passwordEncoder.encode(presentedPassword); return this.userDetailsPasswordService.updatePassword(u, newPassword); } return Mono.just(u); }) .map(u -> new UsernamePasswordAuthenticationToken(u, u.getPassword(), u.getAuthorities()) ); }