/** * Returns the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this * Account. * * @return all the principals, aka the identifying attributes, of this Account. */ public PrincipalCollection getPrincipals() { return authcInfo.getPrincipals(); }
/** * Sets the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this * Account. * * @param principals all the principals, aka the identifying attributes, of this Account. * @see Account#getPrincipals() */ public void setPrincipals(PrincipalCollection principals) { this.authcInfo.setPrincipals(principals); }
/** * Simply returns <code>new {@link org.apache.shiro.authc.SimpleAuthenticationInfo SimpleAuthenticationInfo}();</code>, which supports * aggregating account data across realms. */ public AuthenticationInfo beforeAllAttempts(Collection<? extends Realm> realms, AuthenticationToken token) throws AuthenticationException { return new SimpleAuthenticationInfo(); }
@Override protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token) throws AuthenticationException { final UsernamePasswordToken upToken = (UsernamePasswordToken) token; if (doAuthenticate(upToken)) { // Credentials are valid return new SimpleAuthenticationInfo(token.getPrincipal(), token.getCredentials(), getName()); } else { throw new AuthenticationException("Okta authentication failed"); } }
protected AuthenticationToken createToken(String username, String password, boolean rememberMe, String host) { return new UsernamePasswordToken(username, password, rememberMe, host); }
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; SimpleAccount account = getUser(upToken.getUsername()); if (account != null) { if (account.isLocked()) { throw new LockedAccountException("Account [" + account + "] is locked."); } if (account.isCredentialsExpired()) { String msg = "The credentials for account [" + account + "] are expired"; throw new ExpiredCredentialsException(msg); } } return account; }
/** * Simply returns {@link #getUsername() getUsername()}. * * @return the {@link #getUsername() username}. * @see org.apache.shiro.authc.AuthenticationToken#getPrincipal() */ public Object getPrincipal() { return getUsername(); }
protected Object getSubmittedPassword(AuthenticationToken token) { return token != null ? token.getCredentials() : null; }
/** * Returns the {@link #getPassword() password} char array. * * @return the {@link #getPassword() password} char array. * @see org.apache.shiro.authc.AuthenticationToken#getCredentials() */ public Object getCredentials() { return getPassword(); }
/** * Returns {@code info}.{@link org.apache.shiro.authc.AuthenticationInfo#getPrincipals() getPrincipals()} and * ignores the {@link Subject} argument. * * @param subject the subject for which the principals are being remembered. * @param info the authentication info resulting from the successful authentication attempt. * @return the {@code PrincipalCollection} to remember. */ protected PrincipalCollection getIdentityToRemember(Subject subject, AuthenticationInfo info) { return info.getPrincipals(); }
/** * Sets the salt to use to hash this Account's credentials (eg for password hashing), or {@code null} if no salt * is used or credentials are not hashed at all. * * @param salt the salt to use to hash this Account's credentials (eg for password hashing), or {@code null} if no * salt is used or credentials are not hashed at all. * @since 1.1 */ public void setCredentialsSalt(ByteSource salt) { this.authcInfo.setCredentialsSalt(salt); }
/** * Sets this Account's credentials that verify one or more of the Account's * {@link #getPrincipals() principals}, such as a password or private key. * * @param credentials the credentials associated with this Account that verify one or more of the Account principals. * @see org.apache.shiro.authc.Account#getCredentials() */ public void setCredentials(Object credentials) { this.authcInfo.setCredentials(credentials); }
/** * Returns the salt used to hash this Account's credentials (eg for password hashing), or {@code null} if no salt * was used or credentials were not hashed at all. * * @return the salt used to hash this Account's credentials (eg for password hashing), or {@code null} if no salt * was used or credentials were not hashed at all. * @since 1.1 */ public ByteSource getCredentialsSalt() { return this.authcInfo.getCredentialsSalt(); }
/** * Simply returns <code>this.authcInfo.getCredentials</code>. The <code>authcInfo</code> attribute is constructed * via the constructors to wrap the input arguments. * * @return this Account's credentials. */ public Object getCredentials() { return authcInfo.getCredentials(); }
/** * Ensures that the authenticate() method throws an AuthenticationException if the subclass returns <tt>null</tt> * as the return value to the doAuthenticate() method. */ @Test(expected = AuthenticationException.class) public void throwAuthenticationExceptionIfDoAuthenticateReturnsNull() { abstractAuthenticator = createAuthcReturnNull(); abstractAuthenticator.authenticate(newToken()); }
/** * This implementation merely calls * {@link #notifyLogout(org.apache.shiro.subject.PrincipalCollection) notifyLogout} to allow any registered listeners * to react to the logout. * * @param principals the identifying principals of the {@code Subject}/account logging out. */ public void onLogout(PrincipalCollection principals) { notifyLogout(principals); }
/** * Delegates to the wrapped {@link org.apache.shiro.authc.Authenticator Authenticator} for authentication. */ public AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException { return this.authenticator.authenticate(token); }
/** * Notifies any registered {@link AuthenticationListener AuthenticationListener}s that a * {@code Subject} has logged-out. This implementation merely * iterates over the internal {@code listeners} collection and calls * {@link AuthenticationListener#onLogout(org.apache.shiro.subject.PrincipalCollection) onLogout} * for each. * * @param principals the identifying principals of the {@code Subject}/account logging out. */ protected void notifyLogout(PrincipalCollection principals) { for (AuthenticationListener listener : this.listeners) { listener.onLogout(principals); } }
@Test(expected = AuthenticationException.class) public void notifyFailureAfterDoAuthenticateThrowsNonAuthenticationException() { abstractAuthenticator = new AbstractAuthenticator() { protected AuthenticationInfo doAuthenticate(AuthenticationToken token) throws AuthenticationException { throw new IllegalArgumentException("not an AuthenticationException subclass"); } }; AuthenticationToken token = newToken(); abstractAuthenticator.authenticate(token); }
private AuthenticationToken newToken() { return new UsernamePasswordToken("user1", "secret"); }