/** * Init the default delegate transformer. */ @PostConstruct public void init() { if (this.delegateTransformer == null) { this.delegateTransformer = new NoOpPrincipalNameTransformer(); } }
/** * Instantiates a new Prefix suffix principal name transformer. * * @param prefix the prefix * @param suffix the suffix */ @Autowired public PrefixSuffixPrincipalNameTransformer(@Value("${cas.principal.transform.prefix:}") final String prefix, @Value("${cas.principal.transform.suffix:}") final String suffix) { setPrefix(prefix); setSuffix(suffix); }
@Override public String transform(final String formUserId) { final String result = this.delegateTransformer.transform(formUserId.trim()).trim(); return this.toUpperCase ? result.toUpperCase(): result.toLowerCase(); }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (users == null || users.isEmpty()) { throw new FailedLoginException("No user can be accepted because none is defined"); } final String username = credential.getUsername(); final String cachedPassword = this.users.get(username); if (cachedPassword == null) { logger.debug("{} was not found in the map.", username); throw new AccountNotFoundException(username + " not found in backing map."); } final String encodedPassword = this.getPasswordEncoder().encode(credential.getPassword()); if (!cachedPassword.equals(encodedPassword)) { throw new FailedLoginException(); } return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); }
@Override protected UsernamePasswordCredentials convertToPac4jCredentials(final UsernamePasswordCredential casCredential) throws GeneralSecurityException, PreventedException { logger.debug("CAS credentials: {}", casCredential); final String username = this.principalNameTransformer.transform(casCredential.getUsername()); if (username == null) { throw new AccountNotFoundException("Username is null."); } final String password = this.passwordEncoder.encode(casCredential.getPassword()); final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, password, getClass().getSimpleName()); logger.debug("pac4j credentials: {}", credentials); return credentials; }
/** * {@inheritDoc} **/ @Override protected final HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException { final UsernamePasswordCredential userPass = (UsernamePasswordCredential) credential; if (userPass.getUsername() == null) { throw new AccountNotFoundException("Username is null."); } final String transformedUsername= this.principalNameTransformer.transform(userPass.getUsername()); if (transformedUsername == null) { throw new AccountNotFoundException("Transformed username is null."); } userPass.setUsername(transformedUsername); return authenticateUsernamePasswordInternal(userPass); }
return result; } catch (final AuthenticationException e) { populateErrorsInstance(e.getCode(), messageContext); MultiFactorRequestContextUtils.setAuthenticationExceptionInFlowScope(context, e); logger.error(e.getMessage(), e);
@Override public boolean supports(final Credential credential) { return this.legacyHandler.supports(credentialsAdapter.convert(credential)); }
@Override public String getName() { if (this.legacyHandler instanceof NamedAuthenticationHandler) { return ((NamedAuthenticationHandler) this.legacyHandler).getName(); } else { return this.legacyHandler.getClass().getSimpleName(); } } }
@Override public String encode(final String password) { if (password == null) { return null; } if (StringUtils.isBlank(this.encodingAlgorithm)) { LOGGER.warn("No encoding algorithm is defined. Password cannot be encoded; Returning null"); return null; } try { final MessageDigest messageDigest = MessageDigest.getInstance(this.encodingAlgorithm); final String encodingCharToUse = StringUtils.isNotBlank(this.characterEncoding) ? this.characterEncoding : Charset.defaultCharset().name(); LOGGER.warn("Using {} as the character encoding algorithm to update the digest", encodingCharToUse); messageDigest.update(password.getBytes(encodingCharToUse)); final byte[] digest = messageDigest.digest(); return getFormattedText(digest); } catch (final NoSuchAlgorithmException e) { throw new SecurityException(e); } catch (final UnsupportedEncodingException e) { throw new RuntimeException(e); } }
@Override protected boolean authenticateUsernamePasswordInternal(final UsernamePasswordCredentials credentials) throws AuthenticationException { try { this.log.debug("Attempting to authenticate user [{}] against application [{}] in Stormpath cloud...", credentials.getUsername(), this.application.getName()); this.authenticateAccount(credentials); this.log.debug("Successfully authenticated user [{}]", credentials.getUsername()); return true; } catch (ResourceException e) { this.log.error(e.getMessage(), e); throw new BadCredentialsAuthenticationException(); } }
@Override public HandlerResult authenticate(final Credential credential) throws GeneralSecurityException, PreventedException { try { if (this.legacyHandler.authenticate(credentialsAdapter.convert(credential))) { final CredentialMetaData md; if (credential instanceof CredentialMetaData) { md = (CredentialMetaData) credential; } else { md = new BasicCredentialMetaData(credential); } return new DefaultHandlerResult(this, md); } else { throw new FailedLoginException( String.format("%s failed to authenticate %s", this.getName(), credential)); } } catch (final org.jasig.cas.authentication.handler.AuthenticationException e) { throw new GeneralSecurityException( String.format("%s failed to authenticate %s", this.getName(), credential), e); } }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { try { if (this.fileName == null || !this.fileName.exists()) { throw new FileNotFoundException("Filename does not exist"); } final String username = credential.getUsername(); final String passwordOnRecord = getPasswordOnRecord(username); if (StringUtils.isBlank(passwordOnRecord)) { throw new AccountNotFoundException(username + " not found in backing file."); } final String password = credential.getPassword(); if (StringUtils.isNotBlank(password) && this.getPasswordEncoder().encode(password).equals(passwordOnRecord)) { return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); } } catch (final IOException e) { throw new PreventedException("IO error reading backing file", e); } throw new FailedLoginException(); }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential) throws GeneralSecurityException, PreventedException { if (StringUtils.isBlank(this.sql) || StringUtils.isBlank(this.algorithmName) || getJdbcTemplate() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } final String username = getPrincipalNameTransformer().transform(transformedCredential.getUsername()); final String encodedPsw = this.getPasswordEncoder().encode(transformedCredential.getPassword()); try { final Map<String, Object> values = getJdbcTemplate().queryForMap(this.sql, username); final String digestedPassword = digestEncodedPassword(encodedPsw, values); if (!values.get(this.passwordFieldName).equals(digestedPassword)) { throw new FailedLoginException("Password does not match value on record."); } return createHandlerResult(transformedCredential, this.principalFactory.createPrincipal(username), null); } catch (final IncorrectResultSizeDataAccessException e) { if (e.getActualSize() == 0) { throw new AccountNotFoundException(username + " not found with SQL query"); } else { throw new FailedLoginException("Multiple records found for " + username); } } catch (final DataAccessException e) { throw new PreventedException("SQL exception while executing query for " + username, e); } }
@Override protected TokenCredentials convertToPac4jCredentials(final BasicIdentifiableCredential casCredential) throws GeneralSecurityException, PreventedException { logger.debug("CAS credentials: {}", casCredential); final String id = this.principalNameTransformer.transform(casCredential.getId()); if (id == null) { throw new AccountNotFoundException("Id is null."); } final TokenCredentials credentials = new TokenCredentials(id, getClass().getSimpleName()); logger.debug("pac4j credentials: {}", credentials); return credentials; }
/** * Creates a new instance that adapts the given legacy authentication handler. * * @param legacy CAS 3.0 authentication handler. */ public LegacyAuthenticationHandlerAdapter(final org.jasig.cas.authentication.handler.AuthenticationHandler legacy) { if (!legacy.supports(new UsernamePasswordCredentials())) { throw new IllegalArgumentException( "Cannot infer credential conversion strategy - specify CredentialsAdapter explicitly."); } this.legacyHandler = legacy; this.credentialsAdapter = new UsernamePasswordCredentialsAdapter(); }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (StringUtils.isBlank(this.sql) || getJdbcTemplate() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } final String username = credential.getUsername(); final String encyptedPassword = getPasswordEncoder().encode(credential.getPassword()); final int count; try { count = getJdbcTemplate().queryForObject(this.sql, Integer.class, username, encyptedPassword); } catch (final DataAccessException e) { throw new PreventedException("SQL exception while executing query for " + username, e); } if (count == 0) { throw new FailedLoginException(username + " not found with SQL query."); } return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (getDataSource() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } Connection connection = null; try { final String username = credential.getUsername(); final String password = getPasswordEncoder().encode(credential.getPassword()); connection = this.getDataSource().getConnection(username, password); return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); } catch (final SQLException e) { throw new FailedLoginException(e.getMessage()); } catch (final Exception e) { throw new PreventedException("Unexpected SQL connection error", e); } finally { if (connection != null) { DataSourceUtils.releaseConnection(connection, this.getDataSource()); } } }
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { if (StringUtils.isBlank(this.sql) || getJdbcTemplate() == null) { throw new GeneralSecurityException("Authentication handler is not configured correctly"); } final String username = credential.getUsername(); final String encryptedPassword = this.getPasswordEncoder().encode(credential.getPassword()); try { final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username); if (!dbPassword.equals(encryptedPassword)) { throw new FailedLoginException("Password does not match value on record."); } } catch (final IncorrectResultSizeDataAccessException e) { if (e.getActualSize() == 0) { throw new AccountNotFoundException(username + " not found with SQL query"); } else { throw new FailedLoginException("Multiple records found for " + username); } } catch (final DataAccessException e) { throw new PreventedException("SQL exception while executing query for " + username, e); } return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null); }