public Authentication getAuthentication(HttpServletRequest request) { String token = request.getHeader(HEADER_STRING); if (token != null) { // parse the token. String user = getUsername(token); String roles = getBody(token).get("roles", String.class); List<GrantedAuthority> grantedAuths = AuthorityUtils.commaSeparatedStringToAuthorityList(roles); return user != null ? new UsernamePasswordAuthenticationToken(user, null, grantedAuths) : null; } return null; }
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication; String email = token.getName(); CalendarUser user = email == null ? null : calendarService.findUserByEmail(email); if(user == null) { throw new UsernameNotFoundException("Invalid username/password"); } // Database Password already encrypted: String password = user.getPassword(); boolean passwordsMatch = passwordEncoder.matches(token.getCredentials().toString(), password); if(!passwordsMatch) { throw new BadCredentialsException("Invalid username/password"); } Collection<? extends GrantedAuthority> authorities = CalendarUserAuthorityUtils.createAuthorities(user); UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(user, password, authorities); return usernamePasswordAuthenticationToken; }
@PostMapping("/authenticate") @Timed public ResponseEntity authorize(@Valid @RequestBody LoginVM loginVM, HttpServletResponse response) { UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginVM.getUsername(), loginVM.getPassword()); try { Authentication authentication = this.authenticationManager.authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); boolean rememberMe = (loginVM.isRememberMe() == null) ? false : loginVM.isRememberMe(); String jwt = tokenProvider.createToken(authentication, rememberMe); response.addHeader(JWTConfigurer.AUTHORIZATION_HEADER, "Bearer " + jwt); return ResponseEntity.ok(new JWTToken(jwt)); } catch (AuthenticationException ae) { log.trace("Authentication exception trace: {}", ae); return new ResponseEntity<>(Collections.singletonMap("AuthenticationException", ae.getLocalizedMessage()), HttpStatus.UNAUTHORIZED); } }
@RequestMapping(value = "/authenticate", method = RequestMethod.POST) @Timed public ResponseEntity<?> authorize(@Valid @RequestBody LoginDTO loginDTO, HttpServletResponse response) { UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginDTO.getUsername(), loginDTO.getPassword()); try { Authentication authentication = this.authenticationManager.authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); boolean rememberMe = (loginDTO.isRememberMe() == null) ? false : loginDTO.isRememberMe(); String jwt = tokenProvider.createToken(authentication, rememberMe); response.addHeader(JWTConfigurer.AUTHORIZATION_HEADER, "Bearer " + jwt); return ResponseEntity.ok(new JWTToken(jwt)); } catch (AuthenticationException exception) { return new ResponseEntity<>(Collections.singletonMap("AuthenticationException",exception.getLocalizedMessage()), HttpStatus.UNAUTHORIZED); } }
@Override protected void handleUsernameTokenPrincipal(UsernameTokenPrincipalCallback callback) throws IOException, UnsupportedCallbackException { UserDetails user = loadUserDetails(callback.getPrincipal().getName()); WSUsernameTokenPrincipal principal = callback.getPrincipal(); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( principal, principal.getPassword(), user.getAuthorities()); if (logger.isDebugEnabled()) { logger.debug("Authentication success: " + authRequest.toString()); } SecurityContextHolder.getContext().setAuthentication(authRequest); if (user instanceof IUser) { HttpSession session=ContextHolder.getHttpSession(); session.setAttribute(ContextHolder.LOGIN_USER_SESSION_KEY, user); session.setAttribute(ContextHolder.USER_LOGIN_WAY_KEY,IWebservice.WS_LOGIN_WAY); } }
private MyUser loginHelp(MyUser user, String passwd, HttpSession session) { if (user.getUserId() != null) { String encryptedPassword; try { encryptedPassword = this.passwordEncryption.getEncryptedPassword(passwd, user.getSalt()); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { return new MyUser(); } if (user.getPassword().equals(encryptedPassword)) { if(session != null) { Authentication auth = new UsernamePasswordAuthenticationToken(user.getUserId(), user.getPassword(), user.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(auth); session.setAttribute(WebUtils.SECURITYCONTEXT, SecurityContextHolder.getContext()); } user.setPassword("XXX"); return user; } } session.invalidate(); return new MyUser(); }
@Override public Authentication getAuthentication(String token) { Claims claims = Jwts.parser() .setSigningKey(jwtProperties.getToken().getSecret()) .parseClaimsJws(token) .getBody(); Collection<? extends GrantedAuthority> authorities = Try.of(() -> Arrays.stream(claims.get(jwtProperties.getToken().getPayload().getAuthoritiesKey()).toString().split(",")) .map(SimpleGrantedAuthority::new) .collect(Collectors.toList()) ).recover(ex -> Collections.emptyList() ).get(); User principal = new User(claims.getSubject(), "", authorities); return new UsernamePasswordAuthenticationToken(principal, "", authorities); }
@Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException { if (!HttpMethod.POST.name().equals(request.getMethod()) || !WebUtil.isAjax(request)) { if(logger.isDebugEnabled()) { logger.debug("Authentication method not supported. Request method: " + request.getMethod()); } throw new AuthMethodNotSupportedException("Authentication method not supported"); } LoginRequest loginRequest = objectMapper.readValue(request.getReader(), LoginRequest.class); if (StringUtils.isBlank(loginRequest.getUsername()) || StringUtils.isBlank(loginRequest.getPassword())) { throw new AuthenticationServiceException("Username or Password not provided"); } UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword()); return this.getAuthenticationManager().authenticate(token); }
private void authenticate () { String name = "userTest"; Set<GrantedAuthority> roles = new HashSet<> (); roles.add (new SimpleGrantedAuthority (Role.DOWNLOAD.getAuthority ())); roles.add (new SimpleGrantedAuthority (Role.SEARCH.getAuthority ())); roles.add ( new SimpleGrantedAuthority (Role.DATA_MANAGER.getAuthority ())); SandBoxUser user = new SandBoxUser (name, name, true, 0, roles); Authentication auth = new UsernamePasswordAuthenticationToken ( user, user.getPassword (), roles); SecurityContextHolder.getContext ().setAuthentication (auth); logger.info ("userTest roles: " + auth.getAuthorities ()); }
@ApiOperation(value = "Login") @RequestMapping(value = "/login", method = RequestMethod.POST) public boolean login(@RequestBody User user, HttpServletRequest request) { User u = this.userService.login(user.getUsername(), user.getPassword()); if (u != null) { UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( user.getUsername(), user.getPassword()); // Authenticate the user Authentication authentication = authenticationManager.authenticate(authRequest); SecurityContext securityContext = SecurityContextHolder.getContext(); securityContext.setAuthentication(authentication); // Create a new session and add the security context. HttpSession session = request.getSession(true); session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext); return true; } return false; }
@Test public void testDoFilterInternal() throws IOException, ServletException { JwtPayloadHelper payload = new JwtPayloadHelper() .withName(JwtAuthorizationFilter.ORG_NAME) .withOrgType(ORG_TYPE); request.addHeader("Authorization", JwtTestHelper.createJwt(payload)); JwtAuthorizationFilter testJwtAuthFilter = new JwtAuthorizationFilter(authenticationManager); PowerMockito.mockStatic(SecurityContextHolder.class); SecurityContext mockSecurityContext = PowerMockito.mock(SecurityContext.class); PowerMockito.when(SecurityContextHolder.getContext()).thenReturn(mockSecurityContext); testJwtAuthFilter.doFilterInternal(request, response, filterChain); verify(filterChain, times(1)).doFilter(any(MockHttpServletRequest.class), any(MockHttpServletResponse.class)); verify(SecurityContextHolder.getContext(), times(1)).setAuthentication(any(UsernamePasswordAuthenticationToken.class)); }
@Test public void testDoFilterInternalWithInvalidOrgName() throws IOException, ServletException { JwtPayloadHelper payload = new JwtPayloadHelper() .withName("invalid-name") .withOrgType(ORG_TYPE); request.addHeader("Authorization", JwtTestHelper.createJwt(payload)); JwtAuthorizationFilter testJwtAuthFilter = new JwtAuthorizationFilter(authenticationManager); PowerMockito.mockStatic(SecurityContextHolder.class); SecurityContext mockSecurityContext = PowerMockito.mock(SecurityContext.class); PowerMockito.when(SecurityContextHolder.getContext()).thenReturn(mockSecurityContext); testJwtAuthFilter.doFilterInternal(request, response, filterChain); verify(filterChain, times(1)).doFilter(any(MockHttpServletRequest.class), any(MockHttpServletResponse.class)); verify(SecurityContextHolder.getContext(), times(0)).setAuthentication(any(UsernamePasswordAuthenticationToken.class)); }
@Override public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res) throws AuthenticationException, IOException, ServletException { User creds = new ObjectMapper() .readValue(req.getInputStream(), User.class); List<Role> authorities = new ArrayList<>(); authorities.add(Role.ROLE_MANAGER); authorities.add(Role.ROLE_EMPLOYE); authorities.add(Role.ROLE_ADMIN); return getAuthenticationManager().authenticate( new UsernamePasswordAuthenticationToken( creds.getMatricule(), creds.getPassword(), Collections.emptyList() ) ); }
public String signin(String username, String password) { try { authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password)); return jwtTokenProvider.createToken(username, userRepository.findByUsername(username).getRoles()); } catch (AuthenticationException e) { throw new CustomException("Invalid username/password supplied", HttpStatus.UNPROCESSABLE_ENTITY); } }
@Override protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { System.out.println("AUTH FILTER"); Collection<? extends GrantedAuthority> authorities = authResult.getAuthorities(); List<String> roles = new ArrayList<String>(); for (GrantedAuthority a : authorities) { roles.add(a.getAuthority()); } System.out.println(roles); String name = obtainPassword(request); String password = obtainUsername(request); UsernamePasswordAuthenticationToken userDetails = new UsernamePasswordAuthenticationToken(name, password, authorities); setDetails(request, userDetails); chain.doFilter(request, response); }
@Override public String signIn(String userId, Connection<?> connection, NativeWebRequest request){ try { UserDetails user = userDetailsService.loadUserByUsername(userId); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( user, null, user.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authenticationToken); String jwt = tokenProvider.createToken(authenticationToken, false); ServletWebRequest servletWebRequest = (ServletWebRequest) request; servletWebRequest.getResponse().addCookie(getSocialAuthenticationCookie(jwt)); } catch (AuthenticationException exception) { log.error("Social authentication error"); } return jHipsterProperties.getSocial().getRedirectAfterSignIn(); }
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException { String token = request.getHeader(AUTH_HEADER); if (token != null && token.startsWith(BEARER_PREFIX)) { token = token.substring(7); } String username = jwtTokenUtil.getUsernameFromToken(token); if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) { UserDetails userDetails = this.userDetailsService.loadUserByUsername(username); if (jwtTokenUtil.tokenValido(token)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authentication); } } chain.doFilter(request, response); }
/** * Simulate a request with authenticated user with specified username for a * specified duration in nanoseconds. * * @param username * the username * @param durationInNanoseconds * the duration in nanoseconds */ protected void request(String username, long durationInNanoseconds) { long now = 1510373758000000000L; when(registry.getNanos()).thenReturn(now, now + durationInNanoseconds); if (username != null) { User user = new User(username, "", new ArrayList<GrantedAuthority>()); Authentication auth = new UsernamePasswordAuthenticationToken(user, null); SecurityContextHolder.getContext().setAuthentication(auth); } try { filter.doFilterInternal(mock(HttpServletRequest.class), mock(HttpServletResponse.class), mock(FilterChain.class)); } catch (ServletException | IOException e) { e.printStackTrace(); } }
@Transactional @Override public User updateHasAvatar(Long userId, boolean hasAvatar) { User user = userRepository.findById(userId); user.setHasAvatar(hasAvatar); CurrentUser currentUser = new CurrentUser(user); Authentication authentication = new UsernamePasswordAuthenticationToken( currentUser, user.getPassword(), user.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); return user; }
@RequestMapping(value = "${jwt.route.authentication.path}", method = RequestMethod.POST) public ResponseEntity<?> createAuthenticationToken(@RequestBody JwtAuthenticationRequest authenticationRequest, Device device) throws AuthenticationException { // Perform the security final Authentication authentication = authenticationManager.authenticate( new UsernamePasswordAuthenticationToken( authenticationRequest.getUsername(), authenticationRequest.getPassword() ) ); SecurityContextHolder.getContext().setAuthentication(authentication); // Reload password post-security so we can generate token final UserDetails userDetails = userDetailsService.loadUserByUsername(authenticationRequest.getUsername()); final String token = jwtTokenUtil.generateToken(userDetails, device); // Return the token return ResponseEntity.ok(new JwtAuthenticationResponse(token)); }
public Authentication authenticate(Authentication authentication) throws AuthenticationException { final String username = authentication.getName(); final String password = authentication.getCredentials().toString(); User user = null; try { user = userService.doesUserExist(username); } catch (UserNotFoundException e) { } if (user == null || !user.getEmail().equalsIgnoreCase(username)) { throw new BadCredentialsException("Username not found."); } if (!password.equals(user.getPassword())) { throw new BadCredentialsException("Wrong password."); } List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(); if(user.getRole() == 1) { authorities.add(new SimpleGrantedAuthority("ROLE_DOCTOR")); } else { authorities.add(new SimpleGrantedAuthority("ROLE_USER")); } final UserDetails principal = new org.springframework.security.core.userdetails.User(username, password, authorities); return new UsernamePasswordAuthenticationToken(principal, password, authorities); }
public static Authentication getAuthentication(HttpServletRequest request) { // 从Header中拿到token String token = request.getHeader(HEADER_STRING); if (token == null) { token = getTokenFromCookis(request); } if (token != null && !token.isEmpty()) { // 解析 Token Claims claims = Jwts.parser().setSigningKey(SECRET) .parseClaimsJws(token).getBody(); // 获取用户名 String user = claims.get("UserId").toString(); // 获取权限(角色) List<GrantedAuthority> authorities = AuthorityUtils.commaSeparatedStringToAuthorityList((String) claims.get("authorities")); // 返回验证令牌 return user != null ? new UsernamePasswordAuthenticationToken(user, null, authorities) : null; } return null; }
@Override public Authentication attemptAuthentication( HttpServletRequest req, HttpServletResponse res) throws AuthenticationException, IOException, ServletException { String username = req.getParameter("username"); String password = req.getParameter("password"); if (password != null) { password = aesEncrypt(password); } // 返回一个验证令牌 return getAuthenticationManager().authenticate( new UsernamePasswordAuthenticationToken( username, password ) ); }
@PostMapping("/authenticate") @Timed public ResponseEntity<?> authorize(@Valid @RequestBody LoginDTO loginDTO, HttpServletResponse response) { UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginDTO.getUsername(), loginDTO.getPassword()); try { Authentication authentication = this.authenticationManager.authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); boolean rememberMe = (loginDTO.isRememberMe() == null) ? false : loginDTO.isRememberMe(); String jwt = tokenProvider.createToken(authentication, rememberMe); response.addHeader(JWTConfigurer.AUTHORIZATION_HEADER, "Bearer " + jwt); return ResponseEntity.ok(new JWTToken(jwt)); } catch (AuthenticationException exception) { return new ResponseEntity<>(Collections.singletonMap("AuthenticationException",exception.getLocalizedMessage()), HttpStatus.UNAUTHORIZED); } }
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String name = authentication.getName(); String password = authentication.getCredentials().toString(); Query query = new Query(); query.addCriteria(Criteria.where("userId").is(name)); MyUser user = operations.findOne(query, MyUser.class).block(); String encryptedPw = null; try { encryptedPw = this.passwordEncryption.getEncryptedPassword(password, user.getSalt()); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { log.error("Pw decrytion error: ",e); } if(encryptedPw == null || !encryptedPw.equals(user.getPassword())) { throw new AuthenticationCredentialsNotFoundException("User: "+name+" not found."); } log.info("User: "+name+" logged in."); return new UsernamePasswordAuthenticationToken( name, password, user.getAuthorities()); }
@PostMapping("/authenticate") @Timed public ResponseEntity<?> authorize(@Valid @RequestBody LoginVM loginVM, HttpServletResponse response) { UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginVM.getUsername(), loginVM.getPassword()); try { Authentication authentication = this.authenticationManager.authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); boolean rememberMe = (loginVM.isRememberMe() == null) ? false : loginVM.isRememberMe(); String jwt = tokenProvider.createToken(authentication, rememberMe); response.addHeader(JWTConfigurer.AUTHORIZATION_HEADER, "Bearer " + jwt); return ResponseEntity.ok(new JWTToken(jwt)); } catch (AuthenticationException exception) { return new ResponseEntity<>(Collections.singletonMap("AuthenticationException",exception.getLocalizedMessage()), HttpStatus.UNAUTHORIZED); } }
@RequestMapping(value = "/authenticate", method = { RequestMethod.POST }) @ResponseBody public String authorize( @RequestBody AuthenticationRequest authenticationRequest, HttpServletRequest request) { final UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( authenticationRequest.getUsername(), authenticationRequest.getPassword()); final Authentication authentication = this.authenticationManager.authenticate(token); SecurityContextHolder.getContext().setAuthentication(authentication); final HttpSession session = request.getSession(true); session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext()); return session.getId(); }
@Override public String signIn(String userId, Connection<?> connection, NativeWebRequest request){ try { UserDetails user = userDetailsService.loadUserByUsername(userId); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( user, null, user.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authenticationToken); String jwt = tokenProvider.createToken(authenticationToken, false); ServletWebRequest servletWebRequest = (ServletWebRequest) request; servletWebRequest.getResponse().addCookie(getSocialAuthenticationCookie(jwt)); } catch (AuthenticationException ae) { log.error("Social authentication error"); log.trace("Authentication exception trace: {}", ae); } return jHipsterProperties.getSocial().getRedirectAfterSignIn(); }
@Override public Authentication getAuthentication(String authToken) { if (StringUtils.isNotEmpty(authToken)) { String userInfoString = stringRedisTemplate.opsForValue().get(authToken); if (StringUtils.isNotEmpty(userInfoString)) { UserInfo userInfo = JacksonUtil.genInstance().getJacksonBean(userInfoString, UserInfo.class); Optional<User> userOptional = userRepository.findOneWithAuthoritiesByLogin(userInfo.getUsername()); return userOptional.map(user -> { List<GrantedAuthority> grantedAuthorities = user.getAuthorities().stream() .map(authority -> new SimpleGrantedAuthority(authority.getName())) .collect(Collectors.toList()); return new UsernamePasswordAuthenticationToken(user, null, grantedAuthorities); }).orElseThrow(() -> new AuthTokenParseException("AuthToken can't be parsed.")); } } return null; }
public Authentication getAuthentication(String token) { Claims claims = Jwts.parser() .setSigningKey(secretKey) .parseClaimsJws(token) .getBody(); Collection<? extends GrantedAuthority> authorities = Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(",")) .map(SimpleGrantedAuthority::new) .collect(Collectors.toList()); User principal = new User(claims.getSubject(), "", authorities); return new UsernamePasswordAuthenticationToken(principal, token, authorities); }
private void authenticate () { String name = "authenticatedUser"; Set<GrantedAuthority> roles = new HashSet<> (); roles.add (new SimpleGrantedAuthority (Role.DOWNLOAD.getAuthority ())); roles.add (new SimpleGrantedAuthority (Role.SEARCH.getAuthority ())); roles.add (new SimpleGrantedAuthority (Role.USER_MANAGER.getAuthority ())); SandBoxUser user = new SandBoxUser (name, name, true, 0, roles); Authentication auth = new UsernamePasswordAuthenticationToken (user, user.getPassword (), roles); SecurityContextHolder.getContext ().setAuthentication (auth); logger.info ("userTest roles: " + auth.getAuthorities ()); }
public static void main(String[] args) { try { // Configure logging ToolBox.configureLogging(); // Configure hibernate HibernateUtil.configureHibernate(ApplicationProperties.getProperties()); // Setup application context ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("/applicationContext.xml", "/securityContext.xml"); // Get username and password String username = System.console().readLine("[%s]", "Username:"); char[] passwd = System.console().readPassword("[%s]", "Password:"); // Try to authenticate SecurityContextHolder.getContext().setAuthentication( context.getBean("authenticationManager", AuthenticationManager.class).authenticate( new UsernamePasswordAuthenticationToken(username, new String(passwd)) )); // Print authentication System.out.println("Authentication: " + SecurityContextHolder.getContext().getAuthentication()); // Get user context UserContext user = (UserContext)SecurityContextHolder.getContext().getAuthentication().getPrincipal(); // Print user name and his/her authorities System.out.println("User name:" + user.getName()); System.out.println("Authorities:" + user.getAuthorities()); context.close(); } catch (Exception e) { e.printStackTrace(); } }
@Test public void testgetCurrentUserLogin() { SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); securityContext.setAuthentication(new UsernamePasswordAuthenticationToken("admin", "admin")); SecurityContextHolder.setContext(securityContext); Optional<String> login = SecurityUtils.getCurrentUserLogin(); assertThat(login).contains("admin"); }