public AzureKeyVaultCredential getKeyVaultCredential(Run<?, ?> build) throws CredentialNotFoundException, CredentialException { // Try override values LOGGER.log(Level.INFO, String.format("Trying override credentials...")); AzureKeyVaultCredential credential = getKeyVaultCredential(build, this.applicationSecret, this.credentialID); if (credential.isValid()) { LOGGER.log(Level.INFO, String.format("Using override credentials")); return credential; } // Try global values LOGGER.log(Level.INFO, String.format("Trying global credentials")); credential = getKeyVaultCredential(build, getDescriptor().getApplicationSecret(), getDescriptor().getCredentialID()); if (credential.isValid()) { LOGGER.log(Level.INFO, String.format("Using global credentials")); return credential; } throw new CredentialNotFoundException("Unable to find a valid credential with provided parameters"); }
public AzureKeyVaultCredential getKeyVaultCredential(Run<?, ?> build, Secret _applicationSecret, String _credentialID) throws CredentialNotFoundException, CredentialException { // Try Credential if (!AzureKeyVaultUtil.isNullOrEmpty(_credentialID)) { LOGGER.log(Level.INFO, String.format("Fetching credentials by ID")); AzureKeyVaultCredential credential = getCredentialById(_credentialID, build); if (!credential.isApplicationIDValid()) { LOGGER.log(Level.INFO, String.format("Credential is password-only. Setting the username")); // Credential only contains the app secret - add the app id credential.setApplicationID(getApplicationID()); } return credential; } // Try AppID/Secret if (!AzureKeyVaultUtil.isNullOrEmpty(_applicationSecret)) { LOGGER.log(Level.WARNING, String.format("Using explicit application secret. This will be deprecated in 1.0. Use Credential ID instead.")); return new AzureKeyVaultCredential(getApplicationID(), _applicationSecret); } return new AzureKeyVaultCredential(); }
private String[] readFields(final byte[] buffer) throws CredentialException { List<String> fields = new ArrayList<>(); int pos = 0; Buffer b = Buffer.buffer(); while (pos < buffer.length) { byte val = buffer[pos]; if (val == 0x00) { fields.add(b.toString(StandardCharsets.UTF_8)); b = Buffer.buffer(); } else { b.appendByte(val); } pos++; } fields.add(b.toString(StandardCharsets.UTF_8)); if (fields.size() != 3) { throw new CredentialException("client provided malformed PLAIN response"); } else if (fields.get(1) == null || fields.get(1).length() == 0) { throw new CredentialException("PLAIN response must contain an authentication ID"); } else if(fields.get(2) == null || fields.get(2).length() == 0) { throw new CredentialException("PLAIN response must contain a password"); } else { return fields.toArray(new String[3]); } }
public AzureKeyVaultCredential getCredentialById(String _credentialID, Run<?, ?> build) throws CredentialNotFoundException, CredentialException { AzureKeyVaultCredential credential = new AzureKeyVaultCredential(); IdCredentials cred = CredentialsProvider.findCredentialById(_credentialID, IdCredentials.class, build); if (cred==null) { throw new CredentialNotFoundException(_credentialID); } if(StringCredentials.class.isInstance(cred)) { // Secret Text object LOGGER.log(Level.INFO, String.format("Fetched %s as StringCredentials", _credentialID)); CredentialsProvider.track(build, cred); credential.setApplicationSecret(StringCredentials.class.cast(cred).getSecret()); return credential; } else if(StandardUsernamePasswordCredentials.class.isInstance(cred)) { // Username/Password Object LOGGER.log(Level.INFO, String.format("Fetched %s as StandardUsernamePasswordCredentials", _credentialID)); CredentialsProvider.track(build, cred); credential.setApplicationID(StandardUsernamePasswordCredentials.class.cast(cred).getUsername()); credential.setApplicationSecret(StandardUsernamePasswordCredentials.class.cast(cred).getPassword()); return credential; } else { throw new CredentialException("Could not determine the type for Secret id " + _credentialID + " only 'Secret Text' and 'Username/Password' are supported"); } }
@RequestMapping(value = "/login", method = RequestMethod.POST) public String login(HttpServletRequest request, HttpServletResponse response, Model model) { HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response); httpSessionSecurityContextRepository.loadContext(holder); try { // 使用提供的证书认证用户 List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN"); Authentication auth = new UsernamePasswordAuthenticationToken(request.getParameter("username"), request.getParameter("password"), authorities); SecurityContextHolder.getContext().setAuthentication(authenticationManager.authenticate(auth)); // 认证用户 if(!auth.isAuthenticated()) throw new CredentialException("用户不能够被认证"); } catch (Exception ex) { // 用户不能够被认证,重定向回登录页 logger.info(ex); return "login"; } // 从会话得到默认保存的请求 DefaultSavedRequest defaultSavedRequest = (DefaultSavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST"); // 为令牌请求生成认证参数Map Map<String, String> authParams = getAuthParameters(defaultSavedRequest); AuthorizationRequest authRequest = new DefaultOAuth2RequestFactory(clientDetailsService).createAuthorizationRequest(authParams); authRequest.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN")); model.addAttribute("authorizationRequest", authRequest); httpSessionSecurityContextRepository.saveContext(SecurityContextHolder.getContext(), holder.getRequest(), holder.getResponse()); return "authorize"; }
/** * @tests javax.security.auth.login.CredentialException#CredentialException( * java.lang.String) */ public final void testCtor2() { assertNull(new CredentialException(null).getMessage()); String message = ""; assertSame(message, new CredentialException(message).getMessage()); message = "message"; assertSame(message, new CredentialException(message).getMessage()); }
@Override public boolean matches(Account account, AuthenticationToken token) throws CredentialException { Object tokenCredentials = token.readCredentials(); if (tokenCredentials == null) { throw new CredentialNotFoundException("token"); } Object accountCredentials = account.getCredentials(); if (accountCredentials == null) { throw new CredentialNotFoundException("account"); } String hashed = Crypto.sha512(tokenCredentials.toString(), account.getPrincipal().getName(), hashIterations); return accountCredentials.toString().equals(hashed); }
public synchronized final boolean removeUser(String regId) throws CredentialException { if (!registeredUsers.contains(regId)) { throw new CredentialException("wrong credentials for given user"); } if (registeredUsers.remove(regId)) { return true; } return false; }
@RequestMapping(value = "/login", method = RequestMethod.POST) public String login(HttpServletRequest request, HttpServletResponse response, Model model) { HttpRequestResponseHolder responseHolder = new HttpRequestResponseHolder(request, response); sessionRepository.loadContext(responseHolder); try { // Authenticate the user with the supplied credentials List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN"); Authentication auth = new UsernamePasswordAuthenticationToken(request.getParameter("username"), request.getParameter("password"), authorities); SecurityContextHolder.getContext() .setAuthentication(authenticationManager.authenticate(auth)); // Authenticate the user if(!authenticationManager.authenticate(auth).isAuthenticated()) throw new CredentialException("User could not be authenticated"); } catch (Exception ex) { // The user couldn't be authenticated, redirect back to login ex.printStackTrace(); return "login"; } // Get the default saved request from session DefaultSavedRequest defaultSavedRequest = ((DefaultSavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST")); // Generate an authorization parameter map for the token request Map<String, String> authParams = getAuthParameters(defaultSavedRequest); // Create the authorization request and put it in the view model AuthorizationRequest authRequest = new DefaultOAuth2RequestFactory(clients).createAuthorizationRequest(authParams); authRequest.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN")); sessionRepository.saveContext(SecurityContextHolder.getContext(), responseHolder.getRequest(), responseHolder.getResponse()); model.addAttribute("authorizationRequest", authRequest); // Return the token authorization view return "authorize"; }
@Override protected Object[] getData() { return new Object[] {new CredentialException("message")}; }
/** * @tests javax.security.auth.login.CredentialException#CredentialException() */ public final void testCtor1() { assertNull(new CredentialException().getMessage()); }
@RequestMapping(value = "/push", method = RequestMethod.DELETE) public @ResponseBody String disablePushNotification(@RequestParam(value = "regid") String regid) throws CredentialException { return "" + updateService.removeUser(regid); }
@RequestMapping(value = "/push/delete", method = RequestMethod.GET) public @ResponseBody String disablePushNotificationViaGet(@RequestParam(value = "regid") String regid) throws CredentialException { return "" + updateService.removeUser(regid); }
boolean matches(Account account, AuthenticationToken token) throws CredentialException;
