本文整理汇总了Java中javax.security.enterprise.identitystore.CredentialValidationResult类的典型用法代码示例。如果您正苦于以下问题:Java CredentialValidationResult类的具体用法?Java CredentialValidationResult怎么用?Java CredentialValidationResult使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
CredentialValidationResult类属于javax.security.enterprise.identitystore包,在下文中一共展示了CredentialValidationResult类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response,
HttpMessageContext httpMessageContext) throws AuthenticationException {
// ...
String name = request.getParameter("name");
String password = request.getParameter("password");
if (name != null && password != null) {
CredentialValidationResult result = identityStoreHandler.validate(new UsernamePasswordCredential(name, password));
return httpMessageContext.notifyContainerAboutLogin(result);
}
return httpMessageContext.doNothing();
}
开发者ID:PacktPublishing,项目名称:Architecting-Modern-Java-EE-Applications,代码行数:17,代码来源:TestAuthenticationMechanism.java
示例2: validate
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public CredentialValidationResult validate(Credential credential) {
if (credential instanceof TokenResponseCredential) {
TokenResponseCredential tokenCredential = (TokenResponseCredential) credential;
OAuthRequest request = new OAuthRequest(Verb.GET, "https://www.googleapis.com/oauth2/v3/userinfo");
OAuth20Service service = tokenCredential.getService();
OAuth2AccessToken token = tokenCredential.getTokenResponse();
service.signRequest(token, request);
try {
Response oResp = service.execute(request);
String body = oResp.getBody();
OAuth2User oAuth2User = jsonProcessor.extractUserInfo(body);
return new CredentialValidationResult(oAuth2User);
} catch (InterruptedException | ExecutionException | IOException e) {
e.printStackTrace(); // FIXME
}
}
return CredentialValidationResult.NOT_VALIDATED_RESULT;
}
示例3: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
if (credential == null) {
httpMessageContext.responseUnauthorized();
}
CredentialValidationResult result = identityStoreHandler.validate(credential);
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.responseUnauthorized();
}
示例4: validate
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public CredentialValidationResult validate(Credential credential) {
CredentialValidationResult result;
if (credential instanceof UsernamePasswordCredential) {
UsernamePasswordCredential usernamePassword = (UsernamePasswordCredential) credential;
result = users.findByUsername(usernamePassword.getCaller())
.map(
u -> passwordHash.matches(new String(usernamePassword.getPassword().getValue()), u.getPassword())
? new CredentialValidationResult(usernamePassword.getCaller(), u.getAuthorities())
: INVALID_RESULT
)
.orElse(INVALID_RESULT);
} else {
result = NOT_VALIDATED_RESULT;
}
return result;
}
示例5: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
CredentialValidationResult result = identityStore.validate(credential);
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
throw new AuthException("Login failed");
}
}
return httpMessageContext.doNothing();
}
示例6: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getParameter("login:username") != null && request.getParameter("login:password") != null) {
String name = request.getParameter("login:username");
Password password = new Password(request.getParameter("login:password"));
CredentialValidationResult result = identityStore.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}
示例7: validate
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
public CredentialValidationResult validate(UsernamePasswordCredential userCredential) {
if (userCredential.compareTo("admin", "pwd1")) {
return new CredentialValidationResult("admin", new HashSet<>(asList("admin", "user", "demo")));
}
return INVALID_RESULT;
}
示例8: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest req, HttpServletResponse res, HttpMessageContext context) {
CredentialValidationResult result = idStoreHandler.validate(
new UsernamePasswordCredential(
req.getParameter("name"), req.getParameter("password")));
if (result.getStatus() == VALID) {
return context.notifyContainerAboutLogin(result);
} else {
return context.responseUnauthorized();
}
}
示例9: validate
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
// validate
// ...
if (usernamePasswordCredential.compareTo("duke", "helloWorld")) {
return new CredentialValidationResult("duke", singleton("admin"));
}
return CredentialValidationResult.INVALID_RESULT;
}
开发者ID:PacktPublishing,项目名称:Architecting-Modern-Java-EE-Applications,代码行数:11,代码来源:TestIdentityStore.java
示例10: getCallerGroups
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public Set<String> getCallerGroups(CredentialValidationResult validationResult) {
OAuth2User user = (OAuth2User) validationResult.getCallerPrincipal();
Set<String> result = new HashSet<>();
result.add("AUTHENTICATED_USER");
if ("[email protected]".equals(user.getEmail())) {
result.add("SPEAKER");
}
return result;
}
示例11: validate
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public CredentialValidationResult validate(RememberMeCredential credential) {
SecurityData securityData = tokenCache.get(credential.getToken());
if (securityData == null) {
return CredentialValidationResult.INVALID_RESULT;
}
return new CredentialValidationResult(securityData.getCallerPrincipal(), securityData.getGroups());
}
示例12: validate
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public CredentialValidationResult validate(RememberMeCredential rememberMeCredential) {
try {
if (tokenProvider.validateToken(rememberMeCredential.getToken())) {
JwtCredential credential = tokenProvider.getCredential(rememberMeCredential.getToken());
return new CredentialValidationResult(credential.getPrincipal(), credential.getAuthorities());
}
// if token invalid, response with invalid result status
return INVALID_RESULT;
} catch (ExpiredJwtException eje) {
LOGGER.log(Level.INFO, "Security exception for user {0} - {1}", new Object[]{eje.getClaims().getSubject(), eje.getMessage()});
return INVALID_RESULT;
}
}
示例13: getCallerGroups
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public Set<String> getCallerGroups(CredentialValidationResult validationResult) {
// return users.findByUsername(validationResult.getCallerPrincipal().getName())
// .map(user -> user.getAuthorities())
// .orElse(emptySet());
return validationResult.getCallerGroups();
}
示例14: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext context) {
LOGGER.log(Level.INFO, "validateRequest: {0}", request.getRequestURI());
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly insecure
String name = request.getParameter("username");
String password = request.getParameter("password");
String token = extractToken(context);
if (name != null && password != null
&& "POST".equals(request.getMethod())
&& request.getRequestURI().endsWith("/auth/login")) {
LOGGER.log(Level.INFO, "user credentials : {0}, {1}", new String[]{name, password});
// validation of the credential using the identity store
CredentialValidationResult result = identityStoreHandler.validate(new UsernamePasswordCredential(name, password));
if (result.getStatus() == CredentialValidationResult.Status.VALID) {
// Communicate the details of the authenticated user to the container and return SUCCESS.
return createToken(result, context);
}
// if the authentication failed, we return the unauthorized status in the http response
return context.responseUnauthorized();
} else if (token != null) {
// validation of the jwt credential
return validateToken(token, context);
} else if (context.isProtected()) {
// A protected resource is a resource for which a constraint has been defined.
// if there are no credentials and the resource is protected, we response with unauthorized status
return context.responseUnauthorized();
}
// there are no credentials AND the resource is not protected,
// SO Instructs the container to "do nothing"
return context.doNothing();
}
示例15: createToken
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入依赖的package包/类
/**
* Create the JWT using CredentialValidationResult received from IdentityStoreHandler
*
* @param result the result from validation of UsernamePasswordCredential
* @param context
* @return the AuthenticationStatus to notify the container
*/
private AuthenticationStatus createToken(CredentialValidationResult result, HttpMessageContext context) {
if (!isRememberMe(context)) {
String jwt = tokenProvider.createToken(result.getCallerPrincipal().getName(), result.getCallerGroups(), false);
context.getResponse().setHeader(HttpHeaders.AUTHORIZATION, AUTHORIZATION_PREFIX + jwt);
}
//fire an @Authenticated CDI event.
authenticatedEvent.fire(new UserInfo(result.getCallerPrincipal().getName(), result.getCallerGroups()));
return context.notifyContainerAboutLogin(result.getCallerPrincipal(), result.getCallerGroups());
}