Open Kilda Java Documentation
CustomAuthenticationProvider.java
Go to the documentation of this file.
1 package org.openkilda.security;
2 
3 import org.springframework.beans.factory.annotation.Autowired;
4 import org.springframework.security.authentication.BadCredentialsException;
5 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
6 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
7 import org.springframework.security.core.Authentication;
8 
9 import org.openkilda.exception.InvalidOtpException;
10 import org.openkilda.exception.OtpRequiredException;
11 import org.openkilda.exception.TwoFaKeyNotSetException;
12 import org.usermanagement.dao.entity.UserEntity;
13 import org.usermanagement.dao.repository.UserRepository;
14 
15 public class CustomAuthenticationProvider extends DaoAuthenticationProvider {
16 
17  @Autowired
18  private UserRepository userRepository;
19 
20 
21  /* (non-Javadoc)
22  * @see org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider#authenticate(org.springframework.security.core.Authentication)
23  */
24  @Override
25  public Authentication authenticate(final Authentication auth)
26  throws org.springframework.security.core.AuthenticationException {
27  CustomWebAuthenticationDetails customWebAuthenticationDetails =
28  ((CustomWebAuthenticationDetails) auth.getDetails());
29  String verificationCode = customWebAuthenticationDetails.getVerificationCode();
30  UserEntity user = userRepository.findByUsername(auth.getName());
31  if (user == null || !user.getActiveFlag()) {
32  throw new BadCredentialsException("Invalid username or password");
33  }
34 
35  Authentication result = super.authenticate(auth);
36 
37  if (user.getIs2FaEnabled()) {
38  if(!user.getIs2FaConfigured() && !customWebAuthenticationDetails.isConfigure2Fa()) {
39  throw new TwoFaKeyNotSetException();
40  } else {
41  if(verificationCode == null || verificationCode.isEmpty()) {
42  throw new OtpRequiredException();
43  } else if (!TwoFactorUtility.validateOtp(verificationCode, user.getTwoFaKey())) {
44  throw new InvalidOtpException("Invalid verfication code");
45  }
46  }
47  }
48  return new UsernamePasswordAuthenticationToken(user, result.getCredentials(),
49  result.getAuthorities());
50  }
51 
52  /* (non-Javadoc)
53  * @see org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider#supports(java.lang.Class)
54  */
55  @Override
56  public boolean supports(final Class<?> authentication) {
57  return authentication.equals(UsernamePasswordAuthenticationToken.class);
58  }
59 }
org.openkilda.security.TwoFactorUtility.validateOtp
static boolean validateOtp(final String otp, final String decryptKey)
Definition: TwoFactorUtility.java:66
plan-d.result
list result
Definition: plan-d.py:72