List of usage examples for org.apache.commons.lang3.tuple Pair getValue
@Override
public R getValue()
Gets the value from this pair.
This method implements the Map.Entry interface returning the right element as the value.
From source file:org.apache.syncope.core.rest.cxf.service.UserSelfServiceImpl.java
@Override public Response read() { Pair<String, UserTO> self = logic.selfRead(); return Response.ok().header(RESTHeaders.RESOURCE_KEY, self.getValue().getKey()) .header(RESTHeaders.OWNED_ENTITLEMENTS, self.getKey()).entity(self.getValue()).build(); }
From source file:org.apache.syncope.core.rest.cxf.service.UserSelfServiceImpl.java
@Override public Response update(final UserTO user) { Pair<String, UserTO> self = logic.selfRead(); return update(AnyOperations.diff(user, self.getValue(), false)); }
From source file:org.apache.syncope.core.spring.security.SyncopeAuthenticationProvider.java
@Override public Authentication authenticate(final Authentication authentication) { String domainKey = SyncopeAuthenticationDetails.class.cast(authentication.getDetails()).getDomain(); if (StringUtils.isBlank(domainKey)) { domainKey = SyncopeConstants.MASTER_DOMAIN; }/*from w w w . java2 s . c om*/ SyncopeAuthenticationDetails.class.cast(authentication.getDetails()).setDomain(domainKey); Boolean authenticated; if (anonymousUser.equals(authentication.getName())) { authenticated = authentication.getCredentials().toString().equals(anonymousKey); } else if (adminUser.equals(authentication.getName())) { if (SyncopeConstants.MASTER_DOMAIN.equals(domainKey)) { authenticated = encryptor.verify(authentication.getCredentials().toString(), CipherAlgorithm.valueOf(adminPasswordAlgorithm), adminPassword); } else { final String domainToFind = domainKey; authenticated = AuthContextUtils.execWithAuthContext(SyncopeConstants.MASTER_DOMAIN, new Executable<Boolean>() { @Override public Boolean exec() { Domain domain = dataAccessor.findDomain(domainToFind); return encryptor.verify(authentication.getCredentials().toString(), domain.getAdminCipherAlgorithm(), domain.getAdminPwd()); } }); } } else { final Pair<String, Boolean> authResult = AuthContextUtils.execWithAuthContext(domainKey, new Executable<Pair<String, Boolean>>() { @Override public Pair<String, Boolean> exec() { return dataAccessor.authenticate(authentication); } }); authenticated = authResult.getValue(); if (authenticated != null && !authenticated) { AuthContextUtils.execWithAuthContext(domainKey, new Executable<Void>() { @Override public Void exec() { provisioningManager.internalSuspend(authResult.getKey()); return null; } }); } } final boolean isAuthenticated = authenticated != null && authenticated; UsernamePasswordAuthenticationToken token; if (isAuthenticated) { token = AuthContextUtils.execWithAuthContext(domainKey, new Executable<UsernamePasswordAuthenticationToken>() { @Override public UsernamePasswordAuthenticationToken exec() { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( authentication.getPrincipal(), null, userDetailsService.loadUserByUsername(authentication.getPrincipal().toString()) .getAuthorities()); token.setDetails(authentication.getDetails()); dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.SUCCESS, null, isAuthenticated, authentication, "Successfully authenticated, with entitlements: " + token.getAuthorities()); return token; } }); LOG.debug("User {} successfully authenticated, with entitlements {}", authentication.getPrincipal(), token.getAuthorities()); } else { AuthContextUtils.execWithAuthContext(domainKey, new Executable<Void>() { @Override public Void exec() { dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.FAILURE, null, isAuthenticated, authentication, "User " + authentication.getPrincipal() + " not authenticated"); return null; } }); LOG.debug("User {} not authenticated", authentication.getPrincipal()); throw new BadCredentialsException("User " + authentication.getPrincipal() + " not authenticated"); } return token; }
From source file:org.apache.syncope.core.spring.security.UsernamePasswordAuthenticationProvider.java
@Override public Authentication authenticate(final Authentication authentication) { String domainKey = SyncopeAuthenticationDetails.class.cast(authentication.getDetails()).getDomain(); final String[] username = new String[1]; Boolean authenticated;//w ww . jav a2 s. c o m if (anonymousUser.equals(authentication.getName())) { username[0] = anonymousUser; credentialChecker.checkIsDefaultAnonymousKeyInUse(); authenticated = authentication.getCredentials().toString().equals(anonymousKey); } else if (adminUser.equals(authentication.getName())) { username[0] = adminUser; if (SyncopeConstants.MASTER_DOMAIN.equals(domainKey)) { credentialChecker.checkIsDefaultAdminPasswordInUse(); authenticated = ENCRYPTOR.verify(authentication.getCredentials().toString(), CipherAlgorithm.valueOf(adminPasswordAlgorithm), adminPassword); } else { final String domainToFind = domainKey; authenticated = AuthContextUtils.execWithAuthContext(SyncopeConstants.MASTER_DOMAIN, () -> { Domain domain = dataAccessor.findDomain(domainToFind); return ENCRYPTOR.verify(authentication.getCredentials().toString(), domain.getAdminCipherAlgorithm(), domain.getAdminPwd()); }); } } else { final Pair<User, Boolean> authResult = AuthContextUtils.execWithAuthContext(domainKey, () -> dataAccessor.authenticate(authentication)); authenticated = authResult.getValue(); if (authResult.getLeft() != null && authResult.getRight() != null) { username[0] = authResult.getLeft().getUsername(); if (!authResult.getRight()) { AuthContextUtils.execWithAuthContext(domainKey, () -> { provisioningManager.internalSuspend(authResult.getLeft().getKey()); return null; }); } } } if (username[0] == null) { username[0] = authentication.getPrincipal().toString(); } final boolean isAuthenticated = authenticated != null && authenticated; UsernamePasswordAuthenticationToken token; if (isAuthenticated) { token = AuthContextUtils.execWithAuthContext(domainKey, () -> { UsernamePasswordAuthenticationToken token1 = new UsernamePasswordAuthenticationToken(username[0], null, dataAccessor.getAuthorities(username[0])); token1.setDetails(authentication.getDetails()); dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.SUCCESS, null, isAuthenticated, authentication, "Successfully authenticated, with entitlements: " + token1.getAuthorities()); return token1; }); LOG.debug("User {} successfully authenticated, with entitlements {}", username[0], token.getAuthorities()); } else { AuthContextUtils.execWithAuthContext(domainKey, () -> { dataAccessor.audit(AuditElements.EventCategoryType.LOGIC, AuditElements.AUTHENTICATION_CATEGORY, null, AuditElements.LOGIN_EVENT, Result.FAILURE, null, isAuthenticated, authentication, "User " + username[0] + " not authenticated"); return null; }); LOG.debug("User {} not authenticated", username[0]); throw new BadCredentialsException("User " + username[0] + " not authenticated"); } return token; }
From source file:org.apache.syncope.core.workflow.activiti.ActivitiUserWorkflowAdapter.java
@Override public WorkflowFormTO claimForm(final String taskId) { String authUser = AuthContextUtils.getUsername(); Pair<Task, TaskFormData> checked = checkTask(taskId, authUser); if (!adminUser.equals(authUser)) { List<Task> tasksForUser = engine.getTaskService().createTaskQuery().taskId(taskId) .taskCandidateUser(authUser).list(); if (tasksForUser.isEmpty()) { throw new WorkflowException( new IllegalArgumentException(authUser + " is not candidate for task " + taskId)); }//w w w . j a v a 2s . c om } Task task; try { engine.getTaskService().setOwner(taskId, authUser); task = engine.getTaskService().createTaskQuery().taskId(taskId).singleResult(); } catch (ActivitiException e) { throw new WorkflowException("While reading task " + taskId, e); } return getFormTO(task, checked.getValue()); }
From source file:org.apache.syncope.core.workflow.flowable.FlowableUserWorkflowAdapter.java
@Override public WorkflowFormTO claimForm(final String taskId) { String authUser = AuthContextUtils.getUsername(); Pair<Task, TaskFormData> checked = checkTask(taskId, authUser); if (!adminUser.equals(authUser)) { List<Task> tasksForUser = engine.getTaskService().createTaskQuery().taskId(taskId) .taskCandidateUser(authUser).list(); if (tasksForUser.isEmpty()) { throw new WorkflowException( new IllegalArgumentException(authUser + " is not candidate for task " + taskId)); }//from w w w.ja v a 2 s. com } Task task; try { engine.getTaskService().setOwner(taskId, authUser); task = engine.getTaskService().createTaskQuery().taskId(taskId).singleResult(); } catch (FlowableException e) { throw new WorkflowException("While reading task " + taskId, e); } return getFormTO(task, checked.getValue()); }
From source file:org.apache.syncope.core.workflow.java.AbstractUserWorkflowAdapter.java
@Override public Pair<WorkflowResult<String>, Boolean> internalSuspend(final String key) { User user = userDAO.authFind(key);//w w w . ja v a 2 s . com Pair<WorkflowResult<String>, Boolean> result = null; Pair<Boolean, Boolean> enforce = userDAO.enforcePolicies(user); if (enforce.getKey()) { LOG.debug("User {} {} is over the max failed logins", user.getKey(), user.getUsername()); // reduce failed logins number to avoid multiple request user.setFailedLogins(user.getFailedLogins() - 1); // set suspended flag user.setSuspended(Boolean.TRUE); result = ImmutablePair.of(doSuspend(user), enforce.getValue()); } return result; }
From source file:org.apache.syncope.fit.AbstractITCase.java
protected void updateLdapRemoteObject(final String bindDn, final String bindPwd, final String objectDn, final Pair<String, String> attribute) { InitialDirContext ctx = null; try {//from w ww . j av a2 s. co m ctx = getLdapResourceDirContext(bindDn, bindPwd); Attribute ldapAttribute = new BasicAttribute(attribute.getKey(), attribute.getValue()); ModificationItem[] item = new ModificationItem[1]; item[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, ldapAttribute); ctx.modifyAttributes(objectDn, item); } catch (Exception e) { // ignore } finally { if (ctx != null) { try { ctx.close(); } catch (NamingException e) { // ignore } } } }
From source file:org.apache.syncope.fit.core.AuthenticationITCase.java
@Test public void readEntitlements() { // 1. as not authenticated (not allowed) try {//from w w w. ja v a 2 s .co m clientFactory.create().self(); fail("This should not happen"); } catch (AccessControlException e) { assertNotNull(e); } // 2. as anonymous Pair<Map<String, Set<String>>, UserTO> self = clientFactory .create(new AnonymousAuthenticationHandler(ANONYMOUS_UNAME, ANONYMOUS_KEY)).self(); assertEquals(1, self.getKey().size()); assertTrue(self.getKey().keySet().contains(StandardEntitlement.ANONYMOUS)); assertEquals(ANONYMOUS_UNAME, self.getValue().getUsername()); // 3. as admin self = adminClient.self(); assertEquals(syncopeService.platform().getEntitlements().size(), self.getKey().size()); assertFalse(self.getKey().keySet().contains(StandardEntitlement.ANONYMOUS)); assertEquals(ADMIN_UNAME, self.getValue().getUsername()); // 4. as user self = clientFactory.create("bellini", ADMIN_PWD).self(); assertFalse(self.getKey().isEmpty()); assertFalse(self.getKey().keySet().contains(StandardEntitlement.ANONYMOUS)); assertEquals("bellini", self.getValue().getUsername()); }
From source file:org.apache.syncope.fit.core.AuthenticationITCase.java
@Test public void issueSYNCOPE434() { assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService)); // 1. create user with group 'groupForWorkflowApproval' // (users with group groupForWorkflowApproval are defined in workflow as subject to approval) UserTO userTO = UserITCase.getUniqueSampleTO("createWithReject@syncope.apache.org"); userTO.getMemberships()//from w ww . j a v a 2 s.c o m .add(new MembershipTO.Builder().group("0cbcabd2-4410-4b6b-8f05-a052b451d18f").build()); userTO = createUser(userTO).getEntity(); assertNotNull(userTO); assertEquals("createApproval", userTO.getStatus()); // 2. try to authenticate: fail try { clientFactory.create(userTO.getUsername(), "password123").self(); fail("This should not happen"); } catch (AccessControlException e) { assertNotNull(e); } // 3. approve user WorkflowFormTO form = userWorkflowService.getFormForUser(userTO.getKey()); form = userWorkflowService.claimForm(form.getTaskId()); form.getProperty("approveCreate").get().setValue(Boolean.TRUE.toString()); userTO = userWorkflowService.submitForm(form); assertNotNull(userTO); assertEquals("active", userTO.getStatus()); // 4. try to authenticate again: success Pair<Map<String, Set<String>>, UserTO> self = clientFactory.create(userTO.getUsername(), "password123") .self(); assertNotNull(self); assertNotNull(self.getKey()); assertNotNull(self.getValue()); }