/**
   * Check if the current user is allowed to access the requested resource.
   *
   * @param httpRequest
   * @throws AccessDeniedException If the request is not allowed considering the resource
   *     permissions.
   */
  public boolean isAllowed(HttpServletRequest httpRequest) throws AccessDeniedException {
    final String requestURI = httpRequest.getRequestURI();

    Set<Entry<String, String[]>> entrySet = this.roleProtectedResources.entrySet();

    for (Entry<String, String[]> entry : entrySet) {
      if (matches(entry.getKey(), requestURI)) {
        Identity identity = getIdentity();

        if (!identity.isLoggedIn()) {
          return false;
        } else {

          String[] roles = entry.getValue();

          for (String roleName : roles) {
            IdentityManager identityManager = getIdentityManager();

            Role role = BasicModel.getRole(identityManager, roleName.trim());

            if (role == null) {
              throw new IllegalStateException(
                  "The specified role does not exists [" + role + "]. Check your configuration.");
            }

            if (!BasicModel.hasRole(getRelationshipManager(), identity.getAccount(), role)) {
              return false;
            }
          }
        }
      }
    }

    return true;
  }
  @Test
  public void testEmptyCredentials() {
    Identity identity = getIdentity();

    identity.login();

    assertFalse(identity.isLoggedIn());
  }
  @Test(expected = UserAlreadyLoggedInException.class)
  public void failUserAlreadyLoggedIn() {
    DefaultLoginCredentials credentials = getCredentials();

    credentials.setUserId(USER_NAME);
    credentials.setPassword(USER_PASSWORD);

    Identity identity = getIdentity();

    identity.login();

    // should throw the exception. user is already authenticated.
    identity.login();
  }
  protected void performAuthentication() {
    DefaultLoginCredentials credentials = this.credentials;

    credentials.setPassword(USER_PASSWORD);
    credentials.setUserId(USER_NAME);

    Identity identity = this.identity;

    Identity.AuthenticationResult status = identity.login();

    assertEquals(Identity.AuthenticationResult.SUCCESS, status);
    assertTrue(identity.isLoggedIn());

    assertEquals(this.identity.getAccount(), identity.getAccount());
  }
  @Test
  public void testUnsuccessfulPasswordBasedAuthentication() throws Exception {
    DefaultLoginCredentials credentials = getCredentials();

    credentials.setUserId(USER_NAME);
    credentials.setPassword("badpasswd");

    Identity identity = getIdentity();

    AuthenticationResult status = identity.login();

    assertEquals(AuthenticationResult.FAILED, status);
    assertFalse(identity.isLoggedIn());

    assertNull(identity.getAccount());
  }
  @Test
  public void testSuccessfulPasswordBasedAuthentication() throws Exception {
    DefaultLoginCredentials credentials = getCredentials();

    credentials.setPassword(USER_PASSWORD);
    credentials.setUserId(USER_NAME);

    Identity identity = getIdentity();

    AuthenticationResult status = identity.login();

    assertEquals(AuthenticationResult.SUCCESS, status);
    assertTrue(identity.isLoggedIn());

    assertEquals(getAccount(), identity.getAccount());
  }
  public String getName() {
    if (!identity.isLoggedIn()) {
      return null;
    }

    User user = (User) identity.getUser();

    String name = user.getFirstName();
    name = name != null ? name + " " + user.getLastName() : name;

    if (name == null) {
      name = user.getLoginName();
    }

    return name;
  }
  @Test(expected = LockedAccountException.class)
  public void failLockedAccount() {
    Account account = getAccount();

    account.setEnabled(false);

    getIdentityManager().update(account);

    DefaultLoginCredentials credentials = getCredentials();

    credentials.setPassword(USER_PASSWORD);
    credentials.setUserId(USER_NAME);

    // should throw the exception. user is disabled/locked.
    Identity identity = getIdentity();

    identity.login();
  }
  public boolean isAdmin() {
    if (isUserLoggedIn()) {
      IdentityManager identityManager = getIdentityManager();
      RelationshipManager relationshipManager = getRelationshipManager();

      return BasicModel.hasRole(
          relationshipManager,
          identity.getAccount(),
          BasicModel.getRole(identityManager, "Administrator"));
    }

    return false;
  }
  private void performTwoFactorAuthentication() {
    if (this.token == null || this.token.isEmpty()) {
      this.facesContext.addMessage(
          null,
          new FacesMessage(
              "You have configured two-factor authentication. Please, provide your token."));
    } else {
      TOTPCredentials credential = new TOTPCredentials();

      credential.setUsername(this.loginCredentials.getUserId());
      credential.setPassword((Password) this.loginCredentials.getCredential());
      credential.setToken(this.token);

      // we override the credential to set a totp credential
      this.loginCredentials.setCredential(credential);

      identity.login();
    }
  }
 @Secures
 @CheckLoggedIn
 public boolean isLoggedIn(Identity identity) throws Exception {
   return identity.isLoggedIn();
 }
 /**
  * Check if a method or type annotated with the {@link
  * com.gr.project.security.authorization.annotation.UserLoggedIn} is being access by an
  * authenticated user. This method is called before the annotated method is called.
  *
  * @return
  */
 @Secures
 @UserLoggedIn
 public boolean isUserLoggedIn() {
   return identity.isLoggedIn();
 }
 public boolean isLoggedIn() {
   return identity.isLoggedIn();
 }