private Map<String, ?> getUserAsMap(UaaUser user) {
HashMap<String, Object> result = new HashMap<String, Object>();
if (user.getId() != null) {
result.put("id", user.getId());
}
if (user.getUsername() != null) {
result.put("userName", user.getUsername());
}
String email = user.getEmail();
if (email != null) {
@SuppressWarnings("unchecked")
List<Map<String, String>> emails = Arrays.asList(Collections.singletonMap("value", email));
result.put("emails", emails);
}
String givenName = user.getGivenName();
if (givenName != null) {
Map<String, String> name = new HashMap<String, String>();
name.put("givenName", givenName);
if (user.getFamilyName() != null) {
name.put("familyName", user.getFamilyName());
}
result.put("name", name);
}
return result;
}
@Override
public void userAuthenticationSuccess(UaaUser user, UaaAuthenticationDetails details) {
Assert.notNull(user, "UaaUser cannot be null");
createAuditRecord(
user.getId(),
AuditEventType.UserAuthenticationSuccess,
getOrigin(details),
user.getUsername());
}
@Override
public Authentication authenticate(Authentication req) throws AuthenticationException {
logger.debug("Processing authentication request for " + req.getName());
if (req.getCredentials() == null) {
BadCredentialsException e = new BadCredentialsException("No password supplied");
publish(new AuthenticationFailureBadCredentialsEvent(req, e));
throw e;
}
UaaUser user;
try {
user = userDatabase.retrieveUserByName(req.getName().toLowerCase(Locale.US));
} catch (UsernameNotFoundException e) {
user = dummyUser;
}
final boolean passwordMatches =
encoder.matches((CharSequence) req.getCredentials(), user.getPassword());
if (!accountLoginPolicy.isAllowed(user, req)) {
logger.warn(
"Login policy rejected authentication for "
+ user.getUsername()
+ ", "
+ user.getId()
+ ". Ignoring login request.");
BadCredentialsException e =
new BadCredentialsException("Login policy rejected authentication");
publish(new AuthenticationFailureLockedEvent(req, e));
throw e;
}
if (passwordMatches) {
logger.debug("Password successfully matched");
Authentication success =
new UaaAuthentication(
new UaaPrincipal(user),
user.getAuthorities(),
(UaaAuthenticationDetails) req.getDetails());
publish(new UserAuthenticationSuccessEvent(user, success));
return success;
}
if (user == dummyUser) {
logger.debug("No user named '" + req.getName() + "' was found");
publish(new UserNotFoundEvent(req));
} else {
logger.debug("Password did not match for user " + req.getName());
publish(new UserAuthenticationFailureEvent(user, req));
}
BadCredentialsException e = new BadCredentialsException("Bad credentials");
publish(new AuthenticationFailureBadCredentialsEvent(req, e));
throw e;
}
@Override
public void userAuthenticationFailure(UaaUser user, UaaAuthenticationDetails details) {
if (user == null) {
userNotFound("<UNKNOWN>", details);
return;
}
createAuditRecord(
user.getId(),
AuditEventType.UserAuthenticationFailure,
getOrigin(details),
user.getUsername());
}