/** The login process starts from here. */
public HttpResponse doCommenceLogin(
StaplerRequest req,
StaplerResponse rsp,
@QueryParameter String from,
@QueryParameter String ticket)
throws ServletException, IOException {
// TODO write login method
String puid = authenticateInWwpass(ticket, certFile, keyFile);
WwpassIdentity u;
try {
u = loadUserByUsername(puid);
} catch (UsernameNotFoundException e) {
if (allowsSignup()) {
req.setAttribute("errorMessage", Messages.WwpassSecurityRealm_NoSuchUserAllowsSignup());
} else {
req.setAttribute("errorMessage", Messages.WwpassSecurityRealm_NoSuchUserDisableSignup());
}
req.getView(this, "login.jelly").forward(req, rsp);
throw e;
}
if (!u.isAccountNonLocked() || !u.isEnabled()) {
// throw new LockedException("Account is not activated for " + puid);
throw new Failure(Messages.WwpassSecurityRealm_AccountNotActivated());
}
Authentication a = new WwpassAuthenticationToken(u.getNickname());
a = this.getSecurityComponents().manager.authenticate(a);
SecurityContextHolder.getContext().setAuthentication(a);
return new HttpRedirect(Jenkins.getInstance().getRootUrl());
}
/** Lets the current user silently login as the given user and report back accordingly. */
@SuppressWarnings("ACL.impersonate")
private void loginAndTakeBack(StaplerRequest req, StaplerResponse rsp, User u)
throws ServletException, IOException {
// ... and let him login
Authentication a = new WwpassAuthenticationToken(u.getId());
a = this.getSecurityComponents().manager.authenticate(a);
SecurityContextHolder.getContext().setAuthentication(a);
// then back to top
req.getView(this, "success.jelly").forward(req, rsp);
}
/**
* @return <code>null</code> if failed. The browser is already redirected to retry by the time
* this method returns. a valid {@link User} object if the user creation was successful.
*/
private User createAccount(StaplerRequest req, StaplerResponse rsp, String formView)
throws ServletException, IOException {
SignupInfo si = new SignupInfo(req);
String puid = authenticateInWwpass(si.ticket, certFile, keyFile);
try {
if (loadUserByUsername(puid) != null) {
si.errorMessages.add(Messages.WwpassSecurityRealm_PuidIsAlreadyTaken());
}
} catch (UsernameNotFoundException e) {
}
if (si.nickname == null || si.nickname.length() == 0)
si.errorMessages.add(Messages.WwpassSecurityRealm_NicknameIsRequired());
else {
User user = User.get(si.nickname, false);
if (null != user)
if (user.getProperty(WwpassIdentity.class) != null)
si.errorMessages.add(Messages.WwpassSecurityRealm_NicknameIsAlreadyTaken());
}
if (si.fullname == null || si.fullname.length() == 0)
si.errorMessages.add(Messages.WwpassSecurityRealm_FullnameIsRequired());
else {
User user = User.get(si.fullname, false);
if (null != user)
if (user.getProperty(WwpassIdentity.class) != null)
si.errorMessages.add(Messages.WwpassSecurityRealm_FullnameIsAlreadyTaken());
}
if (si.email == null || !si.email.contains("@"))
si.errorMessages.add(Messages.WwpassSecurityRealm_InvalidEmailAddress());
if (!si.errorMessages.isEmpty()) {
// failed. ask the user to try again.
req.setAttribute("data", si);
req.getView(this, formView).forward(req, rsp);
return null;
}
// register the user
WwpassIdentity id = new WwpassIdentity(puid);
id.populate(si);
User user = createAccount(id);
id.updateProfile(user);
user.save();
return user;
}