org.springframework.security.core.userdetails.UserDetails#isEnabled

Source File: OpenIdAuthenticationProvider.java From cola with MIT License

7 votes

@Override
public void check(UserDetails user) {
	if (!user.isAccountNonLocked()) {
		logger.debug("User account is locked");

		throw new LockedException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.locked",
				"User account is locked"));
	}

	if (!user.isEnabled()) {
		logger.debug("User account is disabled");

		throw new DisabledException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.disabled",
				"User is disabled"));
	}

	if (!user.isAccountNonExpired()) {
		logger.debug("User account is expired");

		throw new AccountExpiredException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.expired",
				"User account has expired"));
	}
}

Source File: SmsAuthenticationProvider.java From cola with MIT License

6 votes

@Override
public void check(UserDetails user) {
	if (!user.isAccountNonLocked()) {
		logger.debug("User account is locked");

		throw new LockedException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.locked",
				"User account is locked"));
	}

	if (!user.isEnabled()) {
		logger.debug("User account is disabled");

		throw new DisabledException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.disabled",
				"User is disabled"));
	}

	if (!user.isAccountNonExpired()) {
		logger.debug("User account is expired");

		throw new AccountExpiredException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.expired",
				"User account has expired"));
	}
}

Source File: AcAuthenticationProvider.java From cola with MIT License

6 votes

@Override
public void check(UserDetails user) {
	if (!user.isAccountNonLocked()) {
		logger.debug("User account is locked");

		throw new LockedException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.locked",
				"User account is locked"));
	}

	if (!user.isEnabled()) {
		logger.debug("User account is disabled");

		throw new DisabledException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.disabled",
				"User is disabled"));
	}

	if (!user.isAccountNonExpired()) {
		logger.debug("User account is expired");

		throw new AccountExpiredException(messages.getMessage(
				"AbstractUserDetailsAuthenticationProvider.expired",
				"User account has expired"));
	}
}

Source File: JwtTokenFilter.java From server with MIT License

6 votes

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) {
        filterChain.doFilter(request, response);
        return;
    }

    String token = JwtTokenUtil.getTokenFromHttpRequestHeader(request);
    if (!StringUtils.isEmpty(token)) {
        String username = JwtTokenUtil.parseUsername(token);
        if (username != null) {
            try {
                UserDetails userDetails = userDetailsService.loadUserByUsername(username);
                if (userDetails.isEnabled()) {
                    Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
                    SecurityContextHolder.getContext().setAuthentication(auth);
                }
            } catch (UsernameNotFoundException ign) {
            }
        }
    }

    filterChain.doFilter(request, response);
}

Source File: WebAuthnAuthenticationProvider.java From webauthn4j-spring-security with Apache License 2.0

6 votes

@Override
public void check(UserDetails user) {
    if (!user.isAccountNonLocked()) {
        logger.debug("User account is locked");

        throw new LockedException(messages.getMessage(
                "WebAuthnAuthenticationProvider.locked",
                "User account is locked"));
    }

    if (!user.isEnabled()) {
        logger.debug("User account is disabled");

        throw new DisabledException(messages.getMessage(
                "WebAuthnAuthenticationProvider.disabled",
                "User is disabled"));
    }

    if (!user.isAccountNonExpired()) {
        logger.debug("User account is expired");

        throw new AccountExpiredException(messages.getMessage(
                "WebAuthnAuthenticationProvider.expired",
                "User account has expired"));
    }
}

Source File: TgolUserDetailsService.java From Asqatasun with GNU Affero General Public License v3.0

6 votes

@Override
protected UserDetails createUserDetails(String username, UserDetails userFromUserQuery,
        List<GrantedAuthority> combinedAuthorities) {
    
    User user = userDataService.getUserFromEmail(username);

    return new TgolUserDetails(
            username, 
            userFromUserQuery.getPassword(), 
            userFromUserQuery.isEnabled(),
            true, 
            true, 
            true, 
            combinedAuthorities,
            user);
}

Source File: MobileCodeAuthenticationProvider.java From springcloud-oauth2 with MIT License

5 votes

/**
 * 账号禁用、锁定、超时校验
 *
 * @param user
 */
private void check(UserDetails user) {
    if (!user.isAccountNonLocked()) {
        throw new LockedException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"));
    } else if (!user.isEnabled()) {
        throw new DisabledException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
    } else if (!user.isAccountNonExpired()) {
        throw new AccountExpiredException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"));
    }
}

Source File: AbstractUserDetailsAuthenticationProvider.java From Taroco with Apache License 2.0

5 votes

@Override
public void check(UserDetails user) {
    if (!user.isAccountNonLocked()) {
        log.debug("User account is locked");
        throw new LockedException(AbstractUserDetailsAuthenticationProvider.this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"));
    } else if (!user.isEnabled()) {
        log.debug("User account is disabled");
        throw new DisabledException(AbstractUserDetailsAuthenticationProvider.this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
    } else if (!user.isAccountNonExpired()) {
        log.debug("User account is expired");
        throw new AccountExpiredException(AbstractUserDetailsAuthenticationProvider.this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"));
    }
}

Source File: HSQLAuthenticationProvider.java From maven-framework-project with MIT License

5 votes

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    log.trace("authenticate()");
    log.debug("authenticating: " + authentication);
    String clearText = String.valueOf(authentication.getCredentials());
    UserDetails userDetails = this.retrieveUser(authentication.getName(), (UsernamePasswordAuthenticationToken) authentication);

    if (!StringUtils.equals(clearText, userDetails.getPassword())){
        throw new BadCredentialsException("invalid password");
    }
    if (!userDetails.isEnabled()){
        throw new BadCredentialsException("User not enabled");
    }
    return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
}

Source File: HSQLAuthenticationProvider.java From maven-framework-project with MIT License

5 votes

@Override
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
    log.trace("additionalAuthenticationChecks()");
    log.debug("isEnabled: " + userDetails.isEnabled());
    if (!userDetails.isEnabled()){
        throw new BadCredentialsException("User not enabled");
    }
}

Source File: ActivitiAuthenticationProvider.java From maven-framework-project with MIT License

5 votes

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    log.trace("authenticate()");
    log.debug("authenticating: " + authentication);
    String clearText = String.valueOf(authentication.getCredentials());
    UserDetails userDetails = this.retrieveUser(authentication.getName(), (UsernamePasswordAuthenticationToken) authentication);

    if (!Objects.equal(clearText, userDetails.getPassword())) {
        throw new BadCredentialsException("invalid password");
    }
    if (!userDetails.isEnabled()) {
        throw new BadCredentialsException("User not enabled");
    }
    return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
}

Source File: ActivitiAuthenticationProvider.java From maven-framework-project with MIT License

5 votes

@Override
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
    log.trace("additionalAuthenticationChecks()");
    log.debug("isEnabled: " + userDetails.isEnabled());
    if (!userDetails.isEnabled()) {
        throw new BadCredentialsException("User not enabled");
    }
}

Source File: MolgenisUserDetailsChecker.java From molgenis with GNU Lesser General Public License v3.0

5 votes

@Override
public void check(UserDetails userDetails) {
  if (!userDetails.isEnabled()) {
    throw new DisabledException(
        messages.getMessage("AccountStatusUserDetailsChecker.disabled", "User is not active")
            + ' '
            + userDetails.toString());
  }
}

Source File: LoginAuthenticationFilter.java From mall4j with GNU Affero General Public License v3.0

4 votes

@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
    if (!ServletUtil.METHOD_POST.equals(request.getMethod())) {
        throw new AuthenticationServiceException(
                "Authentication method not supported: " + request.getMethod());
    }
    String requestBody = getStringFromStream(request);

    if (StrUtil.isBlank(requestBody)) {
        throw new AuthenticationServiceException("无法获取输入信息");
    }
    AdminAuthenticationToken adminAuthenticationToken  =  Json.parseObject(requestBody, AdminAuthenticationToken.class);


    String username = adminAuthenticationToken.getPrincipal() == null?"NONE_PROVIDED":adminAuthenticationToken.getName();


    String kaptchaKey = SecurityConstants.SPRING_SECURITY_RESTFUL_IMAGE_CODE + adminAuthenticationToken.getSessionUUID();

    String kaptcha = RedisUtil.get(kaptchaKey);

    RedisUtil.del(kaptchaKey);

    if(StrUtil.isBlank(adminAuthenticationToken.getImageCode()) || !adminAuthenticationToken.getImageCode().equalsIgnoreCase(kaptcha)){
        throw new ImageCodeNotMatchExceptionBase("验证码有误");
    }

    UserDetails user;
    try {
        user = yamiUserDetailsService.loadUserByUsername(username);
    } catch (UsernameNotFoundExceptionBase var6) {
        throw new UsernameNotFoundExceptionBase("账号或密码不正确");
    }

    String encodedPassword = user.getPassword();
    String rawPassword = adminAuthenticationToken.getCredentials().toString();

    // 密码不正确
    if (!passwordEncoder.matches(rawPassword,encodedPassword)){
        throw new BadCredentialsExceptionBase("账号或密码不正确");
    }

    if (!user.isEnabled()) {
        throw new UsernameNotFoundExceptionBase("账号已被锁定,请联系管理员");
    }
    AdminAuthenticationToken result = new AdminAuthenticationToken(user, adminAuthenticationToken.getCredentials());
    result.setDetails(adminAuthenticationToken.getDetails());
    return result;
}

Java Code Examples for org.springframework.security.core.userdetails.UserDetails#isEnabled()