libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Improve handling of exceptions thrown from picketlink

Browse source
This commit is contained in:
mposolda 2014-04-04 16:35:15 +02:00
parent b7826be103
commit be320e11a5
1 changed files with 44 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
spi/authentication-picketlink/src/main/java/org/keycloak/spi/authentication/picketlink/PicketlinkAuthenticationProvider.java
View file

@ -14,6 +14,7 @@ import org.keycloak.spi.authentication.AuthenticationProvider;
import org.keycloak.spi.authentication.AuthenticationProviderException; import org.keycloak.spi.authentication.AuthenticationProviderException;
import org.keycloak.spi.picketlink.PartitionManagerProvider; import org.keycloak.spi.picketlink.PartitionManagerProvider;
import org.keycloak.util.ProviderLoader; import org.keycloak.util.ProviderLoader;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.IdentityManager; import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.PartitionManager; import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.credential.Credentials; import org.picketlink.idm.credential.Credentials;
@ -44,25 +45,34 @@ public class PicketlinkAuthenticationProvider implements AuthenticationProvider
@Override @Override
public AuthUser getUser(RealmModel realm, Map<String, String> configuration, String username) throws AuthenticationProviderException { public AuthUser getUser(RealmModel realm, Map<String, String> configuration, String username) throws AuthenticationProviderException {
IdentityManager identityManager = getIdentityManager(realm); IdentityManager identityManager = getIdentityManager(realm);
User picketlinkUser = BasicModel.getUser(identityManager, username);
return picketlinkUser == null ? null : new AuthUser(picketlinkUser.getId(), picketlinkUser.getLoginName(), getName()) try {
.setName(picketlinkUser.getFirstName(), picketlinkUser.getLastName()) User picketlinkUser = BasicModel.getUser(identityManager, username);
.setEmail(picketlinkUser.getEmail()) return picketlinkUser == null ? null : new AuthUser(picketlinkUser.getId(), picketlinkUser.getLoginName(), getName())
.setProviderName(getName()); .setName(picketlinkUser.getFirstName(), picketlinkUser.getLastName())
.setEmail(picketlinkUser.getEmail())
.setProviderName(getName());
} catch (IdentityManagementException ie) {
throw convertIDMException(ie);
}
} }
@Override @Override
public AuthProviderStatus validatePassword(RealmModel realm, Map<String, String> configuration, String username, String password) throws AuthenticationProviderException { public AuthProviderStatus validatePassword(RealmModel realm, Map<String, String> configuration, String username, String password) throws AuthenticationProviderException {
IdentityManager identityManager = getIdentityManager(realm); IdentityManager identityManager = getIdentityManager(realm);
UsernamePasswordCredentials credential = new UsernamePasswordCredentials(); try {
credential.setUsername(username); UsernamePasswordCredentials credential = new UsernamePasswordCredentials();
credential.setPassword(new Password(password.toCharArray())); credential.setUsername(username);
identityManager.validateCredentials(credential); credential.setPassword(new Password(password.toCharArray()));
if (credential.getStatus() == Credentials.Status.VALID) { identityManager.validateCredentials(credential);
return AuthProviderStatus.SUCCESS; if (credential.getStatus() == Credentials.Status.VALID) {
} else { return AuthProviderStatus.SUCCESS;
return AuthProviderStatus.INVALID_CREDENTIALS; } else {
return AuthProviderStatus.INVALID_CREDENTIALS;
}
} catch (IdentityManagementException ie) {
throw convertIDMException(ie);
} }
} }
@ -70,14 +80,18 @@ public class PicketlinkAuthenticationProvider implements AuthenticationProvider
public boolean updateCredential(RealmModel realm, Map<String, String> configuration, String username, String password) throws AuthenticationProviderException { public boolean updateCredential(RealmModel realm, Map<String, String> configuration, String username, String password) throws AuthenticationProviderException {
IdentityManager identityManager = getIdentityManager(realm); IdentityManager identityManager = getIdentityManager(realm);
User picketlinkUser = BasicModel.getUser(identityManager, username); try {
if (picketlinkUser == null) { User picketlinkUser = BasicModel.getUser(identityManager, username);
logger.debugf("User '%s' doesn't exists. Skip password update", username); if (picketlinkUser == null) {
return false; logger.debugf("User '%s' doesn't exists. Skip password update", username);
} return false;
}
identityManager.updateCredential(picketlinkUser, new Password(password.toCharArray())); identityManager.updateCredential(picketlinkUser, new Password(password.toCharArray()));
return true; return true;
} catch (IdentityManagementException ie) {
throw convertIDMException(ie);
}
} }
public IdentityManager getIdentityManager(RealmModel realm) throws AuthenticationProviderException { public IdentityManager getIdentityManager(RealmModel realm) throws AuthenticationProviderException {
@ -103,4 +117,14 @@ public class PicketlinkAuthenticationProvider implements AuthenticationProvider
} }
return identityManager; return identityManager;
} }
private AuthenticationProviderException convertIDMException(IdentityManagementException ie) {
Throwable realCause = ie;
while (realCause.getCause() != null) {
realCause = realCause.getCause();
}
// Use the message from the realCause
return new AuthenticationProviderException(realCause.getMessage(), ie);
}
} }