Source Code of org.platformlayer.auth.services.LoginService

package org.platformlayer.auth.services;

import java.security.cert.X509Certificate;

import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;

import org.platformlayer.auth.AuthenticatorException;
import org.platformlayer.auth.CertificateAuthenticationRequest;
import org.platformlayer.auth.CertificateAuthenticationResponse;
import org.platformlayer.auth.UserEntity;
import org.platformlayer.auth.keystone.KeystoneUserAuthenticator;
import org.platformlayer.auth.model.AuthenticateRequest;
import org.platformlayer.auth.model.AuthenticateResponse;
import org.platformlayer.web.HttpUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.fathomdb.TimeSpan;

public class LoginService {
  private static final Logger log = LoggerFactory.getLogger(LoginService.class);

  @Inject
  TokenHelpers tokenHelpers;

  @Inject
  KeystoneUserAuthenticator userAuthenticator;

  public static final TimeSpan OVER_LIMIT_DELAY = TimeSpan.fromMilliseconds(2000);

  public AuthenticateResponse authenticate(HttpServletRequest httpRequest, AuthenticateRequest request) {
    AuthenticateResponse response = new AuthenticateResponse();

    String username = null;

    UserEntity user = null;

    if (request.auth.passwordCredentials != null) {
      username = request.auth.passwordCredentials.username;
      String password = request.auth.passwordCredentials.password;

      try {
        user = userAuthenticator.authenticate(username, password);
      } catch (AuthenticatorException e) {
        // An exception indicates something went wrong (i.e. not just
        // bad credentials)
        log.warn("Error while getting user info", e);
        throw new IllegalStateException("Error while getting user info", e);
      }
    } else if (request.auth.certificateCredentials != null) {
      username = request.auth.certificateCredentials.username;

      X509Certificate[] certificateChain = HttpUtils.getCertificateChain(httpRequest);
      if (certificateChain == null) {
        return null;
      }

      byte[] challengeResponse = request.auth.certificateCredentials.challengeResponse;

      CertificateAuthenticationRequest details = new CertificateAuthenticationRequest();
      details.certificateChain = certificateChain;
      details.username = username;
      // details.projectKey = projectKey;
      details.challengeResponse = challengeResponse;

      CertificateAuthenticationResponse result = null;
      try {
        result = userAuthenticator.authenticate(details);
      } catch (AuthenticatorException e) {
        log.warn("Error while authenticating by certificate", e);
        throw new IllegalStateException("Error while authenticating by certificate", e);
      }

      if (result == null) {
        return null;
      }

      if (challengeResponse != null) {
        if (result.user == null) {
          return null;
        }

        user = (UserEntity) result.user;
      } else {
        log.debug("Returning authentication challenge for user: " + username);

        response.challenge = result.challenge;
        return response;
      }
    } else {
      return null;
    }

    if (user == null) {
      log.debug("Authentication request failed.  Username=" + username);
      return null;
    }

    log.debug("Successful authentication for user: " + user.key);

    response.access = tokenHelpers.buildAccess(user);

    return response;
  }
}