Java Code Examples for org.apache.shiro.authc.AuthenticationToken#getCredentials()

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 用户认证
 *
 * @param authenticationToken 身份认证 token
 * @return AuthenticationInfo 身份认证信息
 * @throws AuthenticationException 认证相关异常
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    // 这里的 token是从 JWTFilter 的 executeLogin 方法传递过来的，已经经过了解密
    String token = (String) authenticationToken.getCredentials();

    String username = JWTUtil.getUsername(token);

    if (StringUtils.isBlank(username))
        throw new AuthenticationException("token校验不通过");

    // 通过用户名查询用户信息
    User user = SystemUtils.getUser(username);

    if (user == null)
        throw new AuthenticationException("用户名或密码错误");
    if (!JWTUtil.verify(token, username, user.getPassword()))
        throw new AuthenticationException("token校验不通过");
    return new SimpleAuthenticationInfo(token, token, "shiro_realm");
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

@Override
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken authenticationToken,
                                                        LdapContextFactory ldapContextFactory) throws NamingException {
    String token = (String) authenticationToken.getCredentials();
    // 解密获得username，用于和数据库进行对比
    String username = JwtUtil.getUsername(token);

    if (null==username  || !JwtUtil.verify(token, username)) {
        throw new AuthenticationException("token认证失败！");
    }
    UserModel userModel= userService.getUserByUserName(username);
    if(null==userModel){
        return null;
    }
    return new SimpleAuthenticationInfo(token, token, "MyRealm");
}
 

@Override
protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token)
{
  checkNotNull(token);
  final PrincipalCollection principals = keyStore.getPrincipals(format, (char[]) token.getCredentials());
  if (null != principals) {
    try {
      if (anonymousAndSupported(principals) || principalsHelper.getUserStatus(principals).isActive()) {
        ((NexusApiKeyAuthenticationToken) token).setPrincipal(principals.getPrimaryPrincipal());
        if (requestProvider != null) {
          requestProvider.get().setAttribute(IS_TOKEN_AUTH_KEY, Boolean.TRUE);
        }
        return new SimpleAuthenticationInfo(principals, token.getCredentials());
      }
    }
    catch (final UserNotFoundException e) {
      log.debug("Realm did not find user", e);
      keyStore.deleteApiKeys(principals);
    }
  }
  return null;
}
 

/**
 * 默认使用此方法进行用户名正确与否验证，错误抛出异常即可。
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
    String token = (String) auth.getCredentials();
    // 解密获得username，用于和数据库进行对比
    String username = JwtUtil.getUsername(token);
    if (username == null) {
        throw new AuthenticationException("token invalid");
    }

    ShiroUser userBean =  ShiroFactroy.me().shiroUser(userService.findByAccount(username));
    if (userBean == null) {
        throw new AuthenticationException("User didn't existed!");
    }

    if (! JwtUtil.verify(token, username, userBean.getPassword())) {
        throw new AuthenticationException("Username or password error");
    }

    return new SimpleAuthenticationInfo(token, token, "my_realm");
}
 

/**
 * 默认使用此方法进行用户名正确与否验证，错误抛出异常即可。
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
    String token = (String) auth.getCredentials();
    // 解密获得username，用于和数据库进行对比
    String username = JwtUtil.getUsername(token);
    if (username == null) {
        throw new AuthenticationException("token invalid");
    }

    ShiroUser userBean =  ShiroFactroy.me().shiroUser(userService.findByAccount(username));
    if (userBean == null) {
        throw new AuthenticationException("User didn't existed!");
    }
    try {
        if (!JwtUtil.verify(token, username, userBean.getPassword())) {
            throw new AuthenticationException("Username or password error");
        }
    }catch (Exception e){
        throw  new AuthenticationException(e.getMessage());
    }

    return new SimpleAuthenticationInfo(token, token, "my_realm");
}
 

@Override
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken authenticationToken,
                                                        LdapContextFactory ldapContextFactory) throws NamingException {
    String token = (String) authenticationToken.getCredentials();
    // 解密获得username，用于和数据库进行对比
    String username = JwtUtil.getUsername(token);

    if (null==username  || !JwtUtil.verify(token, username)) {
        throw new AuthenticationException("token认证失败！");
    }
    LdapContext ctx = null;
    try {
        ctx = ldapContextFactory.getLdapContext(username, null);
    } catch (Throwable e) {
        LOGGER.error(e.getMessage(), e);
        return null;
    } finally {
        LdapUtils.closeContext(ctx);
    }
    return new SimpleAuthenticationInfo(token, token, "MyRealm");
}
 

@Override
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

  return new AuthenticationInfo() {
    @Override
    public PrincipalCollection getPrincipals() {
      return new SimplePrincipalCollection(token.getPrincipal(), getClass().getName());
    }

    @Override
    public Object getCredentials() {
      return token.getCredentials();
    }
  };
}
 

/**
 * 默认使用此方法进行用户名正确与否验证，错误抛出异常即可。
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    String token = (String) authenticationToken.getCredentials();
    // 解密获得account，用于和数据库进行对比
    String account = JwtUtil.getClaim(token, Constant.ACCOUNT);
    // 帐号为空
    if (StringUtil.isBlank(account)) {
        throw new AuthenticationException("Token中帐号为空(The account in Token is empty.)");
    }
    // 查询用户是否存在
    UserDto userDto = new UserDto();
    userDto.setAccount(account);
    userDto = userMapper.selectOne(userDto);
    if (userDto == null) {
        throw new AuthenticationException("该帐号不存在(The account does not exist.)");
    }
    // 开始认证，要AccessToken认证通过，且Redis中存在RefreshToken，且两个Token时间戳一致
    if (JwtUtil.verify(token) && JedisUtil.exists(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account)) {
        // 获取RefreshToken的时间戳
        String currentTimeMillisRedis = JedisUtil.getObject(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account).toString();
        // 获取AccessToken时间戳，与RefreshToken的时间戳对比
        if (JwtUtil.getClaim(token, Constant.CURRENT_TIME_MILLIS).equals(currentTimeMillisRedis)) {
            return new SimpleAuthenticationInfo(token, token, "userRealm");
        }
    }
    throw new AuthenticationException("Token已过期(Token expired or incorrect.)");
}
 

/**
 * 认证信息(身份验证)
 * Authentication 是用来验证用户身份
 *
 * @param auth
 * @return
 * @throws AuthenticationException
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth)
        throws AuthenticationException {
    _logger.info("MyShiroRealm.doGetAuthenticationInfo()");

    String token = (String) auth.getCredentials();
    // 解密获得username，用于和数据库进行对比
    String username = JWTUtil.getUsername(token);
    if (username == null) {
        throw new AuthenticationException("token invalid");
    }

    //通过username从数据库中查找 ManagerInfo对象
    //实际项目中，这里可以根据实际情况做缓存，如果不做，Shiro自己也是有时间间隔机制，2分钟内不会重复执行该方法
    ManagerInfo managerInfo = managerInfoService.findByUsername(username);

    if (managerInfo == null) {
        throw new AuthenticationException("用户不存在!");
    }

    if (!JWTUtil.verify(token, username, managerInfo.getPassword())) {
        throw new AuthenticationException("Token认证失败");
    }

    return new SimpleAuthenticationInfo(token, token, "my_realm");
}
 

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
    String token = (String) auth.getCredentials();
    String userId = jwtUtil.getUserId(token);
    if (userId == null) {
        throw new FastDepShiroJwtException("token invalid");
    }
    if (!fastDepShiroJwtAuthorization.verifyUser(userId, token)) {
        throw new FastDepShiroJwtException("verify user error!");
    }
    if (!jwtUtil.verify(token, userId)) {
        throw new FastDepShiroJwtException("token verify error!");
    }
    return new SimpleAuthenticationInfo(token, token, "user_realm");
}
 

/**
    * 用户信息认证是在用户进行登录的时候进行验证(不存redis)
 * 也就是说验证用户输入的账号和密码是否正确，错误抛出异常
 *
 * @param auth 用户登录的账号密码信息
 * @return 返回封装了用户信息的 AuthenticationInfo 实例
    * @throws AuthenticationException
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
	String token = (String) auth.getCredentials();
	if (token == null) {
		log.info("————————身份认证失败——————————IP地址:  "+ oConvertUtils.getIpAddrByRequest(SpringContextUtils.getHttpServletRequest()));
		throw new AuthenticationException("token为空!");
	}
	// 校验token有效性
	LoginUser loginUser = this.checkUserTokenIsEffect(token);
	return new SimpleAuthenticationInfo(loginUser, token, getName());
}
 

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String username = (String)token.getPrincipal();  				//得到用户名 
    String password = new String((char[])token.getCredentials()); 	//得到密码
    if(null != username && null != password){
    	return new SimpleAuthenticationInfo(username, password, getName());
    }else{
    	return null;
    }
}
 

/**
    * 用户信息认证是在用户进行登录的时候进行验证(不存redis)
 * 也就是说验证用户输入的账号和密码是否正确，错误抛出异常
 *
 * @param auth 用户登录的账号密码信息
 * @return 返回封装了用户信息的 AuthenticationInfo 实例
    * @throws AuthenticationException
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
	String token = (String) auth.getCredentials();
	if (token == null) {
		log.info("————————身份认证失败——————————IP地址:  "+ oConvertUtils.getIpAddrByRequest(SpringContextUtils.getHttpServletRequest()));
		throw new AuthenticationException("token为空!");
	}
	// 校验token有效性
	LoginUser loginUser = this.checkUserTokenIsEffect(token);
	return new SimpleAuthenticationInfo(loginUser, token, getName());
}
 

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String username = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());
	return new SimpleAuthenticationInfo(username, password, "roncooRealm");
}
 

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    String username = (String) token.getPrincipal();

    String password = new String((char[]) token.getCredentials());

    UserMapper userMapper = ApplicationContextRegister.getBean(UserMapper.class);
    // 查询用户信息
    UserDO user = null;
    if (username.length() > 12) {
        user = userMapper.getUserByOpenId(username);
        // 账号不存在
        if (user == null) {
            throw new UnknownAccountException("账号或密码不正确");
        }
        // 账号锁定
        if (user.getEnable() == false) {
            throw new LockedAccountException("账号已被锁定,请联系管理员");
        }
    } else {
        user = userMapper.getUserByName(username);
        // 账号不存在
        if (user == null) {
            throw new UnknownAccountException("账号或密码不正确");
        }
        
        // 密码错误
        if (!DigestUtils.md5DigestAsHex(password.getBytes()).equals(user.getPassword())) {
            throw new IncorrectCredentialsException("账号或密码不正确");
        }
        
        // 账号锁定
        if (user.getEnable() == false) {
            throw new LockedAccountException("账号已被锁定,请联系管理员");
        }
    }

    //不使用shiro自带的密码验证
    SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
    return info;
}