public AuthenticationResponse authenticate()

in service/src/main/java/org/apache/fineract/cn/provisioner/internal/service/AuthenticationService.java [83:137]

• 49 lines of code
• 6 McCabe index (conditional complexity)

  public AuthenticationResponse authenticate(
      final @Nonnull String clientId,
      final @Nonnull String username,
      final @Nonnull String password) {
    final Session session = this.cassandraSessionProvider.getAdminSession();
    final MappingManager mappingManager = new MappingManager(session);

    final Mapper<ClientEntity> clientEntityMapper = mappingManager.mapper(ClientEntity.class);
    if (clientEntityMapper.get(clientId) == null) {
      this.logger.warn("Authentication attempt with unknown client: " + clientId);
      throw ServiceException.notFound("Requested resource not found!");
    }

    final Mapper<UserEntity> userEntityMapper = mappingManager.mapper(UserEntity.class);
    final Statement userQuery = userEntityMapper.getQuery(username);
    final ResultSet userResult = session.execute(userQuery);
    final Row userRow = userResult.one();
    if (userRow == null) {
      this.logger.warn("Authentication attempt with unknown user: " + username);
      throw ServiceException.notFound("Requested resource not found!");
    }
    final byte[] storedPassword = Bytes.getArray(userRow.getBytes(1));
    final byte[] salt = Bytes.getArray(userRow.getBytes(2));
    final int iterationCount = userRow.getInt(3);
    final int expiresInDays = userRow.getInt(4);
    final Date passwordResetOn = userRow.getTimestamp(5);

    final Mapper<ConfigEntity> configEntityMapper = mappingManager.mapper(ConfigEntity.class);
    final Statement configQuery = configEntityMapper.getQuery(ProvisionerConstants.CONFIG_INTERNAL);
    final ResultSet configResult = session.execute(configQuery);
    final Row configRow = configResult.one();
    final byte[] secret = Bytes.getArray(configRow.getBytes(1));

    if (this.hashGenerator.isEqual(
        storedPassword,
        Base64Utils.decodeFromString(password),
        secret,
        salt,
        iterationCount,
        256)) {

      if (expiresInDays > 0) {
        final LocalDate ld = passwordResetOn.toInstant().atZone(ZoneId.systemDefault()).toLocalDate();
        final LocalDate expiresOn = ld.plusDays(expiresInDays);
        if (LocalDate.now().isAfter(expiresOn)) {
          throw ServiceException.badRequest("Password expired");
        }
      }

      final TokenSerializationResult authToken = this.tokenProvider.createToken(username, this.applicationName, this.ttl, TimeUnit.MINUTES);
      return new AuthenticationResponse(authToken.getToken(), dateTimeToString(authToken.getExpiration()));
    } else {
      throw ServiceException.notFound("Requested resource not found!");
    }
  }