public Authentication authenticate()

in taverna-server-webapp/src/main/java/org/apache/taverna/server/master/identity/StrippedDownAuthProvider.java [87:156]

• 56 lines of code
• 17 McCabe index (conditional complexity)

	public Authentication authenticate(Authentication authentication)
			throws AuthenticationException {

		if (!(authentication instanceof UsernamePasswordAuthenticationToken))
			throw new IllegalArgumentException(
					"can only authenticate against username+password");
		UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication;

		// Determine username
		String username = (auth.getPrincipal() == null) ? "NONE_PROVIDED"
				: auth.getName();

		UserDetails user;

		try {
			user = retrieveUser(username, auth);
			if (user == null)
				throw new IllegalStateException(
						"retrieveUser returned null - a violation of the interface contract");
		} catch (UsernameNotFoundException notFound) {
			if (logger.isDebugEnabled())
				logger.debug("User '" + username + "' not found", notFound);
			throw new BadCredentialsException("Bad credentials");
		}

		// Pre-auth
		if (!user.isAccountNonLocked())
			throw new LockedException("User account is locked");
		if (!user.isEnabled())
			throw new DisabledException("User account is disabled");
		if (!user.isAccountNonExpired())
			throw new AccountExpiredException("User account has expired");
		Object credentials = auth.getCredentials();
		if (credentials == null) {
			logger.debug("Authentication failed: no credentials provided");

			throw new BadCredentialsException("Bad credentials");
		}

		String providedPassword = credentials.toString();
		boolean matched = false;
		synchronized (authCache) {
			AuthCacheEntry pw = authCache.get(username);
			if (pw != null && providedPassword != null) {
				if (pw.valid(providedPassword))
					matched = true;
				else
					authCache.remove(username);
			}
		}
		// Auth
		if (!matched) {
			if (!passwordEncoder.matches(providedPassword, user.getPassword())) {
				logger.debug("Authentication failed: password does not match stored value");

				throw new BadCredentialsException("Bad credentials");
			}
			if (providedPassword != null)
				synchronized (authCache) {
					authCache.put(username, new AuthCacheEntry(providedPassword));
				}
		}

		// Post-auth
		if (!user.isCredentialsNonExpired())
			throw new CredentialsExpiredException(
					"User credentials have expired");

		return createSuccessAuthentication(user, auth, user);
	}