Class UserAuthentication

  • All Implemented Interfaces:
    IAuthenticatedUserProvider

    public final class UserAuthentication
    extends java.lang.Object
    implements IAuthenticatedUserProvider
    Helper class to perform user authentication. This class concentrates the calls to one location: here. It enabled implementation to external authentication systems such as JNDI or custom in-house through a Java API, etc.
    Author:
    Christopher Mindus
    • Method Detail

      • getInstance

        public static UserAuthentication getInstance()
        Gets the user authentication instance.
      • validateHashPW

        public static void validateHashPW​(java.lang.String hashPW)
        Validates a hashed password.
        Parameters:
        hashPW - The hashed password. It is based on PBKDF2 with Keyed-Hash Message Authentication Code (HMAC) with a SHA-256 hash. It can start with "EXT:" if the user has signed in using an external Sign In Provider, e.g. LinkedIn or Facebook, the remaining part of the string identifies the provider and the users identifier for that provider.
        Throws:
        java.lang.NullPointerException - If hashPW is null.
        java.lang.IllegalArgumentException - If hashPW is an empty string or has invalid format.
      • isUserNameFree

        public boolean isUserNameFree​(java.lang.String userName)
                               throws UserException
        Checks if the user name is free to use, i.e. has not yet been signed up.
        Parameters:
        userName - The user name.
        Returns:
        true if free, false if already taken.
        Throws:
        UserException - If the user name is invalid.
      • getUser

        public AuthenticatedUser getUser​(java.lang.String userName)
                                  throws NotFoundException
        Gets the instance of a user with its information.
        Specified by:
        getUser in interface IAuthenticatedUserProvider
        Parameters:
        userName - The user name.
        Returns:
        The instance holding the potentially authenticated user.
        Throws:
        java.lang.NullPointerException - If the userName is null.
        NotFoundException - If the user name is not found or an SQL exception occurred.
      • getUserFromEmail

        public AuthenticatedUser getUserFromEmail​(java.lang.String emailAddress)
                                           throws NotFoundException
        Looks up a user from the email.
        Parameters:
        emailAddress - The email address.
        Throws:
        java.lang.NullPointerException - If the emailAddress is null.
        NotFoundException - If user is not found.
      • getUser

        public AuthenticatedUser getUser​(java.sql.Connection conn,
                                         java.lang.String userName)
                                  throws NotFoundException,
                                         java.sql.SQLException
        Gets the instance of a user with its information. This always gets the information from the database and never a cached user.
        Parameters:
        conn - The connection.
        userName - The user name.
        Returns:
        The instance holding the potentially authenticated user, or null if the user does not exist in the server's database.
        Throws:
        NotFoundException - If user is not found.
        java.sql.SQLException - For SQL errors.
      • getUser

        public AuthenticatedUser getUser​(java.sql.Connection conn,
                                         java.lang.String userName,
                                         java.lang.String password)
                                  throws NotFoundException,
                                         java.sql.SQLException
        Gets the instance of a user with its information.
        Parameters:
        conn - The database connection.
        userName - The user name.
        password - The password hash or the clear text password.
        Returns:
        The instance holding the potentially authenticated user, or null if the user does not exist in the server's database or the password doesn't match.
        Throws:
        java.lang.NullPointerException - If the userName or password is null.
        NotFoundException - If user is not found.
        java.sql.SQLException - For SQL errors.
      • getUser

        public AuthenticatedUser getUser​(java.sql.Connection conn,
                                         long id)
                                  throws NotFoundException,
                                         java.sql.SQLException
        Gets the basic user info for a user from its unique user ID. The value comes from UserInfoBase.id.
        Parameters:
        conn - The connection.
        id - The unique user ID.
        Returns:
        The user information.
        Throws:
        NotFoundException - If user is not found.
        java.sql.SQLException - For SQL errors.
      • validateUser

        public final UserAuthenticationInfo validateUser​(UserIdentifier userIdentifier,
                                                         java.lang.String appID,
                                                         java.lang.String validatePassword)
        Authenticates a user ID and password.
        Parameters:
        userIdentifier - The user identifier.
        appID - The app ID to validate.
        validatePassword - The password to validate. If the password is empty, the user is authenticated as pre-validation used e.g. by the iiziRun Developer listing possible sessions, etc. When this parameter is null, the real password is not validated.
        Returns:
        The user authentication result.
      • createNewPasswordHash

        public final java.lang.String createNewPasswordHash​(java.lang.String userName,
                                                            java.lang.String password)
        Creates a new password hash to store in the database. The password is not decryptable.
        Parameters:
        userName - The basic user information.
        password - The new password.
        Returns:
        The new password hash.
      • isOldPasswordMatching

        public final boolean isOldPasswordMatching​(BasicUserInfo bui,
                                                   java.lang.String oldPassword,
                                                   java.lang.String password)
        Verifies that the old password matches before changing to a new one.
        Parameters:
        bui - The basic user information.
        oldPassword - The old (existing) password.
        password - The password.
        Returns:
        true for success, false if not matching.
        Throws:
        java.lang.RuntimeException - If not called from inside the iiziServer.