Examples of org.apache.sling.auth.core.spi.AuthenticationInfo$ReadOnlyAuthenticationInfo

• org.apache.sling.auth.core.spi.AuthenticationInfo
  The ReadOnlyAuthenticationInfo extends the {@link AuthenticationInfo} class overwriting the{@link #put(String,Object)} method such that no property is ever set.This acts like kind of a read-only wrapper.

                xingUser = fetchUser(accessToken);
                logger.debug("xing user: {}", xingUser);
                httpSession.setAttribute(USER_SESSION_ATTRIBUTE_NAME, xingUser);
            }

            final AuthenticationInfo authenticationInfo = new AuthenticationInfo(XingOauth.AUTH_TYPE, xingUser.getId());
            authenticationInfo.put(XingOauth.AUTHENTICATION_CREDENTIALS_ACCESS_TOKEN_KEY, accessToken);
            authenticationInfo.put(XingOauth.AUTHENTICATION_CREDENTIALS_USER_KEY, xingUser);
            return authenticationInfo;
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
            removeAuthFromSession(request);
            return null;

            return AuthenticationInfo.DOING_AUTH;
        }

        // backwards compatibility support for JCR credentials and workspace
        // name now encapsulated in the JCR Resource bundle
        AuthenticationInfo info = new AuthenticationInfo(
            engineAuthInfo.getAuthType());
        info.put("user.jcr.credentials", engineAuthInfo.getCredentials());
        info.put("user.jcr.workspace", engineAuthInfo.getWorkspaceName());

        return info;
    }

        return requestLogin != null
            && !OpenIDConstants.OPENID_AUTH.equals(requestLogin);
    }

    private AuthenticationInfo getAuthInfoFromUser(final OpenIdUser user) {
        final AuthenticationInfo info = new AuthenticationInfo(
            OpenIDConstants.OPENID_AUTH, getUserName(user));

        // if there is no login module plugin service, set the credentials
        // attribute to the user's OpenID identity, otherwise set it to
        // the actual OpenIDUser object
        if (loginModule == null) {
            info.put(openIdAttribute, user.getIdentity());
        } else {
            info.put(openIdAttribute, user);
        }

        return info;
    }

            info.getAuthType());
    }

    @Test
    public void testSetUser() {
        final AuthenticationInfo info = new AuthenticationInfo("test", "user");
        Assert.assertEquals("user", info.getUser());

        info.setUser(null);
        Assert.assertEquals("user", info.getUser());

        info.setUser("dummy");
        Assert.assertEquals("dummy", info.getUser());

        info.setUser("");
        Assert.assertEquals("", info.getUser());
    }

        Assert.assertEquals("", info.getUser());
    }

    @Test
    public void testGetUser() {
        final AuthenticationInfo info = new AuthenticationInfo("test");
        info.put(ResourceResolverFactory.USER, "name");

        Assert.assertEquals("name", info.getUser());
        Assert.assertEquals("name", info.get(ResourceResolverFactory.USER));
        Assert.assertEquals(info.get(ResourceResolverFactory.USER), info.getUser());
    }

    }

    private boolean doHandleSecurity(HttpServletRequest request, HttpServletResponse response) {

        // 1. Ask all authentication handlers to try to extract credentials
        final AuthenticationInfo authInfo = getAuthenticationInfo(request, response);

        // 2. PostProcess credentials
        try {
            postProcess(authInfo, request, response);
        } catch (LoginException e) {
            handleLoginFailure(request, response, authInfo.getUser(), e);
            return false;
        }

        // 3. Check Credentials
        if (authInfo == AuthenticationInfo.DOING_AUTH) {

            log.debug("doHandleSecurity: ongoing authentication in the handler");
            return false;

        } else if (authInfo == AuthenticationInfo.FAIL_AUTH) {

            log.debug("doHandleSecurity: Credentials present but not valid, request authentication again");
            AuthUtil.setLoginResourceAttribute(request, request.getRequestURI());
            doLogin(request, response);
            return false;

        } else if (authInfo.getAuthType() == null) {

            log.debug("doHandleSecurity: No credentials in the request, anonymous");
            return getAnonymousResolver(request, response, authInfo);

        } else {

            log.debug("doHandleSecurity: Trying to get a session for {}", authInfo.getUser());
            return getResolver(request, response, authInfo);

        }
    }

    }

    @Test
    public void testSetPassword() {
        final char[] pwd = new char[6];
        final AuthenticationInfo info = new AuthenticationInfo("test", "name");

        assertFalse(info.containsKey(ResourceResolverFactory.PASSWORD));

        info.setPassword(pwd);
        assertSame(pwd, info.get(ResourceResolverFactory.PASSWORD));

        info.setPassword(null);
        assertSame(pwd, info.get(ResourceResolverFactory.PASSWORD));
    }

        if (response.isCommitted()) {
            throw new IllegalStateException("Response already committed");
        }

        // make sure impersonation is dropped
        setSudoCookie(request, response, new AuthenticationInfo("dummy", request.getRemoteUser()));

        final String path = getHandlerSelectionPath(request);
        final Collection<AbstractAuthenticationHandlerHolder>[] holdersArray = this.authHandlerCache
                .findApplicableHolder(request);
        for (int m = 0; m < holdersArray.length; m++) {

    }

    @Test
    public void testGetPassword() {
        final char[] pwd = new char[6];
        final AuthenticationInfo info = new AuthenticationInfo("test", "name",
            pwd);

        assertSame(pwd, info.getPassword());
        assertEquals(pwd, (char[]) info.get(ResourceResolverFactory.PASSWORD));
        Assert.assertEquals(info.get(ResourceResolverFactory.PASSWORD),
            info.getPassword());
    }

        for (int m = 0; m < localArray.length; m++) {
            final Collection<AbstractAuthenticationHandlerHolder> local = localArray[m];
            if (local != null) {
                for (AbstractAuthenticationHandlerHolder holder : local) {
                    if (path.startsWith(holder.path)) {
                        final AuthenticationInfo authInfo = holder.extractCredentials(
                            request, response);

                        if (authInfo != null) {
                            // add the feedback handler to the info (may be null)
                            authInfo.put(AUTH_INFO_PROP_FEEDBACK_HANDLER,
                                holder.getFeedbackHandler());

                            return authInfo;
                        }
                    }
                }
            }
        }

        // check whether the HTTP Basic handler can extract the header
        if (httpBasicHandler != null) {
            final AuthenticationInfo authInfo = httpBasicHandler.extractCredentials(
                request, response);
            if (authInfo != null) {
                authInfo.put(AUTH_INFO_PROP_FEEDBACK_HANDLER, httpBasicHandler);
                return authInfo;
            }
        }

        // no handler found for the request ....