Example 1 with User
use of com.authlete.common.types.User in project java-oauth-server by authlete.
the class AuthorizationRequestHandlerSpiImpl method isUserAuthenticated.
@Override
public boolean isUserAuthenticated() {
// Create an HTTP session.
HttpSession session = mRequest.getSession(true);
// Get the user from the session if they exist.
User user = (User) session.getAttribute("user");
// authenticated; Otherwise, the user is not authenticated.
return user != null;
}
Also used :
User(com.authlete.common.types.User)
HttpSession(javax.servlet.http.HttpSession)
Example 2 with User
use of com.authlete.common.types.User in project java-oauth-server by authlete.
the class AuthorizationRequestHandlerSpiImpl method generateAuthorizationPage.
@Override
public Response generateAuthorizationPage(AuthorizationResponse info) {
// Create an HTTP session.
HttpSession session = mRequest.getSession(true);
// Store some variables into the session so that they can be
// referred to later in AuthorizationDecisionEndpoint.
session.setAttribute("params", Params.from(info));
session.setAttribute("acrs", info.getAcrs());
session.setAttribute("client", info.getClient());
// update the client in case we need it with a no-interaction response
mClient = info.getClient();
// Clear the current user information in the session if necessary.
clearCurrentUserInfoInSessionIfNecessary(info, session);
// Get the user from the session if they exist.
User user = (User) session.getAttribute("user");
// Prepare a model object which contains information needed to
// render the authorization page.
AuthzPageModel model = new AuthzPageModel(info, user, FederationManager.getInstance().getConfigurations());
// Prepare another model object which contains information only
// from the AuthorizationResponse instance. This model will be
// used in FederationEndpoint if the end-user chooses to use an
// external OpenID Provider at the authorization page.
AuthzPageModel model2 = new AuthzPageModel(info, null, null);
session.setAttribute("authzPageModel", model2);
// Create a Viewable instance that represents the authorization
// page. Viewable is a class provided by Jersey for MVC.
Viewable viewable = new Viewable(TEMPLATE, model);
// Create a response that has the viewable as its content.
return Response.ok(viewable, MEDIA_TYPE_HTML).build();
}
Also used :
User(com.authlete.common.types.User)
HttpSession(javax.servlet.http.HttpSession)
Viewable(org.glassfish.jersey.server.mvc.Viewable)
Example 3 with User
use of com.authlete.common.types.User in project java-oauth-server by authlete.
the class AuthorizationRequestHandlerSpiImpl method clearCurrentUserInfoInSessionIfNecessary.
private void clearCurrentUserInfoInSessionIfNecessary(AuthorizationResponse info, HttpSession session) {
// Get the user from the session if they exist.
User user = (User) session.getAttribute("user");
Date authTime = (Date) session.getAttribute("authTime");
if (user == null || authTime == null) {
// The information about the user does not exist in the session.
return;
}
// Check 'prompts'.
checkPrompts(info, session);
// Check 'authentication age'.
checkAuthenticationAge(info, session, authTime);
}Example 4 with User
use of com.authlete.common.types.User in project java-oauth-server by authlete.
the class AuthorizationRequestHandlerSpiImpl method getUserSubject.
@Override
public String getUserSubject() {
// Create an HTTP session.
HttpSession session = mRequest.getSession(true);
// Get the user from the session if they exist.
User user = (User) session.getAttribute("user");
if (user == null) {
return null;
}
return user.getSubject();
}
Also used :
User(com.authlete.common.types.User)
HttpSession(javax.servlet.http.HttpSession)
Example 5 with User
use of com.authlete.common.types.User in project java-oauth-server by authlete.
the class BackchannelAuthenticationRequestHandlerSpiImpl method getUserByLoginHint.
private User getUserByLoginHint(String hint) {
// Find a user using the login hint. A login hint is a value which identifies
// the end-user. In this implementation, we're assuming subject, email
// address and phone number can be a login hint.
// First, find a user assuming the login hint value is a subject.
User user = UserDao.getBySubject(hint);
if (user != null) {
// OK. Found a user.
return user;
}
// Second, find a user assuming the login hint value is an email address.
user = UserDao.getByEmail(hint);
if (user != null) {
// OK. Found a user.
return user;
}
// Lastly, find a user assuming the login hint value is a phone number.
return UserDao.getByPhoneNumber(hint);
}
Also used :
User(com.authlete.common.types.User)
Aggregations
User (com.authlete.common.types.User)13
Date (java.util.Date)6
HttpSession (javax.servlet.http.HttpSession)5
Viewable (org.glassfish.jersey.server.mvc.Viewable)4
DeviceVerificationPageModel (com.authlete.jaxrs.DeviceVerificationPageModel)3
Consumes (javax.ws.rs.Consumes)2
GET (javax.ws.rs.GET)2
POST (javax.ws.rs.POST)2
Result (com.authlete.common.dto.BackchannelAuthenticationCompleteRequest.Result)1
Client (com.authlete.common.dto.Client)1
Params (com.authlete.jaxrs.AuthorizationDecisionHandler.Params)1
BackchannelAuthenticationCompleteRequestHandler (com.authlete.jaxrs.BackchannelAuthenticationCompleteRequestHandler)1
Federation (com.authlete.jaxrs.server.federation.Federation)1
AuthorizationDecisionHandlerSpi (com.authlete.jaxrs.spi.AuthorizationDecisionHandlerSpi)1
UserInfo (com.nimbusds.openid.connect.sdk.claims.UserInfo)1
URI (java.net.URI)1
Path (javax.ws.rs.Path)1
