Example 1 with ApplicationSettings
use of com.microsoft.azure.oidc.application.settings.ApplicationSettings in project azure-tools-for-java by Microsoft.
the class SimpleAuthenticationHelper method getAuthenticationEndPoint.
private String getAuthenticationEndPoint(final HttpServletRequest httpRequest, final Token token, final Boolean isError) {
if (httpRequest == null) {
throw new PreconditionException("Required parameter is null");
}
try {
final String requestURI = httpRequest.getRequestURI();
final String queryString = httpRequest.getQueryString();
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
final Configuration configuration = configurationCache.load();
if (configuration == null) {
throw new GeneralException("Error loading configuration");
}
final HttpSession session = httpRequest.getSession(false);
final String sessionName = session == null ? "" : session.getId();
final StringBuilder uriStringBuilder = new StringBuilder();
Base64 encoder = new Base64();
if (isError) {
final State previousState = getState(httpRequest);
uriStringBuilder.append(previousState.getRequestURI());
} else {
uriStringBuilder.append(requestURI);
if (queryString != null && !"".equals(queryString.trim())) {
uriStringBuilder.append("?");
uriStringBuilder.append(queryString);
}
}
final String userID = token == null ? "" : token.getUserID().getValue();
final State state = stateFactory.createState(userID, sessionName, uriStringBuilder.toString());
final ObjectMapper mapper = new ObjectMapper();
final String stateString = mapper.writeValueAsString(state);
final String urlString = String.format("%s%sclient_Id=%s&state=%s&nonce=defaultNonce&redirect_uri=%s&scope=openid%%20offline_access&response_type=code+id_token&prompt=%s&response_mode=form_post", configuration.getAuthenticationEndPoint(), configuration.getAuthenticationEndPoint().getName().contains("?") ? "&" : "?", applicationSettings.getApplicationId(), new String(encoder.encode(stateString.getBytes()), "UTF-8"), URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), token == null ? "login" : "none");
return urlString;
} catch (IOException e) {
throw new GeneralException("IO Exception", e);
}
}
Also used :
ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings)
GeneralException(com.microsoft.azure.oidc.exception.GeneralException)
Base64(org.apache.commons.codec.binary.Base64)
Configuration(com.microsoft.azure.oidc.configuration.Configuration)
HttpSession(javax.servlet.http.HttpSession)
State(com.microsoft.azure.oidc.common.state.State)
IOException(java.io.IOException)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException)
Example 2 with ApplicationSettings
use of com.microsoft.azure.oidc.application.settings.ApplicationSettings in project azure-tools-for-java by Microsoft.
the class SimpleGraphService method isUserInRole.
private Boolean isUserInRole(final String userID, final String role) {
try {
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
final String bearerToken = getBearerToken(applicationSettings.getTenant(), applicationSettings.getPrincipalId(), applicationSettings.getPrincipalSecret());
final String roleID = getGroupID(applicationSettings.getTenant(), role, bearerToken);
if (roleID == null) {
return Boolean.FALSE;
}
return isUserInGroup(applicationSettings.getTenant(), userID, roleID, bearerToken);
} catch (GeneralException e) {
LOGGER.error("General Exception", e);
return Boolean.FALSE;
} catch (RuntimeException e) {
LOGGER.error(e.getMessage(), e);
return Boolean.FALSE;
}
}
Also used :
ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings)
GeneralException(com.microsoft.azure.oidc.exception.GeneralException)
Example 3 with ApplicationSettings
use of com.microsoft.azure.oidc.application.settings.ApplicationSettings in project azure-tools-for-java by Microsoft.
the class LogoutServlet method service.
@Override
public void service(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
try {
final Configuration configuration = configurationCache.load();
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
// the finishLogout parameter set
if (request.getParameter("finishLogout") == null) {
String tokenString = null;
final Cookie[] cookies = request.getCookies();
for (final Cookie cookie : cookies) {
if (cookie.getName().equals("id_token")) {
tokenString = cookie.getValue();
break;
}
}
final String redirectURL = String.format("%s%spost_logout_redirect_uri=%s%s%s", configuration.getLogoutEndPoint(), configuration.getLogoutEndPoint().getName().contains("?") ? "&" : "?", URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), URLEncoder.encode(request.getRequestURI(), "UTF-8"), URLEncoder.encode("?finishLogout=true", "UTF-8"));
response.setHeader("Authorization", String.format("Bearer %s", tokenString));
response.sendRedirect(redirectURL);
return;
}
// setup clearing the cookies and invalidate the session
for (final Cookie cookie : request.getCookies()) {
if (cookie.getName().equals("id_token")) {
cookie.setMaxAge(0);
response.addCookie(cookie);
HttpSession session = request.getSession(false);
if (session != null) {
session.invalidate();
}
}
if (cookie.getName().equals("JSESSIONID") || cookie.getName().equals("SESSON")) {
cookie.setMaxAge(0);
response.addCookie(cookie);
HttpSession session = request.getSession(false);
if (session != null) {
session.invalidate();
}
}
}
final HttpServletRequest newRequest = new HttpServletRequestWrapper(request) {
@Override
public Cookie[] getCookies() {
final List<Cookie> cookieList = new ArrayList<Cookie>();
for (Cookie cookie : request.getCookies()) {
if (!cookie.getName().equals("SESSION") && !cookie.getName().equals("JSESSIONID")) {
cookieList.add(cookie);
}
}
final Cookie[] cookieArray = new Cookie[cookieList.size()];
cookieList.toArray(cookieArray);
return cookieArray;
}
};
// Second stage. Forward the request so the cookies are cleared
if (request.getAttribute("logout") == null) {
request.setAttribute("logout", Boolean.TRUE);
request.getRequestDispatcher(request.getRequestURI() + "?finishLogout=true").forward(newRequest, response);
return;
}
// Final stage. Return to the application landing page
response.sendRedirect(applicationSettings.getRedirectURL().getValue());
return;
} catch (IOException | GeneralException | PreconditionException e) {
LOGGER.warn(e.getMessage(), e);
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
response.sendRedirect(applicationSettings.getRedirectURL().getValue());
}
}
Also used :
Cookie(javax.servlet.http.Cookie)
GeneralException(com.microsoft.azure.oidc.exception.GeneralException)
Configuration(com.microsoft.azure.oidc.configuration.Configuration)
HttpSession(javax.servlet.http.HttpSession)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings)
HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper)
Example 4 with ApplicationSettings
use of com.microsoft.azure.oidc.application.settings.ApplicationSettings in project azure-tools-for-java by Microsoft.
the class SimpleWellKnownLoader method load.
public JsonNode load() {
try {
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
final StringBuilder builder = new StringBuilder();
final URL url = new URL(String.format("https://login.microsoftonline.com/%s/v2.0/.well-known/openid-configuration?p=%s", applicationSettings.getTenant(), applicationSettings.getOIDCPolicy()));
final URLConnection connection = url.openConnection();
try (final BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()))) {
for (String line = in.readLine(); line != null; line = in.readLine()) {
builder.append(line);
}
}
final ObjectMapper mapper = new ObjectMapper();
return mapper.readValue(builder.toString(), JsonNode.class);
} catch (IOException e) {
LOGGER.error("IO Exception", e);
} catch (RuntimeException e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}
Also used :
ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings)
InputStreamReader(java.io.InputStreamReader)
BufferedReader(java.io.BufferedReader)
IOException(java.io.IOException)
URL(java.net.URL)
URLConnection(java.net.URLConnection)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Aggregations
ApplicationSettings (com.microsoft.azure.oidc.application.settings.ApplicationSettings)4
GeneralException (com.microsoft.azure.oidc.exception.GeneralException)3
IOException (java.io.IOException)3
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2
Configuration (com.microsoft.azure.oidc.configuration.Configuration)2
PreconditionException (com.microsoft.azure.oidc.exception.PreconditionException)2
HttpSession (javax.servlet.http.HttpSession)2
State (com.microsoft.azure.oidc.common.state.State)1
BufferedReader (java.io.BufferedReader)1
InputStreamReader (java.io.InputStreamReader)1
URL (java.net.URL)1
URLConnection (java.net.URLConnection)1
ArrayList (java.util.ArrayList)1
Cookie (javax.servlet.http.Cookie)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletRequestWrapper (javax.servlet.http.HttpServletRequestWrapper)1
Base64 (org.apache.commons.codec.binary.Base64)1
