use of com.microsoft.azure.oidc.common.state.State in project azure-tools-for-java by Microsoft.
the class SimpleAuthenticationHelper method doActiveTokenAction.
@Override
public void doActiveTokenAction(final FilterChain chain, final HttpServletRequest httpRequest, final HttpServletResponse httpResponse, final Token token) throws ServletException, IOException {
final State state = getState(httpRequest);
final Boolean isRedirectedFromAzureB2C = state != NO_STATE;
if (isRedirectedFromAzureB2C) {
final Boolean isForwardRequestRequired = !state.getRequestURI().equals(getFullRequestURI(httpRequest));
if (isForwardRequestRequired) {
doForwardRequestAction(httpRequest, httpResponse, token, state);
return;
}
doRedirectRequestAction(httpRequest, httpResponse, state);
return;
}
final Boolean isUnauthorised = !isAuthorised(httpRequest, token);
if (isUnauthorised) {
doUnauthorisedAction(httpResponse);
return;
}
doAuthenticatedAction(chain, httpRequest, httpResponse, token);
return;
}
use of com.microsoft.azure.oidc.common.state.State in project azure-tools-for-java by Microsoft.
the class SimpleAuthenticationHelper method getAuthenticationEndPoint.
private String getAuthenticationEndPoint(final HttpServletRequest httpRequest, final Token token, final Boolean isError) {
if (httpRequest == null) {
throw new PreconditionException("Required parameter is null");
}
try {
final String requestURI = httpRequest.getRequestURI();
final String queryString = httpRequest.getQueryString();
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
final Configuration configuration = configurationCache.load();
if (configuration == null) {
throw new GeneralException("Error loading configuration");
}
final HttpSession session = httpRequest.getSession(false);
final String sessionName = session == null ? "" : session.getId();
final StringBuilder uriStringBuilder = new StringBuilder();
Base64 encoder = new Base64();
if (isError) {
final State previousState = getState(httpRequest);
uriStringBuilder.append(previousState.getRequestURI());
} else {
uriStringBuilder.append(requestURI);
if (queryString != null && !"".equals(queryString.trim())) {
uriStringBuilder.append("?");
uriStringBuilder.append(queryString);
}
}
final String userID = token == null ? "" : token.getUserID().getValue();
final State state = stateFactory.createState(userID, sessionName, uriStringBuilder.toString());
final ObjectMapper mapper = new ObjectMapper();
final String stateString = mapper.writeValueAsString(state);
final String urlString = String.format("%s%sclient_Id=%s&state=%s&nonce=defaultNonce&redirect_uri=%s&scope=openid%%20offline_access&response_type=code+id_token&prompt=%s&response_mode=form_post", configuration.getAuthenticationEndPoint(), configuration.getAuthenticationEndPoint().getName().contains("?") ? "&" : "?", applicationSettings.getApplicationId(), new String(encoder.encode(stateString.getBytes()), "UTF-8"), URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), token == null ? "login" : "none");
return urlString;
} catch (IOException e) {
throw new GeneralException("IO Exception", e);
}
}
use of com.microsoft.azure.oidc.common.state.State in project azure-tools-for-java by Microsoft.
the class SimpleAuthenticationHelper method getState.
private State getState(final HttpServletRequest request) {
if (request == null) {
throw new PreconditionException("Required parameter is null");
}
try {
final Base64 decoder = new Base64();
final String stateString = request.getParameter("state") == null ? null : new String(decoder.decode(request.getParameter("state").getBytes()), "UTF-8");
if (stateString == null || stateString.equals("")) {
return null;
}
final ObjectMapper mapper = new ObjectMapper();
final JsonNode stateNode = mapper.readValue(stateString, JsonNode.class);
final State state = stateFactory.createState(stateNode.get("userID").asText(""), stateNode.get("sessionName").asText(""), stateNode.get("requestURI").asText());
return state;
} catch (IOException e) {
throw new GeneralException("IO Exception", e);
}
}
Aggregations