Search in sources :

Example 1 with State

use of com.microsoft.azure.oidc.common.state.State in project azure-tools-for-java by Microsoft.

the class SimpleAuthenticationHelper method doActiveTokenAction.

@Override
public void doActiveTokenAction(final FilterChain chain, final HttpServletRequest httpRequest, final HttpServletResponse httpResponse, final Token token) throws ServletException, IOException {
    final State state = getState(httpRequest);
    final Boolean isRedirectedFromAzureB2C = state != NO_STATE;
    if (isRedirectedFromAzureB2C) {
        final Boolean isForwardRequestRequired = !state.getRequestURI().equals(getFullRequestURI(httpRequest));
        if (isForwardRequestRequired) {
            doForwardRequestAction(httpRequest, httpResponse, token, state);
            return;
        }
        doRedirectRequestAction(httpRequest, httpResponse, state);
        return;
    }
    final Boolean isUnauthorised = !isAuthorised(httpRequest, token);
    if (isUnauthorised) {
        doUnauthorisedAction(httpResponse);
        return;
    }
    doAuthenticatedAction(chain, httpRequest, httpResponse, token);
    return;
}
Also used : State(com.microsoft.azure.oidc.common.state.State)

Example 2 with State

use of com.microsoft.azure.oidc.common.state.State in project azure-tools-for-java by Microsoft.

the class SimpleAuthenticationHelper method getAuthenticationEndPoint.

private String getAuthenticationEndPoint(final HttpServletRequest httpRequest, final Token token, final Boolean isError) {
    if (httpRequest == null) {
        throw new PreconditionException("Required parameter is null");
    }
    try {
        final String requestURI = httpRequest.getRequestURI();
        final String queryString = httpRequest.getQueryString();
        final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
        final Configuration configuration = configurationCache.load();
        if (configuration == null) {
            throw new GeneralException("Error loading configuration");
        }
        final HttpSession session = httpRequest.getSession(false);
        final String sessionName = session == null ? "" : session.getId();
        final StringBuilder uriStringBuilder = new StringBuilder();
        Base64 encoder = new Base64();
        if (isError) {
            final State previousState = getState(httpRequest);
            uriStringBuilder.append(previousState.getRequestURI());
        } else {
            uriStringBuilder.append(requestURI);
            if (queryString != null && !"".equals(queryString.trim())) {
                uriStringBuilder.append("?");
                uriStringBuilder.append(queryString);
            }
        }
        final String userID = token == null ? "" : token.getUserID().getValue();
        final State state = stateFactory.createState(userID, sessionName, uriStringBuilder.toString());
        final ObjectMapper mapper = new ObjectMapper();
        final String stateString = mapper.writeValueAsString(state);
        final String urlString = String.format("%s%sclient_Id=%s&state=%s&nonce=defaultNonce&redirect_uri=%s&scope=openid%%20offline_access&response_type=code+id_token&prompt=%s&response_mode=form_post", configuration.getAuthenticationEndPoint(), configuration.getAuthenticationEndPoint().getName().contains("?") ? "&" : "?", applicationSettings.getApplicationId(), new String(encoder.encode(stateString.getBytes()), "UTF-8"), URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), token == null ? "login" : "none");
        return urlString;
    } catch (IOException e) {
        throw new GeneralException("IO Exception", e);
    }
}
Also used : ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings) GeneralException(com.microsoft.azure.oidc.exception.GeneralException) Base64(org.apache.commons.codec.binary.Base64) Configuration(com.microsoft.azure.oidc.configuration.Configuration) HttpSession(javax.servlet.http.HttpSession) State(com.microsoft.azure.oidc.common.state.State) IOException(java.io.IOException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException)

Example 3 with State

use of com.microsoft.azure.oidc.common.state.State in project azure-tools-for-java by Microsoft.

the class SimpleAuthenticationHelper method getState.

private State getState(final HttpServletRequest request) {
    if (request == null) {
        throw new PreconditionException("Required parameter is null");
    }
    try {
        final Base64 decoder = new Base64();
        final String stateString = request.getParameter("state") == null ? null : new String(decoder.decode(request.getParameter("state").getBytes()), "UTF-8");
        if (stateString == null || stateString.equals("")) {
            return null;
        }
        final ObjectMapper mapper = new ObjectMapper();
        final JsonNode stateNode = mapper.readValue(stateString, JsonNode.class);
        final State state = stateFactory.createState(stateNode.get("userID").asText(""), stateNode.get("sessionName").asText(""), stateNode.get("requestURI").asText());
        return state;
    } catch (IOException e) {
        throw new GeneralException("IO Exception", e);
    }
}
Also used : Base64(org.apache.commons.codec.binary.Base64) GeneralException(com.microsoft.azure.oidc.exception.GeneralException) State(com.microsoft.azure.oidc.common.state.State) JsonNode(com.fasterxml.jackson.databind.JsonNode) IOException(java.io.IOException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException)

Aggregations

State (com.microsoft.azure.oidc.common.state.State)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 GeneralException (com.microsoft.azure.oidc.exception.GeneralException)2 PreconditionException (com.microsoft.azure.oidc.exception.PreconditionException)2 IOException (java.io.IOException)2 Base64 (org.apache.commons.codec.binary.Base64)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 ApplicationSettings (com.microsoft.azure.oidc.application.settings.ApplicationSettings)1 Configuration (com.microsoft.azure.oidc.configuration.Configuration)1 HttpSession (javax.servlet.http.HttpSession)1