use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.
the class SimpleAuthenticationHelper method getAuthenticationEndPoint.
private String getAuthenticationEndPoint(final HttpServletRequest httpRequest, final Token token, final Boolean isError) {
if (httpRequest == null) {
throw new PreconditionException("Required parameter is null");
}
try {
final String requestURI = httpRequest.getRequestURI();
final String queryString = httpRequest.getQueryString();
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
final Configuration configuration = configurationCache.load();
if (configuration == null) {
throw new GeneralException("Error loading configuration");
}
final HttpSession session = httpRequest.getSession(false);
final String sessionName = session == null ? "" : session.getId();
final StringBuilder uriStringBuilder = new StringBuilder();
Base64 encoder = new Base64();
if (isError) {
final State previousState = getState(httpRequest);
uriStringBuilder.append(previousState.getRequestURI());
} else {
uriStringBuilder.append(requestURI);
if (queryString != null && !"".equals(queryString.trim())) {
uriStringBuilder.append("?");
uriStringBuilder.append(queryString);
}
}
final String userID = token == null ? "" : token.getUserID().getValue();
final State state = stateFactory.createState(userID, sessionName, uriStringBuilder.toString());
final ObjectMapper mapper = new ObjectMapper();
final String stateString = mapper.writeValueAsString(state);
final String urlString = String.format("%s%sclient_Id=%s&state=%s&nonce=defaultNonce&redirect_uri=%s&scope=openid%%20offline_access&response_type=code+id_token&prompt=%s&response_mode=form_post", configuration.getAuthenticationEndPoint(), configuration.getAuthenticationEndPoint().getName().contains("?") ? "&" : "?", applicationSettings.getApplicationId(), new String(encoder.encode(stateString.getBytes()), "UTF-8"), URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), token == null ? "login" : "none");
return urlString;
} catch (IOException e) {
throw new GeneralException("IO Exception", e);
}
}
use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.
the class SimpleGraphService method isUserInRole.
private Boolean isUserInRole(final String userID, final String role) {
try {
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
final String bearerToken = getBearerToken(applicationSettings.getTenant(), applicationSettings.getPrincipalId(), applicationSettings.getPrincipalSecret());
final String roleID = getGroupID(applicationSettings.getTenant(), role, bearerToken);
if (roleID == null) {
return Boolean.FALSE;
}
return isUserInGroup(applicationSettings.getTenant(), userID, roleID, bearerToken);
} catch (GeneralException e) {
LOGGER.error("General Exception", e);
return Boolean.FALSE;
} catch (RuntimeException e) {
LOGGER.error(e.getMessage(), e);
return Boolean.FALSE;
}
}
use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.
the class LogoutServlet method service.
@Override
public void service(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
try {
final Configuration configuration = configurationCache.load();
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
// the finishLogout parameter set
if (request.getParameter("finishLogout") == null) {
String tokenString = null;
final Cookie[] cookies = request.getCookies();
for (final Cookie cookie : cookies) {
if (cookie.getName().equals("id_token")) {
tokenString = cookie.getValue();
break;
}
}
final String redirectURL = String.format("%s%spost_logout_redirect_uri=%s%s%s", configuration.getLogoutEndPoint(), configuration.getLogoutEndPoint().getName().contains("?") ? "&" : "?", URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), URLEncoder.encode(request.getRequestURI(), "UTF-8"), URLEncoder.encode("?finishLogout=true", "UTF-8"));
response.setHeader("Authorization", String.format("Bearer %s", tokenString));
response.sendRedirect(redirectURL);
return;
}
// setup clearing the cookies and invalidate the session
for (final Cookie cookie : request.getCookies()) {
if (cookie.getName().equals("id_token")) {
cookie.setMaxAge(0);
response.addCookie(cookie);
HttpSession session = request.getSession(false);
if (session != null) {
session.invalidate();
}
}
if (cookie.getName().equals("JSESSIONID") || cookie.getName().equals("SESSON")) {
cookie.setMaxAge(0);
response.addCookie(cookie);
HttpSession session = request.getSession(false);
if (session != null) {
session.invalidate();
}
}
}
final HttpServletRequest newRequest = new HttpServletRequestWrapper(request) {
@Override
public Cookie[] getCookies() {
final List<Cookie> cookieList = new ArrayList<Cookie>();
for (Cookie cookie : request.getCookies()) {
if (!cookie.getName().equals("SESSION") && !cookie.getName().equals("JSESSIONID")) {
cookieList.add(cookie);
}
}
final Cookie[] cookieArray = new Cookie[cookieList.size()];
cookieList.toArray(cookieArray);
return cookieArray;
}
};
// Second stage. Forward the request so the cookies are cleared
if (request.getAttribute("logout") == null) {
request.setAttribute("logout", Boolean.TRUE);
request.getRequestDispatcher(request.getRequestURI() + "?finishLogout=true").forward(newRequest, response);
return;
}
// Final stage. Return to the application landing page
response.sendRedirect(applicationSettings.getRedirectURL().getValue());
return;
} catch (IOException | GeneralException | PreconditionException e) {
LOGGER.warn(e.getMessage(), e);
final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
response.sendRedirect(applicationSettings.getRedirectURL().getValue());
}
}
use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.
the class SimpleTokenValidator method validateSignature.
@Override
public Boolean validateSignature(final Token token) {
if (token == null) {
throw new PreconditionException("Required parameter is null");
}
if (algorithmConfigurationService.get().getAlgorithmClassMap().get(token.getAlgorithm().getName()).equals("HMAC")) {
return Boolean.FALSE;
}
final Configuration configuration = configurationCache.load();
if (configuration == null) {
throw new GeneralException("Error loading configuration");
}
try {
final TimeStamp now = timeStampFactory.createTimeStamp(System.currentTimeMillis() / 1000);
if (configuration.getKey(token.getKeyName()).getNotBefore().compareTo(now) > 0) {
return Boolean.FALSE;
}
final Base64 decoder = new Base64();
final BigInteger exponent = new BigInteger(1, decoder.decode(configuration.getKey(token.getKeyName()).getExponent().getValue()));
final BigInteger modulus = new BigInteger(1, decoder.decode(configuration.getKey(token.getKeyName()).getSecret().getValue()));
final RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(modulus, exponent);
final KeyFactory keyFactory = KeyFactory.getInstance(algorithmConfigurationService.get().getAlgorithmClassMap().get(token.getAlgorithm().getName()));
final PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
final Signature sig = Signature.getInstance(algorithmConfigurationService.get().getAlgorithmMap().get(token.getAlgorithm().getName()));
sig.initVerify(pubKey);
sig.update(token.getPayload().getValue().getBytes());
return sig.verify(decoder.decode(token.getSignature().getValue()));
} catch (NoSuchAlgorithmException | InvalidKeySpecException | SignatureException | InvalidKeyException e) {
LOGGER.error(e.getMessage(), e);
return Boolean.FALSE;
}
}
use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.
the class SimpleAuthenticationHelper method getState.
private State getState(final HttpServletRequest request) {
if (request == null) {
throw new PreconditionException("Required parameter is null");
}
try {
final Base64 decoder = new Base64();
final String stateString = request.getParameter("state") == null ? null : new String(decoder.decode(request.getParameter("state").getBytes()), "UTF-8");
if (stateString == null || stateString.equals("")) {
return null;
}
final ObjectMapper mapper = new ObjectMapper();
final JsonNode stateNode = mapper.readValue(stateString, JsonNode.class);
final State state = stateFactory.createState(stateNode.get("userID").asText(""), stateNode.get("sessionName").asText(""), stateNode.get("requestURI").asText());
return state;
} catch (IOException e) {
throw new GeneralException("IO Exception", e);
}
}
Aggregations