Search in sources :

Example 1 with GeneralException

use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.

the class SimpleAuthenticationHelper method getAuthenticationEndPoint.

private String getAuthenticationEndPoint(final HttpServletRequest httpRequest, final Token token, final Boolean isError) {
    if (httpRequest == null) {
        throw new PreconditionException("Required parameter is null");
    }
    try {
        final String requestURI = httpRequest.getRequestURI();
        final String queryString = httpRequest.getQueryString();
        final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
        final Configuration configuration = configurationCache.load();
        if (configuration == null) {
            throw new GeneralException("Error loading configuration");
        }
        final HttpSession session = httpRequest.getSession(false);
        final String sessionName = session == null ? "" : session.getId();
        final StringBuilder uriStringBuilder = new StringBuilder();
        Base64 encoder = new Base64();
        if (isError) {
            final State previousState = getState(httpRequest);
            uriStringBuilder.append(previousState.getRequestURI());
        } else {
            uriStringBuilder.append(requestURI);
            if (queryString != null && !"".equals(queryString.trim())) {
                uriStringBuilder.append("?");
                uriStringBuilder.append(queryString);
            }
        }
        final String userID = token == null ? "" : token.getUserID().getValue();
        final State state = stateFactory.createState(userID, sessionName, uriStringBuilder.toString());
        final ObjectMapper mapper = new ObjectMapper();
        final String stateString = mapper.writeValueAsString(state);
        final String urlString = String.format("%s%sclient_Id=%s&state=%s&nonce=defaultNonce&redirect_uri=%s&scope=openid%%20offline_access&response_type=code+id_token&prompt=%s&response_mode=form_post", configuration.getAuthenticationEndPoint(), configuration.getAuthenticationEndPoint().getName().contains("?") ? "&" : "?", applicationSettings.getApplicationId(), new String(encoder.encode(stateString.getBytes()), "UTF-8"), URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), token == null ? "login" : "none");
        return urlString;
    } catch (IOException e) {
        throw new GeneralException("IO Exception", e);
    }
}
Also used : ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings) GeneralException(com.microsoft.azure.oidc.exception.GeneralException) Base64(org.apache.commons.codec.binary.Base64) Configuration(com.microsoft.azure.oidc.configuration.Configuration) HttpSession(javax.servlet.http.HttpSession) State(com.microsoft.azure.oidc.common.state.State) IOException(java.io.IOException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException)

Example 2 with GeneralException

use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.

the class SimpleGraphService method isUserInRole.

private Boolean isUserInRole(final String userID, final String role) {
    try {
        final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
        final String bearerToken = getBearerToken(applicationSettings.getTenant(), applicationSettings.getPrincipalId(), applicationSettings.getPrincipalSecret());
        final String roleID = getGroupID(applicationSettings.getTenant(), role, bearerToken);
        if (roleID == null) {
            return Boolean.FALSE;
        }
        return isUserInGroup(applicationSettings.getTenant(), userID, roleID, bearerToken);
    } catch (GeneralException e) {
        LOGGER.error("General Exception", e);
        return Boolean.FALSE;
    } catch (RuntimeException e) {
        LOGGER.error(e.getMessage(), e);
        return Boolean.FALSE;
    }
}
Also used : ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings) GeneralException(com.microsoft.azure.oidc.exception.GeneralException)

Example 3 with GeneralException

use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.

the class LogoutServlet method service.

@Override
public void service(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
    try {
        final Configuration configuration = configurationCache.load();
        final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
        // the finishLogout parameter set
        if (request.getParameter("finishLogout") == null) {
            String tokenString = null;
            final Cookie[] cookies = request.getCookies();
            for (final Cookie cookie : cookies) {
                if (cookie.getName().equals("id_token")) {
                    tokenString = cookie.getValue();
                    break;
                }
            }
            final String redirectURL = String.format("%s%spost_logout_redirect_uri=%s%s%s", configuration.getLogoutEndPoint(), configuration.getLogoutEndPoint().getName().contains("?") ? "&" : "?", URLEncoder.encode(applicationSettings.getRedirectURL().getValue(), "UTF-8"), URLEncoder.encode(request.getRequestURI(), "UTF-8"), URLEncoder.encode("?finishLogout=true", "UTF-8"));
            response.setHeader("Authorization", String.format("Bearer %s", tokenString));
            response.sendRedirect(redirectURL);
            return;
        }
        // setup clearing the cookies and invalidate the session
        for (final Cookie cookie : request.getCookies()) {
            if (cookie.getName().equals("id_token")) {
                cookie.setMaxAge(0);
                response.addCookie(cookie);
                HttpSession session = request.getSession(false);
                if (session != null) {
                    session.invalidate();
                }
            }
            if (cookie.getName().equals("JSESSIONID") || cookie.getName().equals("SESSON")) {
                cookie.setMaxAge(0);
                response.addCookie(cookie);
                HttpSession session = request.getSession(false);
                if (session != null) {
                    session.invalidate();
                }
            }
        }
        final HttpServletRequest newRequest = new HttpServletRequestWrapper(request) {

            @Override
            public Cookie[] getCookies() {
                final List<Cookie> cookieList = new ArrayList<Cookie>();
                for (Cookie cookie : request.getCookies()) {
                    if (!cookie.getName().equals("SESSION") && !cookie.getName().equals("JSESSIONID")) {
                        cookieList.add(cookie);
                    }
                }
                final Cookie[] cookieArray = new Cookie[cookieList.size()];
                cookieList.toArray(cookieArray);
                return cookieArray;
            }
        };
        // Second stage. Forward the request so the cookies are cleared
        if (request.getAttribute("logout") == null) {
            request.setAttribute("logout", Boolean.TRUE);
            request.getRequestDispatcher(request.getRequestURI() + "?finishLogout=true").forward(newRequest, response);
            return;
        }
        // Final stage. Return to the application landing page
        response.sendRedirect(applicationSettings.getRedirectURL().getValue());
        return;
    } catch (IOException | GeneralException | PreconditionException e) {
        LOGGER.warn(e.getMessage(), e);
        final ApplicationSettings applicationSettings = applicationSettingsLoader.load();
        response.sendRedirect(applicationSettings.getRedirectURL().getValue());
    }
}
Also used : Cookie(javax.servlet.http.Cookie) GeneralException(com.microsoft.azure.oidc.exception.GeneralException) Configuration(com.microsoft.azure.oidc.configuration.Configuration) HttpSession(javax.servlet.http.HttpSession) ArrayList(java.util.ArrayList) IOException(java.io.IOException) PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException) HttpServletRequest(javax.servlet.http.HttpServletRequest) ApplicationSettings(com.microsoft.azure.oidc.application.settings.ApplicationSettings) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper)

Example 4 with GeneralException

use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.

the class SimpleTokenValidator method validateSignature.

@Override
public Boolean validateSignature(final Token token) {
    if (token == null) {
        throw new PreconditionException("Required parameter is null");
    }
    if (algorithmConfigurationService.get().getAlgorithmClassMap().get(token.getAlgorithm().getName()).equals("HMAC")) {
        return Boolean.FALSE;
    }
    final Configuration configuration = configurationCache.load();
    if (configuration == null) {
        throw new GeneralException("Error loading configuration");
    }
    try {
        final TimeStamp now = timeStampFactory.createTimeStamp(System.currentTimeMillis() / 1000);
        if (configuration.getKey(token.getKeyName()).getNotBefore().compareTo(now) > 0) {
            return Boolean.FALSE;
        }
        final Base64 decoder = new Base64();
        final BigInteger exponent = new BigInteger(1, decoder.decode(configuration.getKey(token.getKeyName()).getExponent().getValue()));
        final BigInteger modulus = new BigInteger(1, decoder.decode(configuration.getKey(token.getKeyName()).getSecret().getValue()));
        final RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(modulus, exponent);
        final KeyFactory keyFactory = KeyFactory.getInstance(algorithmConfigurationService.get().getAlgorithmClassMap().get(token.getAlgorithm().getName()));
        final PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
        final Signature sig = Signature.getInstance(algorithmConfigurationService.get().getAlgorithmMap().get(token.getAlgorithm().getName()));
        sig.initVerify(pubKey);
        sig.update(token.getPayload().getValue().getBytes());
        return sig.verify(decoder.decode(token.getSignature().getValue()));
    } catch (NoSuchAlgorithmException | InvalidKeySpecException | SignatureException | InvalidKeyException e) {
        LOGGER.error(e.getMessage(), e);
        return Boolean.FALSE;
    }
}
Also used : GeneralException(com.microsoft.azure.oidc.exception.GeneralException) Base64(org.apache.commons.codec.binary.Base64) Configuration(com.microsoft.azure.oidc.configuration.Configuration) PublicKey(java.security.PublicKey) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) InvalidKeyException(java.security.InvalidKeyException) TimeStamp(com.microsoft.azure.oidc.common.timestamp.TimeStamp) PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException) Signature(java.security.Signature) BigInteger(java.math.BigInteger) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory)

Example 5 with GeneralException

use of com.microsoft.azure.oidc.exception.GeneralException in project azure-tools-for-java by Microsoft.

the class SimpleAuthenticationHelper method getState.

private State getState(final HttpServletRequest request) {
    if (request == null) {
        throw new PreconditionException("Required parameter is null");
    }
    try {
        final Base64 decoder = new Base64();
        final String stateString = request.getParameter("state") == null ? null : new String(decoder.decode(request.getParameter("state").getBytes()), "UTF-8");
        if (stateString == null || stateString.equals("")) {
            return null;
        }
        final ObjectMapper mapper = new ObjectMapper();
        final JsonNode stateNode = mapper.readValue(stateString, JsonNode.class);
        final State state = stateFactory.createState(stateNode.get("userID").asText(""), stateNode.get("sessionName").asText(""), stateNode.get("requestURI").asText());
        return state;
    } catch (IOException e) {
        throw new GeneralException("IO Exception", e);
    }
}
Also used : Base64(org.apache.commons.codec.binary.Base64) GeneralException(com.microsoft.azure.oidc.exception.GeneralException) State(com.microsoft.azure.oidc.common.state.State) JsonNode(com.fasterxml.jackson.databind.JsonNode) IOException(java.io.IOException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException)

Aggregations

GeneralException (com.microsoft.azure.oidc.exception.GeneralException)6 PreconditionException (com.microsoft.azure.oidc.exception.PreconditionException)5 ApplicationSettings (com.microsoft.azure.oidc.application.settings.ApplicationSettings)3 Configuration (com.microsoft.azure.oidc.configuration.Configuration)3 IOException (java.io.IOException)3 Base64 (org.apache.commons.codec.binary.Base64)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 State (com.microsoft.azure.oidc.common.state.State)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpSession (javax.servlet.http.HttpSession)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 TimeStamp (com.microsoft.azure.oidc.common.timestamp.TimeStamp)1 Token (com.microsoft.azure.oidc.token.Token)1 BigInteger (java.math.BigInteger)1 InvalidKeyException (java.security.InvalidKeyException)1 KeyFactory (java.security.KeyFactory)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 PublicKey (java.security.PublicKey)1 Signature (java.security.Signature)1 SignatureException (java.security.SignatureException)1