Example 1 with Auth
use of com.onelogin.saml2.Auth in project platformlayer by platformlayer.
the class PlatformLayerAuthenticationClient method authenticateWithCertificate.
public PlatformlayerAuthenticationToken authenticateWithCertificate(String username, X509Certificate[] certificateChain, PrivateKey privateKey) throws PlatformlayerAuthenticationClientException {
if (username == null) {
throw new IllegalArgumentException();
}
CertificateCredentials certificateCredentials = new CertificateCredentials();
certificateCredentials.setUsername(username);
Auth auth = new Auth();
auth.setCertificateCredentials(certificateCredentials);
AuthenticateRequest request = new AuthenticateRequest();
request.setAuth(auth);
final KeyManager keyManager = new SimpleClientCertificateKeyManager(privateKey, certificateChain);
for (int i = 0; i < 2; i++) {
AuthenticateResponse response;
try {
RestfulRequest<AuthenticateResponse> httpRequest = httpClient.buildRequest(HttpMethod.POST, "api/tokens", HttpPayload.asXml(request), AuthenticateResponse.class);
httpRequest.setKeyManager(keyManager);
response = httpRequest.execute();
} catch (RestClientException e) {
throw new PlatformlayerAuthenticationClientException("Error authenticating", e);
}
if (i == 0) {
if (response == null || response.getChallenge() == null) {
return null;
}
byte[] challenge = response.getChallenge();
byte[] challengeResponse = decrypt(privateKey, challenge);
certificateCredentials.setChallengeResponse(challengeResponse);
} else {
if (response == null || response.getAccess() == null) {
return null;
}
return new PlatformlayerAuthenticationToken(response.getAccess());
}
}
return null;
}
Also used :
SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager)
AuthenticateResponse(org.platformlayer.auth.v1.AuthenticateResponse)
PlatformlayerAuthenticationToken(org.platformlayer.auth.PlatformlayerAuthenticationToken)
PlatformlayerAuthenticationClientException(org.platformlayer.auth.PlatformlayerAuthenticationClientException)
AuthenticateRequest(org.platformlayer.auth.v1.AuthenticateRequest)
CertificateCredentials(org.platformlayer.auth.v1.CertificateCredentials)
Auth(org.platformlayer.auth.v1.Auth)
RestClientException(org.platformlayer.rest.RestClientException)
SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager)
KeyManager(javax.net.ssl.KeyManager)
Example 2 with Auth
use of com.onelogin.saml2.Auth in project sonarqube by SonarSource.
the class SamlIdentityProvider method init.
@Override
public void init(InitContext context) {
try {
Auth auth = newAuth(initSettings(context.getCallbackUrl()), context.getRequest(), context.getResponse());
auth.login(context.generateCsrfState());
} catch (IOException | SettingsException e) {
throw new IllegalStateException("Fail to intialize SAML authentication plugin", e);
}
}
Also used :
Auth(com.onelogin.saml2.Auth)
IOException(java.io.IOException)
SettingsException(com.onelogin.saml2.exception.SettingsException)
Example 3 with Auth
use of com.onelogin.saml2.Auth in project sonarqube by SonarSource.
the class SamlIdentityProvider method callback.
@Override
public void callback(CallbackContext context) {
//
// Workaround for onelogin/java-saml validation not taking into account running a reverse proxy configuration. This change
// makes the validation take into account 'X-Forwarded-Proto' and 'Host' headers set by the reverse proxy
// More details here:
// - https://github.com/onelogin/java-saml/issues/198
// - https://github.com/onelogin/java-saml/issues/95
//
HttpServletRequest processedRequest = useProxyHeadersInRequest(context.getRequest());
Auth auth = newAuth(initSettings(null), processedRequest, context.getResponse());
processResponse(auth);
context.verifyCsrfState(STATE_REQUEST_PARAMETER);
LOGGER.trace("Name ID : {}", auth.getNameId());
checkAuthentication(auth);
samlMessageIdChecker.check(auth);
LOGGER.trace("Attributes received : {}", auth.getAttributes());
String login = getNonNullFirstAttribute(auth, samlSettings.getUserLogin());
UserIdentity.Builder userIdentityBuilder = UserIdentity.builder().setProviderLogin(login).setName(getNonNullFirstAttribute(auth, samlSettings.getUserName()));
samlSettings.getUserEmail().ifPresent(email -> userIdentityBuilder.setEmail(getFirstAttribute(auth, email)));
samlSettings.getGroupName().ifPresent(group -> userIdentityBuilder.setGroups(getGroups(auth, group)));
context.authenticate(userIdentityBuilder.build());
context.redirectToRequestedPage();
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Auth(com.onelogin.saml2.Auth)
UserIdentity(org.sonar.api.server.authentication.UserIdentity)
Example 4 with Auth
use of com.onelogin.saml2.Auth in project platformlayer by platformlayer.
the class PlatformLayerAuthenticationClient method authenticate.
public AuthenticateResponse authenticate(PasswordCredentials passwordCredentials) throws PlatformlayerAuthenticationClientException {
Auth auth = new Auth();
auth.setPasswordCredentials(passwordCredentials);
AuthenticateRequest request = new AuthenticateRequest();
request.setAuth(auth);
AuthenticateResponse response;
try {
response = doSimpleXmlRequest(HttpMethod.POST, "api/tokens", request, AuthenticateResponse.class);
} catch (RestClientException e) {
Integer httpResponseCode = e.getHttpResponseCode();
if (httpResponseCode != null && httpResponseCode == 401) {
throw new PlatformlayerInvalidCredentialsException("Invalid credentials");
}
throw new PlatformlayerAuthenticationClientException("Error authenticating", e);
}
return response;
}
Also used :
AuthenticateResponse(org.platformlayer.auth.v1.AuthenticateResponse)
AuthenticateRequest(org.platformlayer.auth.v1.AuthenticateRequest)
PlatformlayerInvalidCredentialsException(org.platformlayer.auth.PlatformlayerInvalidCredentialsException)
Auth(org.platformlayer.auth.v1.Auth)
RestClientException(org.platformlayer.rest.RestClientException)
PlatformlayerAuthenticationClientException(org.platformlayer.auth.PlatformlayerAuthenticationClientException)
Aggregations
Auth (com.onelogin.saml2.Auth)2
PlatformlayerAuthenticationClientException (org.platformlayer.auth.PlatformlayerAuthenticationClientException)2
Auth (org.platformlayer.auth.v1.Auth)2
AuthenticateRequest (org.platformlayer.auth.v1.AuthenticateRequest)2
AuthenticateResponse (org.platformlayer.auth.v1.AuthenticateResponse)2
RestClientException (org.platformlayer.rest.RestClientException)2
SimpleClientCertificateKeyManager (com.fathomdb.crypto.SimpleClientCertificateKeyManager)1
SettingsException (com.onelogin.saml2.exception.SettingsException)1
IOException (java.io.IOException)1
KeyManager (javax.net.ssl.KeyManager)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
PlatformlayerAuthenticationToken (org.platformlayer.auth.PlatformlayerAuthenticationToken)1
PlatformlayerInvalidCredentialsException (org.platformlayer.auth.PlatformlayerInvalidCredentialsException)1
CertificateCredentials (org.platformlayer.auth.v1.CertificateCredentials)1
UserIdentity (org.sonar.api.server.authentication.UserIdentity)1
