Search in sources :

Example 1 with ResultType

use of com.tremolosecurity.config.xml.ResultType in project OpenUnison by TremoloSecurity.

the class AzSys method proccessResponseResult.

public void proccessResponseResult(ServletRequest request, ServletResponse response, ResultGroupType resGrouping, boolean forceError, AuthInfo authData, CookieConfigType cookieCfg) throws IOException, InstantiationException, IllegalAccessException, ClassNotFoundException, ServletException {
    String redir = null;
    if (resGrouping == null) {
        return;
    }
    Iterator<ResultType> it = resGrouping.getResult().iterator();
    while (it.hasNext()) {
        ResultType rt = it.next();
        if (rt.getType().equals("redirect")) {
            boolean isCustom = rt.getSource().equalsIgnoreCase("custom");
            if (!isCustom) {
                redir = rt.getValue();
            } else {
                if (isCustom) {
                    CustomResult cr = (CustomResult) Class.forName(rt.getValue()).newInstance();
                    redir = cr.getResultValue((HttpServletRequest) request, (HttpServletResponse) response);
                }
            }
        } else if (rt.getType().equalsIgnoreCase("cookie")) {
            String val = rt.getValue();
            String name, value;
            boolean isCustom = rt.getSource().equalsIgnoreCase("custom");
            // failure cookie, so can not be based on the user
            if (rt.getSource().equalsIgnoreCase("static")) {
                name = val.substring(0, val.indexOf('='));
                value = val.substring(val.indexOf('=') + 1);
            } else if (rt.getSource().equalsIgnoreCase("user") || isCustom) {
                name = val.substring(0, val.indexOf('='));
                value = val.substring(val.indexOf('=') + 1);
                if (authData.getAttribs().get(value) != null) {
                    value = authData.getAttribs().get(value).getValues().get(0);
                }
            // attrib.getValues().addAll(authData.getAttribs().get(value).getValues());
            } else {
                name = "";
                value = "";
            }
            Cookie cookie = new Cookie(name, value);
            // cookie.setDomain(((HttpServletRequest) request).getServerName() );
            String domain = ProxyTools.getInstance().getCookieDomain(cookieCfg, (HttpServletRequest) request);
            if (domain != null) {
                cookie.setDomain(domain);
            }
            cookie.setPath("/");
            cookie.setSecure(false);
            if (isCustom) {
                CustomResult cr = (CustomResult) Class.forName(cookie.getValue()).newInstance();
                cr.createResultCookie(cookie, (HttpServletRequest) request, (HttpServletResponse) response);
            }
            ((HttpServletResponse) response).addCookie(cookie);
        }
    }
    if (redir != null) {
        ((HttpServletResponse) response).sendRedirect(redir);
    } else {
        if (forceError) {
            ((HttpServletResponse) response).sendError(401);
        }
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Cookie(javax.servlet.http.Cookie) HttpServletResponse(javax.servlet.http.HttpServletResponse) ResultType(com.tremolosecurity.config.xml.ResultType) CustomResult(com.tremolosecurity.proxy.results.CustomResult)

Example 2 with ResultType

use of com.tremolosecurity.config.xml.ResultType in project OpenUnison by TremoloSecurity.

the class AzSys method processRequestResult.

public void processRequestResult(ServletRequest request, ServletResponse response, ResultGroupType resGrouping, AuthInfo authData) throws ServletException, InstantiationException, IllegalAccessException, ClassNotFoundException {
    String redir = null;
    if (resGrouping == null) {
        return;
    }
    Iterator<ResultType> it = resGrouping.getResult().iterator();
    while (it.hasNext()) {
        ResultType rt = it.next();
        if (rt.getType().equals("header")) {
            String val = rt.getValue();
            String name, value;
            name = val.substring(0, val.indexOf('='));
            value = val.substring(val.indexOf('=') + 1);
            HashMap<String, Attribute> headers = (HashMap<String, Attribute>) request.getAttribute(AzSys.AUTO_IDM_HTTP_HEADERS);
            if (headers == null) {
                headers = new HashMap<String, Attribute>();
                request.setAttribute(AzSys.AUTO_IDM_HTTP_HEADERS, headers);
            }
            Attribute attrib = headers.get(name);
            if (attrib == null) {
                attrib = new Attribute(name);
                headers.put(attrib.getName(), attrib);
            }
            if (rt.getSource().equalsIgnoreCase("static")) {
                attrib.getValues().add(value);
            } else if (rt.getSource().equalsIgnoreCase("user")) {
                if (authData.getAttribs().get(value) != null) {
                    attrib.getValues().addAll(authData.getAttribs().get(value).getValues());
                }
            } else if (rt.getSource().equalsIgnoreCase("custom")) {
                CustomResult cr = (CustomResult) Class.forName(value).newInstance();
                attrib.getValues().add(cr.getResultValue((HttpServletRequest) request, (HttpServletResponse) response));
            } else {
                attrib.getValues().add("");
            }
        }
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) HttpServletResponse(javax.servlet.http.HttpServletResponse) ResultType(com.tremolosecurity.config.xml.ResultType) CustomResult(com.tremolosecurity.proxy.results.CustomResult)

Example 3 with ResultType

use of com.tremolosecurity.config.xml.ResultType in project OpenUnison by TremoloSecurity.

the class AuthMgrSys method proccessResponseResult.

private void proccessResponseResult(ServletRequest request, ServletResponse response, ResultGroupType resGrouping, boolean forceError, UrlHolder holder) throws IOException, InstantiationException, IllegalAccessException, ClassNotFoundException, ServletException {
    String redir = null;
    if (resGrouping == null) {
        return;
    }
    Iterator<ResultType> it = resGrouping.getResult().iterator();
    while (it.hasNext()) {
        ResultType rt = it.next();
        if (rt.getType().equals("redirect")) {
            redir = rt.getValue();
        } else if (rt.getType().equalsIgnoreCase("cookie")) {
            String val = rt.getValue();
            String name, value;
            boolean isCustom = rt.getSource().equalsIgnoreCase("custom");
            // failure cookie, so can not be based on the user
            if (rt.getSource().equalsIgnoreCase("static") || isCustom) {
                name = val.substring(0, val.indexOf('='));
                value = val.substring(val.indexOf('=') + 1);
            } else {
                name = "";
                value = "";
            }
            Cookie cookie = new Cookie(name, value);
            String domain = getCookieDomain(holder, (HttpServletRequest) request);
            if (domain != null) {
                cookie.setDomain(domain);
            }
            // cookie.setDomain(((HttpServletRequest) request).getServerName());
            cookie.setPath("/");
            if (isCustom) {
                CustomResult cr = (CustomResult) Class.forName(cookie.getValue()).newInstance();
                cr.createResultCookie(cookie, (HttpServletRequest) request, (HttpServletResponse) response);
            }
            ((HttpServletResponse) response).addCookie(cookie);
        }
    }
    if (redir != null) {
        ((ProxyResponse) response).removeHeader("Location");
        ((HttpServletResponse) response).sendRedirect(redir);
    } else {
        if (forceError) {
            ((HttpServletResponse) response).sendError(401);
        }
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ProxyResponse(com.tremolosecurity.proxy.ProxyResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) ResultType(com.tremolosecurity.config.xml.ResultType) CustomResult(com.tremolosecurity.proxy.results.CustomResult)

Example 4 with ResultType

use of com.tremolosecurity.config.xml.ResultType in project OpenUnison by TremoloSecurity.

the class LoadResultGroupsFromK8s method createResultGroup.

private ResultGroupType createResultGroup(JSONObject item, String name) throws ProvisioningException {
    ResultGroupType rgt = new ResultGroupType();
    JSONArray spec = (JSONArray) item.get("spec");
    for (Object o : spec) {
        JSONObject jsonObj = (JSONObject) o;
        ResultType rt = new ResultType();
        rt.setType((String) jsonObj.get("resultType"));
        rt.setSource((String) jsonObj.get("source"));
        rt.setValue((String) jsonObj.get("value"));
        rgt.getResult().add(rt);
    }
    rgt.setName(name);
    return rgt;
}
Also used : JSONObject(org.json.simple.JSONObject) JSONArray(org.json.simple.JSONArray) ResultGroupType(com.tremolosecurity.config.xml.ResultGroupType) JSONObject(org.json.simple.JSONObject) ResultType(com.tremolosecurity.config.xml.ResultType)

Aggregations

ResultType (com.tremolosecurity.config.xml.ResultType)4 CustomResult (com.tremolosecurity.proxy.results.CustomResult)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 Cookie (javax.servlet.http.Cookie)2 ResultGroupType (com.tremolosecurity.config.xml.ResultGroupType)1 ProxyResponse (com.tremolosecurity.proxy.ProxyResponse)1 Attribute (com.tremolosecurity.saml.Attribute)1 HashMap (java.util.HashMap)1 JSONArray (org.json.simple.JSONArray)1 JSONObject (org.json.simple.JSONObject)1