Examples with AuthInfo com.tremolosecurity.proxy.auth.AuthInfo used on opensource projects

Search in sources :

Example 71 with AuthInfo

use of com.tremolosecurity.proxy.auth.AuthInfo in project OpenUnison by TremoloSecurity.

the class U2fAuth method startAuthentication.

private void startAuthentication(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws ServletException, MalformedURLException, IOException {
    AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
    // SharedSession.getSharedSession().getSession(req.getSession().getId());
    HttpSession session = ((HttpServletRequest) request).getSession();
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    String challengeStoreAttribute = authParams.get("attribute").getValues().get(0);
    String encyrptionKeyName = authParams.get("encryptionKeyName").getValues().get(0);
    String uidAttributeName = authParams.get("uidAttributeName").getValues().get(0);
    String formURI = authParams.get("formURI").getValues().get(0);
    List<SecurityKeyData> keys;
    try {
        keys = U2fUtil.loadUserKeys(userData, challengeStoreAttribute, encyrptionKeyName);
    } catch (Exception e1) {
        throw new ServletException("Could not loak keys", e1);
    }
    Set<String> origins = new HashSet<String>();
    String appID = U2fUtil.getApplicationId(request);
    origins.add(appID);
    U2FServer u2f = new U2FServerUnison(this.challengeGen, new UnisonDataStore(UUID.randomUUID().toString(), keys), new BouncyCastleCrypto(), origins);
    String uid = userData.getAttribs().get(uidAttributeName).getValues().get(0);
    if (keys == null || keys.size() == 0) {
        if (amt.getRequired().equals("required")) {
            as.setSuccess(false);
        }
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    U2fSignRequest sigReq = null;
    try {
        sigReq = u2f.getSignRequest(uid, appID);
    } catch (U2FException e) {
        logger.error("Could not start authentication", e);
        if (amt.getRequired().equals("required")) {
            as.setSuccess(false);
        }
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    Gson gson = new Gson();
    request.getSession().setAttribute(AUTH_SIGN_REQ, sigReq);
    request.getSession().setAttribute(AUTH_SIGN_REQ_JSON, gson.toJson(sigReq));
    request.getSession().setAttribute(SERVER, u2f);
    response.sendRedirect(formURI);
}
Also used : U2FServer(com.google.u2f.server.U2FServer) BouncyCastleCrypto(com.google.u2f.server.impl.BouncyCastleCrypto) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) Gson(com.google.gson.Gson) RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) ServletException(javax.servlet.ServletException) U2fSignRequest(com.google.u2f.server.messages.U2fSignRequest) SecurityKeyData(com.google.u2f.server.data.SecurityKeyData) U2FException(com.google.u2f.U2FException) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) HashSet(java.util.HashSet) AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) HttpSession(javax.servlet.http.HttpSession) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) AuthController(com.tremolosecurity.proxy.auth.AuthController) ServletException(javax.servlet.ServletException) U2FException(com.google.u2f.U2FException) MalformedURLException(java.net.MalformedURLException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException)

Aggregations

AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)71 AuthController (com.tremolosecurity.proxy.auth.AuthController)59 Attribute (com.tremolosecurity.saml.Attribute)46 LDAPAttribute (com.novell.ldap.LDAPAttribute)27 IOException (java.io.IOException)25 ServletException (javax.servlet.ServletException)24 HttpSession (javax.servlet.http.HttpSession)23 Gson (com.google.gson.Gson)22 LDAPException (com.novell.ldap.LDAPException)22 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)22 LDAPEntry (com.novell.ldap.LDAPEntry)19 HashMap (java.util.HashMap)19 UrlHolder (com.tremolosecurity.config.util.UrlHolder)18 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)18 MalformedURLException (java.net.MalformedURLException)15 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)14 ArrayList (java.util.ArrayList)14 AzSys (com.tremolosecurity.proxy.auth.AzSys)12 UnsupportedEncodingException (java.io.UnsupportedEncodingException)11 HttpServletRequest (javax.servlet.http.HttpServletRequest)11
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial