Search in sources :

Example 1 with HttpFilterRequest

use of com.tremolosecurity.proxy.filter.HttpFilterRequest in project OpenUnison by TremoloSecurity.

the class EmbForward method doEmbResults.

public void doEmbResults(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain, NextSys nextSys) throws ServletException, IOException {
    ConfigManager cfg = (ConfigManager) request.getAttribute(ProxyConstants.TREMOLO_CFG_OBJ);
    if (((HttpServletRequest) request).getRequestURI().startsWith(cfg.getAuthPath())) {
        filterChain.doFilter(request, response);
        // nextSys.nextSys((HttpServletRequest) request, (HttpServletResponse) response);
        return;
    }
    boolean isText = false;
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    HttpFilterRequest filterReq = new HttpFilterRequestImpl(request, null);
    HttpFilterResponse filterResp = new HttpFilterResponseImpl(response);
    HttpFilterChain chain = new HttpFilterChainImpl(holder, new EmbPostProc(filterChain));
    try {
        chain.nextFilter(filterReq, filterResp, chain);
    } catch (Exception e) {
        logger.error("Error", e);
        throw new ServletException(e);
    }
}
Also used : UrlHolder(com.tremolosecurity.config.util.UrlHolder) HttpFilterResponse(com.tremolosecurity.proxy.filter.HttpFilterResponse) ServletException(javax.servlet.ServletException) HttpFilterRequestImpl(com.tremolosecurity.proxy.filter.HttpFilterRequestImpl) HttpFilterResponseImpl(com.tremolosecurity.proxy.filter.HttpFilterResponseImpl) HttpFilterChainImpl(com.tremolosecurity.proxy.filter.HttpFilterChainImpl) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) HttpFilterRequest(com.tremolosecurity.proxy.filter.HttpFilterRequest) ConfigManager(com.tremolosecurity.config.util.ConfigManager) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Example 2 with HttpFilterRequest

use of com.tremolosecurity.proxy.filter.HttpFilterRequest in project OpenUnison by TremoloSecurity.

the class TokenData method completeFederation.

private void completeFederation(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException, MalformedURLException {
    final OpenIDConnectTransaction transaction = (OpenIDConnectTransaction) request.getSession().getAttribute(OpenIDConnectIdP.TRANSACTION_DATA);
    final AuthInfo authInfo = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
    if (!authInfo.isAuthComplete()) {
        logger.warn("Attempted completetd federation before autthentication is completeed, clearing authentication and redirecting to the original URL");
        UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
        request.getSession().removeAttribute(ProxyConstants.AUTH_CTL);
        holder.getConfig().createAnonUser(request.getSession());
        StringBuffer b = new StringBuffer();
        b.append(transaction.getRedirectURI()).append("?error=login_reset");
        response.sendRedirect(b.toString());
        return;
    }
    request.setAttribute(AzSys.FORCE, "true");
    NextSys completeFed = new NextSys() {

        public void nextSys(final HttpServletRequest request, final HttpServletResponse response) throws IOException, ServletException {
            UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
            HttpFilterRequest filterReq = new HttpFilterRequestImpl(request, null);
            HttpFilterResponse filterResp = new HttpFilterResponseImpl(response);
            PostProcess postProc = new PostProcess() {

                @Override
                public void postProcess(HttpFilterRequest req, HttpFilterResponse resp, UrlHolder holder, HttpFilterChain chain) throws Exception {
                    postResponse(transaction, request, response, authInfo, holder);
                }

                @Override
                public boolean addHeader(String name) {
                    return false;
                }
            };
            HttpFilterChain chain = new HttpFilterChainImpl(holder, postProc);
            try {
                chain.nextFilter(filterReq, filterResp, chain);
            } catch (Exception e) {
                throw new ServletException(e);
            }
        }
    };
    AzSys az = new AzSys();
    az.doAz(request, response, completeFed);
}
Also used : AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) HttpServletResponse(javax.servlet.http.HttpServletResponse) NextSys(com.tremolosecurity.proxy.util.NextSys) AuthController(com.tremolosecurity.proxy.auth.AuthController) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) LDAPException(com.novell.ldap.LDAPException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) IOException(java.io.IOException) ServletException(javax.servlet.ServletException) URISyntaxException(java.net.URISyntaxException) InvalidJwtException(org.jose4j.jwt.consumer.InvalidJwtException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) JoseException(org.jose4j.lang.JoseException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ParseException(org.json.simple.parser.ParseException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) MalformedURLException(java.net.MalformedURLException) BadPaddingException(javax.crypto.BadPaddingException) UrlHolder(com.tremolosecurity.config.util.UrlHolder) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpFilterResponse(com.tremolosecurity.proxy.filter.HttpFilterResponse) ServletException(javax.servlet.ServletException) PostProcess(com.tremolosecurity.proxy.filter.PostProcess) HttpFilterRequestImpl(com.tremolosecurity.proxy.filter.HttpFilterRequestImpl) HttpFilterResponseImpl(com.tremolosecurity.proxy.filter.HttpFilterResponseImpl) AzSys(com.tremolosecurity.proxy.auth.AzSys) HttpFilterChainImpl(com.tremolosecurity.proxy.filter.HttpFilterChainImpl) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) HttpFilterRequest(com.tremolosecurity.proxy.filter.HttpFilterRequest)

Example 3 with HttpFilterRequest

use of com.tremolosecurity.proxy.filter.HttpFilterRequest in project OpenUnison by TremoloSecurity.

the class ProxySys method doPush.

public void doPush(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    UrlHolder holder = (UrlHolder) req.getAttribute(ProxyConstants.AUTOIDM_CFG);
    HttpFilterRequest filterReq = new HttpFilterRequestImpl(req, null);
    HttpFilterResponse filterResp = new HttpFilterResponseImpl(resp);
    HashMap<String, String> uriParams = (HashMap<String, String>) req.getAttribute("TREMOLO_URI_PARAMS");
    if (uriParams == null) {
        uriParams = new HashMap<String, String>();
        req.setAttribute("TREMOLO_URI_PARAMS", uriParams);
    }
    uriParams.put("fullURI", req.getRequestURI());
    HashSet<String> queryParams = new HashSet<String>();
    req.setAttribute(ProxySys.QUERY_PARAMS, queryParams);
    String qs = req.getQueryString();
    if (qs != null) {
        StringTokenizer toker = new StringTokenizer(qs, "&", false);
        while (toker.hasMoreTokens()) {
            String qsParam = toker.nextToken();
            int eqIndex = qsParam.indexOf('=');
            String paramName;
            if (eqIndex == -1) {
                paramName = qsParam;
            } else {
                paramName = qsParam.substring(0, eqIndex);
            }
            if (!queryParams.contains(paramName)) {
                queryParams.add(paramName);
            }
        }
    }
    PostProcess postProc = null;
    if (holder.getUrl().getProxyTo() == null || holder.getUrl().getProxyTo().isEmpty()) {
        FilterChain filterChain = (FilterChain) req.getAttribute(ProxyConstants.TREMOLO_FILTER_CHAIN);
        if (filterChain == null) {
            logger.warn("Could not find filter chain");
        }
        postProc = new EmbPostProc(filterChain);
    } else {
        postProc = new PushRequestProcess();
        ;
    }
    HttpFilterChain chain = new HttpFilterChainImpl(holder, postProc);
    try {
        chain.nextFilter(filterReq, filterResp, chain);
    } catch (Exception e) {
        throw new ServletException(e);
    }
    ProxyData pd = new ProxyData();
    pd.setHolder(holder);
    pd.setIns(chain.getIns());
    pd.setPostProc(postProc);
    pd.setRequest(filterReq);
    pd.setResponse(filterResp);
    pd.setText(chain.isText());
    pd.setLogout(chain.isLogout());
    pd.setHttpRequestBase(chain.getHttpRequestBase());
    req.setAttribute(ProxyConstants.TREMOLO_PRXY_DATA, pd);
}
Also used : EmbPostProc(com.tremolosecurity.embedd.EmbPostProc) HashMap(java.util.HashMap) FilterChain(javax.servlet.FilterChain) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) PushRequestProcess(com.tremolosecurity.proxy.postProcess.PushRequestProcess) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) UrlHolder(com.tremolosecurity.config.util.UrlHolder) HttpFilterResponse(com.tremolosecurity.proxy.filter.HttpFilterResponse) ServletException(javax.servlet.ServletException) StringTokenizer(java.util.StringTokenizer) PostProcess(com.tremolosecurity.proxy.filter.PostProcess) HttpFilterRequestImpl(com.tremolosecurity.proxy.filter.HttpFilterRequestImpl) HttpFilterResponseImpl(com.tremolosecurity.proxy.filter.HttpFilterResponseImpl) HttpFilterChainImpl(com.tremolosecurity.proxy.filter.HttpFilterChainImpl) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) HttpFilterRequest(com.tremolosecurity.proxy.filter.HttpFilterRequest) HashSet(java.util.HashSet)

Example 4 with HttpFilterRequest

use of com.tremolosecurity.proxy.filter.HttpFilterRequest in project OpenUnison by TremoloSecurity.

the class ProxySys method doURI.

public void doURI(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    boolean isText = false;
    UrlHolder holder = (UrlHolder) req.getAttribute(ProxyConstants.AUTOIDM_CFG);
    HashMap<String, String> uriParams = (HashMap<String, String>) req.getAttribute("TREMOLO_URI_PARAMS");
    if (uriParams == null) {
        uriParams = new HashMap<String, String>();
        req.setAttribute("TREMOLO_URI_PARAMS", uriParams);
    }
    uriParams.put("fullURI", req.getRequestURI());
    HttpFilterRequest filterReq = new HttpFilterRequestImpl(req, null);
    HttpFilterResponse filterResp = new HttpFilterResponseImpl(resp);
    PostProcess postProc = null;
    if (holder.getUrl().getProxyTo() == null || holder.getUrl().getProxyTo().isEmpty()) {
        FilterChain filterChain = (FilterChain) req.getAttribute(ProxyConstants.TREMOLO_FILTER_CHAIN);
        if (filterChain == null) {
            logger.warn("Could not find filter chain");
        }
        postProc = new EmbPostProc(filterChain);
    } else {
        postProc = new UriRequestProcess();
    }
    HttpFilterChain chain = new HttpFilterChainImpl(holder, postProc);
    try {
        chain.nextFilter(filterReq, filterResp, chain);
    } catch (Exception e) {
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        PrintWriter err = new PrintWriter(new OutputStreamWriter(baos));
        e.printStackTrace(err);
        Throwable t = e.getCause();
        while (t != null) {
            t.printStackTrace(err);
            t = t.getCause();
        }
        logger.error("Error Executing Request : " + new String(baos.toByteArray()));
        throw new ServletException("Could not execute request", e);
    }
    ProxyData pd = new ProxyData();
    pd.setHolder(holder);
    pd.setIns(chain.getIns());
    pd.setPostProc(postProc);
    pd.setRequest(filterReq);
    pd.setResponse(filterResp);
    pd.setText(chain.isText());
    pd.setLogout(chain.isLogout());
    pd.setHttpRequestBase(chain.getHttpRequestBase());
    req.setAttribute(ProxyConstants.TREMOLO_PRXY_DATA, pd);
}
Also used : EmbPostProc(com.tremolosecurity.embedd.EmbPostProc) HashMap(java.util.HashMap) FilterChain(javax.servlet.FilterChain) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) UriRequestProcess(com.tremolosecurity.proxy.postProcess.UriRequestProcess) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) UrlHolder(com.tremolosecurity.config.util.UrlHolder) HttpFilterResponse(com.tremolosecurity.proxy.filter.HttpFilterResponse) ServletException(javax.servlet.ServletException) PostProcess(com.tremolosecurity.proxy.filter.PostProcess) HttpFilterRequestImpl(com.tremolosecurity.proxy.filter.HttpFilterRequestImpl) HttpFilterResponseImpl(com.tremolosecurity.proxy.filter.HttpFilterResponseImpl) HttpFilterChainImpl(com.tremolosecurity.proxy.filter.HttpFilterChainImpl) OutputStreamWriter(java.io.OutputStreamWriter) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) HttpFilterRequest(com.tremolosecurity.proxy.filter.HttpFilterRequest) PrintWriter(java.io.PrintWriter)

Example 5 with HttpFilterRequest

use of com.tremolosecurity.proxy.filter.HttpFilterRequest in project OpenUnison by TremoloSecurity.

the class SamlTransaction method completeFederation.

private void completeFederation(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException, MalformedURLException {
    final SamlTransaction transaction = (SamlTransaction) request.getSession().getAttribute(Saml2Idp.TRANSACTION_DATA);
    final AuthInfo authInfo = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
    if (!authInfo.isAuthComplete()) {
        logger.warn("Attempted completetd federation before autthentication is completeed, clearing authentication and redirecting to the original URL");
        UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
        request.getSession().removeAttribute(ProxyConstants.AUTH_CTL);
        holder.getConfig().createAnonUser(request.getSession());
        this.postErrorResponse(transaction, request, response, authInfo, holder);
        return;
    }
    request.setAttribute(AzSys.FORCE, "true");
    NextSys completeFed = new NextSys() {

        @Override
        public void nextSys(final HttpServletRequest request, final HttpServletResponse response) throws IOException, ServletException {
            // System.out.println("Authorized!!!!");
            final AuthInfo authInfo = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
            HttpFilterRequest filterReq = new HttpFilterRequestImpl(request, null);
            HttpFilterResponse filterResp = new HttpFilterResponseImpl(response);
            PostProcess postProc = new PostProcess() {

                @Override
                public void postProcess(HttpFilterRequest req, HttpFilterResponse resp, UrlHolder holder, HttpFilterChain chain) throws Exception {
                    postResponse(transaction, request, response, authInfo, holder);
                }

                @Override
                public boolean addHeader(String name) {
                    return false;
                }
            };
            HttpFilterChain chain = new HttpFilterChainImpl(holder, postProc);
            try {
                chain.nextFilter(filterReq, filterResp, chain);
            } catch (Exception e) {
                throw new ServletException(e);
            }
        }
    };
    AzSys az = new AzSys();
    az.doAz(request, response, completeFed);
}
Also used : AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) HttpServletResponse(javax.servlet.http.HttpServletResponse) NextSys(com.tremolosecurity.proxy.util.NextSys) AuthController(com.tremolosecurity.proxy.auth.AuthController) ServletException(javax.servlet.ServletException) SignatureException(java.security.SignatureException) UnmarshallingException(org.opensaml.core.xml.io.UnmarshallingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SAXException(org.xml.sax.SAXException) InvalidKeyException(java.security.InvalidKeyException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) InitializationException(org.opensaml.core.config.InitializationException) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException) UrlHolder(com.tremolosecurity.config.util.UrlHolder) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpFilterResponse(com.tremolosecurity.proxy.filter.HttpFilterResponse) ServletException(javax.servlet.ServletException) PostProcess(com.tremolosecurity.proxy.filter.PostProcess) HttpFilterRequestImpl(com.tremolosecurity.proxy.filter.HttpFilterRequestImpl) HttpFilterResponseImpl(com.tremolosecurity.proxy.filter.HttpFilterResponseImpl) AzSys(com.tremolosecurity.proxy.auth.AzSys) HttpFilterChainImpl(com.tremolosecurity.proxy.filter.HttpFilterChainImpl) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) HttpFilterRequest(com.tremolosecurity.proxy.filter.HttpFilterRequest)

Aggregations

UrlHolder (com.tremolosecurity.config.util.UrlHolder)5 HttpFilterChain (com.tremolosecurity.proxy.filter.HttpFilterChain)5 HttpFilterChainImpl (com.tremolosecurity.proxy.filter.HttpFilterChainImpl)5 HttpFilterRequest (com.tremolosecurity.proxy.filter.HttpFilterRequest)5 HttpFilterRequestImpl (com.tremolosecurity.proxy.filter.HttpFilterRequestImpl)5 HttpFilterResponse (com.tremolosecurity.proxy.filter.HttpFilterResponse)5 HttpFilterResponseImpl (com.tremolosecurity.proxy.filter.HttpFilterResponseImpl)5 IOException (java.io.IOException)5 ServletException (javax.servlet.ServletException)5 PostProcess (com.tremolosecurity.proxy.filter.PostProcess)4 EmbPostProc (com.tremolosecurity.embedd.EmbPostProc)2 AuthController (com.tremolosecurity.proxy.auth.AuthController)2 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)2 AzSys (com.tremolosecurity.proxy.auth.AzSys)2 NextSys (com.tremolosecurity.proxy.util.NextSys)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 MalformedURLException (java.net.MalformedURLException)2 InvalidKeyException (java.security.InvalidKeyException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 HashMap (java.util.HashMap)2