Examples with User io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User used on opensource projects

Search in sources :

Example 1 with User

use of io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User in project gravitee-access-management by gravitee-io.

the class UserAuthProviderImpl method authenticate.

@Override
public void authenticate(RoutingContext context, JsonObject authInfo, Handler<AsyncResult<User>> handler) {
    String username = authInfo.getString(USERNAME_PARAMETER);
    String password = authInfo.getString(PASSWORD_PARAMETER);
    String clientId = authInfo.getString(Parameters.CLIENT_ID);
    String ipAddress = authInfo.getString(Claims.ip_address);
    String userAgent = authInfo.getString(Claims.user_agent);
    parseClient(clientId, parseClientHandler -> {
        if (parseClientHandler.failed()) {
            logger.error("Authentication failure: unable to retrieve client " + clientId, parseClientHandler.cause());
            handler.handle(Future.failedFuture(parseClientHandler.cause()));
            return;
        }
        // retrieve the client (application)
        final Client client = parseClientHandler.result();
        // end user authentication
        SimpleAuthenticationContext authenticationContext = new SimpleAuthenticationContext(new VertxHttpServerRequest(context.request().getDelegate()));
        final Authentication authentication = new EndUserAuthentication(username, password, authenticationContext);
        authenticationContext.set(Claims.ip_address, ipAddress);
        authenticationContext.set(Claims.user_agent, userAgent);
        authenticationContext.set(Claims.domain, client.getDomain());
        userAuthenticationManager.authenticate(client, authentication).subscribe(user -> handler.handle(Future.succeededFuture(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(user))), error -> handler.handle(Future.failedFuture(error)));
    });
}
Also used : Authentication(io.gravitee.am.identityprovider.api.Authentication) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) SimpleAuthenticationContext(io.gravitee.am.identityprovider.api.SimpleAuthenticationContext) Client(io.gravitee.am.model.oidc.Client) VertxHttpServerRequest(io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication)

Example 2 with User

use of io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User in project gravitee-access-management by gravitee-io.

the class CookieSessionHandler method writeSessionCookie.

private void writeSessionCookie(final RoutingContext context, final CookieSession session) {
    io.vertx.ext.auth.User user = context.getDelegate().user();
    if (user instanceof User) {
        session.putUserId(((User) user).getUser().getId());
    }
    Cookie cookie = Cookie.cookie(cookieName, session.value());
    // set max age if user requested it - else it's a session cookie
    if (timeout >= 0) {
        cookie.setMaxAge(TimeUnit.MILLISECONDS.toSeconds(timeout));
    }
    // All other cookie's properties are managed by a dedicated CookieHandler.
    context.addCookie(cookie);
}
Also used : Cookie(io.vertx.reactivex.core.http.Cookie) User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User)

Example 3 with User

use of io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User in project gravitee-access-management by gravitee-io.

the class MFAEnrollStep method execute.

@Override
public void execute(RoutingContext routingContext, AuthenticationFlowChain flow) {
    final Client client = routingContext.get(ConstantKeys.CLIENT_CONTEXT_KEY);
    final io.gravitee.am.model.User endUser = ((User) routingContext.user().getDelegate()).getUser();
    final Session session = routingContext.session();
    var context = new MfaFilterContext(client, session, endUser);
    // Rules that makes you skip MFA enroll
    var mfaFilterChain = new MfaFilterChain(new ClientNullFilter(client), new NoFactorFilter(client.getFactors(), factorManager), new EndUserEnrolledFilter(context), new AdaptiveMfaFilter(context, ruleEngine, routingContext.request(), routingContext.data()), new StepUpAuthenticationFilter(context, ruleEngine, routingContext.request(), routingContext.data()), new RememberDeviceFilter(context), new MfaSkipFilter(context));
    mfaFilterChain.doFilter(this, flow, routingContext);
}
Also used : User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) MfaFilterChain(io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.mfa.chain.MfaFilterChain) Client(io.gravitee.am.model.oidc.Client) Session(io.vertx.reactivex.ext.web.Session)

Example 4 with User

use of io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User in project gravitee-access-management by gravitee-io.

the class AuthenticationFlowHandlerTest method shouldRedirectToMFAChallengePage_stepUp_authentication_2.

@Test
public void shouldRedirectToMFAChallengePage_stepUp_authentication_2() throws Exception {
    router.route().order(-1).handler(rc -> {
        // set client
        Client client = new Client();
        client.setFactors(Collections.singleton("factor-1"));
        rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
        MFASettings mfaSettings = new MFASettings();
        mfaSettings.setStepUpAuthenticationRule("{#request.params['scope'][0].contains('write')}");
        client.setMfaSettings(mfaSettings);
        // set user
        EnrolledFactor enrolledFactor = new EnrolledFactor();
        enrolledFactor.setFactorId("factor-1");
        io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
        endUser.setFactors(Collections.singletonList(enrolledFactor));
        rc.getDelegate().setUser(new User(endUser));
        rc.session().put(ConstantKeys.STRONG_AUTH_COMPLETED_KEY, true);
        rc.next();
    });
    testRequest(HttpMethod.GET, "/login?scope=read%20write", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertTrue(location.endsWith("/mfa/challenge?scope=read+write"));
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) MFASettings(io.gravitee.am.model.MFASettings) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 5 with User

use of io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User in project gravitee-access-management by gravitee-io.

the class AuthenticationFlowHandlerTest method shouldContinue_adaptiveMFA_condition_not_met.

@Test
public void shouldContinue_adaptiveMFA_condition_not_met() throws Exception {
    router.route().order(-1).handler(rc -> {
        // set client
        Client client = new Client();
        client.setFactors(Collections.singleton("factor-1"));
        rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
        MFASettings mfaSettings = new MFASettings();
        mfaSettings.setAdaptiveAuthenticationRule("{#context.attributes['geoip']['country_iso_code'] == 'FR'}");
        rc.put(ConstantKeys.GEOIP_KEY, new JsonObject().put("country_iso_code", "FR").getMap());
        client.setMfaSettings(mfaSettings);
        // set user
        EnrolledFactor enrolledFactor = new EnrolledFactor();
        enrolledFactor.setFactorId("factor-1");
        io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
        endUser.setFactors(Collections.singletonList(enrolledFactor));
        rc.getDelegate().setUser(new User(endUser));
        rc.session().put(ConstantKeys.STRONG_AUTH_COMPLETED_KEY, true);
        rc.next();
    });
    testRequest(HttpMethod.GET, "/login", HttpStatusCode.OK_200, "OK");
}
Also used : User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) MFASettings(io.gravitee.am.model.MFASettings) JsonObject(io.vertx.core.json.JsonObject) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Aggregations

User (io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User)27 Client (io.gravitee.am.model.oidc.Client)22 Test (org.junit.Test)17 EnrolledFactor (io.gravitee.am.model.factor.EnrolledFactor)14 MFASettings (io.gravitee.am.model.MFASettings)13 JsonObject (io.vertx.core.json.JsonObject)11 RememberDeviceSettings (io.gravitee.am.model.RememberDeviceSettings)5 Handler (io.vertx.core.Handler)4 RoutingContext (io.vertx.reactivex.ext.web.RoutingContext)4 Claims (io.gravitee.am.common.jwt.Claims)3 ConstantKeys (io.gravitee.am.common.utils.ConstantKeys)3 RequestUtils (io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils)3 MultiMap (io.vertx.reactivex.core.MultiMap)3 Session (io.vertx.reactivex.ext.web.Session)3 Parameters (io.gravitee.am.common.oauth2.Parameters)2 EndUserAuthentication (io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication)2 VertxHttpServerRequest (io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest)2 UserAuthProvider (io.gravitee.am.gateway.handler.common.vertx.web.auth.provider.UserAuthProvider)2 MfaFilterChain (io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.mfa.chain.MfaFilterChain)2 DefaultUser (io.gravitee.am.identityprovider.api.DefaultUser)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial