use of io.gravitee.am.gateway.handler.context.EvaluableRequest in project gravitee-access-management by gravitee-io.
the class AdaptiveMfaFilter method get.
@Override
public Boolean get() {
if (isNull(isRuleTrue)) {
if (!context.isAmfaActive()) {
context.setAmfaRuleTrue(false);
return false;
}
final Object loginAttempt = context.getLoginAttempt();
data.put(LOGIN_ATTEMPT_KEY, isNull(loginAttempt) ? 0 : loginAttempt);
var parameters = Map.of("request", new EvaluableRequest(new VertxHttpServerRequest(request.getDelegate())), "context", new EvaluableExecutionContext(data));
// We are retaining the value since other features will use it in the chain
context.setAmfaRuleTrue(ruleEngine.evaluate(context.getAmfaRule(), parameters, Boolean.class, false));
}
// If one of the other filter chains are active. We want to make sure that
// if Adaptive MFA skips (rule == true) we want other MFA methods to trigger
var rememberDevice = context.getRememberDeviceSettings();
return !rememberDevice.isActive() && !context.isStepUpActive() && context.isAmfaRuleTrue();
}
use of io.gravitee.am.gateway.handler.context.EvaluableRequest in project gravitee-access-management by gravitee-io.
the class IdentifierFirstLoginEndpoint method renderLoginPage.
private void renderLoginPage(RoutingContext routingContext) {
final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
// remove sensible client data
routingContext.put(CLIENT_CONTEXT_KEY, new ClientProperties(client));
// put domain in context data
routingContext.put(DOMAIN_CONTEXT_KEY, domain);
// put request in context
final HttpServerRequest request = routingContext.request();
EvaluableRequest evaluableRequest = new EvaluableRequest(new VertxHttpServerRequest(request.getDelegate(), true));
routingContext.put(REQUEST_CONTEXT_KEY, evaluableRequest);
// put login settings in context
LoginSettings loginSettings = LoginSettings.getInstance(domain, client);
var optionalSettings = ofNullable(loginSettings).filter(Objects::nonNull);
routingContext.put(ALLOW_REGISTER_CONTEXT_KEY, optionalSettings.map(LoginSettings::isRegisterEnabled).orElse(false));
routingContext.put(ALLOW_PASSWORDLESS_CONTEXT_KEY, optionalSettings.map(LoginSettings::isPasswordlessEnabled).orElse(false));
// put error in context
final String error = request.getParam(ERROR_PARAM_KEY);
final String errorDescription = request.getParam(ERROR_DESCRIPTION_PARAM_KEY);
routingContext.put(ERROR_PARAM_KEY, error);
routingContext.put(ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
// put parameters in context (backward compatibility)
Map<String, String> params = new HashMap<>(evaluableRequest.getParams().toSingleValueMap());
params.put(ERROR_PARAM_KEY, error);
params.put(ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
routingContext.put(PARAM_CONTEXT_KEY, params);
// put actions in context
final MultiMap queryParams = RequestUtils.getCleanedQueryParams(request);
routingContext.put(ACTION_KEY, resolveProxyRequest(request, routingContext.get(CONTEXT_PATH) + "/login/identifier", queryParams, true));
routingContext.put(REGISTER_ACTION_KEY, UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/register", queryParams, true));
routingContext.put(WEBAUTHN_ACTION_KEY, UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/webauthn/login", queryParams, true));
final Map<String, Object> data = generateData(routingContext, domain, client);
data.putAll(botDetectionManager.getTemplateVariables(domain, client));
this.renderPage(routingContext, data, client, logger, "Unable to render Identifier-first login page");
}
use of io.gravitee.am.gateway.handler.context.EvaluableRequest in project gravitee-access-management by gravitee-io.
the class LoginEndpoint method prepareContext.
private void prepareContext(RoutingContext routingContext, Client client) {
// remove sensible client data
routingContext.put(ConstantKeys.CLIENT_CONTEXT_KEY, new ClientProperties(client));
// put domain in context data
routingContext.put(ConstantKeys.DOMAIN_CONTEXT_KEY, domain);
// put login settings in context data
LoginSettings loginSettings = LoginSettings.getInstance(domain, client);
var optionalSettings = ofNullable(loginSettings).filter(Objects::nonNull);
boolean isIdentifierFirstLoginEnabled = optionalSettings.map(LoginSettings::isIdentifierFirstEnabled).orElse(false);
routingContext.put(ALLOW_FORGOT_PASSWORD_CONTEXT_KEY, optionalSettings.map(LoginSettings::isForgotPasswordEnabled).orElse(false));
routingContext.put(ALLOW_REGISTER_CONTEXT_KEY, optionalSettings.map(LoginSettings::isRegisterEnabled).orElse(false));
routingContext.put(ALLOW_PASSWORDLESS_CONTEXT_KEY, optionalSettings.map(LoginSettings::isPasswordlessEnabled).orElse(false));
routingContext.put(HIDE_FORM_CONTEXT_KEY, optionalSettings.map(LoginSettings::isHideForm).orElse(false));
routingContext.put(IDENTIFIER_FIRST_LOGIN_CONTEXT_KEY, isIdentifierFirstLoginEnabled);
// put request in context
EvaluableRequest evaluableRequest = new EvaluableRequest(new VertxHttpServerRequest(routingContext.request().getDelegate(), true));
routingContext.put(REQUEST_CONTEXT_KEY, evaluableRequest);
// put error in context
final String error = routingContext.request().getParam(ConstantKeys.ERROR_PARAM_KEY);
final String errorDescription = routingContext.request().getParam(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY);
routingContext.put(ConstantKeys.ERROR_PARAM_KEY, error);
routingContext.put(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
// put parameters in context (backward compatibility)
Map<String, String> params = new HashMap<>(evaluableRequest.getParams().toSingleValueMap());
params.put(ConstantKeys.ERROR_PARAM_KEY, error);
params.put(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
final String loginHint = routingContext.request().getParam(Parameters.LOGIN_HINT);
if (loginHint != null) {
params.put(ConstantKeys.USERNAME_PARAM_KEY, loginHint);
}
routingContext.put(ConstantKeys.PARAM_CONTEXT_KEY, params);
// put action urls in context
final MultiMap queryParams = getCleanedQueryParams(routingContext.request());
routingContext.put(ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.request().path(), queryParams, true));
routingContext.put(FORGOT_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/forgotPassword", queryParams, true));
routingContext.put(REGISTER_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/register", queryParams, true));
routingContext.put(WEBAUTHN_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/webauthn/login", queryParams, true));
if (isIdentifierFirstLoginEnabled) {
routingContext.put(LOGIN_IDENTIFIER_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/login/identifier", queryParams, true));
}
}
use of io.gravitee.am.gateway.handler.context.EvaluableRequest in project gravitee-access-management by gravitee-io.
the class EnrichProfilePolicyTest method init.
@Before
public void init() {
reset(configuration, executionContext, request, response);
Request request = new RequestWrapper(mock(Request.class)) {
@Override
public MultiValueMap<String, String> parameters() {
LinkedMultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
parameters.add(REQUEST_PARAM, PARAM_VALUE);
return parameters;
}
};
TemplateEngine tplEngine = new SpelTemplateEngineFactory().templateEngine();
tplEngine.getTemplateContext().setVariable("request", new EvaluableRequest(request));
when(executionContext.getTemplateEngine()).thenReturn(tplEngine);
when(executionContext.getComponent(UserRepository.class)).thenReturn(userRepository);
}
use of io.gravitee.am.gateway.handler.context.EvaluableRequest in project gravitee-access-management by gravitee-io.
the class EnrichAuthFlowPolicyTest method init.
@Before
public void init() {
reset(configuration, executionContext, request, response, authContextRepository);
Request request = new RequestWrapper(mock(Request.class)) {
@Override
public MultiValueMap<String, String> parameters() {
LinkedMultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
parameters.add(REQUEST_PARAM, PARAM_VALUE);
return parameters;
}
};
TemplateEngine tplEngine = new SpelTemplateEngineFactory().templateEngine();
tplEngine.getTemplateContext().setVariable("request", new EvaluableRequest(request));
when(executionContext.getTemplateEngine()).thenReturn(tplEngine);
when(executionContext.getComponent(AuthenticationFlowContextRepository.class)).thenReturn(this.authContextRepository);
when(environment.getProperty("authenticationFlow.expirationTimeOut", Integer.class, 300)).thenReturn(300);
when(executionContext.getComponent(Environment.class)).thenReturn(environment);
}
Aggregations