Example 1 with WebAuthnRegisterEndpoint
use of io.gravitee.am.gateway.handler.root.resources.endpoint.webauthn.WebAuthnRegisterEndpoint in project gravitee-access-management by gravitee-io.
the class RootProvider method doStart.
@Override
protected void doStart() throws Exception {
super.doStart();
// create the root router
final Router rootRouter = Router.router(vertx);
// body handler
bodyHandler(rootRouter);
// static handler
staticHandler(rootRouter);
// session cookie handler
sessionAndCookieHandler(rootRouter);
// GraviteeContext handler
authFlowContextHandler(rootRouter);
// CSRF handler
csrfHandler(rootRouter);
// CSP Handler
cspHandler(rootRouter);
// common handler
Handler<RoutingContext> userTokenRequestParseHandler = new UserTokenRequestParseHandler(userService);
Handler<RoutingContext> clientRequestParseHandler = new ClientRequestParseHandler(clientSyncService).setRequired(true);
Handler<RoutingContext> clientRequestParseHandlerOptional = new ClientRequestParseHandler(clientSyncService);
Handler<RoutingContext> passwordPolicyRequestParseHandler = new PasswordPolicyRequestParseHandler(passwordService, domain);
Handler<RoutingContext> botDetectionHandler = new BotDetectionHandler(domain, botDetectionManager);
Handler<RoutingContext> geoIpHandler = new GeoIpHandler(vertx.eventBus());
Handler<RoutingContext> loginAttemptHandler = new LoginAttemptHandler(domain, identityProviderManager, loginAttemptService);
Handler<RoutingContext> rememberDeviceSettingsHandler = new RememberDeviceSettingsHandler();
final DeviceIdentifierHandler deviceIdentifierHandler = new DeviceIdentifierHandler(deviceService);
// Root policy chain handler
rootRouter.route().handler(new ClientRequestParseHandler(clientSyncService).setContinueOnError(true)).handler(geoIpHandler).handler(policyChainHandler.create(ExtensionPoint.ROOT));
// Identifier First Login route
rootRouter.route(PATH_IDENTIFIER_FIRST_LOGIN).handler(clientRequestParseHandler).handler(botDetectionHandler).handler(new LoginSocialAuthenticationHandler(identityProviderManager, jwtService, certificateManager)).handler(new IdentifierFirstLoginEndpoint(thymeleafTemplateEngine, domain, botDetectionManager));
// login route
rootRouter.get(PATH_LOGIN).handler(clientRequestParseHandler).handler(new LoginSocialAuthenticationHandler(identityProviderManager, jwtService, certificateManager)).handler(policyChainHandler.create(ExtensionPoint.PRE_LOGIN)).handler(new LoginHideFormHandler(domain)).handler(new LoginEndpoint(thymeleafTemplateEngine, domain, botDetectionManager, deviceIdentifierManager));
rootRouter.post(PATH_LOGIN).handler(clientRequestParseHandler).handler(botDetectionHandler).handler(loginAttemptHandler).handler(new LoginFormHandler(userAuthProvider)).handler(deviceIdentifierHandler).handler(policyChainHandler.create(ExtensionPoint.POST_LOGIN)).handler(new LoginPostEndpoint());
rootRouter.route(PATH_LOGIN).failureHandler(new LoginFailureHandler(authenticationFlowContextService));
// logout route
rootRouter.route(PATH_LOGOUT).handler(new LogoutEndpoint(domain, clientSyncService, jwtService, userService, authenticationFlowContextService, identityProviderManager, certificateManager, webClient));
rootRouter.route(PATH_LOGOUT_CALLBACK).handler(new LogoutCallbackEndpoint(domain, clientSyncService, jwtService, userService, authenticationFlowContextService, certificateManager));
// SSO/Social login route
Handler<RoutingContext> socialAuthHandler = SocialAuthHandler.create(new SocialAuthenticationProvider(userAuthenticationManager, eventManager, domain));
Handler<RoutingContext> loginCallbackParseHandler = new LoginCallbackParseHandler(clientSyncService, identityProviderManager, jwtService, certificateManager);
Handler<RoutingContext> loginCallbackOpenIDConnectFlowHandler = new LoginCallbackOpenIDConnectFlowHandler(thymeleafTemplateEngine);
Handler<RoutingContext> loginCallbackFailureHandler = new LoginCallbackFailureHandler(authenticationFlowContextService);
Handler<RoutingContext> loginCallbackEndpoint = new LoginCallbackEndpoint();
Handler<RoutingContext> loginSSOPOSTEndpoint = new LoginSSOPOSTEndpoint(thymeleafTemplateEngine);
rootRouter.get(PATH_LOGIN_CALLBACK).handler(loginCallbackOpenIDConnectFlowHandler).handler(loginCallbackParseHandler).handler(socialAuthHandler).handler(policyChainHandler.create(ExtensionPoint.POST_LOGIN)).handler(loginCallbackEndpoint).failureHandler(loginCallbackFailureHandler);
rootRouter.post(PATH_LOGIN_CALLBACK).handler(loginCallbackOpenIDConnectFlowHandler).handler(loginCallbackParseHandler).handler(socialAuthHandler).handler(policyChainHandler.create(ExtensionPoint.POST_LOGIN)).handler(loginCallbackEndpoint).failureHandler(loginCallbackFailureHandler);
rootRouter.get(PATH_LOGIN_SSO_POST).handler(loginSSOPOSTEndpoint);
rootRouter.get(PATH_LOGIN_SSO_SPNEGO).handler(policyChainHandler.create(ExtensionPoint.PRE_LOGIN)).handler(new LoginNegotiateAuthenticationHandler(userAuthProvider, thymeleafTemplateEngine)).handler(policyChainHandler.create(ExtensionPoint.POST_LOGIN)).handler(new LoginPostEndpoint());
// MFA route
rootRouter.route(PATH_MFA_ENROLL).handler(clientRequestParseHandler).handler(new MFAEnrollEndpoint(factorManager, thymeleafTemplateEngine, userService, domain));
rootRouter.route(PATH_MFA_CHALLENGE).handler(clientRequestParseHandler).handler(rememberDeviceSettingsHandler).handler(new MFAChallengeEndpoint(factorManager, userService, thymeleafTemplateEngine, deviceService, applicationContext, domain));
rootRouter.route(PATH_MFA_CHALLENGE_ALTERNATIVES).handler(clientRequestParseHandler).handler(new MFAChallengeAlternativesEndpoint(thymeleafTemplateEngine, factorManager));
rootRouter.route(PATH_MFA_RECOVERY_CODE).handler(clientRequestParseHandler).handler(new MFARecoveryCodeEndpoint(thymeleafTemplateEngine, domain, userService));
// WebAuthn route
Handler<RoutingContext> webAuthnAccessHandler = new WebAuthnAccessHandler(domain);
rootRouter.route(PATH_WEBAUTHN_REGISTER).handler(clientRequestParseHandler).handler(webAuthnAccessHandler).handler(new WebAuthnRegisterEndpoint(domain, userAuthenticationManager, webAuthn, thymeleafTemplateEngine));
rootRouter.route(PATH_WEBAUTHN_LOGIN).handler(clientRequestParseHandler).handler(webAuthnAccessHandler).handler(new WebAuthnLoginEndpoint(domain, userAuthenticationManager, webAuthn, thymeleafTemplateEngine, deviceIdentifierManager, deviceService));
rootRouter.post(PATH_WEBAUTHN_RESPONSE).handler(clientRequestParseHandler).handler(webAuthnAccessHandler).handler(new WebAuthnResponseEndpoint(userAuthenticationManager, webAuthn, credentialService, domain));
// Registration route
Handler<RoutingContext> registerAccessHandler = new RegisterAccessHandler(domain);
rootRouter.route(HttpMethod.GET, PATH_REGISTER).handler(clientRequestParseHandler).handler(registerAccessHandler).handler(policyChainHandler.create(ExtensionPoint.PRE_REGISTER)).handler(new RegisterEndpoint(thymeleafTemplateEngine, domain, botDetectionManager));
rootRouter.route(HttpMethod.POST, PATH_REGISTER).handler(new RegisterSubmissionRequestParseHandler()).handler(clientRequestParseHandlerOptional).handler(botDetectionHandler).handler(registerAccessHandler).handler(passwordPolicyRequestParseHandler).handler(new RegisterProcessHandler(userService, domain)).handler(policyChainHandler.create(ExtensionPoint.POST_REGISTER)).handler(new RegisterSubmissionEndpoint());
rootRouter.route(PATH_REGISTER).failureHandler(new RegisterFailureHandler());
rootRouter.route(HttpMethod.GET, PATH_CONFIRM_REGISTRATION).handler(new RegisterConfirmationRequestParseHandler(userService)).handler(clientRequestParseHandlerOptional).handler(new RegisterConfirmationEndpoint(thymeleafTemplateEngine, domain));
rootRouter.route(HttpMethod.POST, PATH_CONFIRM_REGISTRATION).handler(new RegisterConfirmationSubmissionRequestParseHandler()).handler(userTokenRequestParseHandler).handler(passwordPolicyRequestParseHandler).handler(policyChainHandler.create(ExtensionPoint.POST_REGISTER)).handler(new RegisterConfirmationSubmissionEndpoint(userService));
// Forgot password route
Handler<RoutingContext> forgotPasswordAccessHandler = new ForgotPasswordAccessHandler(domain);
rootRouter.route(HttpMethod.GET, PATH_FORGOT_PASSWORD).handler(clientRequestParseHandler).handler(forgotPasswordAccessHandler).handler(new ForgotPasswordEndpoint(thymeleafTemplateEngine, domain, botDetectionManager));
rootRouter.route(HttpMethod.POST, PATH_FORGOT_PASSWORD).handler(new ForgotPasswordSubmissionRequestParseHandler(domain)).handler(clientRequestParseHandler).handler(botDetectionHandler).handler(forgotPasswordAccessHandler).handler(new ForgotPasswordSubmissionEndpoint(userService, domain));
rootRouter.route(HttpMethod.GET, PATH_RESET_PASSWORD).handler(new ResetPasswordRequestParseHandler(userService)).handler(clientRequestParseHandlerOptional).handler(userTokenRequestParseHandler).handler(new ResetPasswordOneTimeTokenHandler()).handler(policyChainHandler.create(ExtensionPoint.PRE_RESET_PASSWORD)).handler(new ResetPasswordEndpoint(thymeleafTemplateEngine, domain));
rootRouter.route(HttpMethod.POST, PATH_RESET_PASSWORD).handler(new ResetPasswordSubmissionRequestParseHandler()).handler(userTokenRequestParseHandler).handler(new ResetPasswordOneTimeTokenHandler()).handler(passwordPolicyRequestParseHandler).handler(policyChainHandler.create(ExtensionPoint.POST_RESET_PASSWORD)).handler(new ResetPasswordSubmissionEndpoint(userService));
// error route
rootRouter.route(HttpMethod.GET, PATH_ERROR).handler(new ErrorEndpoint(domain, thymeleafTemplateEngine, clientSyncService, jwtService));
// error handler
errorHandler(rootRouter);
// mount root router
router.mountSubRouter(path(), rootRouter);
}
Also used :
RememberDeviceSettingsHandler(io.gravitee.am.gateway.handler.root.resources.handler.rememberdevice.RememberDeviceSettingsHandler)
LoginCallbackEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginCallbackEndpoint)
GeoIpHandler(io.gravitee.am.gateway.handler.root.resources.handler.geoip.GeoIpHandler)
WebAuthnLoginEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.webauthn.WebAuthnLoginEndpoint)
RoutingContext(io.vertx.reactivex.ext.web.RoutingContext)
LoginAttemptHandler(io.gravitee.am.gateway.handler.root.resources.handler.loginattempt.LoginAttemptHandler)
RegisterSubmissionEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.register.RegisterSubmissionEndpoint)
ClientRequestParseHandler(io.gravitee.am.gateway.handler.root.resources.handler.client.ClientRequestParseHandler)
ResetPasswordSubmissionEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ResetPasswordSubmissionEndpoint)
LogoutEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.logout.LogoutEndpoint)
PasswordPolicyRequestParseHandler(io.gravitee.am.gateway.handler.root.resources.handler.user.PasswordPolicyRequestParseHandler)
Router(io.vertx.reactivex.ext.web.Router)
ErrorEndpoint(io.gravitee.am.gateway.handler.common.vertx.web.endpoint.ErrorEndpoint)
LoginSSOPOSTEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginSSOPOSTEndpoint)
LoginPostEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginPostEndpoint)
UserTokenRequestParseHandler(io.gravitee.am.gateway.handler.root.resources.handler.user.UserTokenRequestParseHandler)
RegisterConfirmationSubmissionEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.register.RegisterConfirmationSubmissionEndpoint)
MFAChallengeEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFAChallengeEndpoint)
WebAuthnRegisterEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.webauthn.WebAuthnRegisterEndpoint)
MFAChallengeAlternativesEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFAChallengeAlternativesEndpoint)
SocialAuthenticationProvider(io.gravitee.am.gateway.handler.root.resources.auth.provider.SocialAuthenticationProvider)
WebAuthnResponseEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.webauthn.WebAuthnResponseEndpoint)
WebAuthnRegisterEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.webauthn.WebAuthnRegisterEndpoint)
RegisterEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.register.RegisterEndpoint)
BotDetectionHandler(io.gravitee.am.gateway.handler.root.resources.handler.botdetection.BotDetectionHandler)
MFAEnrollEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFAEnrollEndpoint)
ForgotPasswordSubmissionEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ForgotPasswordSubmissionEndpoint)
IdentifierFirstLoginEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.identifierfirst.IdentifierFirstLoginEndpoint)
MFARecoveryCodeEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFARecoveryCodeEndpoint)
LogoutCallbackEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.logout.LogoutCallbackEndpoint)
DeviceIdentifierHandler(io.gravitee.am.gateway.handler.root.resources.handler.rememberdevice.DeviceIdentifierHandler)
WebAuthnLoginEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.webauthn.WebAuthnLoginEndpoint)
LoginEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginEndpoint)
IdentifierFirstLoginEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.identifierfirst.IdentifierFirstLoginEndpoint)
RegisterConfirmationEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.register.RegisterConfirmationEndpoint)
ResetPasswordEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ResetPasswordEndpoint)
ForgotPasswordEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ForgotPasswordEndpoint)
WebAuthnAccessHandler(io.gravitee.am.gateway.handler.root.resources.handler.webauthn.WebAuthnAccessHandler)
Aggregations
ErrorEndpoint (io.gravitee.am.gateway.handler.common.vertx.web.endpoint.ErrorEndpoint)1
SocialAuthenticationProvider (io.gravitee.am.gateway.handler.root.resources.auth.provider.SocialAuthenticationProvider)1
IdentifierFirstLoginEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.identifierfirst.IdentifierFirstLoginEndpoint)1
LoginCallbackEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginCallbackEndpoint)1
LoginEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginEndpoint)1
LoginPostEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginPostEndpoint)1
LoginSSOPOSTEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.login.LoginSSOPOSTEndpoint)1
LogoutCallbackEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.logout.LogoutCallbackEndpoint)1
LogoutEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.logout.LogoutEndpoint)1
MFAChallengeAlternativesEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFAChallengeAlternativesEndpoint)1
MFAChallengeEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFAChallengeEndpoint)1
MFAEnrollEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFAEnrollEndpoint)1
MFARecoveryCodeEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.mfa.MFARecoveryCodeEndpoint)1
ForgotPasswordEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ForgotPasswordEndpoint)1
ForgotPasswordSubmissionEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ForgotPasswordSubmissionEndpoint)1
ResetPasswordEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ResetPasswordEndpoint)1
ResetPasswordSubmissionEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.user.password.ResetPasswordSubmissionEndpoint)1
RegisterConfirmationEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.user.register.RegisterConfirmationEndpoint)1
RegisterConfirmationSubmissionEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.user.register.RegisterConfirmationSubmissionEndpoint)1
RegisterEndpoint (io.gravitee.am.gateway.handler.root.resources.endpoint.user.register.RegisterEndpoint)1
