Examples with LoginSettings io.gravitee.am.model.login.LoginSettings used on opensource projects

Search in sources :

Example 1 with LoginSettings

use of io.gravitee.am.model.login.LoginSettings in project gravitee-access-management by gravitee-io.

the class WebAuthnRegisterStep method execute.

@Override
public void execute(RoutingContext routingContext, AuthenticationFlowChain flow) {
    final Client client = routingContext.get(ConstantKeys.CLIENT_CONTEXT_KEY);
    final Session session = routingContext.session();
    // check if WebAuthn is enabled
    LoginSettings loginSettings = LoginSettings.getInstance(domain, client);
    if (loginSettings == null || !loginSettings.isPasswordlessEnabled()) {
        flow.doNext(routingContext);
        return;
    }
    // check if user is already authenticated with passwordless
    if (Boolean.TRUE.equals(session.get(ConstantKeys.PASSWORDLESS_AUTH_COMPLETED_KEY))) {
        flow.doNext(routingContext);
        return;
    }
    // check if user has skipped registration step
    if (Boolean.TRUE.equals(session.get(ConstantKeys.WEBAUTHN_SKIPPED_KEY))) {
        flow.doNext(routingContext);
        return;
    }
    // else go to the WebAuthn registration page
    flow.exit(this);
}
Also used : LoginSettings(io.gravitee.am.model.login.LoginSettings) Client(io.gravitee.am.model.oidc.Client) Session(io.vertx.reactivex.ext.web.Session)

Example 2 with LoginSettings

use of io.gravitee.am.model.login.LoginSettings in project gravitee-access-management by gravitee-io.

the class IdentifierFirstLoginEndpoint method renderLoginPage.

private void renderLoginPage(RoutingContext routingContext) {
    final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
    // remove sensible client data
    routingContext.put(CLIENT_CONTEXT_KEY, new ClientProperties(client));
    // put domain in context data
    routingContext.put(DOMAIN_CONTEXT_KEY, domain);
    // put request in context
    final HttpServerRequest request = routingContext.request();
    EvaluableRequest evaluableRequest = new EvaluableRequest(new VertxHttpServerRequest(request.getDelegate(), true));
    routingContext.put(REQUEST_CONTEXT_KEY, evaluableRequest);
    // put login settings in context
    LoginSettings loginSettings = LoginSettings.getInstance(domain, client);
    var optionalSettings = ofNullable(loginSettings).filter(Objects::nonNull);
    routingContext.put(ALLOW_REGISTER_CONTEXT_KEY, optionalSettings.map(LoginSettings::isRegisterEnabled).orElse(false));
    routingContext.put(ALLOW_PASSWORDLESS_CONTEXT_KEY, optionalSettings.map(LoginSettings::isPasswordlessEnabled).orElse(false));
    // put error in context
    final String error = request.getParam(ERROR_PARAM_KEY);
    final String errorDescription = request.getParam(ERROR_DESCRIPTION_PARAM_KEY);
    routingContext.put(ERROR_PARAM_KEY, error);
    routingContext.put(ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
    // put parameters in context (backward compatibility)
    Map<String, String> params = new HashMap<>(evaluableRequest.getParams().toSingleValueMap());
    params.put(ERROR_PARAM_KEY, error);
    params.put(ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
    routingContext.put(PARAM_CONTEXT_KEY, params);
    // put actions in context
    final MultiMap queryParams = RequestUtils.getCleanedQueryParams(request);
    routingContext.put(ACTION_KEY, resolveProxyRequest(request, routingContext.get(CONTEXT_PATH) + "/login/identifier", queryParams, true));
    routingContext.put(REGISTER_ACTION_KEY, UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/register", queryParams, true));
    routingContext.put(WEBAUTHN_ACTION_KEY, UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/webauthn/login", queryParams, true));
    final Map<String, Object> data = generateData(routingContext, domain, client);
    data.putAll(botDetectionManager.getTemplateVariables(domain, client));
    this.renderPage(routingContext, data, client, logger, "Unable to render Identifier-first login page");
}
Also used : ClientProperties(io.gravitee.am.model.safe.ClientProperties) HashMap(java.util.HashMap) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) VertxHttpServerRequest(io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest) EvaluableRequest(io.gravitee.am.gateway.handler.context.EvaluableRequest) VertxHttpServerRequest(io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest) MultiMap(io.vertx.reactivex.core.MultiMap) LoginSettings(io.gravitee.am.model.login.LoginSettings) Objects(java.util.Objects) Client(io.gravitee.am.model.oidc.Client)

Example 3 with LoginSettings

use of io.gravitee.am.model.login.LoginSettings in project gravitee-access-management by gravitee-io.

the class LoginEndpoint method prepareContext.

private void prepareContext(RoutingContext routingContext, Client client) {
    // remove sensible client data
    routingContext.put(ConstantKeys.CLIENT_CONTEXT_KEY, new ClientProperties(client));
    // put domain in context data
    routingContext.put(ConstantKeys.DOMAIN_CONTEXT_KEY, domain);
    // put login settings in context data
    LoginSettings loginSettings = LoginSettings.getInstance(domain, client);
    var optionalSettings = ofNullable(loginSettings).filter(Objects::nonNull);
    boolean isIdentifierFirstLoginEnabled = optionalSettings.map(LoginSettings::isIdentifierFirstEnabled).orElse(false);
    routingContext.put(ALLOW_FORGOT_PASSWORD_CONTEXT_KEY, optionalSettings.map(LoginSettings::isForgotPasswordEnabled).orElse(false));
    routingContext.put(ALLOW_REGISTER_CONTEXT_KEY, optionalSettings.map(LoginSettings::isRegisterEnabled).orElse(false));
    routingContext.put(ALLOW_PASSWORDLESS_CONTEXT_KEY, optionalSettings.map(LoginSettings::isPasswordlessEnabled).orElse(false));
    routingContext.put(HIDE_FORM_CONTEXT_KEY, optionalSettings.map(LoginSettings::isHideForm).orElse(false));
    routingContext.put(IDENTIFIER_FIRST_LOGIN_CONTEXT_KEY, isIdentifierFirstLoginEnabled);
    // put request in context
    EvaluableRequest evaluableRequest = new EvaluableRequest(new VertxHttpServerRequest(routingContext.request().getDelegate(), true));
    routingContext.put(REQUEST_CONTEXT_KEY, evaluableRequest);
    // put error in context
    final String error = routingContext.request().getParam(ConstantKeys.ERROR_PARAM_KEY);
    final String errorDescription = routingContext.request().getParam(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY);
    routingContext.put(ConstantKeys.ERROR_PARAM_KEY, error);
    routingContext.put(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
    // put parameters in context (backward compatibility)
    Map<String, String> params = new HashMap<>(evaluableRequest.getParams().toSingleValueMap());
    params.put(ConstantKeys.ERROR_PARAM_KEY, error);
    params.put(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
    final String loginHint = routingContext.request().getParam(Parameters.LOGIN_HINT);
    if (loginHint != null) {
        params.put(ConstantKeys.USERNAME_PARAM_KEY, loginHint);
    }
    routingContext.put(ConstantKeys.PARAM_CONTEXT_KEY, params);
    // put action urls in context
    final MultiMap queryParams = getCleanedQueryParams(routingContext.request());
    routingContext.put(ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.request().path(), queryParams, true));
    routingContext.put(FORGOT_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/forgotPassword", queryParams, true));
    routingContext.put(REGISTER_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/register", queryParams, true));
    routingContext.put(WEBAUTHN_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/webauthn/login", queryParams, true));
    if (isIdentifierFirstLoginEnabled) {
        routingContext.put(LOGIN_IDENTIFIER_ACTION_KEY, resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/login/identifier", queryParams, true));
    }
}
Also used : MultiMap(io.vertx.reactivex.core.MultiMap) ClientProperties(io.gravitee.am.model.safe.ClientProperties) HashMap(java.util.HashMap) LoginSettings(io.gravitee.am.model.login.LoginSettings) Objects(java.util.Objects) EvaluableRequest(io.gravitee.am.gateway.handler.context.EvaluableRequest) VertxHttpServerRequest(io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest)

Example 4 with LoginSettings

use of io.gravitee.am.model.login.LoginSettings in project gravitee-access-management by gravitee-io.

the class ApplicationRepositoryTest method buildApplicationSettings.

private static ApplicationSettings buildApplicationSettings() {
    ApplicationSettings settings = new ApplicationSettings();
    settings.setLogin(new LoginSettings());
    ApplicationOAuthSettings oauth = new ApplicationOAuthSettings();
    oauth.setGrantTypes(Collections.singletonList("authorization_code"));
    settings.setOauth(oauth);
    oauth.setBackchannelAuthRequestSignAlg("test");
    oauth.setBackchannelUserCodeParameter(true);
    oauth.setBackchannelTokenDeliveryMode("poll");
    oauth.setBackchannelClientNotificationEndpoint("ciba_endpoint");
    ApplicationScopeSettings scopeSettings = new ApplicationScopeSettings();
    scopeSettings.setScope("scopename");
    scopeSettings.setDefaultScope(true);
    scopeSettings.setScopeApproval(42);
    oauth.setScopeSettings(List.of(scopeSettings));
    return settings;
}
Also used : ApplicationOAuthSettings(io.gravitee.am.model.application.ApplicationOAuthSettings) ApplicationSettings(io.gravitee.am.model.application.ApplicationSettings) LoginSettings(io.gravitee.am.model.login.LoginSettings) ApplicationScopeSettings(io.gravitee.am.model.application.ApplicationScopeSettings)

Example 5 with LoginSettings

use of io.gravitee.am.model.login.LoginSettings in project gravitee-access-management by gravitee-io.

the class PatchDomainTest method testGetRequiredPermissions.

@Test
public void testGetRequiredPermissions() {
    PatchDomain patchDomain = new PatchDomain();
    assertEquals(Collections.emptySet(), patchDomain.getRequiredPermissions());
    patchDomain.setName(Optional.of("patchName"));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setDescription(Optional.of("patchDescription"));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setEnabled(Optional.of(true));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setPath(Optional.of("patchPath"));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setLoginSettings(Optional.of(new LoginSettings()));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setAccountSettings(Optional.of(new AccountSettings()));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setTags(Optional.of(Collections.singleton("patchTag")));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    PatchOIDCSettings oidcSettings = new PatchOIDCSettings();
    patchDomain.setOidc(Optional.of(oidcSettings));
    assertEquals(Collections.emptySet(), patchDomain.getRequiredPermissions());
    oidcSettings.setClientRegistrationSettings(Optional.of(new PatchClientRegistrationSettings()));
    oidcSettings.setRedirectUriStrictMatching(Optional.of(true));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_OPENID)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setScim(Optional.of(new SCIMSettings()));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SCIM)), patchDomain.getRequiredPermissions());
    patchDomain = new PatchDomain();
    patchDomain.setUma(Optional.of(new UMASettings()));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_UMA)), patchDomain.getRequiredPermissions());
    // Check multiple permissions.
    patchDomain = new PatchDomain();
    patchDomain.setPath(Optional.of("patchPath"));
    patchDomain.setOidc(Optional.of(oidcSettings));
    patchDomain.setScim(Optional.of(new SCIMSettings()));
    assertEquals(new HashSet<>(Arrays.asList(Permission.DOMAIN_SETTINGS, Permission.DOMAIN_OPENID, Permission.DOMAIN_SCIM)), patchDomain.getRequiredPermissions());
}
Also used : AccountSettings(io.gravitee.am.model.account.AccountSettings) SCIMSettings(io.gravitee.am.model.scim.SCIMSettings) PatchOIDCSettings(io.gravitee.am.service.model.openid.PatchOIDCSettings) LoginSettings(io.gravitee.am.model.login.LoginSettings) PatchClientRegistrationSettings(io.gravitee.am.service.model.openid.PatchClientRegistrationSettings) UMASettings(io.gravitee.am.model.uma.UMASettings) Test(org.junit.Test)

Aggregations

LoginSettings (io.gravitee.am.model.login.LoginSettings)15 Client (io.gravitee.am.model.oidc.Client)9 Domain (io.gravitee.am.model.Domain)4 AccountSettings (io.gravitee.am.model.account.AccountSettings)3 SCIMSettings (io.gravitee.am.model.scim.SCIMSettings)3 Objects (java.util.Objects)3 VertxHttpServerRequest (io.gravitee.am.gateway.handler.common.vertx.core.http.VertxHttpServerRequest)2 ErrorHandler (io.gravitee.am.gateway.handler.common.vertx.web.handler.ErrorHandler)2 EvaluableRequest (io.gravitee.am.gateway.handler.context.EvaluableRequest)2 ClientRequestParseHandler (io.gravitee.am.gateway.handler.root.resources.handler.client.ClientRequestParseHandler)2 OIDCSettings (io.gravitee.am.model.oidc.OIDCSettings)2 ClientProperties (io.gravitee.am.model.safe.ClientProperties)2 UMASettings (io.gravitee.am.model.uma.UMASettings)2 MultiMap (io.vertx.reactivex.core.MultiMap)2 HashMap (java.util.HashMap)2 AuthenticationFlowChain (io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.AuthenticationFlowChain)1 FormIdentifierFirstLoginStep (io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.FormIdentifierFirstLoginStep)1 IdentityProvider (io.gravitee.am.model.IdentityProvider)1 SelfServiceAccountManagementSettings (io.gravitee.am.model.SelfServiceAccountManagementSettings)1 VirtualHost (io.gravitee.am.model.VirtualHost)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial