Examples with Client io.gravitee.am.model.oidc.Client used on opensource projects

Search in sources :

Example 26 with Client

use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.

the class MFAChallengeAlternativesEndpoint method get.

private void get(RoutingContext routingContext) {
    if (routingContext.user() == null) {
        logger.warn("User must be authenticated to access MFA challenge alternatives page.");
        routingContext.fail(new HttpException(401, "User must be authenticated to access MFA challenge alternatives page."));
        return;
    }
    final User endUser = ((io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) routingContext.user().getDelegate()).getUser();
    if (endUser.getFactors() == null || endUser.getFactors().size() <= 1) {
        logger.warn("User must have at least two enrolled factors to access MFA challenge alternatives page.");
        routingContext.fail(new HttpException(400, "User must have at least two enrolled factors to access MFA challenge alternatives page."));
        return;
    }
    // prepare context
    final Client client = routingContext.get(ConstantKeys.CLIENT_CONTEXT_KEY);
    final List<Factor> factors = endUser.getFactors().stream().filter(enrolledFactor -> factorManager.get(enrolledFactor.getFactorId()) != null).map(enrolledFactor -> new Factor(factorManager.getFactor(enrolledFactor.getFactorId()), enrolledFactor)).collect(Collectors.toList());
    final MultiMap queryParams = RequestUtils.getCleanedQueryParams(routingContext.request());
    final String action = UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.request().path(), queryParams, true);
    routingContext.put(ConstantKeys.FACTORS_KEY, factors);
    routingContext.put(ConstantKeys.ACTION_KEY, action);
    // render the mfa challenge alternatives page
    this.renderPage(routingContext, routingContext.data(), client, logger, "Unable to render MFA challenge alternatives page");
}
Also used : RequestUtils(io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils) HttpHeaders(io.gravitee.common.http.HttpHeaders) Logger(org.slf4j.Logger) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) Client(io.gravitee.am.model.oidc.Client) TemplateEngine(io.vertx.reactivex.ext.web.common.template.TemplateEngine) LoggerFactory(org.slf4j.LoggerFactory) ConstantKeys(io.gravitee.am.common.utils.ConstantKeys) HttpServerResponse(io.vertx.reactivex.core.http.HttpServerResponse) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) Collectors(java.util.stream.Collectors) UriBuilderRequest(io.gravitee.am.gateway.handler.common.vertx.utils.UriBuilderRequest) MultiMap(io.vertx.reactivex.core.MultiMap) List(java.util.List) AbstractEndpoint(io.gravitee.am.gateway.handler.root.resources.endpoint.AbstractEndpoint) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) Template(io.gravitee.am.model.Template) CONTEXT_PATH(io.gravitee.am.gateway.handler.common.vertx.utils.UriBuilderRequest.CONTEXT_PATH) User(io.gravitee.am.model.User) Handler(io.vertx.core.Handler) HttpException(io.vertx.ext.web.handler.HttpException) FactorManager(io.gravitee.am.gateway.handler.common.factor.FactorManager) User(io.gravitee.am.model.User) MultiMap(io.vertx.reactivex.core.MultiMap) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) HttpException(io.vertx.ext.web.handler.HttpException) Client(io.gravitee.am.model.oidc.Client)

Example 27 with Client

use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.

the class MFAEnrollEndpoint method renderPage.

private void renderPage(RoutingContext routingContext) {
    try {
        if (routingContext.user() == null) {
            logger.warn("User must be authenticated to enroll MFA challenge.");
            routingContext.fail(401);
            return;
        }
        final io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) routingContext.user().getDelegate()).getUser();
        final Client client = routingContext.get(ConstantKeys.CLIENT_CONTEXT_KEY);
        final Map<io.gravitee.am.model.Factor, FactorProvider> factors = getFactors(client);
        // Create post action url.
        final MultiMap queryParams = RequestUtils.getCleanedQueryParams(routingContext.request());
        final String action = UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.request().path(), queryParams, true);
        // load factor providers
        load(factors, endUser, h -> {
            if (h.failed()) {
                logger.error("An error occurs while loading factor providers", h.cause());
                routingContext.fail(503);
                return;
            }
            // put factors in context
            routingContext.put("factors", factorsToRender(h.result()));
            if (endUser.getPhoneNumbers() != null && !endUser.getPhoneNumbers().isEmpty()) {
                routingContext.put("phoneNumber", endUser.getPhoneNumbers().stream().filter(attribute -> Boolean.TRUE.equals(attribute.isPrimary())).findFirst().orElse(endUser.getPhoneNumbers().get(0)).getValue());
            }
            if (endUser.getEmail() != null && !endUser.getEmail().isEmpty()) {
                routingContext.put("emailAddress", endUser.getEmail());
            }
            routingContext.put(ConstantKeys.MFA_FORCE_ENROLLMENT, isForceMfaActive(client));
            routingContext.put(ConstantKeys.ACTION_KEY, action);
            // render the mfa enroll page
            this.renderPage(routingContext, generateData(routingContext, domain, client), client, logger, "Unable to render MFA enroll page");
        });
    } catch (Exception ex) {
        logger.error("An error occurs while rendering MFA enroll page", ex);
        routingContext.fail(503);
    }
}
Also used : FactorProvider(io.gravitee.am.factor.api.FactorProvider) MultiMap(io.vertx.reactivex.core.MultiMap) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) io.gravitee.am.model(io.gravitee.am.model) Client(io.gravitee.am.model.oidc.Client)

Example 28 with Client

use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.

the class MFARecoveryCodeEndpoint method renderPage.

private void renderPage(RoutingContext routingContext) {
    if (failIfUserIsNotPresent(routingContext)) {
        return;
    }
    try {
        final io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) routingContext.user().getDelegate()).getUser();
        final Client client = routingContext.get(ConstantKeys.CLIENT_CONTEXT_KEY);
        // recovery code
        final Optional<EnrolledFactorSecurity> factorSecurity = userEnrolledFactorSecurity(endUser);
        if (factorSecurity.isPresent()) {
            final List<String> recoveryCodeList = (List<String>) factorSecurity.get().getAdditionalData().get(RECOVERY_CODE);
            // add recoveryCodeList to the context for thymeleaf
            final String recoveryCodes = "recoveryCodes";
            routingContext.put(recoveryCodes, recoveryCodeList);
        }
        final MultiMap queryParams = RequestUtils.getCleanedQueryParams(routingContext.request());
        final String recoveryCodeUrl = UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/mfa/recovery_code", queryParams, true);
        routingContext.put("recoveryCodeURL", recoveryCodeUrl);
        // render the mfa recovery code page
        this.renderPage(routingContext, generateData(routingContext, domain, client), client, logger, "Unable to render MFA recovery code page");
    } catch (Exception ex) {
        logger.error("An error occurs while rendering MFA recovery code page", ex);
        routingContext.fail(503);
    }
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) MultiMap(io.vertx.reactivex.core.MultiMap) List(java.util.List) User(io.gravitee.am.model.User) Client(io.gravitee.am.model.oidc.Client) EnrolledFactorSecurity(io.gravitee.am.model.factor.EnrolledFactorSecurity)

Example 29 with Client

use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.

the class ForgotPasswordEndpoint method handle.

@Override
public void handle(RoutingContext routingContext) {
    final HttpServerRequest request = routingContext.request();
    final String error = request.getParam(ConstantKeys.ERROR_PARAM_KEY);
    final String errorDescription = request.getParam(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY);
    final String success = request.getParam(ConstantKeys.SUCCESS_PARAM_KEY);
    final String warning = request.getParam(ConstantKeys.WARNING_PARAM_KEY);
    final Client client = routingContext.get(ConstantKeys.CLIENT_CONTEXT_KEY);
    final String clientId = request.getParam(Parameters.CLIENT_ID);
    // add query params to context
    routingContext.put(ConstantKeys.ERROR_PARAM_KEY, error);
    routingContext.put(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY, errorDescription);
    routingContext.put(ConstantKeys.SUCCESS_PARAM_KEY, success);
    routingContext.put(ConstantKeys.WARNING_PARAM_KEY, warning);
    // put parameters in context (backward compatibility)
    Map<String, String> params = new HashMap<>();
    params.computeIfAbsent(Parameters.CLIENT_ID, val -> clientId);
    params.computeIfAbsent(ConstantKeys.ERROR_PARAM_KEY, val -> error);
    params.computeIfAbsent(ConstantKeys.ERROR_DESCRIPTION_PARAM_KEY, val -> errorDescription);
    routingContext.put(ConstantKeys.PARAM_CONTEXT_KEY, params);
    final MultiMap queryParams = RequestUtils.getCleanedQueryParams(routingContext.request());
    routingContext.put(ConstantKeys.ACTION_KEY, UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.request().path(), queryParams, true));
    routingContext.put(ConstantKeys.LOGIN_ACTION_KEY, UriBuilderRequest.resolveProxyRequest(routingContext.request(), routingContext.get(CONTEXT_PATH) + "/login", queryParams, true));
    AccountSettings settings = AccountSettings.getInstance(domain, client);
    if (settings != null && settings.isResetPasswordCustomForm()) {
        // otherwise display custom form (ConfirmIdentity is disabled or an identity confirmation is required)
        if (settings.isResetPasswordConfirmIdentity() && !FORGOT_PASSWORD_CONFIRM.equals(warning)) {
            routingContext.put(ConstantKeys.FORGOT_PASSWORD_FIELDS_KEY, Arrays.asList(FormField.getEmailField()));
        } else {
            routingContext.put(ConstantKeys.FORGOT_PASSWORD_FIELDS_KEY, settings.getResetPasswordCustomFormFields());
        }
    } else {
        routingContext.put(ConstantKeys.FORGOT_PASSWORD_FIELDS_KEY, Arrays.asList(FormField.getEmailField()));
    }
    final Map<String, Object> data = generateData(routingContext, domain, client);
    data.putAll(botDetectionManager.getTemplateVariables(domain, client));
    this.renderPage(routingContext, data, client, logger, "Unable to render forgot password page");
}
Also used : AccountSettings(io.gravitee.am.model.account.AccountSettings) MultiMap(io.vertx.reactivex.core.MultiMap) HashMap(java.util.HashMap) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) Client(io.gravitee.am.model.oidc.Client)

Example 30 with Client

use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.

the class AuthenticationFlowHandlerTest method shouldRedirectToMFAChallengePage_stepUp_authentication_2.

@Test
public void shouldRedirectToMFAChallengePage_stepUp_authentication_2() throws Exception {
    router.route().order(-1).handler(rc -> {
        // set client
        Client client = new Client();
        client.setFactors(Collections.singleton("factor-1"));
        rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
        MFASettings mfaSettings = new MFASettings();
        mfaSettings.setStepUpAuthenticationRule("{#request.params['scope'][0].contains('write')}");
        client.setMfaSettings(mfaSettings);
        // set user
        EnrolledFactor enrolledFactor = new EnrolledFactor();
        enrolledFactor.setFactorId("factor-1");
        io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
        endUser.setFactors(Collections.singletonList(enrolledFactor));
        rc.getDelegate().setUser(new User(endUser));
        rc.session().put(ConstantKeys.STRONG_AUTH_COMPLETED_KEY, true);
        rc.next();
    });
    testRequest(HttpMethod.GET, "/login?scope=read%20write", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertTrue(location.endsWith("/mfa/challenge?scope=read+write"));
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) MFASettings(io.gravitee.am.model.MFASettings) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Aggregations

Client (io.gravitee.am.model.oidc.Client)482 Test (org.junit.Test)351 User (io.gravitee.am.model.User)120 JWT (io.gravitee.am.common.jwt.JWT)81 TestObserver (io.reactivex.observers.TestObserver)71 RoutingContext (io.vertx.reactivex.ext.web.RoutingContext)46 DefaultUser (io.gravitee.am.identityprovider.api.DefaultUser)45 JWKSet (io.gravitee.am.model.oidc.JWKSet)43 ApplicationScopeSettings (io.gravitee.am.model.application.ApplicationScopeSettings)42 AuthorizationRequest (io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest)41 Domain (io.gravitee.am.model.Domain)41 HttpServerRequest (io.vertx.reactivex.core.http.HttpServerRequest)40 WebClient (io.vertx.reactivex.ext.web.client.WebClient)40 Maybe (io.reactivex.Maybe)39 Single (io.reactivex.Single)38 OpenIDProviderMetadata (io.gravitee.am.gateway.handler.oidc.service.discovery.OpenIDProviderMetadata)34 Handler (io.vertx.core.Handler)31 ConstantKeys (io.gravitee.am.common.utils.ConstantKeys)29 JWTService (io.gravitee.am.gateway.handler.common.jwt.JWTService)28 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)28
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial