use of org.gluu.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class ConsentGathererService method determineConsentScript.
private CustomScriptConfiguration determineConsentScript(String clientId) {
if (appConfiguration.getConsentGatheringScriptBackwardCompatibility()) {
// in 4.1 and earlier we returned default consent script
return external.getDefaultExternalCustomScript();
}
final List<String> consentGatheringScripts = clientService.getClient(clientId).getAttributes().getConsentGatheringScripts();
final List<CustomScriptConfiguration> scripts = external.getCustomScriptConfigurationsByDns(consentGatheringScripts);
if (!scripts.isEmpty()) {
// flow supports single script, thus taking the one with higher level
final CustomScriptConfiguration script = Collections.max(scripts, Comparator.comparingInt(CustomScriptConfiguration::getLevel));
log.debug("Determined consent gathering script `%s`", script.getName());
return script;
}
log.debug("There no consent gathering script configured for client `%s`. Therefore taking default consent script.", clientId);
return external.getDefaultExternalCustomScript();
}
use of org.gluu.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class ConsentGathererService method prepareForStep.
public String prepareForStep() {
try {
final HttpServletRequest httpRequest = (HttpServletRequest) externalContext.getRequest();
final HttpServletResponse httpResponse = (HttpServletResponse) externalContext.getResponse();
final SessionId session = sessionService.getConsentSession(httpRequest, httpResponse, null, false);
if (session == null || session.getSessionAttributes().isEmpty()) {
log.error("Failed to restore claim-gathering session state");
return result(Constants.RESULT_EXPIRED);
}
CustomScriptConfiguration script = getScript(session);
if (script == null) {
log.error("Failed to find script '{}' in session:", sessionService.getScriptName(session));
return result(Constants.RESULT_FAILURE);
}
int step = sessionService.getStep(session);
if (step < 1) {
log.error("Invalid step: {}", step);
return result(Constants.RESULT_INVALID_STEP);
}
if (!sessionService.isPassedPreviousSteps(session, step)) {
log.error("There are consent-gathering steps not marked as passed. scriptName: '{}', step: '{}'", script.getName(), step);
return result(Constants.RESULT_FAILURE);
}
this.context = new ConsentGatheringContext(script.getConfigurationAttributes(), httpRequest, httpResponse, session, pageAttributes, sessionService, userService, facesService, appConfiguration);
boolean result = external.prepareForStep(script, step, context);
log.debug("Consent-gathering prepare for step result for script '{}', step: '{}', gatheredResult: '{}'", script.getName(), step, result);
if (result) {
context.persist();
return result(Constants.RESULT_SUCCESS);
}
} catch (Exception ex) {
log.error("Failed to prepareForStep()", ex);
}
return result(Constants.RESULT_FAILURE);
}
use of org.gluu.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class Authenticator method clientAuthentication.
public boolean clientAuthentication(Credentials credentials, boolean interactive, boolean skipPassword) {
boolean isServiceUsesExternalAuthenticator = !interactive && externalAuthenticationService.isEnabled(AuthenticationScriptUsageType.SERVICE);
if (isServiceUsesExternalAuthenticator) {
CustomScriptConfiguration customScriptConfiguration = externalAuthenticationService.determineCustomScriptConfiguration(AuthenticationScriptUsageType.SERVICE, 1, this.authAcr);
if (customScriptConfiguration == null) {
logger.error("Failed to get CustomScriptConfiguration. acr: '{}'", this.authAcr);
} else {
this.authAcr = customScriptConfiguration.getCustomScript().getName();
boolean result = externalAuthenticationService.executeExternalAuthenticate(customScriptConfiguration, null, 1);
logger.info("Authentication result for user '{}', result: '{}'", credentials.getUsername(), result);
if (result) {
Client client = authenticationService.configureSessionClient();
showClientAuthenticationLog(client);
return true;
}
}
}
boolean loggedIn = skipPassword;
if (!loggedIn) {
loggedIn = clientService.authenticate(credentials.getUsername(), credentials.getPassword());
}
if (loggedIn) {
Client client = authenticationService.configureSessionClient();
showClientAuthenticationLog(client);
return true;
}
return false;
}
use of org.gluu.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class ConsentGathererService method getScript.
protected CustomScriptConfiguration getScript(final SessionId session) {
String scriptName = sessionService.getScriptName(session);
CustomScriptConfiguration script = external.getCustomScriptConfigurationByName(scriptName);
return script;
}
use of org.gluu.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class UmaGatheringWS method gatherClaims.
public Response gatherClaims(String clientId, String ticket, String claimRedirectUri, String state, Boolean reset, Boolean authenticationRedirect, HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
try {
log.trace("gatherClaims client_id: {}, ticket: {}, claims_redirect_uri: {}, state: {}, authenticationRedirect: {}, queryString: {}", clientId, ticket, claimRedirectUri, state, authenticationRedirect, httpRequest.getQueryString());
SessionId session = sessionService.getSession(httpRequest, httpResponse);
if (authenticationRedirect != null && authenticationRedirect) {
// restore parameters from session
log.debug("Authentication redirect, restoring parameters from session ...");
if (session == null) {
log.error("Session is null however authentication=true. Wrong workflow! Please correct custom Glaims-Gathering Script.");
throw errorResponseFactory.createWebApplicationException(BAD_REQUEST, INVALID_SESSION, "Session is null however authentication=true. Wrong workflow! Please correct custom Glaims-Gathering Script.");
}
clientId = sessionService.getClientId(session);
ticket = sessionService.getTicket(session);
claimRedirectUri = sessionService.getClaimsRedirectUri(session);
state = sessionService.getState(session);
log.debug("Restored parameters from session, clientId: {}, ticket: {}, claims_redirect_uri: {}, state: {}", clientId, ticket, claimRedirectUri, state);
}
validationService.validateClientAndClaimsRedirectUri(clientId, claimRedirectUri, state);
List<UmaPermission> permissions = validationService.validateTicketWithRedirect(ticket, claimRedirectUri, state);
String[] scriptNames = validationService.validatesGatheringScriptNames(getScriptNames(permissions), claimRedirectUri, state);
CustomScriptConfiguration script = external.determineScript(scriptNames);
if (script == null) {
log.error("Failed to determine claims-gathering script for names: " + Arrays.toString(scriptNames));
throw new UmaWebException(claimRedirectUri, errorResponseFactory, INVALID_CLAIMS_GATHERING_SCRIPT_NAME, state);
}
sessionService.configure(session, script.getName(), reset, permissions, clientId, claimRedirectUri, state);
UmaGatherContext context = new UmaGatherContext(script.getConfigurationAttributes(), httpRequest, session, sessionService, permissionService, pctService, new HashMap<String, String>(), userService, null, appConfiguration);
int step = sessionService.getStep(session);
int stepsCount = external.getStepsCount(script, context);
if (step < stepsCount) {
String page = external.getPageForStep(script, step, context);
context.persist();
String baseEndpoint = StringUtils.removeEnd(appConfiguration.getBaseEndpoint(), "/");
baseEndpoint = StringUtils.removeEnd(baseEndpoint, "restv1");
baseEndpoint = StringUtils.removeEnd(baseEndpoint, "/");
String fullUri = baseEndpoint + page;
fullUri = StringUtils.removeEnd(fullUri, ".xhtml") + ".htm";
log.trace("Redirecting to page: '{}', fullUri: {}", page, fullUri);
return Response.status(FOUND).location(new URI(fullUri)).build();
} else {
log.error("Step '{}' is more or equal to stepCount: '{}'", stepsCount);
}
} catch (Exception ex) {
log.error("Exception happened", ex);
if (ex instanceof WebApplicationException) {
throw (WebApplicationException) ex;
}
}
log.error("Failed to handle call to UMA Claims Gathering Endpoint.");
throw errorResponseFactory.createWebApplicationException(Response.Status.INTERNAL_SERVER_ERROR, UmaErrorResponseType.SERVER_ERROR, "Failed to handle call to UMA Claims Gathering Endpoint.");
}
Aggregations