Example 26 with SessionId
use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.
the class ConsentGatheringSessionService method getUserDn.
public String getUserDn(HttpServletRequest httpRequest) {
SessionId connectSession = getConnectSession(httpRequest);
if (connectSession != null) {
return connectSession.getUserDn();
}
log.trace("No logged in user.");
return null;
}
Also used :
SessionId(org.gluu.oxauth.model.common.SessionId)
Example 27 with SessionId
use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.
the class ConsentGatheringSessionService method setAuthenticatedSessionState.
public void setAuthenticatedSessionState(HttpServletRequest httpRequest, HttpServletResponse httpResponse, SessionId sessionId) {
SessionId connectSession = getConnectSession(httpRequest);
sessionIdService.setSessionIdStateAuthenticated(httpRequest, httpResponse, sessionId, connectSession.getUserDn());
}
Also used :
SessionId(org.gluu.oxauth.model.common.SessionId)
Example 28 with SessionId
use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.
the class ConsentGathererService method configure.
public boolean configure(String userDn, String clientId, String state) {
final HttpServletRequest httpRequest = (HttpServletRequest) externalContext.getRequest();
final HttpServletResponse httpResponse = (HttpServletResponse) externalContext.getResponse();
final SessionId session = sessionService.getConsentSession(httpRequest, httpResponse, userDn, true);
CustomScriptConfiguration script = determineConsentScript(clientId);
if (script == null) {
log.error("Failed to determine consent-gathering script");
return false;
}
sessionService.configure(session, script.getName(), clientId, state);
this.context = new ConsentGatheringContext(script.getConfigurationAttributes(), httpRequest, httpResponse, session, pageAttributes, sessionService, userService, facesService, appConfiguration);
log.debug("Configuring consent-gathering script '{}'", script.getName());
int step = sessionService.getStep(session);
String redirectTo = external.getPageForStep(script, step, context);
if (StringHelper.isEmpty(redirectTo)) {
log.error("Failed to determine page for consent-gathering script");
return false;
}
context.persist();
log.trace("Redirecting to page: '{}'", redirectTo);
facesService.redirectWithExternal(redirectTo, null);
return true;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ConsentGatheringContext(org.gluu.oxauth.service.external.context.ConsentGatheringContext)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SessionId(org.gluu.oxauth.model.common.SessionId)
CustomScriptConfiguration(org.gluu.model.custom.script.conf.CustomScriptConfiguration)
Example 29 with SessionId
use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.
the class ConsentGathererService method authorize.
public boolean authorize() {
try {
final HttpServletRequest httpRequest = (HttpServletRequest) externalContext.getRequest();
final HttpServletResponse httpResponse = (HttpServletResponse) externalContext.getResponse();
final SessionId session = sessionService.getConsentSession(httpRequest, httpResponse, null, false);
if (session == null) {
log.error("Failed to restore claim-gathering session state");
errorPage("consent.gather.invalid.session");
return false;
}
CustomScriptConfiguration script = getScript(session);
if (script == null) {
log.error("Failed to find script '{}' in session:", sessionService.getScriptName(session));
errorPage("consent.gather.failed");
return false;
}
int step = sessionService.getStep(session);
if (!sessionService.isPassedPreviousSteps(session, step)) {
log.error("There are consent-gathering steps not marked as passed. scriptName: '{}', step: '{}'", script.getName(), step);
errorPage("consent.gather.invalid.step");
return false;
}
this.context = new ConsentGatheringContext(script.getConfigurationAttributes(), httpRequest, httpResponse, session, pageAttributes, sessionService, userService, facesService, appConfiguration);
boolean authorizeResult = external.authorize(script, step, context);
log.debug("Consent-gathering result for script '{}', step: '{}', gatheredResult: '{}'", script.getName(), step, authorizeResult);
int overridenNextStep = external.getNextStep(script, step, context);
if (!authorizeResult && overridenNextStep == -1) {
SessionId connectSession = sessionService.getConnectSession(httpRequest);
authorizeService.permissionDenied(connectSession);
return false;
}
if (overridenNextStep != -1) {
sessionService.resetToStep(session, overridenNextStep, step);
step = overridenNextStep;
}
int stepsCount = external.getStepsCount(script, context);
if (step < stepsCount || overridenNextStep != -1) {
int nextStep;
if (overridenNextStep != -1) {
nextStep = overridenNextStep;
} else {
nextStep = step + 1;
sessionService.markStep(session, step, true);
}
sessionService.setStep(nextStep, session);
String redirectTo = external.getPageForStep(script, nextStep, context);
context.persist();
log.trace("Redirecting to page: '{}'", redirectTo);
facesService.redirectWithExternal(redirectTo, null);
return true;
}
if (step == stepsCount) {
context.persist();
onSuccess(httpRequest, session, context);
return true;
}
} catch (Exception e) {
log.error("Exception during gather() method call.", e);
}
log.error("Failed to perform gather() method successfully.");
errorPage("consent.gather.failed");
return false;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ConsentGatheringContext(org.gluu.oxauth.service.external.context.ConsentGatheringContext)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SessionId(org.gluu.oxauth.model.common.SessionId)
CustomScriptConfiguration(org.gluu.model.custom.script.conf.CustomScriptConfiguration)
Example 30 with SessionId
use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.
the class ConsentGathererService method onSuccess.
private void onSuccess(HttpServletRequest httpRequest, SessionId session, ConsentGatheringContext context) {
sessionService.setAuthenticatedSessionState(httpRequest, context.getHttpResponse(), session);
SessionId connectSessionId = sessionService.getConnectSession(httpRequest);
authorizeService.permissionGranted(httpRequest, connectSessionId);
}
Also used :
SessionId(org.gluu.oxauth.model.common.SessionId)
Aggregations
SessionId (org.gluu.oxauth.model.common.SessionId)52
CustomScriptConfiguration (org.gluu.model.custom.script.conf.CustomScriptConfiguration)9
HttpServletRequest (javax.servlet.http.HttpServletRequest)8
User (org.gluu.oxauth.model.common.User)7
Date (java.util.Date)6
HttpServletResponse (javax.servlet.http.HttpServletResponse)6
URISyntaxException (java.net.URISyntaxException)4
HashMap (java.util.HashMap)4
WebApplicationException (javax.ws.rs.WebApplicationException)4
AuthorizationGrant (org.gluu.oxauth.model.common.AuthorizationGrant)4
EntryPersistenceException (org.gluu.persist.exception.EntryPersistenceException)4
UnsupportedEncodingException (java.io.UnsupportedEncodingException)3
BaseComponentTest (org.gluu.oxauth.BaseComponentTest)3
SimpleUser (org.gluu.oxauth.model.common.SimpleUser)3
AcrChangedException (org.gluu.oxauth.model.exception.AcrChangedException)3
InvalidSessionStateException (org.gluu.oxauth.model.exception.InvalidSessionStateException)3
Client (org.gluu.oxauth.model.registration.Client)3
ConsentGatheringContext (org.gluu.oxauth.service.external.context.ConsentGatheringContext)3
UmaGatherContext (org.gluu.oxauth.uma.authorization.UmaGatherContext)3
Parameters (org.testng.annotations.Parameters)3
