Search in sources :

Example 1 with UmaGatherContext

use of org.gluu.oxauth.uma.authorization.UmaGatherContext in project oxAuth by GluuFederation.

the class UmaGatheringWS method gatherClaims.

public Response gatherClaims(String clientId, String ticket, String claimRedirectUri, String state, Boolean reset, Boolean authenticationRedirect, HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
    try {
        log.trace("gatherClaims client_id: {}, ticket: {}, claims_redirect_uri: {}, state: {}, authenticationRedirect: {}, queryString: {}", clientId, ticket, claimRedirectUri, state, authenticationRedirect, httpRequest.getQueryString());
        SessionId session = sessionService.getSession(httpRequest, httpResponse);
        if (authenticationRedirect != null && authenticationRedirect) {
            // restore parameters from session
            log.debug("Authentication redirect, restoring parameters from session ...");
            if (session == null) {
                log.error("Session is null however authentication=true. Wrong workflow! Please correct custom Glaims-Gathering Script.");
                throw errorResponseFactory.createWebApplicationException(BAD_REQUEST, INVALID_SESSION, "Session is null however authentication=true. Wrong workflow! Please correct custom Glaims-Gathering Script.");
            }
            clientId = sessionService.getClientId(session);
            ticket = sessionService.getTicket(session);
            claimRedirectUri = sessionService.getClaimsRedirectUri(session);
            state = sessionService.getState(session);
            log.debug("Restored parameters from session, clientId: {}, ticket: {}, claims_redirect_uri: {}, state: {}", clientId, ticket, claimRedirectUri, state);
        }
        validationService.validateClientAndClaimsRedirectUri(clientId, claimRedirectUri, state);
        List<UmaPermission> permissions = validationService.validateTicketWithRedirect(ticket, claimRedirectUri, state);
        String[] scriptNames = validationService.validatesGatheringScriptNames(getScriptNames(permissions), claimRedirectUri, state);
        CustomScriptConfiguration script = external.determineScript(scriptNames);
        if (script == null) {
            log.error("Failed to determine claims-gathering script for names: " + Arrays.toString(scriptNames));
            throw new UmaWebException(claimRedirectUri, errorResponseFactory, INVALID_CLAIMS_GATHERING_SCRIPT_NAME, state);
        }
        sessionService.configure(session, script.getName(), reset, permissions, clientId, claimRedirectUri, state);
        UmaGatherContext context = new UmaGatherContext(script.getConfigurationAttributes(), httpRequest, session, sessionService, permissionService, pctService, new HashMap<String, String>(), userService, null, appConfiguration);
        int step = sessionService.getStep(session);
        int stepsCount = external.getStepsCount(script, context);
        if (step < stepsCount) {
            String page = external.getPageForStep(script, step, context);
            context.persist();
            String baseEndpoint = StringUtils.removeEnd(appConfiguration.getBaseEndpoint(), "/");
            baseEndpoint = StringUtils.removeEnd(baseEndpoint, "restv1");
            baseEndpoint = StringUtils.removeEnd(baseEndpoint, "/");
            String fullUri = baseEndpoint + page;
            fullUri = StringUtils.removeEnd(fullUri, ".xhtml") + ".htm";
            log.trace("Redirecting to page: '{}', fullUri: {}", page, fullUri);
            return Response.status(FOUND).location(new URI(fullUri)).build();
        } else {
            log.error("Step '{}' is more or equal to stepCount: '{}'", stepsCount);
        }
    } catch (Exception ex) {
        log.error("Exception happened", ex);
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
    }
    log.error("Failed to handle call to UMA Claims Gathering Endpoint.");
    throw errorResponseFactory.createWebApplicationException(Response.Status.INTERNAL_SERVER_ERROR, UmaErrorResponseType.SERVER_ERROR, "Failed to handle call to UMA Claims Gathering Endpoint.");
}
Also used : UmaWebException(org.gluu.oxauth.uma.authorization.UmaWebException) URI(java.net.URI) UmaWebException(org.gluu.oxauth.uma.authorization.UmaWebException) UmaPermission(org.gluu.oxauth.model.uma.persistence.UmaPermission) UmaGatherContext(org.gluu.oxauth.uma.authorization.UmaGatherContext) SessionId(org.gluu.oxauth.model.common.SessionId) CustomScriptConfiguration(org.gluu.model.custom.script.conf.CustomScriptConfiguration)

Example 2 with UmaGatherContext

use of org.gluu.oxauth.uma.authorization.UmaGatherContext in project oxAuth by GluuFederation.

the class UmaGatherer method prepareForStep.

public String prepareForStep() {
    try {
        final HttpServletRequest httpRequest = (HttpServletRequest) externalContext.getRequest();
        final HttpServletResponse httpResponse = (HttpServletResponse) externalContext.getResponse();
        final SessionId session = umaSessionService.getSession(httpRequest, httpResponse);
        if (session == null || session.getSessionAttributes().isEmpty()) {
            log.error("Invalid session.");
            return result(Constants.RESULT_EXPIRED);
        }
        CustomScriptConfiguration script = getScript(session);
        UmaGatherContext context = new UmaGatherContext(script.getConfigurationAttributes(), httpRequest, session, umaSessionService, umaPermissionService, umaPctService, pageClaims, userService, facesService, appConfiguration);
        int step = umaSessionService.getStep(session);
        if (step < 1) {
            log.error("Invalid step: {}", step);
            return result(Constants.RESULT_INVALID_STEP);
        }
        if (script == null) {
            log.error("Failed to load script, step: '{}'", step);
            return result(Constants.RESULT_FAILURE);
        }
        if (!umaSessionService.isPassedPreviousSteps(session, step)) {
            log.error("There are claims-gathering steps not marked as passed. scriptName: '{}', step: '{}'", script.getName(), step);
            return result(Constants.RESULT_FAILURE);
        }
        boolean result = external.prepareForStep(script, step, context);
        if (result) {
            context.persist();
            return result(Constants.RESULT_SUCCESS);
        } else {
            String redirectToExternalUrl = context.getRedirectToExternalUrl();
            if (StringUtils.isNotBlank(redirectToExternalUrl)) {
                log.debug("Redirect to : " + redirectToExternalUrl);
                facesService.redirectToExternalURL(redirectToExternalUrl);
                return redirectToExternalUrl;
            }
        }
    } catch (Exception e) {
        log.error("Failed to prepareForStep()", e);
    }
    return result(Constants.RESULT_FAILURE);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) UmaGatherContext(org.gluu.oxauth.uma.authorization.UmaGatherContext) SessionId(org.gluu.oxauth.model.common.SessionId) CustomScriptConfiguration(org.gluu.model.custom.script.conf.CustomScriptConfiguration)

Example 3 with UmaGatherContext

use of org.gluu.oxauth.uma.authorization.UmaGatherContext in project oxAuth by GluuFederation.

the class UmaGatherer method gather.

public boolean gather() {
    try {
        final HttpServletRequest httpRequest = (HttpServletRequest) externalContext.getRequest();
        final HttpServletResponse httpResponse = (HttpServletResponse) externalContext.getResponse();
        final SessionId session = umaSessionService.getSession(httpRequest, httpResponse);
        CustomScriptConfiguration script = getScript(session);
        UmaGatherContext context = new UmaGatherContext(script.getConfigurationAttributes(), httpRequest, session, umaSessionService, umaPermissionService, umaPctService, pageClaims, userService, facesService, appConfiguration);
        int step = umaSessionService.getStep(session);
        if (!umaSessionService.isPassedPreviousSteps(session, step)) {
            log.error("There are claims-gathering steps not marked as passed. scriptName: '{}', step: '{}'", script.getName(), step);
            return false;
        }
        boolean gatheredResult = external.gather(script, step, context);
        log.debug("Claims-gathering result for script '{}', step: '{}', gatheredResult: '{}'", script.getName(), step, gatheredResult);
        int overridenNextStep = external.getNextStep(script, step, context);
        if (!gatheredResult && overridenNextStep == -1) {
            return false;
        }
        if (overridenNextStep != -1) {
            umaSessionService.resetToStep(session, overridenNextStep, step);
            step = overridenNextStep;
        }
        int stepsCount = external.getStepsCount(script, context);
        if (step < stepsCount || overridenNextStep != -1) {
            int nextStep;
            if (overridenNextStep != -1) {
                nextStep = overridenNextStep;
            } else {
                nextStep = step + 1;
                umaSessionService.markStep(session, step, true);
            }
            umaSessionService.setStep(nextStep, session);
            context.persist();
            String page = external.getPageForStep(script, nextStep, context);
            log.trace("Redirecting to page: '{}'", page);
            facesService.redirect(page);
            return true;
        }
        if (step == stepsCount) {
            context.persist();
            onSuccess(session, context);
            return true;
        }
    } catch (Exception e) {
        log.error("Exception during gather() method call.", e);
    }
    log.error("Failed to perform gather() method successfully.");
    return false;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) UmaGatherContext(org.gluu.oxauth.uma.authorization.UmaGatherContext) SessionId(org.gluu.oxauth.model.common.SessionId) CustomScriptConfiguration(org.gluu.model.custom.script.conf.CustomScriptConfiguration)

Aggregations

CustomScriptConfiguration (org.gluu.model.custom.script.conf.CustomScriptConfiguration)3 SessionId (org.gluu.oxauth.model.common.SessionId)3 UmaGatherContext (org.gluu.oxauth.uma.authorization.UmaGatherContext)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 URI (java.net.URI)1 UmaPermission (org.gluu.oxauth.model.uma.persistence.UmaPermission)1 UmaWebException (org.gluu.oxauth.uma.authorization.UmaWebException)1