Example 1 with AdapterTokenStore
use of org.keycloak.adapters.AdapterTokenStore in project keycloak by keycloak.
the class AbstractKeycloakJettyAuthenticator method validateRequest.
@Override
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException {
if (log.isTraceEnabled()) {
log.trace("*** authenticate");
}
Request request = resolveRequest(req);
OIDCJettyHttpFacade facade = new OIDCJettyHttpFacade(request, (HttpServletResponse) res);
KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
if (deployment == null || !deployment.isConfigured()) {
log.debug("*** deployment isn't configured return false");
return Authentication.UNAUTHENTICATED;
}
PreAuthActionsHandler handler = new PreAuthActionsHandler(createSessionManagement(request), deploymentContext, facade);
if (handler.handleRequest()) {
return Authentication.SEND_SUCCESS;
}
if (!mandatory)
return new DeferredAuthentication(this);
AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
nodesRegistrationManagement.tryRegister(deployment);
tokenStore.checkCurrentToken();
JettyRequestAuthenticator authenticator = createRequestAuthenticator(request, facade, deployment, tokenStore);
AuthOutcome outcome = authenticator.authenticate();
if (outcome == AuthOutcome.AUTHENTICATED) {
if (facade.isEnded()) {
return Authentication.SEND_SUCCESS;
}
Authentication authentication = register(request, authenticator.principal);
AuthenticatedActionsHandler authenticatedActionsHandler = new AuthenticatedActionsHandler(deployment, facade);
if (authenticatedActionsHandler.handledRequest()) {
return Authentication.SEND_SUCCESS;
}
return authentication;
}
AuthChallenge challenge = authenticator.getChallenge();
if (challenge != null) {
challenge.challenge(facade);
}
return Authentication.SEND_CONTINUE;
}
Also used :
AuthenticatedActionsHandler(org.keycloak.adapters.AuthenticatedActionsHandler)
AuthChallenge(org.keycloak.adapters.spi.AuthChallenge)
DeferredAuthentication(org.eclipse.jetty.security.authentication.DeferredAuthentication)
UserAuthentication(org.eclipse.jetty.security.UserAuthentication)
Authentication(org.eclipse.jetty.server.Authentication)
KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment)
Request(org.eclipse.jetty.server.Request)
ServletRequest(javax.servlet.ServletRequest)
DeferredAuthentication(org.eclipse.jetty.security.authentication.DeferredAuthentication)
AuthOutcome(org.keycloak.adapters.spi.AuthOutcome)
PreAuthActionsHandler(org.keycloak.adapters.PreAuthActionsHandler)
AdapterTokenStore(org.keycloak.adapters.AdapterTokenStore)
Example 2 with AdapterTokenStore
use of org.keycloak.adapters.AdapterTokenStore in project keycloak by keycloak.
the class AbstractKeycloakJettyAuthenticator method logoutCurrent.
public void logoutCurrent(Request request) {
AdapterDeploymentContext deploymentContext = (AdapterDeploymentContext) request.getAttribute(AdapterDeploymentContext.class.getName());
KeycloakSecurityContext ksc = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
if (ksc != null) {
JettyHttpFacade facade = new OIDCJettyHttpFacade(request, null);
KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
if (ksc instanceof RefreshableKeycloakSecurityContext) {
((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
}
AdapterTokenStore tokenStore = getTokenStore(request, facade, deployment);
tokenStore.logout();
request.removeAttribute(KeycloakSecurityContext.class.getName());
}
}
Also used :
KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext)
RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)
RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)
AdapterDeploymentContext(org.keycloak.adapters.AdapterDeploymentContext)
KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment)
JettyHttpFacade(org.keycloak.adapters.jetty.spi.JettyHttpFacade)
AdapterTokenStore(org.keycloak.adapters.AdapterTokenStore)
Example 3 with AdapterTokenStore
use of org.keycloak.adapters.AdapterTokenStore in project keycloak by keycloak.
the class UndertowAuthenticationMechanism method authenticate.
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
UndertowHttpFacade facade = createFacade(exchange);
KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
if (!deployment.isConfigured()) {
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
nodesRegistrationManagement.tryRegister(deployment);
AdapterTokenStore tokenStore = getTokenStore(exchange, facade, deployment, securityContext);
RequestAuthenticator authenticator = new UndertowRequestAuthenticator(facade, deployment, confidentialPort, securityContext, exchange, tokenStore);
return keycloakAuthenticate(exchange, securityContext, authenticator);
}
Also used :
RequestAuthenticator(org.keycloak.adapters.RequestAuthenticator)
KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment)
AdapterTokenStore(org.keycloak.adapters.AdapterTokenStore)
Example 4 with AdapterTokenStore
use of org.keycloak.adapters.AdapterTokenStore in project keycloak by keycloak.
the class WildflyAuthenticationMechanism method createRequestAuthenticator.
@Override
protected ServletRequestAuthenticator createRequestAuthenticator(KeycloakDeployment deployment, HttpServerExchange exchange, SecurityContext securityContext, UndertowHttpFacade facade) {
int confidentialPort = getConfidentilPort(exchange);
AdapterTokenStore tokenStore = getTokenStore(exchange, facade, deployment, securityContext);
return new WildflyRequestAuthenticator(facade, deployment, confidentialPort, securityContext, exchange, tokenStore);
}
Also used :
AdapterTokenStore(org.keycloak.adapters.AdapterTokenStore)
Example 5 with AdapterTokenStore
use of org.keycloak.adapters.AdapterTokenStore in project keycloak by keycloak.
the class AbstractKeycloakAuthenticatorValve method getTokenStore.
protected AdapterTokenStore getTokenStore(Request request, HttpFacade facade, KeycloakDeployment resolvedDeployment) {
AdapterTokenStore store = (AdapterTokenStore) request.getNote(TOKEN_STORE_NOTE);
if (store != null) {
return store;
}
if (resolvedDeployment.getTokenStore() == TokenStore.SESSION) {
store = createSessionTokenStore(request, resolvedDeployment);
} else {
store = new CatalinaCookieTokenStore(request, facade, resolvedDeployment, createPrincipalFactory());
}
request.setNote(TOKEN_STORE_NOTE, store);
return store;
}
Also used :
AdapterTokenStore(org.keycloak.adapters.AdapterTokenStore)
Aggregations
AdapterTokenStore (org.keycloak.adapters.AdapterTokenStore)15
KeycloakDeployment (org.keycloak.adapters.KeycloakDeployment)10
KeycloakSecurityContext (org.keycloak.KeycloakSecurityContext)4
RefreshableKeycloakSecurityContext (org.keycloak.adapters.RefreshableKeycloakSecurityContext)4
AuthChallenge (org.keycloak.adapters.spi.AuthChallenge)4
AuthOutcome (org.keycloak.adapters.spi.AuthOutcome)4
RequestAuthenticator (org.keycloak.adapters.RequestAuthenticator)3
AuthenticatedActionsHandler (org.keycloak.adapters.AuthenticatedActionsHandler)2
PreAuthActionsHandler (org.keycloak.adapters.PreAuthActionsHandler)2
NotificationReceiver (io.undertow.security.api.NotificationReceiver)1
SecurityContext (io.undertow.security.api.SecurityContext)1
SecurityNotification (io.undertow.security.api.SecurityNotification)1
Account (io.undertow.security.idm.Account)1
SecurityContextImpl (io.undertow.security.impl.SecurityContextImpl)1
HttpServerExchange (io.undertow.server.HttpServerExchange)1
ServletRequest (javax.servlet.ServletRequest)1
UserAuthentication (org.eclipse.jetty.security.UserAuthentication)1
DeferredAuthentication (org.eclipse.jetty.security.authentication.DeferredAuthentication)1
Authentication (org.eclipse.jetty.server.Authentication)1
Request (org.eclipse.jetty.server.Request)1
