Examples with AuthenticatedActionsHandler org.keycloak.adapters.AuthenticatedActionsHandler used on opensource projects

Example 6 with AuthenticatedActionsHandler

use of org.keycloak.adapters.AuthenticatedActionsHandler in project keycloak by keycloak.

the class KeycloakAuthenticatedActionsFilter method doFilter.

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    if (request.getAttribute(FILTER_APPLIED) != null) {
        filterChain.doFilter(request, response);
        return;
    }
    request.setAttribute(FILTER_APPLIED, Boolean.TRUE);
    KeycloakSecurityContext keycloakSecurityContext = getKeycloakPrincipal();
    if (keycloakSecurityContext instanceof RefreshableKeycloakSecurityContext) {
        HttpFacade facade = new SimpleHttpFacade((HttpServletRequest) request, (HttpServletResponse) response);
        KeycloakDeployment deployment = resolveDeployment(request, response);
        AuthenticatedActionsHandler actions = new AuthenticatedActionsHandler(deployment, OIDCHttpFacade.class.cast(facade));
        if (actions.handledRequest()) {
            return;
        }
    }
    filterChain.doFilter(request, response);
}

Example 7 with AuthenticatedActionsHandler

use of org.keycloak.adapters.AuthenticatedActionsHandler in project keycloak by keycloak.

the class KeycloakHttpServerAuthenticationMechanism method evaluateRequest.

@Override
public void evaluateRequest(HttpServerRequest request) throws HttpAuthenticationException {
    LOGGER.debugf("Evaluating request for path [%s]", request.getRequestURI());
    AdapterDeploymentContext deploymentContext = getDeploymentContext(request);
    if (deploymentContext == null) {
        LOGGER.debugf("Ignoring request for path [%s] from mechanism [%s]. No deployment context found.", request.getRequestURI(), getMechanismName());
        request.noAuthenticationInProgress();
        return;
    }
    ElytronHttpFacade httpFacade = new ElytronHttpFacade(request, deploymentContext, callbackHandler);
    KeycloakDeployment deployment = httpFacade.getDeployment();
    if (!deployment.isConfigured()) {
        request.noAuthenticationInProgress();
        return;
    }
    RequestAuthenticator authenticator = createRequestAuthenticator(request, httpFacade, deployment);
    httpFacade.getTokenStore().checkCurrentToken();
    if (preActions(httpFacade, deploymentContext)) {
        LOGGER.debugf("Pre-actions has aborted the evaluation of [%s]", request.getRequestURI());
        httpFacade.authenticationInProgress();
        return;
    }
    AuthOutcome outcome = authenticator.authenticate();
    if (AuthOutcome.AUTHENTICATED.equals(outcome)) {
        if (new AuthenticatedActionsHandler(deployment, httpFacade).handledRequest()) {
            httpFacade.authenticationInProgress();
        } else {
            httpFacade.authenticationComplete();
        }
        return;
    }
    AuthChallenge challenge = authenticator.getChallenge();
    if (challenge != null) {
        httpFacade.noAuthenticationInProgress(challenge);
        return;
    }
    if (AuthOutcome.FAILED.equals(outcome)) {
        httpFacade.getResponse().setStatus(403);
        httpFacade.authenticationFailed();
        return;
    }
    httpFacade.noAuthenticationInProgress();
}

Example 8 with AuthenticatedActionsHandler

use of org.keycloak.adapters.AuthenticatedActionsHandler in project keycloak by keycloak.

the class AbstractAuthenticatedActionsValve method invoke.

@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
    log.debugv("AuthenticatedActionsValve.invoke {0}", request.getRequestURI());
    CatalinaHttpFacade facade = new OIDCCatalinaHttpFacade(request, response);
    KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
    if (deployment != null && deployment.isConfigured()) {
        AuthenticatedActionsHandler handler = new AuthenticatedActionsHandler(deployment, new OIDCCatalinaHttpFacade(request, response));
        if (handler.handledRequest()) {
            return;
        }
    }
    getNext().invoke(request, response);
}

Example 9 with AuthenticatedActionsHandler

use of org.keycloak.adapters.AuthenticatedActionsHandler in project keycloak by keycloak.

the class PolicyEnforcerTest method testPublicEndpointNoBearerAbortRequest.

@Test
public void testPublicEndpointNoBearerAbortRequest() {
    KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getAdapterConfiguration("enforcer-bearer-only.json"));
    OIDCHttpFacade httpFacade = createHttpFacade("/api/public");
    AuthenticatedActionsHandler handler = new AuthenticatedActionsHandler(deployment, httpFacade);
    assertTrue(handler.handledRequest());
    oauth.realm(REALM_NAME);
    oauth.clientId("public-client-test");
    oauth.doLogin("marta", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    OAuthClient.AccessTokenResponse response = oauth.doAccessTokenRequest(code, null);
    String token = response.getAccessToken();
    httpFacade = createHttpFacade("/api/resourcea", token);
    handler = new AuthenticatedActionsHandler(deployment, httpFacade);
    assertFalse(handler.handledRequest());
}