Examples with RefreshableKeycloakSecurityContext org.keycloak.adapters.RefreshableKeycloakSecurityContext used on opensource projects

Search in sources :

Example 26 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class JettyCookieTokenStore method saveAccountInfo.

@Override
public void saveAccountInfo(OidcKeycloakAccount account) {
    RefreshableKeycloakSecurityContext securityContext = (RefreshableKeycloakSecurityContext) account.getKeycloakSecurityContext();
    CookieTokenStore.setTokenCookie(deployment, facade, securityContext);
}
Also used : RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)

Example 27 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class JettyCookieTokenStore method checkPrincipalFromCookie.

/**
 * Verify if we already have authenticated and active principal in cookie. Perform refresh if it's not active
 *
 * @return valid principal
 */
protected KeycloakPrincipal<RefreshableKeycloakSecurityContext> checkPrincipalFromCookie() {
    KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = CookieTokenStore.getPrincipalFromCookie(deployment, facade, this);
    if (principal == null) {
        log.debug("Account was not in cookie or was invalid");
        return null;
    }
    RefreshableKeycloakSecurityContext session = principal.getKeycloakSecurityContext();
    if (session.isActive() && !session.getDeployment().isAlwaysRefreshToken())
        return principal;
    boolean success = session.refreshExpiredToken(false);
    if (success && session.isActive())
        return principal;
    log.debugf("Cleanup and expire cookie for user %s after failed refresh", principal.getName());
    CookieTokenStore.removeCookie(deployment, facade);
    return null;
}
Also used : RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)

Example 28 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class JettySessionTokenStore method saveAccountInfo.

@Override
public void saveAccountInfo(OidcKeycloakAccount account) {
    RefreshableKeycloakSecurityContext securityContext = (RefreshableKeycloakSecurityContext) account.getKeycloakSecurityContext();
    request.getSession().setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
}
Also used : RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)

Example 29 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class JettySessionTokenStore method checkCurrentToken.

@Override
public void checkCurrentToken() {
    if (request.getSession(false) == null)
        return;
    RefreshableKeycloakSecurityContext session = (RefreshableKeycloakSecurityContext) request.getSession().getAttribute(KeycloakSecurityContext.class.getName());
    if (session == null)
        return;
    // just in case session got serialized
    if (session.getDeployment() == null)
        session.setCurrentRequestInfo(deployment, this);
    if (session.isActive() && !session.getDeployment().isAlwaysRefreshToken())
        return;
    // FYI: A refresh requires same scope, so same roles will be set.  Otherwise, refresh will fail and token will
    // not be updated
    boolean success = session.refreshExpiredToken(false);
    if (success && session.isActive())
        return;
    // Refresh failed, so user is already logged out from keycloak. Cleanup and expire our session
    request.getSession().removeAttribute(KeycloakSecurityContext.class.getName());
    request.getSession().invalidate();
}
Also used : RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)

Example 30 with RefreshableKeycloakSecurityContext

use of org.keycloak.adapters.RefreshableKeycloakSecurityContext in project keycloak by keycloak.

the class KeycloakSecurityContextRequestFilter method doFilter.

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    if (request.getAttribute(FILTER_APPLIED) != null) {
        filterChain.doFilter(request, response);
        return;
    }
    request.setAttribute(FILTER_APPLIED, Boolean.TRUE);
    KeycloakSecurityContext keycloakSecurityContext = getKeycloakSecurityContext();
    if (keycloakSecurityContext instanceof RefreshableKeycloakSecurityContext) {
        RefreshableKeycloakSecurityContext refreshableSecurityContext = (RefreshableKeycloakSecurityContext) keycloakSecurityContext;
        KeycloakDeployment deployment = resolveDeployment(request, response);
        // just in case session got serialized
        if (refreshableSecurityContext.getDeployment() == null) {
            log.trace("Recreating missing deployment and related fields in deserialized context");
            AdapterTokenStore adapterTokenStore = adapterTokenStoreFactory.createAdapterTokenStore(deployment, (HttpServletRequest) request, (HttpServletResponse) response);
            refreshableSecurityContext.setCurrentRequestInfo(deployment, adapterTokenStore);
        }
        if (!refreshableSecurityContext.isActive() || deployment.isAlwaysRefreshToken()) {
            if (refreshableSecurityContext.refreshExpiredToken(false)) {
                request.setAttribute(KeycloakSecurityContext.class.getName(), refreshableSecurityContext);
            } else {
                clearAuthenticationContext();
            }
        }
        request.setAttribute(KeycloakSecurityContext.class.getName(), keycloakSecurityContext);
    }
    filterChain.doFilter(request, response);
}
Also used : RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext) RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext) KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment) AdapterTokenStore(org.keycloak.adapters.AdapterTokenStore)

Aggregations

RefreshableKeycloakSecurityContext (org.keycloak.adapters.RefreshableKeycloakSecurityContext)52 KeycloakSecurityContext (org.keycloak.KeycloakSecurityContext)30 KeycloakDeployment (org.keycloak.adapters.KeycloakDeployment)10 OidcKeycloakAccount (org.keycloak.adapters.OidcKeycloakAccount)8 KeycloakAccount (org.keycloak.adapters.spi.KeycloakAccount)5 SimpleKeycloakAccount (org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount)5 KeycloakPrincipal (org.keycloak.KeycloakPrincipal)4 AdapterTokenStore (org.keycloak.adapters.AdapterTokenStore)4 HttpScope (org.wildfly.security.http.HttpScope)4 IOException (java.io.IOException)3 Principal (java.security.Principal)3 HttpSession (javax.servlet.http.HttpSession)3 Session (org.apache.catalina.Session)3 GenericPrincipal (org.apache.catalina.realm.GenericPrincipal)3 KeycloakAuthenticationToken (org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken)3 Before (org.junit.Before)2 OIDCHttpFacade (org.keycloak.adapters.OIDCHttpFacade)2 HttpFacade (org.keycloak.adapters.spi.HttpFacade)2 SimpleHttpFacade (org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade)2 JWSInput (org.keycloak.jose.jws.JWSInput)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial