use of org.pac4j.core.client.Clients in project pac4j by pac4j.
the class DefaultSecurityLogic method perform.
@Override
public R perform(final C context, final Config config, final SecurityGrantedAccessAdapter<R, C> securityGrantedAccessAdapter, final HttpActionAdapter<R, C> httpActionAdapter, final String clients, final String authorizers, final String matchers, final Boolean inputMultiProfile, final Object... parameters) {
logger.debug("=== SECURITY ===");
HttpAction action;
try {
// default value
final boolean multiProfile;
if (inputMultiProfile == null) {
multiProfile = false;
} else {
multiProfile = inputMultiProfile;
}
// checks
assertNotNull("context", context);
assertNotNull("config", config);
assertNotNull("httpActionAdapter", httpActionAdapter);
assertNotNull("clientFinder", clientFinder);
assertNotNull("authorizationChecker", authorizationChecker);
assertNotNull("matchingChecker", matchingChecker);
assertNotNull("profileStorageDecision", profileStorageDecision);
final Clients configClients = config.getClients();
assertNotNull("configClients", configClients);
// logic
logger.debug("url: {}", context.getFullRequestURL());
logger.debug("matchers: {}", matchers);
if (matchingChecker.matches(context, matchers, config.getMatchers())) {
logger.debug("clients: {}", clients);
final List<Client> currentClients = clientFinder.find(configClients, context, clients);
logger.debug("currentClients: {}", currentClients);
final boolean loadProfilesFromSession = profileStorageDecision.mustLoadProfilesFromSession(context, currentClients);
logger.debug("loadProfilesFromSession: {}", loadProfilesFromSession);
final ProfileManager manager = getProfileManager(context, config);
List<CommonProfile> profiles = manager.getAll(loadProfilesFromSession);
logger.debug("profiles: {}", profiles);
// no profile and some current clients
if (isEmpty(profiles) && isNotEmpty(currentClients)) {
boolean updated = false;
// loop on all clients searching direct ones to perform authentication
for (final Client currentClient : currentClients) {
if (currentClient instanceof DirectClient) {
logger.debug("Performing authentication for direct client: {}", currentClient);
final Credentials credentials = currentClient.getCredentials(context);
logger.debug("credentials: {}", credentials);
final CommonProfile profile = currentClient.getUserProfile(credentials, context);
logger.debug("profile: {}", profile);
if (profile != null) {
final boolean saveProfileInSession = profileStorageDecision.mustSaveProfileInSession(context, currentClients, (DirectClient) currentClient, profile);
logger.debug("saveProfileInSession: {} / multiProfile: {}", saveProfileInSession, multiProfile);
manager.save(saveProfileInSession, profile, multiProfile);
updated = true;
if (!multiProfile) {
break;
}
}
}
}
if (updated) {
profiles = manager.getAll(loadProfilesFromSession);
logger.debug("new profiles: {}", profiles);
}
}
// we have profile(s) -> check authorizations
if (isNotEmpty(profiles)) {
logger.debug("authorizers: {}", authorizers);
if (authorizationChecker.isAuthorized(context, profiles, authorizers, config.getAuthorizers())) {
logger.debug("authenticated and authorized -> grant access");
return securityGrantedAccessAdapter.adapt(context, profiles, parameters);
} else {
logger.debug("forbidden");
action = forbidden(context, currentClients, profiles, authorizers);
}
} else {
if (startAuthentication(context, currentClients)) {
logger.debug("Starting authentication");
saveRequestedUrl(context, currentClients);
action = redirectToIdentityProvider(context, currentClients);
} else {
logger.debug("unauthorized");
action = unauthorized(context, currentClients);
}
}
} else {
logger.debug("no matching for this request -> grant access");
return securityGrantedAccessAdapter.adapt(context, Arrays.asList(), parameters);
}
} catch (final Exception e) {
return handleException(e, httpActionAdapter, context);
}
return httpActionAdapter.adapt(action.getCode(), context);
}
use of org.pac4j.core.client.Clients in project pac4j by pac4j.
the class DefaultLogoutLogicTests method testCentralLogoutWithRelativeUrl.
@Test
public void testCentralLogoutWithRelativeUrl() {
final CommonProfile profile = new CommonProfile();
profile.setClientName(NAME);
final MockIndirectClient client = new MockIndirectClient(NAME);
client.setCallbackUrl(PAC4J_BASE_URL);
client.setLogoutActionBuilder((ctx, p, targetUrl) -> RedirectAction.redirect(CALLBACK_URL + "?p=" + targetUrl));
config.setClients(new Clients(client));
profiles.put(NAME, profile);
addProfilesToContext();
centralLogout = true;
context.addRequestParameter(Pac4jConstants.URL, PATH);
call();
assertEquals(302, context.getResponseStatus());
assertEquals(CALLBACK_URL + "?p=null", context.getResponseLocation());
expectedNProfiles(0);
}
use of org.pac4j.core.client.Clients in project pac4j by pac4j.
the class DefaultSecurityClientFinderTests method testBlankClientRequested.
@Test
public void testBlankClientRequested() {
final MockIndirectClient client1 = new MockIndirectClient(NAME, RedirectAction.redirect(LOGIN_URL), (Credentials) null, new CommonProfile());
final Clients clients = new Clients(client1);
final List<Client> result = finder.find(clients, MockWebContext.create(), "");
assertEquals(0, result.size());
}
use of org.pac4j.core.client.Clients in project pac4j by pac4j.
the class DefaultSecurityClientFinderTests method testDefaultSecurityClients.
@Test
public void testDefaultSecurityClients() {
final MockIndirectClient client1 = new MockIndirectClient(NAME, RedirectAction.redirect(LOGIN_URL), (Credentials) null, new CommonProfile());
final MockIndirectClient client2 = new MockIndirectClient(CLIENT_NAME, RedirectAction.redirect(LOGIN_URL), (Credentials) null, new CommonProfile());
final Clients clients = new Clients(client1, client2);
clients.setDefaultSecurityClients(CLIENT_NAME);
final List<Client> result = finder.find(clients, MockWebContext.create(), null);
assertEquals(1, result.size());
assertEquals(client2, result.get(0));
}
use of org.pac4j.core.client.Clients in project pac4j by pac4j.
the class DefaultSecurityClientFinderTests method testNoClientOnRequestBadDefaultClient.
@Test
public void testNoClientOnRequestBadDefaultClient() {
final MockIndirectClient client1 = new MockIndirectClient(NAME, RedirectAction.redirect(LOGIN_URL), (Credentials) null, new CommonProfile());
final MockIndirectClient client2 = new MockIndirectClient(CLIENT_NAME, RedirectAction.redirect(LOGIN_URL), (Credentials) null, new CommonProfile());
final Clients clients = new Clients(client1, client2);
final WebContext context = MockWebContext.create();
TestsHelper.expectException(() -> finder.find(clients, context, FAKE_VALUE), TechnicalException.class, "No client found for name: " + FAKE_VALUE);
}
Aggregations