Example 1 with IndirectClient
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DelegatedClientAuthenticationAction method prepareForLoginPage.
/**
* Prepare the data for the login page.
*
* @param context The current webflow context
* @throws HttpAction the http action
*/
protected void prepareForLoginPage(final RequestContext context) throws HttpAction {
final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
final HttpSession session = request.getSession();
// web context
final WebContext webContext = WebUtils.getPac4jJ2EContext(request, response);
// save parameters in web session
final WebApplicationService service = WebUtils.getService(context);
LOGGER.debug("save service: [{}]", service);
session.setAttribute(CasProtocolConstants.PARAMETER_SERVICE, service);
saveRequestParameter(request, session, this.themeParamName);
saveRequestParameter(request, session, this.localParamName);
saveRequestParameter(request, session, CasProtocolConstants.PARAMETER_METHOD);
final Set<ProviderLoginPageConfiguration> urls = new LinkedHashSet<>();
this.clients.findAllClients().forEach(client -> {
try {
final IndirectClient indirectClient = (IndirectClient) client;
final String name = client.getName().replaceAll("Client\\d*", "");
final String redirectionUrl = indirectClient.getRedirectAction(webContext).getLocation();
LOGGER.debug("[{}] -> [{}]", name, redirectionUrl);
urls.add(new ProviderLoginPageConfiguration(name, redirectionUrl, name.toLowerCase()));
} catch (final HttpAction e) {
if (e.getCode() == HttpStatus.UNAUTHORIZED.value()) {
LOGGER.debug("Authentication request was denied from the provider [{}]", client.getName());
} else {
LOGGER.warn(e.getMessage(), e);
}
} catch (final Exception e) {
LOGGER.error("Cannot process client [{}]", client, e);
}
});
if (!urls.isEmpty()) {
context.getFlowScope().put(PAC4J_URLS, urls);
} else if (response.getStatus() != HttpStatus.UNAUTHORIZED.value()) {
LOGGER.warn("No clients could be determined based on the provided configuration");
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
LinkedHashSet(java.util.LinkedHashSet)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
WebContext(org.pac4j.core.context.WebContext)
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IndirectClient(org.pac4j.core.client.IndirectClient)
HttpAction(org.pac4j.core.exception.HttpAction)
Example 2 with IndirectClient
use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.
the class DefaultCallbackLogicTests method testCallbackNoRenew.
@Test
public void testCallbackNoRenew() {
final String originalSessionId = request.getSession().getId();
request.setParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, NAME);
final CommonProfile profile = new CommonProfile();
final IndirectClient indirectClient = new MockIndirectClient(NAME, null, new MockCredentials(), profile);
config.setClients(new Clients(CALLBACK_URL, indirectClient));
renewSession = false;
config.getClients().init();
call();
final HttpSession session = request.getSession();
final String newSessionId = session.getId();
final LinkedHashMap<String, CommonProfile> profiles = (LinkedHashMap<String, CommonProfile>) session.getAttribute(Pac4jConstants.USER_PROFILES);
assertTrue(profiles.containsValue(profile));
assertEquals(1, profiles.size());
assertEquals(newSessionId, originalSessionId);
assertEquals(302, response.getStatus());
assertEquals(Pac4jConstants.DEFAULT_URL_VALUE, response.getRedirectedUrl());
}
Also used :
CommonProfile(org.pac4j.core.profile.CommonProfile)
MockIndirectClient(org.pac4j.core.client.MockIndirectClient)
MockCredentials(org.pac4j.core.credentials.MockCredentials)
HttpSession(javax.servlet.http.HttpSession)
MockIndirectClient(org.pac4j.core.client.MockIndirectClient)
IndirectClient(org.pac4j.core.client.IndirectClient)
Clients(org.pac4j.core.client.Clients)
LinkedHashMap(java.util.LinkedHashMap)
Test(org.junit.Test)
Example 3 with IndirectClient
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DefaultDelegatedClientFactory method configureSamlClient.
/**
* Configure saml client.
*
* @param properties the properties
*/
protected void configureSamlClient(final Collection<IndirectClient> properties) {
val pac4jProperties = casProperties.getAuthn().getPac4j();
val index = new AtomicInteger();
pac4jProperties.getSaml().stream().filter(saml -> saml.isEnabled() && StringUtils.isNotBlank(saml.getKeystorePath()) && StringUtils.isNotBlank(saml.getIdentityProviderMetadataPath()) && StringUtils.isNotBlank(saml.getServiceProviderEntityId()) && StringUtils.isNotBlank(saml.getServiceProviderMetadataPath())).forEach(saml -> {
val cfg = new SAML2Configuration(saml.getKeystorePath(), saml.getKeystorePassword(), saml.getPrivateKeyPassword(), saml.getIdentityProviderMetadataPath());
cfg.setForceKeystoreGeneration(saml.isForceKeystoreGeneration());
if (saml.getCertificateExpirationDays() > 0) {
cfg.setCertificateExpirationPeriod(Period.ofDays(saml.getCertificateExpirationDays()));
}
FunctionUtils.doIfNotNull(saml.getCertificateSignatureAlg(), cfg::setCertificateSignatureAlg);
cfg.setCertificateNameToAppend(StringUtils.defaultIfBlank(saml.getCertificateNameToAppend(), saml.getClientName()));
cfg.setMaximumAuthenticationLifetime(Beans.newDuration(saml.getMaximumAuthenticationLifetime()).toSeconds());
cfg.setServiceProviderEntityId(saml.getServiceProviderEntityId());
cfg.setServiceProviderMetadataPath(saml.getServiceProviderMetadataPath());
cfg.setAuthnRequestBindingType(saml.getDestinationBinding());
cfg.setForceAuth(saml.isForceAuth());
cfg.setPassive(saml.isPassive());
cfg.setSignMetadata(saml.isSignServiceProviderMetadata());
cfg.setMetadataSigner(new XMLSecSAML2MetadataSigner(cfg));
cfg.setAuthnRequestSigned(saml.isSignAuthnRequest());
cfg.setSpLogoutRequestSigned(saml.isSignServiceProviderLogoutRequest());
cfg.setAcceptedSkew(Beans.newDuration(saml.getAcceptedSkew()).toSeconds());
cfg.setSslSocketFactory(casSSLContext.getSslContext().getSocketFactory());
cfg.setHostnameVerifier(casSSLContext.getHostnameVerifier());
if (StringUtils.isNotBlank(saml.getPrincipalIdAttribute())) {
cfg.setAttributeAsId(saml.getPrincipalIdAttribute());
}
cfg.setWantsAssertionsSigned(saml.isWantsAssertionsSigned());
cfg.setWantsResponsesSigned(saml.isWantsResponsesSigned());
cfg.setAllSignatureValidationDisabled(saml.isAllSignatureValidationDisabled());
cfg.setUseNameQualifier(saml.isUseNameQualifier());
cfg.setAttributeConsumingServiceIndex(saml.getAttributeConsumingServiceIndex());
if (applicationContext.containsBean(DelegatedClientFactory.BEAN_NAME_SAML2_CLIENT_MESSAGE_FACTORY)) {
val factory = applicationContext.getBean(DelegatedClientFactory.BEAN_NAME_SAML2_CLIENT_MESSAGE_FACTORY, SAMLMessageStoreFactory.class);
cfg.setSamlMessageStoreFactory(factory);
} else {
FunctionUtils.doIf(saml.getMessageStoreFactory().equalsIgnoreCase("EMPTY"), ig -> cfg.setSamlMessageStoreFactory(new EmptyStoreFactory())).accept(saml);
FunctionUtils.doIf(saml.getMessageStoreFactory().equalsIgnoreCase("SESSION"), ig -> cfg.setSamlMessageStoreFactory(new HttpSessionStoreFactory())).accept(saml);
if (saml.getMessageStoreFactory().contains(".")) {
Unchecked.consumer(ig -> {
val clazz = ClassUtils.getClass(DefaultDelegatedClientFactory.class.getClassLoader(), saml.getMessageStoreFactory());
val factory = SAMLMessageStoreFactory.class.cast(clazz.getDeclaredConstructor().newInstance());
cfg.setSamlMessageStoreFactory(factory);
}).accept(saml);
}
}
if (saml.getAssertionConsumerServiceIndex() >= 0) {
cfg.setAssertionConsumerServiceIndex(saml.getAssertionConsumerServiceIndex());
}
if (!saml.getAuthnContextClassRef().isEmpty()) {
cfg.setComparisonType(saml.getAuthnContextComparisonType().toUpperCase());
cfg.setAuthnContextClassRefs(saml.getAuthnContextClassRef());
}
if (StringUtils.isNotBlank(saml.getKeystoreAlias())) {
cfg.setKeystoreAlias(saml.getKeystoreAlias());
}
if (StringUtils.isNotBlank(saml.getNameIdPolicyFormat())) {
cfg.setNameIdPolicyFormat(saml.getNameIdPolicyFormat());
}
if (!saml.getRequestedAttributes().isEmpty()) {
saml.getRequestedAttributes().stream().map(attribute -> new SAML2ServiceProviderRequestedAttribute(attribute.getName(), attribute.getFriendlyName(), attribute.getNameFormat(), attribute.isRequired())).forEach(attribute -> cfg.getRequestedServiceProviderAttributes().add(attribute));
}
if (!saml.getBlockedSignatureSigningAlgorithms().isEmpty()) {
cfg.setBlackListedSignatureSigningAlgorithms(saml.getBlockedSignatureSigningAlgorithms());
}
if (!saml.getSignatureAlgorithms().isEmpty()) {
cfg.setSignatureAlgorithms(saml.getSignatureAlgorithms());
}
if (!saml.getSignatureReferenceDigestMethods().isEmpty()) {
cfg.setSignatureReferenceDigestMethods(saml.getSignatureReferenceDigestMethods());
}
if (!StringUtils.isNotBlank(saml.getSignatureCanonicalizationAlgorithm())) {
cfg.setSignatureCanonicalizationAlgorithm(saml.getSignatureCanonicalizationAlgorithm());
}
cfg.setProviderName(saml.getProviderName());
cfg.setNameIdPolicyAllowCreate(saml.getNameIdPolicyAllowCreate().toBoolean());
val mappedAttributes = saml.getMappedAttributes();
if (!mappedAttributes.isEmpty()) {
cfg.setMappedAttributes(CollectionUtils.convertDirectedListToMap(mappedAttributes));
}
val client = new SAML2Client(cfg);
if (StringUtils.isBlank(saml.getClientName())) {
val count = index.intValue();
client.setName(client.getClass().getSimpleName() + count);
}
configureClient(client, saml);
index.incrementAndGet();
LOGGER.debug("Created delegated client [{}]", client);
properties.add(client);
});
}
Also used :
lombok.val(lombok.val)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
Pac4jBaseClientProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jBaseClientProperties)
RandomUtils(org.apereo.cas.util.RandomUtils)
CasConfiguration(org.pac4j.cas.config.CasConfiguration)
CasClient(org.pac4j.cas.client.CasClient)
SneakyThrows(lombok.SneakyThrows)
Google2Client(org.pac4j.oauth.client.Google2Client)
OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration)
RequiredArgsConstructor(lombok.RequiredArgsConstructor)
SAML2Client(org.pac4j.saml.client.SAML2Client)
HttpSessionStoreFactory(org.pac4j.saml.store.HttpSessionStoreFactory)
Beans(org.apereo.cas.configuration.support.Beans)
StringUtils(org.apache.commons.lang3.StringUtils)
PrivateKeyFactoryBean(org.apereo.cas.util.crypto.PrivateKeyFactoryBean)
YahooClient(org.pac4j.oauth.client.YahooClient)
AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration)
ClassUtils(org.apache.commons.lang3.ClassUtils)
FunctionUtils(org.apereo.cas.util.function.FunctionUtils)
LinkedIn2Client(org.pac4j.oauth.client.LinkedIn2Client)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
HiOrgServerClient(org.pac4j.oauth.client.HiOrgServerClient)
IndirectClient(org.pac4j.core.client.IndirectClient)
Pac4jOidcClientProperties(org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jOidcClientProperties)
Synchronized(lombok.Synchronized)
ResourceUtils(org.apereo.cas.util.ResourceUtils)
Unchecked(org.jooq.lambda.Unchecked)
Verb(com.github.scribejava.core.model.Verb)
Collection(java.util.Collection)
Set(java.util.Set)
JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm)
BasePac4jOidcClientProperties(org.apereo.cas.configuration.model.support.pac4j.oidc.BasePac4jOidcClientProperties)
EmptyStoreFactory(org.pac4j.saml.store.EmptyStoreFactory)
Slf4j(lombok.extern.slf4j.Slf4j)
ClientCustomPropertyConstants(org.apereo.cas.authentication.principal.ClientCustomPropertyConstants)
QueryParameterCallbackUrlResolver(org.pac4j.core.http.callback.QueryParameterCallbackUrlResolver)
XMLSecSAML2MetadataSigner(org.pac4j.saml.metadata.XMLSecSAML2MetadataSigner)
DisposableBean(org.springframework.beans.factory.DisposableBean)
CasSSLContext(org.apereo.cas.authentication.CasSSLContext)
CasWebflowConfigurer(org.apereo.cas.web.flow.CasWebflowConfigurer)
CasProtocol(org.pac4j.cas.config.CasProtocol)
FoursquareClient(org.pac4j.oauth.client.FoursquareClient)
GitHubClient(org.pac4j.oauth.client.GitHubClient)
SAML2Configuration(org.pac4j.saml.config.SAML2Configuration)
Pattern(java.util.regex.Pattern)
PathParameterCallbackUrlResolver(org.pac4j.core.http.callback.PathParameterCallbackUrlResolver)
WindowsLiveClient(org.pac4j.oauth.client.WindowsLiveClient)
AzureAdClient(org.pac4j.oidc.client.AzureAdClient)
Getter(lombok.Getter)
BitbucketClient(org.pac4j.oauth.client.BitbucketClient)
WordPressClient(org.pac4j.oauth.client.WordPressClient)
SAML2ServiceProviderRequestedAttribute(org.pac4j.saml.metadata.SAML2ServiceProviderRequestedAttribute)
OidcClient(org.pac4j.oidc.client.OidcClient)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
PayPalClient(org.pac4j.oauth.client.PayPalClient)
ECPrivateKey(java.security.interfaces.ECPrivateKey)
LinkedHashSet(java.util.LinkedHashSet)
NoParameterCallbackUrlResolver(org.pac4j.core.http.callback.NoParameterCallbackUrlResolver)
Period(java.time.Period)
GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient)
FacebookClient(org.pac4j.oauth.client.FacebookClient)
KeycloakOidcClient(org.pac4j.oidc.client.KeycloakOidcClient)
lombok.val(lombok.val)
ApplicationContext(org.springframework.context.ApplicationContext)
AppleOidcConfiguration(org.pac4j.oidc.config.AppleOidcConfiguration)
GenericOAuth20Client(org.pac4j.oauth.client.GenericOAuth20Client)
AppleClient(org.pac4j.oidc.client.AppleClient)
TwitterClient(org.pac4j.oauth.client.TwitterClient)
SAMLMessageStoreFactory(org.pac4j.saml.store.SAMLMessageStoreFactory)
KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration)
DropBoxClient(org.pac4j.oauth.client.DropBoxClient)
HttpSessionStoreFactory(org.pac4j.saml.store.HttpSessionStoreFactory)
EmptyStoreFactory(org.pac4j.saml.store.EmptyStoreFactory)
SAMLMessageStoreFactory(org.pac4j.saml.store.SAMLMessageStoreFactory)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
SAML2Configuration(org.pac4j.saml.config.SAML2Configuration)
SAML2ServiceProviderRequestedAttribute(org.pac4j.saml.metadata.SAML2ServiceProviderRequestedAttribute)
SAML2Client(org.pac4j.saml.client.SAML2Client)
XMLSecSAML2MetadataSigner(org.pac4j.saml.metadata.XMLSecSAML2MetadataSigner)
Example 4 with IndirectClient
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DefaultDelegatedClientFactory method configureOAuth20Client.
/**
* Configure OAuth client.
*
* @param properties the properties
*/
protected void configureOAuth20Client(final Collection<IndirectClient> properties) {
val pac4jProperties = casProperties.getAuthn().getPac4j();
val index = new AtomicInteger();
pac4jProperties.getOauth2().stream().filter(oauth -> oauth.isEnabled() && StringUtils.isNotBlank(oauth.getId()) && StringUtils.isNotBlank(oauth.getSecret())).forEach(oauth -> {
val client = new GenericOAuth20Client();
client.setProfileId(StringUtils.defaultIfBlank(oauth.getPrincipalAttributeId(), pac4jProperties.getCore().getPrincipalAttributeId()));
client.setKey(oauth.getId());
client.setSecret(oauth.getSecret());
client.setProfileAttrs(oauth.getProfileAttrs());
client.setProfileNodePath(oauth.getProfilePath());
client.setProfileUrl(oauth.getProfileUrl());
client.setProfileVerb(Verb.valueOf(oauth.getProfileVerb().toUpperCase()));
client.setTokenUrl(oauth.getTokenUrl());
client.setAuthUrl(oauth.getAuthUrl());
client.setScope(oauth.getScope());
client.setCustomParams(oauth.getCustomParams());
client.getConfiguration().setResponseType(oauth.getResponseType());
if (StringUtils.isBlank(oauth.getClientName())) {
val count = index.intValue();
client.setName(client.getClass().getSimpleName() + count);
}
configureClient(client, oauth);
index.incrementAndGet();
LOGGER.debug("Created client [{}]", client);
properties.add(client);
});
}
Also used :
lombok.val(lombok.val)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
Pac4jBaseClientProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jBaseClientProperties)
RandomUtils(org.apereo.cas.util.RandomUtils)
CasConfiguration(org.pac4j.cas.config.CasConfiguration)
CasClient(org.pac4j.cas.client.CasClient)
SneakyThrows(lombok.SneakyThrows)
Google2Client(org.pac4j.oauth.client.Google2Client)
OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration)
RequiredArgsConstructor(lombok.RequiredArgsConstructor)
SAML2Client(org.pac4j.saml.client.SAML2Client)
HttpSessionStoreFactory(org.pac4j.saml.store.HttpSessionStoreFactory)
Beans(org.apereo.cas.configuration.support.Beans)
StringUtils(org.apache.commons.lang3.StringUtils)
PrivateKeyFactoryBean(org.apereo.cas.util.crypto.PrivateKeyFactoryBean)
YahooClient(org.pac4j.oauth.client.YahooClient)
AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration)
ClassUtils(org.apache.commons.lang3.ClassUtils)
FunctionUtils(org.apereo.cas.util.function.FunctionUtils)
LinkedIn2Client(org.pac4j.oauth.client.LinkedIn2Client)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
HiOrgServerClient(org.pac4j.oauth.client.HiOrgServerClient)
IndirectClient(org.pac4j.core.client.IndirectClient)
Pac4jOidcClientProperties(org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jOidcClientProperties)
Synchronized(lombok.Synchronized)
ResourceUtils(org.apereo.cas.util.ResourceUtils)
Unchecked(org.jooq.lambda.Unchecked)
Verb(com.github.scribejava.core.model.Verb)
Collection(java.util.Collection)
Set(java.util.Set)
JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm)
BasePac4jOidcClientProperties(org.apereo.cas.configuration.model.support.pac4j.oidc.BasePac4jOidcClientProperties)
EmptyStoreFactory(org.pac4j.saml.store.EmptyStoreFactory)
Slf4j(lombok.extern.slf4j.Slf4j)
ClientCustomPropertyConstants(org.apereo.cas.authentication.principal.ClientCustomPropertyConstants)
QueryParameterCallbackUrlResolver(org.pac4j.core.http.callback.QueryParameterCallbackUrlResolver)
XMLSecSAML2MetadataSigner(org.pac4j.saml.metadata.XMLSecSAML2MetadataSigner)
DisposableBean(org.springframework.beans.factory.DisposableBean)
CasSSLContext(org.apereo.cas.authentication.CasSSLContext)
CasWebflowConfigurer(org.apereo.cas.web.flow.CasWebflowConfigurer)
CasProtocol(org.pac4j.cas.config.CasProtocol)
FoursquareClient(org.pac4j.oauth.client.FoursquareClient)
GitHubClient(org.pac4j.oauth.client.GitHubClient)
SAML2Configuration(org.pac4j.saml.config.SAML2Configuration)
Pattern(java.util.regex.Pattern)
PathParameterCallbackUrlResolver(org.pac4j.core.http.callback.PathParameterCallbackUrlResolver)
WindowsLiveClient(org.pac4j.oauth.client.WindowsLiveClient)
AzureAdClient(org.pac4j.oidc.client.AzureAdClient)
Getter(lombok.Getter)
BitbucketClient(org.pac4j.oauth.client.BitbucketClient)
WordPressClient(org.pac4j.oauth.client.WordPressClient)
SAML2ServiceProviderRequestedAttribute(org.pac4j.saml.metadata.SAML2ServiceProviderRequestedAttribute)
OidcClient(org.pac4j.oidc.client.OidcClient)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
PayPalClient(org.pac4j.oauth.client.PayPalClient)
ECPrivateKey(java.security.interfaces.ECPrivateKey)
LinkedHashSet(java.util.LinkedHashSet)
NoParameterCallbackUrlResolver(org.pac4j.core.http.callback.NoParameterCallbackUrlResolver)
Period(java.time.Period)
GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient)
FacebookClient(org.pac4j.oauth.client.FacebookClient)
KeycloakOidcClient(org.pac4j.oidc.client.KeycloakOidcClient)
lombok.val(lombok.val)
ApplicationContext(org.springframework.context.ApplicationContext)
AppleOidcConfiguration(org.pac4j.oidc.config.AppleOidcConfiguration)
GenericOAuth20Client(org.pac4j.oauth.client.GenericOAuth20Client)
AppleClient(org.pac4j.oidc.client.AppleClient)
TwitterClient(org.pac4j.oauth.client.TwitterClient)
SAMLMessageStoreFactory(org.pac4j.saml.store.SAMLMessageStoreFactory)
KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration)
DropBoxClient(org.pac4j.oauth.client.DropBoxClient)
GenericOAuth20Client(org.pac4j.oauth.client.GenericOAuth20Client)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
Example 5 with IndirectClient
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DefaultDelegatedClientIdentityProviderConfigurationProducer method produce.
@Override
public Optional<DelegatedClientIdentityProviderConfiguration> produce(final RequestContext requestContext, final IndirectClient client) {
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
val webContext = new JEEContext(request, response);
val currentService = WebUtils.getService(requestContext);
LOGGER.debug("Initializing client [{}] with request parameters [{}] and service [{}]", client, requestContext.getRequestParameters(), currentService);
client.init();
if (delegatedClientAuthenticationRequestCustomizers.isEmpty() || delegatedClientAuthenticationRequestCustomizers.stream().anyMatch(c -> c.isAuthorized(webContext, client, currentService))) {
return DelegatedClientIdentityProviderConfigurationFactory.builder().client(client).webContext(webContext).service(currentService).casProperties(casProperties).build().resolve();
}
return Optional.empty();
}
Also used :
lombok.val(lombok.val)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
DelegatedClientIdentityProviderRedirectionStrategy(org.apereo.cas.pac4j.client.DelegatedClientIdentityProviderRedirectionStrategy)
RequiredArgsConstructor(lombok.RequiredArgsConstructor)
DelegatedClientIdentityProviderConfiguration(org.apereo.cas.web.DelegatedClientIdentityProviderConfiguration)
RequestContext(org.springframework.webflow.execution.RequestContext)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
HashSet(java.util.HashSet)
LoggingUtils(org.apereo.cas.util.LoggingUtils)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Clients(org.pac4j.core.client.Clients)
Client(org.pac4j.core.client.Client)
IndirectClient(org.pac4j.core.client.IndirectClient)
JEEContext(org.pac4j.core.context.JEEContext)
DelegatedClientIdentityProviderConfigurationFactory(org.apereo.cas.web.DelegatedClientIdentityProviderConfigurationFactory)
LinkedHashSet(java.util.LinkedHashSet)
DelegatedClientAuthenticationRequestCustomizer(org.apereo.cas.pac4j.client.DelegatedClientAuthenticationRequestCustomizer)
lombok.val(lombok.val)
AuthenticationServiceSelectionPlan(org.apereo.cas.authentication.AuthenticationServiceSelectionPlan)
Set(java.util.Set)
HttpStatus(org.springframework.http.HttpStatus)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
DelegatedAuthenticationAccessStrategyHelper(org.apereo.cas.validation.DelegatedAuthenticationAccessStrategyHelper)
Service(org.apereo.cas.authentication.principal.Service)
Optional(java.util.Optional)
WebUtils(org.apereo.cas.web.support.WebUtils)
JEEContext(org.pac4j.core.context.JEEContext)
Aggregations
IndirectClient (org.pac4j.core.client.IndirectClient)15
LinkedHashSet (java.util.LinkedHashSet)7
lombok.val (lombok.val)7
RequiredArgsConstructor (lombok.RequiredArgsConstructor)6
Slf4j (lombok.extern.slf4j.Slf4j)6
Getter (lombok.Getter)5
CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)5
Clients (org.pac4j.core.client.Clients)5
Set (java.util.Set)4
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
HttpSession (javax.servlet.http.HttpSession)4
Verb (com.github.scribejava.core.model.Verb)3
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)3
ECPrivateKey (java.security.interfaces.ECPrivateKey)3
Period (java.time.Period)3
Collection (java.util.Collection)3
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)3
Pattern (java.util.regex.Pattern)3
LinkedHashMap (java.util.LinkedHashMap)2
Optional (java.util.Optional)2
