use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.
the class DefaultCallbackLogicTests method internalTestCallbackWithOriginallyRequestedUrl.
private void internalTestCallbackWithOriginallyRequestedUrl(final int code) {
final var originalSessionId = sessionStore.getSessionId(context, false);
sessionStore.set(context, Pac4jConstants.REQUESTED_URL, new FoundAction(PAC4J_URL));
context.addRequestParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, NAME);
final var profile = new CommonProfile();
final IndirectClient indirectClient = new MockIndirectClient(NAME, null, Optional.of(new MockCredentials()), profile);
config.setClients(new Clients(CALLBACK_URL, indirectClient));
call();
final var newSessionId = sessionStore.getSessionId(context, false);
final var profiles = (LinkedHashMap<String, CommonProfile>) sessionStore.get(context, Pac4jConstants.USER_PROFILES).get();
assertTrue(profiles.containsValue(profile));
assertEquals(1, profiles.size());
assertNotEquals(newSessionId, originalSessionId);
assertEquals(code, action.getCode());
if (action instanceof SeeOtherAction) {
assertEquals(PAC4J_URL, ((SeeOtherAction) action).getLocation());
} else {
assertEquals(PAC4J_URL, ((FoundAction) action).getLocation());
}
}
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DelegatedClientNavigationController method redirectToProvider.
/**
* Redirect to provider. Receive the client name from the request and then try to determine and build the endpoint url
* for the redirection. The redirection data/url must contain a delegated client ticket id so that the request be can
* restored on the trip back. SAML clients use the relay-state session attribute while others use request parameters.
*
* @param request the request
* @param response the response
* @return the view
*/
@GetMapping(ENDPOINT_REDIRECT)
public View redirectToProvider(final HttpServletRequest request, final HttpServletResponse response) {
final String clientName = request.getParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER);
try {
final IndirectClient client = (IndirectClient<Credentials, CommonProfile>) this.clients.findClient(clientName);
final J2EContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
final Ticket ticket = delegatedClientWebflowManager.store(webContext, client);
final View result;
final RedirectAction action = client.getRedirectAction(webContext);
if (RedirectAction.RedirectType.SUCCESS.equals(action.getType())) {
result = new DynamicHtmlView(action.getContent());
} else {
final URIBuilder builder = new URIBuilder(action.getLocation());
final String url = builder.toString();
LOGGER.debug("Redirecting client [{}] to [{}] based on identifier [{}]", client.getName(), url, ticket.getId());
result = new RedirectView(url);
}
this.delegatedSessionCookieManager.store(webContext);
return result;
} catch (final HttpAction e) {
if (e.getCode() == HttpStatus.UNAUTHORIZED.value()) {
LOGGER.debug("Authentication request was denied from the provider [{}]", clientName, e);
} else {
LOGGER.warn(e.getMessage(), e);
}
throw new UnauthorizedServiceException(e.getMessage(), e);
}
}
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DelegatedClientAuthenticationAction method prepareForLoginPage.
/**
* Prepare the data for the login page.
*
* @param context The current webflow context
*/
protected void prepareForLoginPage(final RequestContext context) {
final Service service = WebUtils.getService(context);
final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
final HttpServletResponse response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context);
final WebContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
final Set<ProviderLoginPageConfiguration> urls = new LinkedHashSet<>();
this.clients.findAllClients().stream().filter(client -> client instanceof IndirectClient && isDelegatedClientAuthorizedForService(client, service)).map(IndirectClient.class::cast).forEach(client -> {
try {
final Optional<ProviderLoginPageConfiguration> provider = buildProviderConfiguration(client, webContext);
provider.ifPresent(urls::add);
} catch (final Exception e) {
LOGGER.error("Cannot process client [{}]", client, e);
}
});
if (!urls.isEmpty()) {
context.getFlowScope().put(PAC4J_URLS, urls);
} else if (response.getStatus() != HttpStatus.UNAUTHORIZED.value()) {
LOGGER.warn("No delegated authentication providers could be determined based on the provided configuration. " + "Either no clients are configured, or the current access strategy rules prohibit CAS from using authentication providers for this request.");
}
}
use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.
the class DefaultCallbackClientFinder method find.
public List<Client> find(final Clients clients, final WebContext context, final String clientNames) {
final List<Client> result = new ArrayList<>();
final List<Client> indirectClients = new ArrayList<>();
for (final Client client : clients.findAllClients()) {
if (client instanceof IndirectClient) {
final IndirectClient indirectClient = (IndirectClient) client;
indirectClients.add(client);
indirectClient.init();
if (indirectClient.getCallbackUrlResolver().matches(indirectClient.getName(), context)) {
result.add(indirectClient);
}
}
}
logger.debug("result: {}", result.stream().map(c -> c.getName()).collect(Collectors.toList()));
// fallback: we didn't find any client on the URL
if (result.isEmpty()) {
// we have a default client, use it
if (CommonHelper.isNotBlank(clientNames)) {
final Client defaultClient = clients.findClient(clientNames);
logger.debug("Defaulting to the configured client: {}", defaultClient);
result.add(defaultClient);
// or we only have one indirect client, use it
} else if (indirectClients.size() == 1) {
logger.debug("Defaulting to the only client: {}", indirectClients.get(0));
result.addAll(indirectClients);
}
}
return result;
}
use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.
the class DefaultCallbackLogicTests method testCallbackWithOriginallyRequestedUrl.
@Test
public void testCallbackWithOriginallyRequestedUrl() {
HttpSession session = request.getSession();
final String originalSessionId = session.getId();
session.setAttribute(Pac4jConstants.REQUESTED_URL, PAC4J_URL);
request.setParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, NAME);
final CommonProfile profile = new CommonProfile();
final IndirectClient indirectClient = new MockIndirectClient(NAME, null, new MockCredentials(), profile);
config.setClients(new Clients(CALLBACK_URL, indirectClient));
config.getClients().init();
call();
session = request.getSession();
final String newSessionId = session.getId();
final LinkedHashMap<String, CommonProfile> profiles = (LinkedHashMap<String, CommonProfile>) session.getAttribute(Pac4jConstants.USER_PROFILES);
assertTrue(profiles.containsValue(profile));
assertEquals(1, profiles.size());
assertNotEquals(newSessionId, originalSessionId);
assertEquals(302, response.getStatus());
assertEquals(PAC4J_URL, response.getRedirectedUrl());
}
Aggregations