Examples with IndirectClient org.pac4j.core.client.IndirectClient used on opensource projects

Example 6 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.

the class DefaultCallbackLogicTests method internalTestCallbackWithOriginallyRequestedUrl.

private void internalTestCallbackWithOriginallyRequestedUrl(final int code) {
    final var originalSessionId = sessionStore.getSessionId(context, false);
    sessionStore.set(context, Pac4jConstants.REQUESTED_URL, new FoundAction(PAC4J_URL));
    context.addRequestParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, NAME);
    final var profile = new CommonProfile();
    final IndirectClient indirectClient = new MockIndirectClient(NAME, null, Optional.of(new MockCredentials()), profile);
    config.setClients(new Clients(CALLBACK_URL, indirectClient));
    call();
    final var newSessionId = sessionStore.getSessionId(context, false);
    final var profiles = (LinkedHashMap<String, CommonProfile>) sessionStore.get(context, Pac4jConstants.USER_PROFILES).get();
    assertTrue(profiles.containsValue(profile));
    assertEquals(1, profiles.size());
    assertNotEquals(newSessionId, originalSessionId);
    assertEquals(code, action.getCode());
    if (action instanceof SeeOtherAction) {
        assertEquals(PAC4J_URL, ((SeeOtherAction) action).getLocation());
    } else {
        assertEquals(PAC4J_URL, ((FoundAction) action).getLocation());
    }
}

Example 7 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project cas by apereo.

the class DelegatedClientNavigationController method redirectToProvider.

/**
 * Redirect to provider. Receive the client name from the request and then try to determine and build the endpoint url
 * for the redirection. The redirection data/url must contain a delegated client ticket id so that the request be can
 * restored on the trip back. SAML clients use the relay-state session attribute while others use request parameters.
 *
 * @param request  the request
 * @param response the response
 * @return the view
 */
@GetMapping(ENDPOINT_REDIRECT)
public View redirectToProvider(final HttpServletRequest request, final HttpServletResponse response) {
    final String clientName = request.getParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER);
    try {
        final IndirectClient client = (IndirectClient<Credentials, CommonProfile>) this.clients.findClient(clientName);
        final J2EContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
        final Ticket ticket = delegatedClientWebflowManager.store(webContext, client);
        final View result;
        final RedirectAction action = client.getRedirectAction(webContext);
        if (RedirectAction.RedirectType.SUCCESS.equals(action.getType())) {
            result = new DynamicHtmlView(action.getContent());
        } else {
            final URIBuilder builder = new URIBuilder(action.getLocation());
            final String url = builder.toString();
            LOGGER.debug("Redirecting client [{}] to [{}] based on identifier [{}]", client.getName(), url, ticket.getId());
            result = new RedirectView(url);
        }
        this.delegatedSessionCookieManager.store(webContext);
        return result;
    } catch (final HttpAction e) {
        if (e.getCode() == HttpStatus.UNAUTHORIZED.value()) {
            LOGGER.debug("Authentication request was denied from the provider [{}]", clientName, e);
        } else {
            LOGGER.warn(e.getMessage(), e);
        }
        throw new UnauthorizedServiceException(e.getMessage(), e);
    }
}

Example 8 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project cas by apereo.

the class DelegatedClientAuthenticationAction method prepareForLoginPage.

/**
 * Prepare the data for the login page.
 *
 * @param context The current webflow context
 */
protected void prepareForLoginPage(final RequestContext context) {
    final Service service = WebUtils.getService(context);
    final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
    final HttpServletResponse response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context);
    final WebContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
    final Set<ProviderLoginPageConfiguration> urls = new LinkedHashSet<>();
    this.clients.findAllClients().stream().filter(client -> client instanceof IndirectClient && isDelegatedClientAuthorizedForService(client, service)).map(IndirectClient.class::cast).forEach(client -> {
        try {
            final Optional<ProviderLoginPageConfiguration> provider = buildProviderConfiguration(client, webContext);
            provider.ifPresent(urls::add);
        } catch (final Exception e) {
            LOGGER.error("Cannot process client [{}]", client, e);
        }
    });
    if (!urls.isEmpty()) {
        context.getFlowScope().put(PAC4J_URLS, urls);
    } else if (response.getStatus() != HttpStatus.UNAUTHORIZED.value()) {
        LOGGER.warn("No delegated authentication providers could be determined based on the provided configuration. " + "Either no clients are configured, or the current access strategy rules prohibit CAS from using authentication providers for this request.");
    }
}

Example 9 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.

the class DefaultCallbackClientFinder method find.

public List<Client> find(final Clients clients, final WebContext context, final String clientNames) {
    final List<Client> result = new ArrayList<>();
    final List<Client> indirectClients = new ArrayList<>();
    for (final Client client : clients.findAllClients()) {
        if (client instanceof IndirectClient) {
            final IndirectClient indirectClient = (IndirectClient) client;
            indirectClients.add(client);
            indirectClient.init();
            if (indirectClient.getCallbackUrlResolver().matches(indirectClient.getName(), context)) {
                result.add(indirectClient);
            }
        }
    }
    logger.debug("result: {}", result.stream().map(c -> c.getName()).collect(Collectors.toList()));
    // fallback: we didn't find any client on the URL
    if (result.isEmpty()) {
        // we have a default client, use it
        if (CommonHelper.isNotBlank(clientNames)) {
            final Client defaultClient = clients.findClient(clientNames);
            logger.debug("Defaulting to the configured client: {}", defaultClient);
            result.add(defaultClient);
        // or we only have one indirect client, use it
        } else if (indirectClients.size() == 1) {
            logger.debug("Defaulting to the only client: {}", indirectClients.get(0));
            result.addAll(indirectClients);
        }
    }
    return result;
}

Example 10 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.

the class DefaultCallbackLogicTests method testCallbackWithOriginallyRequestedUrl.

@Test
public void testCallbackWithOriginallyRequestedUrl() {
    HttpSession session = request.getSession();
    final String originalSessionId = session.getId();
    session.setAttribute(Pac4jConstants.REQUESTED_URL, PAC4J_URL);
    request.setParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, NAME);
    final CommonProfile profile = new CommonProfile();
    final IndirectClient indirectClient = new MockIndirectClient(NAME, null, new MockCredentials(), profile);
    config.setClients(new Clients(CALLBACK_URL, indirectClient));
    config.getClients().init();
    call();
    session = request.getSession();
    final String newSessionId = session.getId();
    final LinkedHashMap<String, CommonProfile> profiles = (LinkedHashMap<String, CommonProfile>) session.getAttribute(Pac4jConstants.USER_PROFILES);
    assertTrue(profiles.containsValue(profile));
    assertEquals(1, profiles.size());
    assertNotEquals(newSessionId, originalSessionId);
    assertEquals(302, response.getStatus());
    assertEquals(PAC4J_URL, response.getRedirectedUrl());
}