use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DefaultDelegatedClientIdentityProviderConfigurationProducer method produce.
@Override
public Set<DelegatedClientIdentityProviderConfiguration> produce(final RequestContext context) {
val currentService = WebUtils.getService(context);
val service = authenticationRequestServiceSelectionStrategies.resolveService(currentService, WebApplicationService.class);
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context);
val webContext = new JEEContext(request, response);
LOGGER.debug("Initialized context with request parameters [{}]", webContext.getRequestParameters());
val allClients = this.clients.findAllClients();
val providers = new LinkedHashSet<DelegatedClientIdentityProviderConfiguration>(allClients.size());
allClients.stream().filter(client -> client instanceof IndirectClient && isDelegatedClientAuthorizedForService(client, service, request)).map(IndirectClient.class::cast).forEach(client -> {
try {
val providerResult = produce(context, client);
providerResult.ifPresent(provider -> {
providers.add(provider);
delegatedClientIdentityProviderRedirectionStrategy.getPrimaryDelegatedAuthenticationProvider(context, service, provider).ifPresent(p -> WebUtils.putDelegatedAuthenticationProviderPrimary(context, p));
});
} catch (final Exception e) {
LOGGER.error("Cannot process client [{}]", client);
LoggingUtils.error(LOGGER, e);
}
});
if (!providers.isEmpty()) {
val selectionType = casProperties.getAuthn().getPac4j().getCore().getDiscoverySelection().getSelectionType();
switch(selectionType) {
case DYNAMIC:
WebUtils.putDelegatedAuthenticationProviderConfigurations(context, new HashSet<>());
WebUtils.putDelegatedAuthenticationDynamicProviderSelection(context, Boolean.TRUE);
break;
case MENU:
default:
WebUtils.putDelegatedAuthenticationProviderConfigurations(context, providers);
WebUtils.putDelegatedAuthenticationDynamicProviderSelection(context, Boolean.FALSE);
break;
}
} else if (response.getStatus() != HttpStatus.UNAUTHORIZED.value()) {
LOGGER.warn("No delegated authentication providers could be determined based on the provided configuration. " + "Either no clients are configured, or the current access strategy rules prohibit CAS from using authentication providers");
}
return providers;
}
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DefaultDelegatedAuthenticationDynamicDiscoveryProviderLocator method locate.
@Override
public Optional<IndirectClient> locate(final DynamicDiscoveryProviderRequest request) {
try {
val resource = casProperties.getAuthn().getPac4j().getCore().getDiscoverySelection().getJson().getLocation();
val mappings = MAPPER.readValue(resource.getInputStream(), new TypeReference<Map<String, DelegatedAuthenticationDynamicDiscoveryProvider>>() {
});
return mappings.entrySet().stream().sorted(Comparator.comparingInt(o -> o.getValue().getOrder())).filter(entry -> RegexUtils.find(entry.getKey(), request.getUserId())).map(Map.Entry::getValue).map(provider -> clients.findClient(provider.getClientName())).flatMap(Optional::stream).map(IndirectClient.class::cast).findFirst();
} catch (final Exception e) {
LoggingUtils.error(LOGGER, e);
}
return Optional.empty();
}
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class DefaultDelegatedClientFactory method configureCasClient.
/**
* Configure cas client.
*
* @param properties the properties
*/
protected void configureCasClient(final Collection<IndirectClient> properties) {
val pac4jProperties = casProperties.getAuthn().getPac4j();
val index = new AtomicInteger();
pac4jProperties.getCas().stream().filter(cas -> cas.isEnabled() && StringUtils.isNotBlank(cas.getLoginUrl())).forEach(cas -> {
val cfg = new CasConfiguration(cas.getLoginUrl(), CasProtocol.valueOf(cas.getProtocol()));
val prefix = PATTERN_LOGIN_URL.matcher(cas.getLoginUrl()).replaceFirst("/");
cfg.setPrefixUrl(StringUtils.appendIfMissing(prefix, "/"));
cfg.setHostnameVerifier(casSSLContext.getHostnameVerifier());
cfg.setSslSocketFactory(casSSLContext.getSslContext().getSocketFactory());
val client = new CasClient(cfg);
if (StringUtils.isBlank(cas.getClientName())) {
val count = index.intValue();
client.setName(client.getClass().getSimpleName() + count);
}
configureClient(client, cas);
index.incrementAndGet();
LOGGER.debug("Created client [{}]", client);
properties.add(client);
});
}
use of org.pac4j.core.client.IndirectClient in project cas by apereo.
the class BaseDelegatedAuthenticationController method getRedirectionAction.
/**
* Gets redirection action.
*
* @param client the client
* @param webContext the web context
* @param ticket the ticket
* @return the redirection action
*/
protected Optional<RedirectionAction> getRedirectionAction(final IndirectClient client, final WebContext webContext, final TransientSessionTicket ticket) {
val properties = ticket.getProperties();
if (properties.containsKey(RedirectionActionBuilder.ATTRIBUTE_FORCE_AUTHN)) {
webContext.setRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_FORCE_AUTHN, true);
}
if (properties.containsKey(RedirectionActionBuilder.ATTRIBUTE_PASSIVE)) {
webContext.setRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_PASSIVE, true);
}
if (ticket.getService() != null) {
configureWebContextForRegisteredService(webContext, ticket);
}
configurationContext.getDelegatedClientAuthenticationRequestCustomizers().stream().sorted(AnnotationAwareOrderComparator.INSTANCE).filter(c -> c.supports(client, webContext)).forEach(c -> c.customize(client, webContext));
return client.getRedirectionActionBuilder().getRedirectionAction(webContext, configurationContext.getSessionStore());
}
use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.
the class DefaultCallbackLogicTests method testCallback.
@Test
public void testCallback() {
final var originalSessionId = sessionStore.getSessionId(context, false);
context.addRequestParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, NAME);
final var profile = new CommonProfile();
final IndirectClient indirectClient = new MockIndirectClient(NAME, null, Optional.of(new MockCredentials()), profile);
config.setClients(new Clients(CALLBACK_URL, indirectClient));
call();
final var newSessionId = sessionStore.getSessionId(context, false);
final var profiles = (LinkedHashMap<String, CommonProfile>) sessionStore.get(context, Pac4jConstants.USER_PROFILES).get();
assertTrue(profiles.containsValue(profile));
assertEquals(1, profiles.size());
assertNotEquals(newSessionId, originalSessionId);
assertEquals(302, action.getCode());
assertEquals(Pac4jConstants.DEFAULT_URL_VALUE, ((FoundAction) action).getLocation());
}
Aggregations