Examples with IndirectClient org.pac4j.core.client.IndirectClient used on opensource projects

Example 11 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project cas by apereo.

the class DefaultDelegatedClientIdentityProviderConfigurationProducer method produce.

@Override
public Set<DelegatedClientIdentityProviderConfiguration> produce(final RequestContext context) {
    val currentService = WebUtils.getService(context);
    val service = authenticationRequestServiceSelectionStrategies.resolveService(currentService, WebApplicationService.class);
    val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
    val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context);
    val webContext = new JEEContext(request, response);
    LOGGER.debug("Initialized context with request parameters [{}]", webContext.getRequestParameters());
    val allClients = this.clients.findAllClients();
    val providers = new LinkedHashSet<DelegatedClientIdentityProviderConfiguration>(allClients.size());
    allClients.stream().filter(client -> client instanceof IndirectClient && isDelegatedClientAuthorizedForService(client, service, request)).map(IndirectClient.class::cast).forEach(client -> {
        try {
            val providerResult = produce(context, client);
            providerResult.ifPresent(provider -> {
                providers.add(provider);
                delegatedClientIdentityProviderRedirectionStrategy.getPrimaryDelegatedAuthenticationProvider(context, service, provider).ifPresent(p -> WebUtils.putDelegatedAuthenticationProviderPrimary(context, p));
            });
        } catch (final Exception e) {
            LOGGER.error("Cannot process client [{}]", client);
            LoggingUtils.error(LOGGER, e);
        }
    });
    if (!providers.isEmpty()) {
        val selectionType = casProperties.getAuthn().getPac4j().getCore().getDiscoverySelection().getSelectionType();
        switch(selectionType) {
            case DYNAMIC:
                WebUtils.putDelegatedAuthenticationProviderConfigurations(context, new HashSet<>());
                WebUtils.putDelegatedAuthenticationDynamicProviderSelection(context, Boolean.TRUE);
                break;
            case MENU:
            default:
                WebUtils.putDelegatedAuthenticationProviderConfigurations(context, providers);
                WebUtils.putDelegatedAuthenticationDynamicProviderSelection(context, Boolean.FALSE);
                break;
        }
    } else if (response.getStatus() != HttpStatus.UNAUTHORIZED.value()) {
        LOGGER.warn("No delegated authentication providers could be determined based on the provided configuration. " + "Either no clients are configured, or the current access strategy rules prohibit CAS from using authentication providers");
    }
    return providers;
}

Example 12 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project cas by apereo.

the class DefaultDelegatedAuthenticationDynamicDiscoveryProviderLocator method locate.

@Override
public Optional<IndirectClient> locate(final DynamicDiscoveryProviderRequest request) {
    try {
        val resource = casProperties.getAuthn().getPac4j().getCore().getDiscoverySelection().getJson().getLocation();
        val mappings = MAPPER.readValue(resource.getInputStream(), new TypeReference<Map<String, DelegatedAuthenticationDynamicDiscoveryProvider>>() {
        });
        return mappings.entrySet().stream().sorted(Comparator.comparingInt(o -> o.getValue().getOrder())).filter(entry -> RegexUtils.find(entry.getKey(), request.getUserId())).map(Map.Entry::getValue).map(provider -> clients.findClient(provider.getClientName())).flatMap(Optional::stream).map(IndirectClient.class::cast).findFirst();
    } catch (final Exception e) {
        LoggingUtils.error(LOGGER, e);
    }
    return Optional.empty();
}

Example 13 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project cas by apereo.

the class DefaultDelegatedClientFactory method configureCasClient.

/**
 * Configure cas client.
 *
 * @param properties the properties
 */
protected void configureCasClient(final Collection<IndirectClient> properties) {
    val pac4jProperties = casProperties.getAuthn().getPac4j();
    val index = new AtomicInteger();
    pac4jProperties.getCas().stream().filter(cas -> cas.isEnabled() && StringUtils.isNotBlank(cas.getLoginUrl())).forEach(cas -> {
        val cfg = new CasConfiguration(cas.getLoginUrl(), CasProtocol.valueOf(cas.getProtocol()));
        val prefix = PATTERN_LOGIN_URL.matcher(cas.getLoginUrl()).replaceFirst("/");
        cfg.setPrefixUrl(StringUtils.appendIfMissing(prefix, "/"));
        cfg.setHostnameVerifier(casSSLContext.getHostnameVerifier());
        cfg.setSslSocketFactory(casSSLContext.getSslContext().getSocketFactory());
        val client = new CasClient(cfg);
        if (StringUtils.isBlank(cas.getClientName())) {
            val count = index.intValue();
            client.setName(client.getClass().getSimpleName() + count);
        }
        configureClient(client, cas);
        index.incrementAndGet();
        LOGGER.debug("Created client [{}]", client);
        properties.add(client);
    });
}

Example 14 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project cas by apereo.

the class BaseDelegatedAuthenticationController method getRedirectionAction.

/**
 * Gets redirection action.
 *
 * @param client     the client
 * @param webContext the web context
 * @param ticket     the ticket
 * @return the redirection action
 */
protected Optional<RedirectionAction> getRedirectionAction(final IndirectClient client, final WebContext webContext, final TransientSessionTicket ticket) {
    val properties = ticket.getProperties();
    if (properties.containsKey(RedirectionActionBuilder.ATTRIBUTE_FORCE_AUTHN)) {
        webContext.setRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_FORCE_AUTHN, true);
    }
    if (properties.containsKey(RedirectionActionBuilder.ATTRIBUTE_PASSIVE)) {
        webContext.setRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_PASSIVE, true);
    }
    if (ticket.getService() != null) {
        configureWebContextForRegisteredService(webContext, ticket);
    }
    configurationContext.getDelegatedClientAuthenticationRequestCustomizers().stream().sorted(AnnotationAwareOrderComparator.INSTANCE).filter(c -> c.supports(client, webContext)).forEach(c -> c.customize(client, webContext));
    return client.getRedirectionActionBuilder().getRedirectionAction(webContext, configurationContext.getSessionStore());
}

Example 15 with IndirectClient

use of org.pac4j.core.client.IndirectClient in project pac4j by pac4j.

the class DefaultCallbackLogicTests method testCallback.

@Test
public void testCallback() {
    final var originalSessionId = sessionStore.getSessionId(context, false);
    context.addRequestParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, NAME);
    final var profile = new CommonProfile();
    final IndirectClient indirectClient = new MockIndirectClient(NAME, null, Optional.of(new MockCredentials()), profile);
    config.setClients(new Clients(CALLBACK_URL, indirectClient));
    call();
    final var newSessionId = sessionStore.getSessionId(context, false);
    final var profiles = (LinkedHashMap<String, CommonProfile>) sessionStore.get(context, Pac4jConstants.USER_PROFILES).get();
    assertTrue(profiles.containsValue(profile));
    assertEquals(1, profiles.size());
    assertNotEquals(newSessionId, originalSessionId);
    assertEquals(302, action.getCode());
    assertEquals(Pac4jConstants.DEFAULT_URL_VALUE, ((FoundAction) action).getLocation());
}