Example 11 with Config
use of org.pac4j.core.config.Config in project cas by apereo.
the class CasSecurityContextConfiguration method casAdminPagesPac4jConfig.
@RefreshScope
@Bean
public Config casAdminPagesPac4jConfig() {
try {
final AdminPagesSecurityProperties adminProps = casProperties.getAdminPagesSecurity();
if (StringUtils.isNotBlank(adminProps.getLoginUrl()) && StringUtils.isNotBlank(adminProps.getService())) {
final CasConfiguration casConfig = new CasConfiguration(adminProps.getLoginUrl());
final DirectCasClient client = new DirectCasClient(casConfig);
client.setName(CAS_CLIENT_NAME);
final Config cfg = new Config(adminProps.getService(), client);
if (adminProps.getUsers() == null) {
LOGGER.warn("List of authorized users for admin pages security is not defined. " + "Allowing access for all authenticated users");
client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
cfg.setAuthorizer(new IsAuthenticatedAuthorizer());
} else {
final Resource file = ResourceUtils.prepareClasspathResourceIfNeeded(adminProps.getUsers());
if (file != null && file.exists()) {
LOGGER.debug("Loading list of authorized users from [{}]", file);
final Properties properties = new Properties();
properties.load(file.getInputStream());
client.setAuthorizationGenerator(new SpringSecurityPropertiesAuthorizationGenerator(properties));
cfg.setAuthorizer(new RequireAnyRoleAuthorizer(adminProps.getAdminRoles()));
}
}
return cfg;
}
} catch (final Exception e) {
LOGGER.warn(e.getMessage(), e);
}
return new Config();
}
Also used :
DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient)
IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer)
SpringSecurityPropertiesAuthorizationGenerator(org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator)
CasConfiguration(org.pac4j.cas.config.CasConfiguration)
Config(org.pac4j.core.config.Config)
Resource(org.springframework.core.io.Resource)
AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties)
Properties(java.util.Properties)
AdminPagesSecurityProperties(org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)
RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
Bean(org.springframework.context.annotation.Bean)
Example 12 with Config
use of org.pac4j.core.config.Config in project pac4j by pac4j.
the class DefaultLogoutLogicTests method setUp.
@Before
public void setUp() {
logic = new DefaultLogoutLogic<>();
context = MockWebContext.create();
config = new Config();
config.setClients(new Clients());
httpActionAdapter = (code, ctx) -> null;
defaultUrl = null;
logoutUrlPattern = null;
localLogout = null;
centralLogout = null;
profiles = new LinkedHashMap<>();
}Example 13 with Config
use of org.pac4j.core.config.Config in project pac4j by pac4j.
the class DefaultCallbackLogicTests method setUp.
@Before
public void setUp() {
logic = new DefaultCallbackLogic<>();
request = new MockHttpServletRequest();
response = new MockHttpServletResponse();
context = new J2EContext(request, response);
config = new Config();
httpActionAdapter = (code, ctx) -> null;
defaultUrl = null;
renewSession = null;
clientFinder = new DefaultCallbackClientFinder();
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Config(org.pac4j.core.config.Config)
DefaultCallbackClientFinder(org.pac4j.core.client.finder.DefaultCallbackClientFinder)
J2EContext(org.pac4j.core.context.J2EContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Before(org.junit.Before)
Example 14 with Config
use of org.pac4j.core.config.Config in project druid by druid-io.
the class Pac4jAuthenticator method createPac4jConfig.
private Config createPac4jConfig(OIDCConfig oidcConfig) {
OidcConfiguration oidcConf = new OidcConfiguration();
oidcConf.setClientId(oidcConfig.getClientID());
oidcConf.setSecret(oidcConfig.getClientSecret().getPassword());
oidcConf.setDiscoveryURI(oidcConfig.getDiscoveryURI());
oidcConf.setExpireSessionWithToken(true);
oidcConf.setUseNonce(true);
oidcConf.setReadTimeout(Ints.checkedCast(pac4jCommonConfig.getReadTimeout().getMillis()));
oidcConf.setResourceRetriever(// ResourceRetriever is used to get Auth server configuration from "discoveryURI"
new CustomSSLResourceRetriever(pac4jCommonConfig.getReadTimeout().getMillis(), sslSocketFactory));
OidcClient oidcClient = new OidcClient(oidcConf);
oidcClient.setUrlResolver(new DefaultUrlResolver(true));
oidcClient.setCallbackUrlResolver(new NoParameterCallbackUrlResolver());
// This is used by OidcClient in various places to make HTTPrequests.
if (sslSocketFactory != null) {
HTTPRequest.setDefaultSSLSocketFactory(sslSocketFactory);
}
return new Config(Pac4jCallbackResource.SELF_URL, oidcClient);
}
Also used :
OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration)
OidcClient(org.pac4j.oidc.client.OidcClient)
Config(org.pac4j.core.config.Config)
DefaultUrlResolver(org.pac4j.core.http.url.DefaultUrlResolver)
NoParameterCallbackUrlResolver(org.pac4j.core.http.callback.NoParameterCallbackUrlResolver)
Aggregations
Config (org.pac4j.core.config.Config)14
Bean (org.springframework.context.annotation.Bean)7
RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)5
CasConfiguration (org.pac4j.cas.config.CasConfiguration)4
AdminPagesSecurityProperties (org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)3
Before (org.junit.Before)3
CasClient (org.pac4j.cas.client.CasClient)3
DirectCasClient (org.pac4j.cas.client.direct.DirectCasClient)3
IsAuthenticatedAuthorizer (org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer)3
RequireAnyRoleAuthorizer (org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)3
Clients (org.pac4j.core.client.Clients)3
HashMap (java.util.HashMap)2
Properties (java.util.Properties)2
CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)2
CasSecurityInterceptor (org.apereo.cas.web.pac4j.CasSecurityInterceptor)2
SpringSecurityPropertiesAuthorizationGenerator (org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator)2
J2ESessionStore (org.pac4j.core.context.session.J2ESessionStore)2
UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)2
IndirectBasicAuthClient (org.pac4j.http.client.indirect.IndirectBasicAuthClient)2
SimpleTestUsernamePasswordAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator)2
