use of org.pac4j.core.exception.HttpAction in project cas by apereo.
the class DelegatedClientAuthenticationAction method prepareForLoginPage.
/**
* Prepare the data for the login page.
*
* @param context The current webflow context
* @throws HttpAction the http action
*/
protected void prepareForLoginPage(final RequestContext context) throws HttpAction {
final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
final HttpSession session = request.getSession();
// web context
final WebContext webContext = WebUtils.getPac4jJ2EContext(request, response);
// save parameters in web session
final WebApplicationService service = WebUtils.getService(context);
LOGGER.debug("save service: [{}]", service);
session.setAttribute(CasProtocolConstants.PARAMETER_SERVICE, service);
saveRequestParameter(request, session, this.themeParamName);
saveRequestParameter(request, session, this.localParamName);
saveRequestParameter(request, session, CasProtocolConstants.PARAMETER_METHOD);
final Set<ProviderLoginPageConfiguration> urls = new LinkedHashSet<>();
this.clients.findAllClients().forEach(client -> {
try {
final IndirectClient indirectClient = (IndirectClient) client;
final String name = client.getName().replaceAll("Client\\d*", "");
final String redirectionUrl = indirectClient.getRedirectAction(webContext).getLocation();
LOGGER.debug("[{}] -> [{}]", name, redirectionUrl);
urls.add(new ProviderLoginPageConfiguration(name, redirectionUrl, name.toLowerCase()));
} catch (final HttpAction e) {
if (e.getCode() == HttpStatus.UNAUTHORIZED.value()) {
LOGGER.debug("Authentication request was denied from the provider [{}]", client.getName());
} else {
LOGGER.warn(e.getMessage(), e);
}
} catch (final Exception e) {
LOGGER.error("Cannot process client [{}]", client, e);
}
});
if (!urls.isEmpty()) {
context.getFlowScope().put(PAC4J_URLS, urls);
} else if (response.getStatus() != HttpStatus.UNAUTHORIZED.value()) {
LOGGER.warn("No clients could be determined based on the provided configuration");
}
}
use of org.pac4j.core.exception.HttpAction in project cas by apereo.
the class ClientAuthenticationHandler method doAuthentication.
@Override
protected AuthenticationHandlerExecutionResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
try {
final ClientCredential clientCredentials = (ClientCredential) credential;
LOGGER.debug("Located client credentials as [{}]", clientCredentials);
final Credentials credentials = clientCredentials.getCredentials();
LOGGER.debug("Client name: [{}]", clientCredentials.getClientName());
// get client
final Client client = this.clients.findClient(clientCredentials.getClientName());
LOGGER.debug("Delegated client is: [{}]", client);
final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext();
final HttpServletResponse response = WebUtils.getHttpServletResponseFromExternalWebflowContext();
final WebContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
final UserProfile userProfile = client.getUserProfile(credentials, webContext);
LOGGER.debug("Final user profile is: [{}]", userProfile);
return createResult(clientCredentials, userProfile);
} catch (final HttpAction e) {
throw new PreventedException(e);
}
}
use of org.pac4j.core.exception.HttpAction in project pac4j by pac4j.
the class BaseClientTests method testAlreadyTried.
@Test
public void testAlreadyTried() {
final MockIndirectClient client = new MockIndirectClient(TYPE, RedirectAction.redirect(LOGIN_URL), (Credentials) null, new CommonProfile());
client.setCallbackUrl(CALLBACK_URL);
final MockWebContext context = MockWebContext.create();
context.getSessionStore().set(context, client.getName() + IndirectClient.ATTEMPTED_AUTHENTICATION_SUFFIX, "true");
final HttpAction e = (HttpAction) TestsHelper.expectException(() -> client.redirect(context));
assertEquals(401, e.getCode());
assertEquals(401, context.getResponseStatus());
}
use of org.pac4j.core.exception.HttpAction in project pac4j by pac4j.
the class BaseClientTests method testAjaxRequest.
@Test
public void testAjaxRequest() {
final MockIndirectClient client = new MockIndirectClient(TYPE, RedirectAction.redirect(LOGIN_URL), (Credentials) null, new CommonProfile());
client.setCallbackUrl(CALLBACK_URL);
final MockWebContext context = MockWebContext.create().addRequestHeader(HttpConstants.AJAX_HEADER_NAME, HttpConstants.AJAX_HEADER_VALUE);
final HttpAction e = (HttpAction) TestsHelper.expectException(() -> client.redirect(context));
assertEquals(401, e.getCode());
assertEquals(401, context.getResponseStatus());
}
use of org.pac4j.core.exception.HttpAction in project pac4j by pac4j.
the class DefaultCallbackLogic method perform.
@Override
public R perform(final C context, final Config config, final HttpActionAdapter<R, C> httpActionAdapter, final String inputDefaultUrl, final Boolean inputSaveInSession, final Boolean inputMultiProfile, final Boolean inputRenewSession, final String client) {
logger.debug("=== CALLBACK ===");
HttpAction action;
try {
// default values
final String defaultUrl;
if (inputDefaultUrl == null) {
defaultUrl = Pac4jConstants.DEFAULT_URL_VALUE;
} else {
defaultUrl = inputDefaultUrl;
}
final boolean saveInSession;
if (inputSaveInSession == null) {
saveInSession = true;
} else {
saveInSession = inputSaveInSession;
}
final boolean multiProfile;
if (inputMultiProfile == null) {
multiProfile = false;
} else {
multiProfile = inputMultiProfile;
}
final boolean renewSession;
if (inputRenewSession == null) {
renewSession = true;
} else {
renewSession = inputRenewSession;
}
// checks
assertNotNull("clientFinder", clientFinder);
assertNotNull("context", context);
assertNotNull("config", config);
assertNotNull("httpActionAdapter", httpActionAdapter);
assertNotBlank(Pac4jConstants.DEFAULT_URL, defaultUrl);
final Clients clients = config.getClients();
assertNotNull("clients", clients);
// logic
final List<Client> foundClients = clientFinder.find(clients, context, client);
assertTrue(foundClients != null && foundClients.size() == 1, "unable to find one indirect client for the callback: check the callback URL for a client name parameter or suffix path" + " or ensure that your configuration defaults to one indirect client");
final Client foundClient = foundClients.get(0);
logger.debug("foundClient: {}", foundClient);
assertNotNull("foundClient", foundClient);
final Credentials credentials = foundClient.getCredentials(context);
logger.debug("credentials: {}", credentials);
final CommonProfile profile = foundClient.getUserProfile(credentials, context);
logger.debug("profile: {}", profile);
saveUserProfile(context, config, profile, saveInSession, multiProfile, renewSession);
action = redirectToOriginallyRequestedUrl(context, defaultUrl);
} catch (final RuntimeException e) {
return handleException(e, httpActionAdapter, context);
}
return httpActionAdapter.adapt(action.getCode(), context);
}
Aggregations