Example 46 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class AzureAdProfile method isExpired.
@Override
public boolean isExpired() {
try {
JWT jwt = this.getIdToken();
JWTClaimsSet claims = jwt.getJWTClaimsSet();
Date expiresOn = claims.getExpirationTime();
Calendar now = Calendar.getInstance();
now.add(Calendar.SECOND, idTokenExpireAdvance);
if (expiresOn.before(now.getTime())) {
return true;
}
} catch (ParseException e) {
throw new TechnicalException(e);
}
return false;
}
Also used :
TechnicalException(org.pac4j.core.exception.TechnicalException)
JWT(com.nimbusds.jwt.JWT)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
Calendar(java.util.Calendar)
ParseException(java.text.ParseException)
Date(java.util.Date)
Example 47 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class DbAuthenticatorBuilder method tryBuildDbAuthenticator.
public void tryBuildDbAuthenticator(final Map<String, Authenticator> authenticators, final Map<String, PasswordEncoder> encoders) {
for (int i = 0; i <= MAX_NUM_AUTHENTICATORS; i++) {
if (containsProperty(DB_DATASOURCE_CLASS_NAME, i) || containsProperty(DB_JDBC_URL, i)) {
try {
final DataSource ds = buildDataSource(i);
final DbProfileService authenticator = new DbProfileService(ds);
if (containsProperty(DB_ATTRIBUTES, i)) {
authenticator.setAttributes(getProperty(DB_ATTRIBUTES, i));
}
if (containsProperty(DB_USER_ID_ATTRIBUTE, i)) {
authenticator.setIdAttribute(getProperty(DB_USER_ID_ATTRIBUTE, i));
}
if (containsProperty(DB_USERNAME_ATTRIBUTE, i)) {
authenticator.setUsernameAttribute(getProperty(DB_USERNAME_ATTRIBUTE, i));
}
if (containsProperty(DB_USER_PASSWORD_ATTRIBUTE, i)) {
authenticator.setPasswordAttribute(getProperty(DB_USER_PASSWORD_ATTRIBUTE, i));
}
if (containsProperty(DB_USERS_TABLE, i)) {
authenticator.setUsersTable(getProperty(DB_USERS_TABLE, i));
}
if (containsProperty(DB_PASSWORD_ENCODER, i)) {
authenticator.setPasswordEncoder(encoders.get(getProperty(DB_PASSWORD_ENCODER, i)));
}
authenticators.put(concat("db", i), authenticator);
} catch (final SQLException e) {
throw new TechnicalException(e);
}
}
}
}
Also used :
TechnicalException(org.pac4j.core.exception.TechnicalException)
SQLException(java.sql.SQLException)
DbProfileService(org.pac4j.sql.profile.service.DbProfileService)
HikariDataSource(com.zaxxer.hikari.HikariDataSource)
DataSource(javax.sql.DataSource)
Example 48 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class SpringEncoderBuilder method tryCreatePasswordEncoder.
public void tryCreatePasswordEncoder(final Map<String, org.pac4j.core.credentials.password.PasswordEncoder> encoders) {
for (int i = 0; i <= MAX_NUM_ENCODERS; i++) {
final String type = getProperty(SPRING_ENCODER_TYPE, i);
if (isNotBlank(type)) {
final PasswordEncoder encoder;
if (SpringEncoderType.NOOP.toString().equalsIgnoreCase(type)) {
encoder = NoOpPasswordEncoder.getInstance();
} else if (SpringEncoderType.BCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_BCRYPT_LENGTH, i)) {
encoder = new BCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_BCRYPT_LENGTH, i));
} else {
encoder = new BCryptPasswordEncoder();
}
} else if (SpringEncoderType.PBKDF2.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_PBKDF2_SECRET, i)) {
final String secret = getProperty(SPRING_ENCODER_PBKDF2_SECRET, i);
if (containsProperty(SPRING_ENCODER_PBKDF2_ITERATIONS, i) && containsProperty(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i)) {
encoder = new Pbkdf2PasswordEncoder(secret, getPropertyAsInteger(SPRING_ENCODER_PBKDF2_ITERATIONS, i), getPropertyAsInteger(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i));
} else {
encoder = new Pbkdf2PasswordEncoder(secret);
}
} else {
encoder = new Pbkdf2PasswordEncoder();
}
} else if (SpringEncoderType.SCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_SCRYPT_CPU_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_MEMORY_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i) && containsProperty(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i) && containsProperty(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i)) {
encoder = new SCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_SCRYPT_CPU_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_MEMORY_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i));
} else {
encoder = new SCryptPasswordEncoder();
}
} else if (SpringEncoderType.STANDARD.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_STANDARD_SECRET, i)) {
encoder = new StandardPasswordEncoder(getProperty(SPRING_ENCODER_STANDARD_SECRET, i));
} else {
encoder = new StandardPasswordEncoder();
}
} else {
throw new TechnicalException("Unsupported spring encoder type: " + type);
}
encoders.put(concat(SPRING_ENCODER, i), new SpringSecurityPasswordEncoder(encoder));
}
}
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
TechnicalException(org.pac4j.core.exception.TechnicalException)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
SpringSecurityPasswordEncoder(org.pac4j.core.credentials.password.SpringSecurityPasswordEncoder)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
SpringSecurityPasswordEncoder(org.pac4j.core.credentials.password.SpringSecurityPasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 49 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class DirectCasProxyClientTests method testTokenExistsValidationOccurs.
@Test
public void testTokenExistsValidationOccurs() {
final CasConfiguration configuration = new CasConfiguration();
configuration.setLoginUrl(LOGIN_URL);
configuration.setProtocol(CasProtocol.CAS30_PROXY);
configuration.setDefaultTicketValidator((ticket, service) -> {
if (TICKET.equals(ticket) && CALLBACK_URL.equals(service)) {
return new AssertionImpl(TICKET);
}
throw new TechnicalException("Bad ticket or service");
});
final DirectCasProxyClient client = new DirectCasProxyClient(configuration, CALLBACK_URL);
final MockWebContext context = MockWebContext.create();
context.setFullRequestURL(CALLBACK_URL + "?" + CasConfiguration.TICKET_PARAMETER + "=" + TICKET);
context.addRequestParameter(CasConfiguration.TICKET_PARAMETER, TICKET);
final TokenCredentials credentials = client.getCredentials(context);
assertEquals(TICKET, credentials.getToken());
final CommonProfile profile = credentials.getUserProfile();
assertTrue(profile instanceof CasProfile);
assertEquals(TICKET, profile.getId());
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
CasProfile(org.pac4j.cas.profile.CasProfile)
MockWebContext(org.pac4j.core.context.MockWebContext)
TechnicalException(org.pac4j.core.exception.TechnicalException)
CasConfiguration(org.pac4j.cas.config.CasConfiguration)
CommonProfile(org.pac4j.core.profile.CommonProfile)
TokenCredentials(org.pac4j.core.credentials.TokenCredentials)
Test(org.junit.Test)
Example 50 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class DefaultSecurityClientFinder method find.
public List<Client> find(final Clients clients, final WebContext context, final String clientNames) {
final List<Client> result = new ArrayList<>();
String securityClientNames = clientNames;
// we don't have defined clients to secure the URL, use the general default security ones from the Clients if they exist
// we check the nullity and not the blankness to allow the blank string to mean no client
// so no clients parameter -> use the default security ones; clients=blank string -> no clients defined
logger.debug("Provided clientNames: {}", securityClientNames);
if (clientNames == null) {
securityClientNames = clients.getDefaultSecurityClients();
logger.debug("Default security clients: {}", securityClientNames);
// still no clients defined and we only have one client, use it
if (securityClientNames == null && clients.findAllClients().size() == 1) {
securityClientNames = clients.getClients().get(0).getName();
logger.debug("Only client: {}", securityClientNames);
}
}
if (CommonHelper.isNotBlank(securityClientNames)) {
final List<String> names = Arrays.asList(securityClientNames.split(Pac4jConstants.ELEMENT_SEPRATOR));
// if a "client_name" parameter is provided on the request, get the client
// and check if it is allowed (defined in the list of the clients)
final String clientNameOnRequest = context.getRequestParameter(clientNameParameter);
logger.debug("clientNameOnRequest: {}", clientNameOnRequest);
if (clientNameOnRequest != null) {
// from the request
final Client client = clients.findClient(clientNameOnRequest);
final String nameFound = client.getName();
// if allowed -> return it
boolean found = false;
for (final String name : names) {
if (CommonHelper.areEqualsIgnoreCaseAndTrim(name, nameFound)) {
result.add(client);
found = true;
break;
}
}
if (!found) {
throw new TechnicalException("Client not allowed: " + nameFound);
}
} else {
// no client provided, return all
for (final String name : names) {
// from its name
final Client client = clients.findClient(name);
result.add(client);
}
}
}
logger.debug("result: {}", result.stream().map(c -> c.getName()).collect(Collectors.toList()));
return result;
}
Also used :
TechnicalException(org.pac4j.core.exception.TechnicalException)
ArrayList(java.util.ArrayList)
Client(org.pac4j.core.client.Client)
Aggregations
TechnicalException (org.pac4j.core.exception.TechnicalException)54
IOException (java.io.IOException)16
JWT (com.nimbusds.jwt.JWT)6
SignedJWT (com.nimbusds.jwt.SignedJWT)4
HTTPRequest (com.nimbusds.oauth2.sdk.http.HTTPRequest)4
HTTPResponse (com.nimbusds.oauth2.sdk.http.HTTPResponse)4
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)4
HttpURLConnection (java.net.HttpURLConnection)4
URI (java.net.URI)4
URISyntaxException (java.net.URISyntaxException)4
URL (java.net.URL)4
ArrayList (java.util.ArrayList)4
OAuthException (com.github.scribejava.core.exceptions.OAuthException)3
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)3
ParseException (com.nimbusds.oauth2.sdk.ParseException)3
BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)3
BufferedWriter (java.io.BufferedWriter)3
OutputStreamWriter (java.io.OutputStreamWriter)3
HashMap (java.util.HashMap)3
Test (org.junit.Test)3
