Example 66 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class RunIdentityServer4 method getClient.
@Override
protected IndirectClient getClient() {
final var configuration = new OidcConfiguration();
configuration.setClientId("test");
configuration.setSecret("secret");
configuration.setDiscoveryURI("http://localhost:1941/.well-known/openid-configuration");
if (flow == Flow.IMPLICIT_FLOW) {
// AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials,
configuration.setResponseType("id_token");
configuration.setResponseMode("form_post");
configuration.setUseNonce(true);
logger.warn("For the implicit flow, copy / paste the form body parameters after a ? as the returned url");
} else if (flow == Flow.IMPLICIT_FLOW_CLIENT_SIDE) {
// this flow can not be used in fact (as data ae passed as anchor parameters, only on client side)
// AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials,
configuration.setResponseType("id_token");
configuration.setUseNonce(true);
/*} else if (flow == Flow.AUTHORIZATION_CODE) {
AllowedGrantTypes = GrantTypes.CodeAndClientCredentials,*/
} else if (flow == Flow.HYBRID_FLOW) {
// AllowAccessTokensViaBrowser = true, AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
configuration.setResponseType("code id_token token");
configuration.setUseNonce(true);
} else if (flow != Flow.AUTHORIZATION_CODE) {
throw new TechnicalException("Unsupported flow for tests");
}
final var client = new OidcClient(configuration);
client.setCallbackUrl(PAC4J_BASE_URL);
return client;
}
Also used :
OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration)
TechnicalException(org.pac4j.core.exception.TechnicalException)
OidcClient(org.pac4j.oidc.client.OidcClient)
Example 67 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class SAML2Client method initSAMLProfileHandler.
protected void initSAMLProfileHandler() {
final SAML2MessageReceiver messageReceiver;
if (configuration.getResponseBindingType().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
messageReceiver = new SAML2WebSSOMessageReceiver(this.authnResponseValidator, this.configuration);
} else if (configuration.getResponseBindingType().equals(SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) {
messageReceiver = new SAML2ArtifactBindingMessageReceiver(this.authnResponseValidator, this.idpMetadataResolver, this.spMetadataResolver, this.soapPipelineProvider, this.configuration);
} else {
throw new TechnicalException("Unsupported response binding type: " + configuration.getResponseBindingType());
}
this.profileHandler = new SAML2WebSSOProfileHandler(new SAML2WebSSOMessageSender(this.signatureSigningParametersProvider, this.configuration.getAuthnRequestBindingType(), true, this.configuration.isAuthnRequestSigned()), messageReceiver);
}
Also used :
SAML2WebSSOMessageSender(org.pac4j.saml.sso.impl.SAML2WebSSOMessageSender)
TechnicalException(org.pac4j.core.exception.TechnicalException)
SAML2WebSSOProfileHandler(org.pac4j.saml.sso.impl.SAML2WebSSOProfileHandler)
SAML2MessageReceiver(org.pac4j.saml.profile.api.SAML2MessageReceiver)
SAML2WebSSOMessageReceiver(org.pac4j.saml.sso.impl.SAML2WebSSOMessageReceiver)
SAML2ArtifactBindingMessageReceiver(org.pac4j.saml.sso.artifact.SAML2ArtifactBindingMessageReceiver)
Example 68 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class CronofyService method createAccessTokenRequest.
protected OAuthRequest createAccessTokenRequest(AccessTokenRequestParams params) {
final OAuthRequest request = new OAuthRequest(api.getAccessTokenVerb(), api.getAccessTokenEndpoint());
final Map<String, String> map = new HashMap<>();
map.put("client_id", getApiKey());
map.put("client_secret", getApiSecret());
map.put(OAuthConstants.GRANT_TYPE, OAuthConstants.AUTHORIZATION_CODE);
map.put(OAuthConstants.CODE, params.getCode());
map.put(OAuthConstants.REDIRECT_URI, getCallback());
final String json;
try {
json = JsonHelper.getMapper().writeValueAsString(map);
} catch (final JsonProcessingException e) {
throw new TechnicalException(e);
}
request.setPayload(json);
request.addHeader("Content-Type", "application/json; charset=utf-8");
logRequestWithParams("access token", request);
return request;
}
Also used :
OAuthRequest(com.github.scribejava.core.model.OAuthRequest)
TechnicalException(org.pac4j.core.exception.TechnicalException)
HashMap(java.util.HashMap)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
Example 69 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class SpringEncoderBuilder method tryCreatePasswordEncoder.
public void tryCreatePasswordEncoder(final Map<String, org.pac4j.core.credentials.password.PasswordEncoder> encoders) {
for (var i = 0; i <= MAX_NUM_ENCODERS; i++) {
final var type = getProperty(SPRING_ENCODER_TYPE, i);
if (isNotBlank(type)) {
final PasswordEncoder encoder;
if (SpringEncoderType.NOOP.toString().equalsIgnoreCase(type)) {
LOGGER.debug("Please notice that the NOOP Spring encoder type is insecure and for tests only");
encoder = NoOpPasswordEncoder.getInstance();
} else if (SpringEncoderType.BCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_BCRYPT_LENGTH, i)) {
encoder = new BCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_BCRYPT_LENGTH, i));
} else {
encoder = new BCryptPasswordEncoder();
}
} else if (SpringEncoderType.PBKDF2.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_PBKDF2_SECRET, i)) {
final var secret = getProperty(SPRING_ENCODER_PBKDF2_SECRET, i);
if (containsProperty(SPRING_ENCODER_PBKDF2_ITERATIONS, i) && containsProperty(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i)) {
encoder = new Pbkdf2PasswordEncoder(secret, getPropertyAsInteger(SPRING_ENCODER_PBKDF2_ITERATIONS, i), getPropertyAsInteger(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i));
} else {
encoder = new Pbkdf2PasswordEncoder(secret);
}
} else {
encoder = new Pbkdf2PasswordEncoder();
}
} else if (SpringEncoderType.SCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_SCRYPT_CPU_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_MEMORY_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i) && containsProperty(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i) && containsProperty(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i)) {
encoder = new SCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_SCRYPT_CPU_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_MEMORY_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i));
} else {
encoder = new SCryptPasswordEncoder();
}
} else if (SpringEncoderType.STANDARD.toString().equalsIgnoreCase(type)) {
LOGGER.debug("Please notice that the STANDARD Spring encoder type is insecure and for tests only");
if (containsProperty(SPRING_ENCODER_STANDARD_SECRET, i)) {
encoder = new StandardPasswordEncoder(getProperty(SPRING_ENCODER_STANDARD_SECRET, i));
} else {
encoder = new StandardPasswordEncoder();
}
} else {
throw new TechnicalException("Unsupported spring encoder type: " + type);
}
encoders.put(concat(SPRING_ENCODER, i), new SpringSecurityPasswordEncoder(encoder));
}
}
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
TechnicalException(org.pac4j.core.exception.TechnicalException)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
SpringSecurityPasswordEncoder(org.pac4j.core.credentials.password.SpringSecurityPasswordEncoder)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
SpringSecurityPasswordEncoder(org.pac4j.core.credentials.password.SpringSecurityPasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 70 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class AbstractCasRestClient method validateServiceTicket.
public CasProfile validateServiceTicket(final String serviceURL, final TokenCredentials ticket, final WebContext context) {
try {
final var assertion = configuration.retrieveTicketValidator(context).validate(ticket.getToken(), serviceURL);
final var principal = assertion.getPrincipal();
final var casProfile = new CasProfile();
casProfile.setId(ProfileHelper.sanitizeIdentifier(principal.getName()));
casProfile.addAttributes(principal.getAttributes());
return casProfile;
} catch (final TicketValidationException e) {
throw new TechnicalException(e);
}
}
Also used :
CasProfile(org.pac4j.cas.profile.CasProfile)
TechnicalException(org.pac4j.core.exception.TechnicalException)
TicketValidationException(org.jasig.cas.client.validation.TicketValidationException)
Aggregations
TechnicalException (org.pac4j.core.exception.TechnicalException)81
IOException (java.io.IOException)26
URI (java.net.URI)7
URISyntaxException (java.net.URISyntaxException)7
HashMap (java.util.HashMap)7
OAuthException (com.github.scribejava.core.exceptions.OAuthException)6
JWT (com.nimbusds.jwt.JWT)6
ParseException (com.nimbusds.oauth2.sdk.ParseException)6
HttpURLConnection (java.net.HttpURLConnection)6
Test (org.junit.Test)6
OidcCredentials (org.pac4j.oidc.credentials.OidcCredentials)6
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)5
SignedJWT (com.nimbusds.jwt.SignedJWT)5
ArrayList (java.util.ArrayList)5
ComponentInitializationException (net.shibboleth.utilities.java.support.component.ComponentInitializationException)5
JOSEException (com.nimbusds.jose.JOSEException)4
URL (java.net.URL)4
HTTPRequest (com.nimbusds.oauth2.sdk.http.HTTPRequest)3
HTTPResponse (com.nimbusds.oauth2.sdk.http.HTTPResponse)3
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)3
