Examples with RedirectionAction - org.pac4j.core.exception.http.RedirectionAction

Example 1 with RedirectionAction

use of org.pac4j.core.exception.http.RedirectionAction in project cas by apereo.

the class BaseDelegatedAuthenticationController method getRedirectionAction.

/**
 * Gets redirection action.
 *
 * @param client     the client
 * @param webContext the web context
 * @param ticket     the ticket
 * @return the redirection action
 */
protected Optional<RedirectionAction> getRedirectionAction(final IndirectClient client, final WebContext webContext, final TransientSessionTicket ticket) {
    val properties = ticket.getProperties();
    if (properties.containsKey(RedirectionActionBuilder.ATTRIBUTE_FORCE_AUTHN)) {
        webContext.setRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_FORCE_AUTHN, true);
    }
    if (properties.containsKey(RedirectionActionBuilder.ATTRIBUTE_PASSIVE)) {
        webContext.setRequestAttribute(RedirectionActionBuilder.ATTRIBUTE_PASSIVE, true);
    }
    if (ticket.getService() != null) {
        configureWebContextForRegisteredService(webContext, ticket);
    }
    configurationContext.getDelegatedClientAuthenticationRequestCustomizers().stream().sorted(AnnotationAwareOrderComparator.INSTANCE).filter(c -> c.supports(client, webContext)).forEach(c -> c.customize(client, webContext));
    return client.getRedirectionActionBuilder().getRedirectionAction(webContext, configurationContext.getSessionStore());
}

Also used : lombok.val(lombok.val) Arrays(java.util.Arrays) Getter(lombok.Getter) RegisteredServiceProperties(org.apereo.cas.services.RegisteredServiceProperty.RegisteredServiceProperties) RegisteredServicePropertyGroups(org.apereo.cas.services.RegisteredServiceProperty.RegisteredServicePropertyGroups) RequiredArgsConstructor(lombok.RequiredArgsConstructor) Controller(org.springframework.stereotype.Controller) Pac4jConstants(org.pac4j.core.util.Pac4jConstants) WebContext(org.pac4j.core.context.WebContext) HttpServletRequest(javax.servlet.http.HttpServletRequest) AccessLevel(lombok.AccessLevel) DynamicHtmlView(org.apereo.cas.web.view.DynamicHtmlView) RedirectView(org.springframework.web.servlet.view.RedirectView) IndirectClient(org.pac4j.core.client.IndirectClient) RedirectionActionBuilder(org.pac4j.core.redirect.RedirectionActionBuilder) TransientSessionTicket(org.apereo.cas.ticket.TransientSessionTicket) AuditableContext(org.apereo.cas.audit.AuditableContext) URIBuilder(org.apache.http.client.utils.URIBuilder) lombok.val(lombok.val) WithLocationAction(org.pac4j.core.exception.http.WithLocationAction) Collectors(java.util.stream.Collectors) RegisteredService(org.apereo.cas.services.RegisteredService) Slf4j(lombok.extern.slf4j.Slf4j) View(org.springframework.web.servlet.View) List(java.util.List) DelegatedClientAuthenticationConfigurationContext(org.apereo.cas.web.flow.DelegatedClientAuthenticationConfigurationContext) Optional(java.util.Optional) RedirectionAction(org.pac4j.core.exception.http.RedirectionAction) WithContentAction(org.pac4j.core.exception.http.WithContentAction) AnnotationAwareOrderComparator(org.springframework.core.annotation.AnnotationAwareOrderComparator)

Example 2 with RedirectionAction

use of org.pac4j.core.exception.http.RedirectionAction in project hive by apache.

the class HiveSaml2Client method setRedirect.

/**
 * Generates a SAML request using the HTTP-Redirect Binding.
 */
public void setRedirect(HttpServletRequest request, HttpServletResponse response) throws HttpSamlAuthenticationException {
    int responsePort = HiveSamlUtils.validateSamlResponsePort(request);
    LOG.debug("Request has response port set as {}", responsePort);
    Optional<RedirectionAction> redirect = getRedirectionAction(new JEEContext(request, response));
    if (!redirect.isPresent()) {
        throw new HttpSamlAuthenticationException("Could not get the redirect response");
    }
    response.setStatus(redirect.get().getCode());
    WithLocationAction locationAction = (WithLocationAction) redirect.get();
    try {
        String location = locationAction.getLocation();
        LOG.debug("Sending a redirect response to location = {}", location);
        response.sendRedirect(locationAction.getLocation());
    } catch (IOException e) {
        throw new HttpSamlAuthenticationException(e);
    }
}

Also used : RedirectionAction(org.pac4j.core.exception.http.RedirectionAction) JEEContext(org.pac4j.core.context.JEEContext) WithLocationAction(org.pac4j.core.exception.http.WithLocationAction) IOException(java.io.IOException)

Example 3 with RedirectionAction

use of org.pac4j.core.exception.http.RedirectionAction in project ddf by codice.

the class OidcLogoutActionProvider method getAction.

/**
 * *
 *
 * @param <T> is a Map<String, Subject>
 * @param subjectMap containing the corresponding subject
 * @return OidcLogoutActionProvider containing the logout url
 */
@Override
public <T> Action getAction(T subjectMap) {
    if (!canHandle(subjectMap)) {
        return null;
    }
    String logoutUrlString = "";
    URL logoutUrl = null;
    try {
        HttpServletRequest request = (HttpServletRequest) ((Map) subjectMap).get("http_request");
        HttpServletResponse response = (HttpServletResponse) ((Map) subjectMap).get("http_response");
        JEESessionStore sessionStore = new JEESessionStore();
        JEEContext jeeContext = new JEEContext(request, response, sessionStore);
        HttpSession session = request.getSession(false);
        PrincipalHolder principalHolder = null;
        if (session != null) {
            principalHolder = (PrincipalHolder) session.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY);
        }
        OidcProfile oidcProfile = null;
        if (principalHolder != null && principalHolder.getPrincipals() != null) {
            Collection<SecurityAssertion> securityAssertions = principalHolder.getPrincipals().byType(SecurityAssertion.class);
            for (SecurityAssertion securityAssertion : securityAssertions) {
                if (SecurityAssertionJwt.JWT_TOKEN_TYPE.equals(securityAssertion.getTokenType())) {
                    oidcProfile = (OidcProfile) securityAssertion.getToken();
                    break;
                }
            }
        }
        if (oidcProfile == null) {
            throw new IllegalStateException("Unable to determine OIDC profile for logout");
        }
        OidcLogoutActionBuilder logoutActionBuilder = handlerConfiguration.getOidcLogoutActionBuilder();
        logoutActionBuilder.setAjaxRequestResolver(new DefaultAjaxRequestResolver() {

            @Override
            public boolean isAjax(final WebContext context) {
                return false;
            }
        });
        URIBuilder urlBuilder = new URIBuilder(SystemBaseUrl.EXTERNAL.constructUrl("/oidc/logout", true));
        String prevUrl = getPreviousUrl(request);
        if (prevUrl != null) {
            urlBuilder.addParameter(PREV_URL, prevUrl);
        }
        RedirectionAction logoutAction = logoutActionBuilder.getLogoutAction(jeeContext, oidcProfile, urlBuilder.build().toString()).orElse(null);
        if (logoutAction instanceof WithLocationAction) {
            logoutUrlString = ((WithLocationAction) logoutAction).getLocation();
        }
        logoutUrl = new URL(logoutUrlString);
    } catch (MalformedURLException | URISyntaxException e) {
        LOGGER.info("Unable to resolve logout URL: {}", logoutUrlString);
    } catch (ClassCastException e) {
        LOGGER.debug("Unable to cast parameter to Map<String, Object>, {}", subjectMap, e);
    }
    return new ActionImpl(ID, TITLE, DESCRIPTION, logoutUrl);
}

Also used : RedirectionAction(org.pac4j.core.exception.http.RedirectionAction) MalformedURLException(java.net.MalformedURLException) WebContext(org.pac4j.core.context.WebContext) HttpSession(javax.servlet.http.HttpSession) JEEContext(org.pac4j.core.context.JEEContext) HttpServletResponse(javax.servlet.http.HttpServletResponse) JEESessionStore(org.pac4j.core.context.session.JEESessionStore) WithLocationAction(org.pac4j.core.exception.http.WithLocationAction) URISyntaxException(java.net.URISyntaxException) SecurityAssertion(ddf.security.assertion.SecurityAssertion) URL(java.net.URL) URIBuilder(org.apache.http.client.utils.URIBuilder) HttpServletRequest(javax.servlet.http.HttpServletRequest) DefaultAjaxRequestResolver(org.pac4j.core.http.ajax.DefaultAjaxRequestResolver) OidcLogoutActionBuilder(org.pac4j.oidc.logout.OidcLogoutActionBuilder) ActionImpl(ddf.action.impl.ActionImpl) OidcProfile(org.pac4j.oidc.profile.OidcProfile) PrincipalHolder(ddf.security.common.PrincipalHolder)

Aggregations

RedirectionAction (org.pac4j.core.exception.http.RedirectionAction)3 WithLocationAction (org.pac4j.core.exception.http.WithLocationAction)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 URIBuilder (org.apache.http.client.utils.URIBuilder)2 JEEContext (org.pac4j.core.context.JEEContext)2 WebContext (org.pac4j.core.context.WebContext)2 ActionImpl (ddf.action.impl.ActionImpl)1 SecurityAssertion (ddf.security.assertion.SecurityAssertion)1 PrincipalHolder (ddf.security.common.PrincipalHolder)1 IOException (java.io.IOException)1 MalformedURLException (java.net.MalformedURLException)1 URISyntaxException (java.net.URISyntaxException)1 URL (java.net.URL)1 Arrays (java.util.Arrays)1 List (java.util.List)1 Optional (java.util.Optional)1 Collectors (java.util.stream.Collectors)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 HttpSession (javax.servlet.http.HttpSession)1 AccessLevel (lombok.AccessLevel)1