Example 1 with WithLocationAction
use of org.pac4j.core.exception.http.WithLocationAction in project cas by apereo.
the class BaseDelegatedAuthenticationController method getResultingView.
/**
* Gets resulting view.
*
* @param client the client
* @param webContext the web context
* @param ticket the ticket
* @return the resulting view
* @throws Exception the exception
*/
protected View getResultingView(final IndirectClient client, final WebContext webContext, final TransientSessionTicket ticket) throws Exception {
client.init();
val actionResult = getRedirectionAction(client, webContext, ticket);
if (actionResult.isPresent()) {
val action = actionResult.get();
LOGGER.debug("Determined final redirect action for client [{}] as [{}]", client, action);
if (action instanceof WithLocationAction) {
val foundAction = WithLocationAction.class.cast(action);
val builder = new URIBuilder(foundAction.getLocation());
val url = builder.toString();
LOGGER.debug("Redirecting client [{}] to [{}] based on identifier [{}]", client.getName(), url, ticket.getId());
return new RedirectView(url);
}
if (action instanceof WithContentAction) {
val seeOtherAction = WithContentAction.class.cast(action);
return new DynamicHtmlView(seeOtherAction.getContent());
}
}
LOGGER.warn("Unable to determine redirect action for client [{}]", client);
return null;
}
Also used :
lombok.val(lombok.val)
WithContentAction(org.pac4j.core.exception.http.WithContentAction)
RedirectView(org.springframework.web.servlet.view.RedirectView)
WithLocationAction(org.pac4j.core.exception.http.WithLocationAction)
DynamicHtmlView(org.apereo.cas.web.view.DynamicHtmlView)
URIBuilder(org.apache.http.client.utils.URIBuilder)
Example 2 with WithLocationAction
use of org.pac4j.core.exception.http.WithLocationAction in project hive by apache.
the class HiveSaml2Client method setRedirect.
/**
* Generates a SAML request using the HTTP-Redirect Binding.
*/
public void setRedirect(HttpServletRequest request, HttpServletResponse response) throws HttpSamlAuthenticationException {
int responsePort = HiveSamlUtils.validateSamlResponsePort(request);
LOG.debug("Request has response port set as {}", responsePort);
Optional<RedirectionAction> redirect = getRedirectionAction(new JEEContext(request, response));
if (!redirect.isPresent()) {
throw new HttpSamlAuthenticationException("Could not get the redirect response");
}
response.setStatus(redirect.get().getCode());
WithLocationAction locationAction = (WithLocationAction) redirect.get();
try {
String location = locationAction.getLocation();
LOG.debug("Sending a redirect response to location = {}", location);
response.sendRedirect(locationAction.getLocation());
} catch (IOException e) {
throw new HttpSamlAuthenticationException(e);
}
}
Also used :
RedirectionAction(org.pac4j.core.exception.http.RedirectionAction)
JEEContext(org.pac4j.core.context.JEEContext)
WithLocationAction(org.pac4j.core.exception.http.WithLocationAction)
IOException(java.io.IOException)
Example 3 with WithLocationAction
use of org.pac4j.core.exception.http.WithLocationAction in project ddf by codice.
the class OidcLogoutActionProvider method getAction.
/**
* *
*
* @param <T> is a Map<String, Subject>
* @param subjectMap containing the corresponding subject
* @return OidcLogoutActionProvider containing the logout url
*/
@Override
public <T> Action getAction(T subjectMap) {
if (!canHandle(subjectMap)) {
return null;
}
String logoutUrlString = "";
URL logoutUrl = null;
try {
HttpServletRequest request = (HttpServletRequest) ((Map) subjectMap).get("http_request");
HttpServletResponse response = (HttpServletResponse) ((Map) subjectMap).get("http_response");
JEESessionStore sessionStore = new JEESessionStore();
JEEContext jeeContext = new JEEContext(request, response, sessionStore);
HttpSession session = request.getSession(false);
PrincipalHolder principalHolder = null;
if (session != null) {
principalHolder = (PrincipalHolder) session.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY);
}
OidcProfile oidcProfile = null;
if (principalHolder != null && principalHolder.getPrincipals() != null) {
Collection<SecurityAssertion> securityAssertions = principalHolder.getPrincipals().byType(SecurityAssertion.class);
for (SecurityAssertion securityAssertion : securityAssertions) {
if (SecurityAssertionJwt.JWT_TOKEN_TYPE.equals(securityAssertion.getTokenType())) {
oidcProfile = (OidcProfile) securityAssertion.getToken();
break;
}
}
}
if (oidcProfile == null) {
throw new IllegalStateException("Unable to determine OIDC profile for logout");
}
OidcLogoutActionBuilder logoutActionBuilder = handlerConfiguration.getOidcLogoutActionBuilder();
logoutActionBuilder.setAjaxRequestResolver(new DefaultAjaxRequestResolver() {
@Override
public boolean isAjax(final WebContext context) {
return false;
}
});
URIBuilder urlBuilder = new URIBuilder(SystemBaseUrl.EXTERNAL.constructUrl("/oidc/logout", true));
String prevUrl = getPreviousUrl(request);
if (prevUrl != null) {
urlBuilder.addParameter(PREV_URL, prevUrl);
}
RedirectionAction logoutAction = logoutActionBuilder.getLogoutAction(jeeContext, oidcProfile, urlBuilder.build().toString()).orElse(null);
if (logoutAction instanceof WithLocationAction) {
logoutUrlString = ((WithLocationAction) logoutAction).getLocation();
}
logoutUrl = new URL(logoutUrlString);
} catch (MalformedURLException | URISyntaxException e) {
LOGGER.info("Unable to resolve logout URL: {}", logoutUrlString);
} catch (ClassCastException e) {
LOGGER.debug("Unable to cast parameter to Map<String, Object>, {}", subjectMap, e);
}
return new ActionImpl(ID, TITLE, DESCRIPTION, logoutUrl);
}
Also used :
RedirectionAction(org.pac4j.core.exception.http.RedirectionAction)
MalformedURLException(java.net.MalformedURLException)
WebContext(org.pac4j.core.context.WebContext)
HttpSession(javax.servlet.http.HttpSession)
JEEContext(org.pac4j.core.context.JEEContext)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
JEESessionStore(org.pac4j.core.context.session.JEESessionStore)
WithLocationAction(org.pac4j.core.exception.http.WithLocationAction)
URISyntaxException(java.net.URISyntaxException)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
URL(java.net.URL)
URIBuilder(org.apache.http.client.utils.URIBuilder)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
DefaultAjaxRequestResolver(org.pac4j.core.http.ajax.DefaultAjaxRequestResolver)
OidcLogoutActionBuilder(org.pac4j.oidc.logout.OidcLogoutActionBuilder)
ActionImpl(ddf.action.impl.ActionImpl)
OidcProfile(org.pac4j.oidc.profile.OidcProfile)
PrincipalHolder(ddf.security.common.PrincipalHolder)
Aggregations
WithLocationAction (org.pac4j.core.exception.http.WithLocationAction)3
URIBuilder (org.apache.http.client.utils.URIBuilder)2
JEEContext (org.pac4j.core.context.JEEContext)2
RedirectionAction (org.pac4j.core.exception.http.RedirectionAction)2
ActionImpl (ddf.action.impl.ActionImpl)1
SecurityAssertion (ddf.security.assertion.SecurityAssertion)1
PrincipalHolder (ddf.security.common.PrincipalHolder)1
IOException (java.io.IOException)1
MalformedURLException (java.net.MalformedURLException)1
URISyntaxException (java.net.URISyntaxException)1
URL (java.net.URL)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
HttpSession (javax.servlet.http.HttpSession)1
lombok.val (lombok.val)1
DynamicHtmlView (org.apereo.cas.web.view.DynamicHtmlView)1
WebContext (org.pac4j.core.context.WebContext)1
JEESessionStore (org.pac4j.core.context.session.JEESessionStore)1
WithContentAction (org.pac4j.core.exception.http.WithContentAction)1
DefaultAjaxRequestResolver (org.pac4j.core.http.ajax.DefaultAjaxRequestResolver)1
