use of org.pac4j.core.profile.ProfileManager in project cas by apereo.
the class OAuth20CallbackAuthorizeEndpointController method handleRequestInternal.
/**
* Handle request.
*
* @param request the request
* @param response the response
* @return the model and view
* @throws Exception the exception
*/
@GetMapping(path = OAuthConstants.BASE_OAUTH20_URL + '/' + OAuthConstants.CALLBACK_AUTHORIZE_URL)
public ModelAndView handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response) throws Exception {
this.callbackController.callback(request, response);
final String url = StringUtils.remove(response.getHeader("Location"), "redirect:");
final J2EContext ctx = WebUtils.getPac4jJ2EContext(request, response);
final ProfileManager manager = WebUtils.getPac4jProfileManager(request, response);
return oAuth20CallbackAuthorizeViewResolver.resolve(ctx, manager, url);
}
use of org.pac4j.core.profile.ProfileManager in project cas by apereo.
the class OAuth20AccessTokenEndpointController method verifyAccessTokenRequest.
/**
* Verify the access token request.
*
* @param request the HTTP request
* @param response the HTTP response
* @return true, if successful
*/
private boolean verifyAccessTokenRequest(final HttpServletRequest request, final HttpServletResponse response) {
// must have the right grant type
final String grantType = request.getParameter(OAuthConstants.GRANT_TYPE);
if (!checkGrantTypes(grantType, OAuth20GrantTypes.AUTHORIZATION_CODE, OAuth20GrantTypes.PASSWORD, OAuth20GrantTypes.REFRESH_TOKEN)) {
return false;
}
// must be authenticated (client or user)
final J2EContext context = WebUtils.getPac4jJ2EContext(request, response);
final ProfileManager manager = WebUtils.getPac4jProfileManager(request, response);
final Optional<UserProfile> profile = manager.get(true);
if (profile == null || !profile.isPresent()) {
return false;
}
final UserProfile uProfile = profile.get();
// authorization code grant type
if (isGrantType(grantType, OAuth20GrantTypes.AUTHORIZATION_CODE)) {
final String clientId = uProfile.getId();
final String redirectUri = request.getParameter(OAuthConstants.REDIRECT_URI);
final OAuthRegisteredService registeredService = OAuthUtils.getRegisteredOAuthService(getServicesManager(), clientId);
return uProfile instanceof OAuthClientProfile && getValidator().checkParameterExist(request, OAuthConstants.REDIRECT_URI) && getValidator().checkParameterExist(request, OAuthConstants.CODE) && getValidator().checkCallbackValid(registeredService, redirectUri);
} else if (isGrantType(grantType, OAuth20GrantTypes.REFRESH_TOKEN)) {
// refresh token grant type
return uProfile instanceof OAuthClientProfile && getValidator().checkParameterExist(request, OAuthConstants.REFRESH_TOKEN);
} else {
final String clientId = request.getParameter(OAuthConstants.CLIENT_ID);
final OAuthRegisteredService registeredService = OAuthUtils.getRegisteredOAuthService(getServicesManager(), clientId);
// resource owner password grant type
return uProfile instanceof OAuthUserProfile && getValidator().checkParameterExist(request, OAuthConstants.CLIENT_ID) && getValidator().checkServiceValid(registeredService);
}
}
use of org.pac4j.core.profile.ProfileManager in project cas by apereo.
the class CasConsentReviewController method logout.
/**
* Endpoint for local logout, no SLO.
*
* @param request the request
* @param response the response
* @return the logout view
*/
@GetMapping("/logout")
public String logout(final HttpServletRequest request, final HttpServletResponse response) {
LOGGER.debug("Performing Pac4j logout...");
final ProfileManager manager = Pac4jUtils.getPac4jProfileManager(request, response);
manager.logout();
return CONSENT_LOGOUT_VIEW;
}
use of org.pac4j.core.profile.ProfileManager in project cas by apereo.
the class TerminateSessionAction method destroyApplicationSession.
/**
* Destroy application session.
* Also kills all delegated authn profiles via pac4j.
*
* @param request the request
* @param response the response
*/
protected void destroyApplicationSession(final HttpServletRequest request, final HttpServletResponse response) {
LOGGER.debug("Destroying application session");
final ProfileManager manager = Pac4jUtils.getPac4jProfileManager(request, response);
manager.logout();
final HttpSession session = request.getSession();
if (session != null) {
final Object requestedUrl = request.getSession().getAttribute(Pac4jConstants.REQUESTED_URL);
session.invalidate();
request.getSession(true).setAttribute(Pac4jConstants.REQUESTED_URL, requestedUrl);
}
}
use of org.pac4j.core.profile.ProfileManager in project cas by apereo.
the class Pac4jUtils method getPac4jAuthenticatedUsername.
/**
* Return the username of the authenticated user (based on pac4j security).
*
* @return the authenticated username.
*/
public static String getPac4jAuthenticatedUsername() {
final HttpServletRequest request = HttpRequestUtils.getHttpServletRequestFromRequestAttributes();
final HttpServletResponse response = HttpRequestUtils.getHttpServletResponseFromRequestAttributes();
if (request != null && response != null) {
final ProfileManager manager = getPac4jProfileManager(request, response);
final Optional<UserProfile> profile = manager.get(true);
if (profile != null && profile.isPresent()) {
final String id = profile.get().getId();
if (id != null) {
return id;
}
}
}
return PrincipalResolver.UNKNOWN_USER;
}
Aggregations