use of org.pac4j.oauth.exception.OAuthCredentialsException in project pac4j by pac4j.
the class OAuth10Authenticator method retrieveAccessToken.
@Override
protected void retrieveAccessToken(final WebContext context, final OAuthCredentials credentials) {
OAuth10Credentials oAuth10Credentials = (OAuth10Credentials) credentials;
final OAuth1RequestToken tokenRequest = oAuth10Credentials.getRequestToken();
final String token = oAuth10Credentials.getToken();
final String verifier = oAuth10Credentials.getVerifier();
logger.debug("tokenRequest: {}", tokenRequest);
logger.debug("token: {}", token);
logger.debug("verifier: {}", verifier);
if (tokenRequest == null) {
final String message = "Token request expired";
throw new OAuthCredentialsException(message);
}
final String savedToken = tokenRequest.getToken();
logger.debug("savedToken: {}", savedToken);
if (savedToken == null || !savedToken.equals(token)) {
final String message = "Token received: " + token + " is different from saved token: " + savedToken;
throw new OAuthCredentialsException(message);
}
final OAuth1AccessToken accessToken;
try {
accessToken = this.configuration.buildService(context, client, null).getAccessToken(tokenRequest, verifier);
} catch (final IOException | InterruptedException | ExecutionException e) {
throw new HttpCommunicationException("Error getting token:" + e.getMessage());
}
logger.debug("accessToken: {}", accessToken);
oAuth10Credentials.setAccessToken(accessToken);
}
use of org.pac4j.oauth.exception.OAuthCredentialsException in project pac4j by pac4j.
the class OAuth10CredentialsExtractor method getOAuthCredentials.
@Override
protected OAuth10Credentials getOAuthCredentials(final WebContext context) {
final String tokenParameter = context.getRequestParameter(OAuth10Configuration.OAUTH_TOKEN);
final String verifierParameter = context.getRequestParameter(OAuth10Configuration.OAUTH_VERIFIER);
if (tokenParameter != null && verifierParameter != null) {
// get request token from session
final OAuth1RequestToken tokenSession = (OAuth1RequestToken) context.getSessionStore().get(context, configuration.getRequestTokenSessionAttributeName(client.getName()));
logger.debug("tokenRequest: {}", tokenSession);
final String token = OAuthEncoder.decode(tokenParameter);
final String verifier = OAuthEncoder.decode(verifierParameter);
logger.debug("token: {} / verifier: {}", token, verifier);
return new OAuth10Credentials(tokenSession, token, verifier);
} else {
final String message = "No credential found";
throw new OAuthCredentialsException(message);
}
}
use of org.pac4j.oauth.exception.OAuthCredentialsException in project pac4j by pac4j.
the class OAuthCredentialsExtractor method extract.
@Override
public C extract(final WebContext context) {
final boolean hasBeenCancelled = (Boolean) configuration.getHasBeenCancelledFactory().apply(context);
// check if the authentication has been cancelled
if (hasBeenCancelled) {
logger.debug("authentication has been cancelled by user");
return null;
}
// check errors
try {
boolean errorFound = false;
final OAuthCredentialsException oauthCredentialsException = new OAuthCredentialsException("Failed to retrieve OAuth credentials, error parameters found");
for (final String key : OAuthCredentialsException.ERROR_NAMES) {
final String value = context.getRequestParameter(key);
if (value != null) {
errorFound = true;
oauthCredentialsException.setErrorMessage(key, value);
}
}
if (errorFound) {
throw oauthCredentialsException;
} else {
return getOAuthCredentials(context);
}
} catch (final OAuthException e) {
throw new TechnicalException(e);
}
}
use of org.pac4j.oauth.exception.OAuthCredentialsException in project ddf by codice.
the class OAuthHandler method getNormalizedToken.
@Override
public HandlerResult getNormalizedToken(ServletRequest request, ServletResponse response, SecurityFilterChain chain, boolean resolve) throws AuthenticationFailureException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
if (httpRequest.getMethod().equals("HEAD")) {
return processHeadRequest(httpResponse);
}
JEESessionStore sessionStore = new JEESessionStore();
JEEContext jeeContext = new JEEContext(httpRequest, httpResponse, sessionStore);
// time to try and pull credentials off of the request
LOGGER.debug("Doing OAuth authentication and authorization for path {}.", httpRequest.getContextPath());
OidcCredentials credentials;
StringBuffer requestUrlBuffer = httpRequest.getRequestURL();
requestUrlBuffer.append(httpRequest.getQueryString() == null ? "" : "?" + httpRequest.getQueryString());
String ipAddress = httpRequest.getRemoteAddr();
boolean isMachine = userAgentIsNotBrowser(httpRequest);
// machine to machine, check for Client Credentials Flow credentials
if (isMachine) {
try {
credentials = getCredentialsFromRequest(jeeContext);
} catch (IllegalArgumentException e) {
LOGGER.error("Problem with the OAuth Handler's OAuthHandlerConfiguration. " + "Check the OAuth Handler Configuration in the admin console.", e);
return noActionResult;
} catch (OAuthCredentialsException e) {
LOGGER.error("Problem extracting credentials from machine to machine request. " + "See OAuth2's \"Client Credential Flow\" for more information.", e);
return noActionResult;
}
} else {
LOGGER.info("The OAuth Handler does not handle user agent requests. Continuing to other handlers.");
return noActionResult;
}
// if the request has credentials, process it
if (credentials.getCode() != null || credentials.getAccessToken() != null || credentials.getIdToken() != null) {
LOGGER.info("Oidc credentials found/retrieved. Saving to session and continuing filter chain.");
OidcAuthenticationToken token = new OidcAuthenticationToken(credentials, jeeContext, ipAddress);
HandlerResult handlerResult = new HandlerResultImpl(Status.COMPLETED, token);
handlerResult.setSource(SOURCE);
return handlerResult;
} else {
LOGGER.info("No credentials found on user-agent request. " + "This handler does not support the acquisition of user agent credentials. Continuing to other handlers.");
return noActionResult;
}
}
Aggregations