Search in sources :

Example 1 with OAuthCredentialsException

use of org.pac4j.oauth.exception.OAuthCredentialsException in project pac4j by pac4j.

the class OAuth10Authenticator method retrieveAccessToken.

@Override
protected void retrieveAccessToken(final WebContext context, final OAuthCredentials credentials) {
    OAuth10Credentials oAuth10Credentials = (OAuth10Credentials) credentials;
    final OAuth1RequestToken tokenRequest = oAuth10Credentials.getRequestToken();
    final String token = oAuth10Credentials.getToken();
    final String verifier = oAuth10Credentials.getVerifier();
    logger.debug("tokenRequest: {}", tokenRequest);
    logger.debug("token: {}", token);
    logger.debug("verifier: {}", verifier);
    if (tokenRequest == null) {
        final String message = "Token request expired";
        throw new OAuthCredentialsException(message);
    }
    final String savedToken = tokenRequest.getToken();
    logger.debug("savedToken: {}", savedToken);
    if (savedToken == null || !savedToken.equals(token)) {
        final String message = "Token received: " + token + " is different from saved token: " + savedToken;
        throw new OAuthCredentialsException(message);
    }
    final OAuth1AccessToken accessToken;
    try {
        accessToken = this.configuration.buildService(context, client, null).getAccessToken(tokenRequest, verifier);
    } catch (final IOException | InterruptedException | ExecutionException e) {
        throw new HttpCommunicationException("Error getting token:" + e.getMessage());
    }
    logger.debug("accessToken: {}", accessToken);
    oAuth10Credentials.setAccessToken(accessToken);
}
Also used : OAuth1AccessToken(com.github.scribejava.core.model.OAuth1AccessToken) OAuth1RequestToken(com.github.scribejava.core.model.OAuth1RequestToken) HttpCommunicationException(org.pac4j.core.exception.HttpCommunicationException) OAuthCredentialsException(org.pac4j.oauth.exception.OAuthCredentialsException) OAuth10Credentials(org.pac4j.oauth.credentials.OAuth10Credentials) IOException(java.io.IOException) ExecutionException(java.util.concurrent.ExecutionException)

Example 2 with OAuthCredentialsException

use of org.pac4j.oauth.exception.OAuthCredentialsException in project pac4j by pac4j.

the class OAuth10CredentialsExtractor method getOAuthCredentials.

@Override
protected OAuth10Credentials getOAuthCredentials(final WebContext context) {
    final String tokenParameter = context.getRequestParameter(OAuth10Configuration.OAUTH_TOKEN);
    final String verifierParameter = context.getRequestParameter(OAuth10Configuration.OAUTH_VERIFIER);
    if (tokenParameter != null && verifierParameter != null) {
        // get request token from session
        final OAuth1RequestToken tokenSession = (OAuth1RequestToken) context.getSessionStore().get(context, configuration.getRequestTokenSessionAttributeName(client.getName()));
        logger.debug("tokenRequest: {}", tokenSession);
        final String token = OAuthEncoder.decode(tokenParameter);
        final String verifier = OAuthEncoder.decode(verifierParameter);
        logger.debug("token: {} / verifier: {}", token, verifier);
        return new OAuth10Credentials(tokenSession, token, verifier);
    } else {
        final String message = "No credential found";
        throw new OAuthCredentialsException(message);
    }
}
Also used : OAuth1RequestToken(com.github.scribejava.core.model.OAuth1RequestToken) OAuthCredentialsException(org.pac4j.oauth.exception.OAuthCredentialsException) OAuth10Credentials(org.pac4j.oauth.credentials.OAuth10Credentials)

Example 3 with OAuthCredentialsException

use of org.pac4j.oauth.exception.OAuthCredentialsException in project pac4j by pac4j.

the class OAuthCredentialsExtractor method extract.

@Override
public C extract(final WebContext context) {
    final boolean hasBeenCancelled = (Boolean) configuration.getHasBeenCancelledFactory().apply(context);
    // check if the authentication has been cancelled
    if (hasBeenCancelled) {
        logger.debug("authentication has been cancelled by user");
        return null;
    }
    // check errors
    try {
        boolean errorFound = false;
        final OAuthCredentialsException oauthCredentialsException = new OAuthCredentialsException("Failed to retrieve OAuth credentials, error parameters found");
        for (final String key : OAuthCredentialsException.ERROR_NAMES) {
            final String value = context.getRequestParameter(key);
            if (value != null) {
                errorFound = true;
                oauthCredentialsException.setErrorMessage(key, value);
            }
        }
        if (errorFound) {
            throw oauthCredentialsException;
        } else {
            return getOAuthCredentials(context);
        }
    } catch (final OAuthException e) {
        throw new TechnicalException(e);
    }
}
Also used : TechnicalException(org.pac4j.core.exception.TechnicalException) OAuthException(com.github.scribejava.core.exceptions.OAuthException) OAuthCredentialsException(org.pac4j.oauth.exception.OAuthCredentialsException)

Example 4 with OAuthCredentialsException

use of org.pac4j.oauth.exception.OAuthCredentialsException in project ddf by codice.

the class OAuthHandler method getNormalizedToken.

@Override
public HandlerResult getNormalizedToken(ServletRequest request, ServletResponse response, SecurityFilterChain chain, boolean resolve) throws AuthenticationFailureException {
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;
    if (httpRequest.getMethod().equals("HEAD")) {
        return processHeadRequest(httpResponse);
    }
    JEESessionStore sessionStore = new JEESessionStore();
    JEEContext jeeContext = new JEEContext(httpRequest, httpResponse, sessionStore);
    // time to try and pull credentials off of the request
    LOGGER.debug("Doing OAuth authentication and authorization for path {}.", httpRequest.getContextPath());
    OidcCredentials credentials;
    StringBuffer requestUrlBuffer = httpRequest.getRequestURL();
    requestUrlBuffer.append(httpRequest.getQueryString() == null ? "" : "?" + httpRequest.getQueryString());
    String ipAddress = httpRequest.getRemoteAddr();
    boolean isMachine = userAgentIsNotBrowser(httpRequest);
    // machine to machine, check for Client Credentials Flow credentials
    if (isMachine) {
        try {
            credentials = getCredentialsFromRequest(jeeContext);
        } catch (IllegalArgumentException e) {
            LOGGER.error("Problem with the OAuth Handler's OAuthHandlerConfiguration. " + "Check the OAuth Handler Configuration in the admin console.", e);
            return noActionResult;
        } catch (OAuthCredentialsException e) {
            LOGGER.error("Problem extracting credentials from machine to machine request. " + "See OAuth2's \"Client Credential Flow\" for more information.", e);
            return noActionResult;
        }
    } else {
        LOGGER.info("The OAuth Handler does not handle user agent requests. Continuing to other handlers.");
        return noActionResult;
    }
    // if the request has credentials, process it
    if (credentials.getCode() != null || credentials.getAccessToken() != null || credentials.getIdToken() != null) {
        LOGGER.info("Oidc credentials found/retrieved. Saving to session and continuing filter chain.");
        OidcAuthenticationToken token = new OidcAuthenticationToken(credentials, jeeContext, ipAddress);
        HandlerResult handlerResult = new HandlerResultImpl(Status.COMPLETED, token);
        handlerResult.setSource(SOURCE);
        return handlerResult;
    } else {
        LOGGER.info("No credentials found on user-agent request. " + "This handler does not support the acquisition of user agent credentials. Continuing to other handlers.");
        return noActionResult;
    }
}
Also used : HandlerResultImpl(org.codice.ddf.security.handler.HandlerResultImpl) JEEContext(org.pac4j.core.context.JEEContext) OidcAuthenticationToken(org.codice.ddf.security.handler.OidcAuthenticationToken) HttpServletResponse(javax.servlet.http.HttpServletResponse) JEESessionStore(org.pac4j.core.context.session.JEESessionStore) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) HttpServletRequest(javax.servlet.http.HttpServletRequest) OidcCredentials(org.pac4j.oidc.credentials.OidcCredentials) OAuthCredentialsException(org.pac4j.oauth.exception.OAuthCredentialsException)

Aggregations

OAuthCredentialsException (org.pac4j.oauth.exception.OAuthCredentialsException)4 OAuth1RequestToken (com.github.scribejava.core.model.OAuth1RequestToken)2 OAuth10Credentials (org.pac4j.oauth.credentials.OAuth10Credentials)2 OAuthException (com.github.scribejava.core.exceptions.OAuthException)1 OAuth1AccessToken (com.github.scribejava.core.model.OAuth1AccessToken)1 IOException (java.io.IOException)1 ExecutionException (java.util.concurrent.ExecutionException)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 HandlerResultImpl (org.codice.ddf.security.handler.HandlerResultImpl)1 OidcAuthenticationToken (org.codice.ddf.security.handler.OidcAuthenticationToken)1 HandlerResult (org.codice.ddf.security.handler.api.HandlerResult)1 JEEContext (org.pac4j.core.context.JEEContext)1 JEESessionStore (org.pac4j.core.context.session.JEESessionStore)1 HttpCommunicationException (org.pac4j.core.exception.HttpCommunicationException)1 TechnicalException (org.pac4j.core.exception.TechnicalException)1 OidcCredentials (org.pac4j.oidc.credentials.OidcCredentials)1