Example 1 with OidcLogoutActionBuilder
use of org.pac4j.oidc.logout.OidcLogoutActionBuilder in project ddf by codice.
the class OidcLogoutActionProviderTest method setup.
@Before
public void setup() {
oidcLogoutActionBuilder = mock(OidcLogoutActionBuilder.class);
OidcHandlerConfiguration handlerConfiguration = mock(OidcHandlerConfiguration.class);
when(handlerConfiguration.getOidcLogoutActionBuilder()).thenReturn(oidcLogoutActionBuilder);
oidcLogoutActionProvider = new OidcLogoutActionProvider(handlerConfiguration);
oidcLogoutActionProvider.setSubjectOperations(new SubjectUtils());
request = mock(HttpServletRequest.class);
response = mock(HttpServletResponse.class);
subject = mock(Subject.class);
HttpSession session = mock(HttpSession.class);
PrincipalHolder principalHolderMock = mock(PrincipalHolder.class);
SimplePrincipalCollection principalCollection = new SimplePrincipalCollection();
SecurityAssertion securityAssertion = mock(SecurityAssertion.class);
OidcProfile profile = mock(OidcProfile.class);
when(securityAssertion.getToken()).thenReturn(profile);
when(securityAssertion.getTokenType()).thenReturn(SecurityAssertionJwt.JWT_TOKEN_TYPE);
when(subject.getPrincipals()).thenReturn(principalCollection);
when(principalHolderMock.getPrincipals()).thenReturn(principalCollection);
principalCollection.add(securityAssertion, "oidc");
when(session.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY)).thenReturn(principalHolderMock);
when(request.getSession(false)).thenReturn(session);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
OidcHandlerConfiguration(org.codice.ddf.security.handler.api.OidcHandlerConfiguration)
SubjectUtils(ddf.security.service.impl.SubjectUtils)
OidcLogoutActionBuilder(org.pac4j.oidc.logout.OidcLogoutActionBuilder)
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
OidcProfile(org.pac4j.oidc.profile.OidcProfile)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
PrincipalHolder(ddf.security.common.PrincipalHolder)
Subject(ddf.security.Subject)
Before(org.junit.Before)
Example 2 with OidcLogoutActionBuilder
use of org.pac4j.oidc.logout.OidcLogoutActionBuilder in project ddf by codice.
the class OidcLogoutActionProvider method getAction.
/**
* *
*
* @param <T> is a Map<String, Subject>
* @param subjectMap containing the corresponding subject
* @return OidcLogoutActionProvider containing the logout url
*/
@Override
public <T> Action getAction(T subjectMap) {
if (!canHandle(subjectMap)) {
return null;
}
String logoutUrlString = "";
URL logoutUrl = null;
try {
HttpServletRequest request = (HttpServletRequest) ((Map) subjectMap).get("http_request");
HttpServletResponse response = (HttpServletResponse) ((Map) subjectMap).get("http_response");
JEESessionStore sessionStore = new JEESessionStore();
JEEContext jeeContext = new JEEContext(request, response, sessionStore);
HttpSession session = request.getSession(false);
PrincipalHolder principalHolder = null;
if (session != null) {
principalHolder = (PrincipalHolder) session.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY);
}
OidcProfile oidcProfile = null;
if (principalHolder != null && principalHolder.getPrincipals() != null) {
Collection<SecurityAssertion> securityAssertions = principalHolder.getPrincipals().byType(SecurityAssertion.class);
for (SecurityAssertion securityAssertion : securityAssertions) {
if (SecurityAssertionJwt.JWT_TOKEN_TYPE.equals(securityAssertion.getTokenType())) {
oidcProfile = (OidcProfile) securityAssertion.getToken();
break;
}
}
}
if (oidcProfile == null) {
throw new IllegalStateException("Unable to determine OIDC profile for logout");
}
OidcLogoutActionBuilder logoutActionBuilder = handlerConfiguration.getOidcLogoutActionBuilder();
logoutActionBuilder.setAjaxRequestResolver(new DefaultAjaxRequestResolver() {
@Override
public boolean isAjax(final WebContext context) {
return false;
}
});
URIBuilder urlBuilder = new URIBuilder(SystemBaseUrl.EXTERNAL.constructUrl("/oidc/logout", true));
String prevUrl = getPreviousUrl(request);
if (prevUrl != null) {
urlBuilder.addParameter(PREV_URL, prevUrl);
}
RedirectionAction logoutAction = logoutActionBuilder.getLogoutAction(jeeContext, oidcProfile, urlBuilder.build().toString()).orElse(null);
if (logoutAction instanceof WithLocationAction) {
logoutUrlString = ((WithLocationAction) logoutAction).getLocation();
}
logoutUrl = new URL(logoutUrlString);
} catch (MalformedURLException | URISyntaxException e) {
LOGGER.info("Unable to resolve logout URL: {}", logoutUrlString);
} catch (ClassCastException e) {
LOGGER.debug("Unable to cast parameter to Map<String, Object>, {}", subjectMap, e);
}
return new ActionImpl(ID, TITLE, DESCRIPTION, logoutUrl);
}
Also used :
RedirectionAction(org.pac4j.core.exception.http.RedirectionAction)
MalformedURLException(java.net.MalformedURLException)
WebContext(org.pac4j.core.context.WebContext)
HttpSession(javax.servlet.http.HttpSession)
JEEContext(org.pac4j.core.context.JEEContext)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
JEESessionStore(org.pac4j.core.context.session.JEESessionStore)
WithLocationAction(org.pac4j.core.exception.http.WithLocationAction)
URISyntaxException(java.net.URISyntaxException)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
URL(java.net.URL)
URIBuilder(org.apache.http.client.utils.URIBuilder)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
DefaultAjaxRequestResolver(org.pac4j.core.http.ajax.DefaultAjaxRequestResolver)
OidcLogoutActionBuilder(org.pac4j.oidc.logout.OidcLogoutActionBuilder)
ActionImpl(ddf.action.impl.ActionImpl)
OidcProfile(org.pac4j.oidc.profile.OidcProfile)
PrincipalHolder(ddf.security.common.PrincipalHolder)
Aggregations
SecurityAssertion (ddf.security.assertion.SecurityAssertion)2
PrincipalHolder (ddf.security.common.PrincipalHolder)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
HttpServletResponse (javax.servlet.http.HttpServletResponse)2
HttpSession (javax.servlet.http.HttpSession)2
OidcLogoutActionBuilder (org.pac4j.oidc.logout.OidcLogoutActionBuilder)2
OidcProfile (org.pac4j.oidc.profile.OidcProfile)2
ActionImpl (ddf.action.impl.ActionImpl)1
Subject (ddf.security.Subject)1
SubjectUtils (ddf.security.service.impl.SubjectUtils)1
MalformedURLException (java.net.MalformedURLException)1
URISyntaxException (java.net.URISyntaxException)1
URL (java.net.URL)1
URIBuilder (org.apache.http.client.utils.URIBuilder)1
SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)1
OidcHandlerConfiguration (org.codice.ddf.security.handler.api.OidcHandlerConfiguration)1
Before (org.junit.Before)1
JEEContext (org.pac4j.core.context.JEEContext)1
WebContext (org.pac4j.core.context.WebContext)1
JEESessionStore (org.pac4j.core.context.session.JEESessionStore)1
