Search in sources :

Example 1 with SparkWebContext

use of org.pac4j.sparkjava.SparkWebContext in project molgenis-emx2 by molgenis.

the class OIDCController method handleLoginRequest.

public Object handleLoginRequest(Request request, Response response) {
    final SparkWebContext context = new SparkWebContext(request, response);
    final var client = securityConfig.getClients().findClient(OIDC_CLIENT_NAME).orElseThrow(() -> new MolgenisException("Expected OIDC client not found in security configuration"));
    HttpAction action;
    try {
        Optional<RedirectionAction> redirectionAction = client.getRedirectionAction(context, JEESessionStore.INSTANCE);
        if (redirectionAction.isEmpty()) {
            throw new MolgenisException("Expected OIDC redirection action not found");
        }
        action = redirectionAction.get();
    } catch (final HttpAction e) {
        action = e;
    }
    return SparkHttpActionAdapter.INSTANCE.adapt(action, context);
}
Also used : RedirectionAction(org.pac4j.core.exception.http.RedirectionAction) SparkWebContext(org.pac4j.sparkjava.SparkWebContext) MolgenisException(org.molgenis.emx2.MolgenisException) HttpAction(org.pac4j.core.exception.http.HttpAction)

Example 2 with SparkWebContext

use of org.pac4j.sparkjava.SparkWebContext in project molgenis-emx2 by molgenis.

the class OIDCController method handleLoginCallback.

public Object handleLoginCallback(Request request, Response response) {
    final SparkWebContext context = new SparkWebContext(request, response);
    final HttpActionAdapter adapter = FindBest.httpActionAdapter(null, securityConfig, SparkHttpActionAdapter.INSTANCE);
    final CallbackLogic callbackLogic = FindBest.callbackLogic(null, securityConfig, DefaultCallbackLogic.INSTANCE);
    callbackLogic.perform(context, sessionStore, securityConfig, adapter, null, false, OIDC_CLIENT_NAME);
    final ProfileManager manager = new ProfileManager(context, sessionStore);
    Optional<UserProfile> oidcProfile = manager.getProfile();
    if (oidcProfile.isEmpty()) {
        logger.error("OIDC sign in failed, no profile found");
        response.status(500);
        response.redirect("/");
        return response;
    }
    String user = oidcProfile.get().getAttribute("email").toString();
    if (user == null || user.isEmpty()) {
        logger.error("OIDC sign in failed, email claim is empty");
        response.status(500);
        response.redirect("/");
        return response;
    }
    Database database = sessionManager.getSession(request).getDatabase();
    if (!database.hasUser(user)) {
        logger.info("Add new OIDC user({}) to database", user);
        database.addUser(user);
    }
    database.setActiveUser(user);
    logger.info("OIDC sign in for user: {}", user);
    response.status(302);
    response.redirect("/");
    return response;
}
Also used : ProfileManager(org.pac4j.core.profile.ProfileManager) DefaultCallbackLogic(org.pac4j.core.engine.DefaultCallbackLogic) CallbackLogic(org.pac4j.core.engine.CallbackLogic) SparkWebContext(org.pac4j.sparkjava.SparkWebContext) UserProfile(org.pac4j.core.profile.UserProfile) Database(org.molgenis.emx2.Database) HttpActionAdapter(org.pac4j.core.http.adapter.HttpActionAdapter) SparkHttpActionAdapter(org.pac4j.sparkjava.SparkHttpActionAdapter)

Aggregations

SparkWebContext (org.pac4j.sparkjava.SparkWebContext)2 Database (org.molgenis.emx2.Database)1 MolgenisException (org.molgenis.emx2.MolgenisException)1 CallbackLogic (org.pac4j.core.engine.CallbackLogic)1 DefaultCallbackLogic (org.pac4j.core.engine.DefaultCallbackLogic)1 HttpAction (org.pac4j.core.exception.http.HttpAction)1 RedirectionAction (org.pac4j.core.exception.http.RedirectionAction)1 HttpActionAdapter (org.pac4j.core.http.adapter.HttpActionAdapter)1 ProfileManager (org.pac4j.core.profile.ProfileManager)1 UserProfile (org.pac4j.core.profile.UserProfile)1 SparkHttpActionAdapter (org.pac4j.sparkjava.SparkHttpActionAdapter)1