Example 61 with PostMapping
use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class OidcIntrospectionEndpointController method handlePostRequest.
/**
* Handle post request.
*
* @param request the request
* @param response the response
* @return the response entity
*/
@PostMapping(consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE, produces = MediaType.APPLICATION_JSON_VALUE, value = { '/' + OidcConstants.BASE_OIDC_URL + '/' + OidcConstants.INTROSPECTION_URL })
public ResponseEntity<OidcIntrospectionAccessTokenResponse> handlePostRequest(final HttpServletRequest request, final HttpServletResponse response) {
try {
final CredentialsExtractor<UsernamePasswordCredentials> authExtractor = new BasicAuthExtractor();
final UsernamePasswordCredentials credentials = authExtractor.extract(Pac4jUtils.getPac4jJ2EContext(request, response));
if (credentials == null) {
throw new IllegalArgumentException("No credentials are provided to verify introspection on the access token");
}
final OAuthRegisteredService service = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, credentials.getUsername());
if (validateIntrospectionRequest(service, credentials, request)) {
final String accessToken = StringUtils.defaultIfBlank(request.getParameter(OAuth20Constants.ACCESS_TOKEN), request.getParameter(OAuth20Constants.TOKEN));
LOGGER.debug("Located access token [{}] in the request", accessToken);
final AccessToken ticket = this.centralAuthenticationService.getTicket(accessToken, AccessToken.class);
if (ticket != null) {
return createIntrospectionResponse(service, ticket);
}
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
}
return new ResponseEntity<>(HttpStatus.OK);
}
Also used :
BasicAuthExtractor(org.pac4j.core.credentials.extractor.BasicAuthExtractor)
ResponseEntity(org.springframework.http.ResponseEntity)
OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService)
AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 62 with PostMapping
use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class ServiceTicketResource method createServiceTicket.
/**
* Create new service ticket.
*
* @param httpServletRequest http request
* @param tgtId ticket granting ticket id URI path param
* @return {@link ResponseEntity} representing RESTful response
*/
@PostMapping(value = "/v1/tickets/{tgtId:.+}", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
public ResponseEntity<String> createServiceTicket(final HttpServletRequest httpServletRequest, @PathVariable("tgtId") final String tgtId) {
try {
final Authentication authn = this.ticketRegistrySupport.getAuthenticationFrom(tgtId);
AuthenticationCredentialsThreadLocalBinder.bindCurrent(authn);
if (authn == null) {
throw new InvalidTicketException(tgtId);
}
final AuthenticationResultBuilder builder = new DefaultAuthenticationResultBuilder(this.authenticationSystemSupport.getPrincipalElectionStrategy());
final Service service = this.argumentExtractor.extractService(httpServletRequest);
if (service == null) {
throw new IllegalArgumentException("Target service/application is unspecified or unrecognized in the request");
}
final AuthenticationResult authenticationResult = builder.collect(authn).build(service);
return this.serviceTicketResourceEntityResponseFactory.build(tgtId, service, authenticationResult);
} catch (final InvalidTicketException e) {
return new ResponseEntity<>(tgtId + " could not be found or is considered invalid", HttpStatus.NOT_FOUND);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
return new ResponseEntity<>(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
} finally {
AuthenticationCredentialsThreadLocalBinder.clear();
}
}
Also used :
Authentication(org.apereo.cas.authentication.Authentication)
InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException)
Service(org.apereo.cas.authentication.principal.Service)
DefaultAuthenticationResultBuilder(org.apereo.cas.authentication.DefaultAuthenticationResultBuilder)
AuthenticationResultBuilder(org.apereo.cas.authentication.AuthenticationResultBuilder)
DefaultAuthenticationResultBuilder(org.apereo.cas.authentication.DefaultAuthenticationResultBuilder)
InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 63 with PostMapping
use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class Saml1ArtifactResolutionProfileHandlerController method handlePostRequest.
/**
* Handle post request.
*
* @param response the response
* @param request the request
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML1_SOAP_ARTIFACT_RESOLUTION)
protected void handlePostRequest(final HttpServletResponse response, final HttpServletRequest request) {
final MessageContext ctx = decodeSoapRequest(request);
final ArtifactResolve artifactMsg = (ArtifactResolve) ctx.getMessage();
try {
final String issuer = artifactMsg.getIssuer().getValue();
final SamlRegisteredService service = verifySamlRegisteredService(issuer);
final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor = getSamlMetadataFacadeFor(service, artifactMsg);
if (!adaptor.isPresent()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
verifyAuthenticationContextSignature(ctx, request, artifactMsg, facade);
final String artifactId = artifactMsg.getArtifact().getArtifact();
final String ticketId = artifactTicketFactory.createTicketIdFor(artifactId);
final SamlArtifactTicket ticket = this.ticketRegistry.getTicket(ticketId, SamlArtifactTicket.class);
final Service issuerService = webApplicationServiceFactory.createService(issuer);
final Assertion casAssertion = buildCasAssertion(ticket.getTicketGrantingTicket().getAuthentication(), issuerService, service, CollectionUtils.wrap("artifact", ticket));
this.responseBuilder.build(artifactMsg, request, response, casAssertion, service, facade, SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
request.setAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR, e.getMessage());
samlFaultResponseBuilder.build(artifactMsg, request, response, null, null, null, SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
}
}
Also used :
ArtifactResolve(org.opensaml.saml.saml2.core.ArtifactResolve)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
Assertion(org.jasig.cas.client.validation.Assertion)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
MessageContext(org.opensaml.messaging.context.MessageContext)
SamlArtifactTicket(org.apereo.cas.ticket.artifact.SamlArtifactTicket)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 64 with PostMapping
use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class ECPProfileHandlerController method handleEcpRequest.
/**
* Handle ecp request.
*
* @param response the response
* @param request the request
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_IDP_ECP_PROFILE_SSO, consumes = { MediaType.TEXT_XML_VALUE, SamlIdPConstants.ECP_SOAP_PAOS_CONTENT_TYPE }, produces = { MediaType.TEXT_XML_VALUE, SamlIdPConstants.ECP_SOAP_PAOS_CONTENT_TYPE })
public void handleEcpRequest(final HttpServletResponse response, final HttpServletRequest request) {
final MessageContext soapContext = decodeSoapRequest(request);
final Credential credential = extractBasicAuthenticationCredential(request, response);
if (credential == null) {
LOGGER.error("Credentials could not be extracted from the SAML ECP request");
return;
}
if (soapContext == null) {
LOGGER.error("SAML ECP request could not be determined from the authentication request");
return;
}
handleEcpRequest(response, request, soapContext, credential, SAMLConstants.SAML2_PAOS_BINDING_URI);
}
Also used :
UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)
Credential(org.apereo.cas.authentication.Credential)
MessageContext(org.opensaml.messaging.context.MessageContext)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Example 65 with PostMapping
use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class OAuth20AccessTokenEndpointController method handleRequest.
/**
* Handle request internal model and view.
*
* @param request the request
* @param response the response
* @throws Exception the exception
*/
@PostMapping(path = { OAuth20Constants.BASE_OAUTH20_URL + '/' + OAuth20Constants.ACCESS_TOKEN_URL, OAuth20Constants.BASE_OAUTH20_URL + '/' + OAuth20Constants.TOKEN_URL })
@SneakyThrows
public void handleRequest(final HttpServletRequest request, final HttpServletResponse response) throws Exception {
response.setContentType(MediaType.TEXT_PLAIN_VALUE);
try {
if (!verifyAccessTokenRequest(request, response)) {
throw new IllegalArgumentException("Access token validation failed");
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
OAuth20Utils.writeTextError(response, OAuth20Constants.INVALID_REQUEST);
return;
}
final AccessTokenRequestDataHolder requestHolder;
try {
requestHolder = examineAndExtractAccessTokenGrantRequest(request, response);
LOGGER.debug("Creating access token for [{}]", requestHolder);
} catch (final Exception e) {
LOGGER.error("Could not identify and extract access token request", e);
OAuth20Utils.writeTextError(response, OAuth20Constants.INVALID_GRANT);
return;
}
final J2EContext context = Pac4jUtils.getPac4jJ2EContext(request, response);
final Pair<AccessToken, RefreshToken> accessToken = accessTokenGenerator.generate(requestHolder);
LOGGER.debug("Access token generated is: [{}]. Refresh token generated is [{}]", accessToken.getKey(), accessToken.getValue());
generateAccessTokenResponse(request, response, requestHolder, context, accessToken.getKey(), accessToken.getValue());
response.setStatus(HttpServletResponse.SC_OK);
}
Also used :
RefreshToken(org.apereo.cas.ticket.refreshtoken.RefreshToken)
AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken)
J2EContext(org.pac4j.core.context.J2EContext)
AccessTokenRequestDataHolder(org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenRequestDataHolder)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
SneakyThrows(lombok.SneakyThrows)
Aggregations
PostMapping (org.springframework.web.bind.annotation.PostMapping)83
ApiOperation (io.swagger.annotations.ApiOperation)21
Profile (com.erudika.scoold.core.Profile)20
Post (com.erudika.scoold.core.Post)9
Example (tk.mybatis.mapper.entity.Example)8
HashMap (java.util.HashMap)7
Service (org.apereo.cas.authentication.principal.Service)6
ResponseEntity (org.springframework.http.ResponseEntity)6
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6
LoginAuthDto (com.paascloud.base.dto.LoginAuthDto)5
AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)5
RegisteredService (org.apereo.cas.services.RegisteredService)5
User (amu.zhcet.data.user.User)4
Report (com.erudika.scoold.core.Report)4
IOException (java.io.IOException)4
Map (java.util.Map)4
Credential (org.apereo.cas.authentication.Credential)4
Reply (com.erudika.scoold.core.Reply)3
Log (io.github.tesla.ops.common.Log)3
LinkedHashMap (java.util.LinkedHashMap)3
