Search in sources :

Example 1 with SecurityIdentityCallback

use of org.wildfly.security.auth.callback.SecurityIdentityCallback in project keycloak by keycloak.

the class ElytronHttpFacade method authenticationCompleteAnonymous.

void authenticationCompleteAnonymous() {
    try {
        AnonymousAuthorizationCallback anonymousAuthorizationCallback = new AnonymousAuthorizationCallback(null);
        callbackHandler.handle(new Callback[] { anonymousAuthorizationCallback });
        if (anonymousAuthorizationCallback.isAuthorized()) {
            callbackHandler.handle(new Callback[] { AuthenticationCompleteCallback.SUCCEEDED, new SecurityIdentityCallback() });
            request.authenticationComplete(response -> response.forward(getRequest().getRelativePath()));
        } else {
            request.noAuthenticationInProgress(response -> response.forward(getRequest().getRelativePath()));
        }
    } catch (Exception e) {
        throw new RuntimeException("Unexpected error processing callbacks during logout.", e);
    }
}
Also used : AnonymousAuthorizationCallback(org.wildfly.security.auth.callback.AnonymousAuthorizationCallback) SecurityIdentityCallback(org.wildfly.security.auth.callback.SecurityIdentityCallback) IOException(java.io.IOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 2 with SecurityIdentityCallback

use of org.wildfly.security.auth.callback.SecurityIdentityCallback in project keycloak by keycloak.

the class SecurityIdentityUtil method authorize.

static final SecurityIdentity authorize(CallbackHandler callbackHandler, SamlPrincipal principal) {
    try {
        EvidenceVerifyCallback evidenceVerifyCallback = new EvidenceVerifyCallback(new Evidence() {

            @Override
            public Principal getPrincipal() {
                return principal;
            }
        });
        callbackHandler.handle(new Callback[] { evidenceVerifyCallback });
        if (evidenceVerifyCallback.isVerified()) {
            AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null);
            try {
                callbackHandler.handle(new Callback[] { authorizeCallback });
            } catch (Exception e) {
                throw new HttpAuthenticationException(e);
            }
            if (authorizeCallback.isAuthorized()) {
                SecurityIdentityCallback securityIdentityCallback = new SecurityIdentityCallback();
                callbackHandler.handle(new Callback[] { AuthenticationCompleteCallback.SUCCEEDED, securityIdentityCallback });
                SecurityIdentity securityIdentity = securityIdentityCallback.getSecurityIdentity();
                return securityIdentity;
            }
        }
    } catch (UnsupportedCallbackException e) {
        throw new RuntimeException(e);
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
    return null;
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) SecurityIdentityCallback(org.wildfly.security.auth.callback.SecurityIdentityCallback) HttpAuthenticationException(org.wildfly.security.http.HttpAuthenticationException) Evidence(org.wildfly.security.evidence.Evidence) EvidenceVerifyCallback(org.wildfly.security.auth.callback.EvidenceVerifyCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) IOException(java.io.IOException) SamlPrincipal(org.keycloak.adapters.saml.SamlPrincipal) Principal(java.security.Principal) AuthorizeCallback(javax.security.sasl.AuthorizeCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) IOException(java.io.IOException) HttpAuthenticationException(org.wildfly.security.http.HttpAuthenticationException)

Example 3 with SecurityIdentityCallback

use of org.wildfly.security.auth.callback.SecurityIdentityCallback in project keycloak by keycloak.

the class SecurityIdentityUtil method authorize.

static final SecurityIdentity authorize(CallbackHandler callbackHandler, Principal principal) {
    try {
        EvidenceVerifyCallback evidenceVerifyCallback = new EvidenceVerifyCallback(new Evidence() {

            @Override
            public Principal getPrincipal() {
                return principal;
            }
        });
        callbackHandler.handle(new Callback[] { evidenceVerifyCallback });
        if (evidenceVerifyCallback.isVerified()) {
            AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null);
            try {
                callbackHandler.handle(new Callback[] { authorizeCallback });
                authorizeCallback.isAuthorized();
            } catch (Exception e) {
                throw new HttpAuthenticationException(e);
            }
            SecurityIdentityCallback securityIdentityCallback = new SecurityIdentityCallback();
            IdentityCredentialCallback credentialCallback = new IdentityCredentialCallback(new BearerTokenCredential(KeycloakPrincipal.class.cast(principal).getKeycloakSecurityContext().getTokenString()), true);
            callbackHandler.handle(new Callback[] { credentialCallback, AuthenticationCompleteCallback.SUCCEEDED, securityIdentityCallback });
            SecurityIdentity securityIdentity = securityIdentityCallback.getSecurityIdentity();
            return securityIdentity;
        }
    } catch (UnsupportedCallbackException e) {
        throw new RuntimeException(e);
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
    return null;
}
Also used : SecurityIdentityCallback(org.wildfly.security.auth.callback.SecurityIdentityCallback) HttpAuthenticationException(org.wildfly.security.http.HttpAuthenticationException) BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential) IOException(java.io.IOException) AuthorizeCallback(javax.security.sasl.AuthorizeCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) IOException(java.io.IOException) HttpAuthenticationException(org.wildfly.security.http.HttpAuthenticationException) SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) IdentityCredentialCallback(org.wildfly.security.auth.callback.IdentityCredentialCallback) Evidence(org.wildfly.security.evidence.Evidence) EvidenceVerifyCallback(org.wildfly.security.auth.callback.EvidenceVerifyCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) KeycloakPrincipal(org.keycloak.KeycloakPrincipal) Principal(java.security.Principal)

Aggregations

IOException (java.io.IOException)3 SecurityIdentityCallback (org.wildfly.security.auth.callback.SecurityIdentityCallback)3 Principal (java.security.Principal)2 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)2 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)2 EvidenceVerifyCallback (org.wildfly.security.auth.callback.EvidenceVerifyCallback)2 SecurityIdentity (org.wildfly.security.auth.server.SecurityIdentity)2 Evidence (org.wildfly.security.evidence.Evidence)2 HttpAuthenticationException (org.wildfly.security.http.HttpAuthenticationException)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 KeycloakPrincipal (org.keycloak.KeycloakPrincipal)1 SamlPrincipal (org.keycloak.adapters.saml.SamlPrincipal)1 AnonymousAuthorizationCallback (org.wildfly.security.auth.callback.AnonymousAuthorizationCallback)1 IdentityCredentialCallback (org.wildfly.security.auth.callback.IdentityCredentialCallback)1 BearerTokenCredential (org.wildfly.security.credential.BearerTokenCredential)1