use of org.wildfly.security.auth.callback.SecurityIdentityCallback in project keycloak by keycloak.
the class ElytronHttpFacade method authenticationCompleteAnonymous.
void authenticationCompleteAnonymous() {
try {
AnonymousAuthorizationCallback anonymousAuthorizationCallback = new AnonymousAuthorizationCallback(null);
callbackHandler.handle(new Callback[] { anonymousAuthorizationCallback });
if (anonymousAuthorizationCallback.isAuthorized()) {
callbackHandler.handle(new Callback[] { AuthenticationCompleteCallback.SUCCEEDED, new SecurityIdentityCallback() });
request.authenticationComplete(response -> response.forward(getRequest().getRelativePath()));
} else {
request.noAuthenticationInProgress(response -> response.forward(getRequest().getRelativePath()));
}
} catch (Exception e) {
throw new RuntimeException("Unexpected error processing callbacks during logout.", e);
}
}
use of org.wildfly.security.auth.callback.SecurityIdentityCallback in project keycloak by keycloak.
the class SecurityIdentityUtil method authorize.
static final SecurityIdentity authorize(CallbackHandler callbackHandler, SamlPrincipal principal) {
try {
EvidenceVerifyCallback evidenceVerifyCallback = new EvidenceVerifyCallback(new Evidence() {
@Override
public Principal getPrincipal() {
return principal;
}
});
callbackHandler.handle(new Callback[] { evidenceVerifyCallback });
if (evidenceVerifyCallback.isVerified()) {
AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null);
try {
callbackHandler.handle(new Callback[] { authorizeCallback });
} catch (Exception e) {
throw new HttpAuthenticationException(e);
}
if (authorizeCallback.isAuthorized()) {
SecurityIdentityCallback securityIdentityCallback = new SecurityIdentityCallback();
callbackHandler.handle(new Callback[] { AuthenticationCompleteCallback.SUCCEEDED, securityIdentityCallback });
SecurityIdentity securityIdentity = securityIdentityCallback.getSecurityIdentity();
return securityIdentity;
}
}
} catch (UnsupportedCallbackException e) {
throw new RuntimeException(e);
} catch (IOException e) {
throw new RuntimeException(e);
}
return null;
}
use of org.wildfly.security.auth.callback.SecurityIdentityCallback in project keycloak by keycloak.
the class SecurityIdentityUtil method authorize.
static final SecurityIdentity authorize(CallbackHandler callbackHandler, Principal principal) {
try {
EvidenceVerifyCallback evidenceVerifyCallback = new EvidenceVerifyCallback(new Evidence() {
@Override
public Principal getPrincipal() {
return principal;
}
});
callbackHandler.handle(new Callback[] { evidenceVerifyCallback });
if (evidenceVerifyCallback.isVerified()) {
AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null);
try {
callbackHandler.handle(new Callback[] { authorizeCallback });
authorizeCallback.isAuthorized();
} catch (Exception e) {
throw new HttpAuthenticationException(e);
}
SecurityIdentityCallback securityIdentityCallback = new SecurityIdentityCallback();
IdentityCredentialCallback credentialCallback = new IdentityCredentialCallback(new BearerTokenCredential(KeycloakPrincipal.class.cast(principal).getKeycloakSecurityContext().getTokenString()), true);
callbackHandler.handle(new Callback[] { credentialCallback, AuthenticationCompleteCallback.SUCCEEDED, securityIdentityCallback });
SecurityIdentity securityIdentity = securityIdentityCallback.getSecurityIdentity();
return securityIdentity;
}
} catch (UnsupportedCallbackException e) {
throw new RuntimeException(e);
} catch (IOException e) {
throw new RuntimeException(e);
}
return null;
}
Aggregations