Search in sources :

Example 11 with BearerTokenCredential

use of org.wildfly.security.credential.BearerTokenCredential in project keycloak by keycloak.

the class SecurityIdentityUtil method authorize.

static final SecurityIdentity authorize(CallbackHandler callbackHandler, Principal principal) {
    try {
        EvidenceVerifyCallback evidenceVerifyCallback = new EvidenceVerifyCallback(new Evidence() {

            @Override
            public Principal getPrincipal() {
                return principal;
            }
        });
        callbackHandler.handle(new Callback[] { evidenceVerifyCallback });
        if (evidenceVerifyCallback.isVerified()) {
            AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null);
            try {
                callbackHandler.handle(new Callback[] { authorizeCallback });
                authorizeCallback.isAuthorized();
            } catch (Exception e) {
                throw new HttpAuthenticationException(e);
            }
            SecurityIdentityCallback securityIdentityCallback = new SecurityIdentityCallback();
            IdentityCredentialCallback credentialCallback = new IdentityCredentialCallback(new BearerTokenCredential(KeycloakPrincipal.class.cast(principal).getKeycloakSecurityContext().getTokenString()), true);
            callbackHandler.handle(new Callback[] { credentialCallback, AuthenticationCompleteCallback.SUCCEEDED, securityIdentityCallback });
            SecurityIdentity securityIdentity = securityIdentityCallback.getSecurityIdentity();
            return securityIdentity;
        }
    } catch (UnsupportedCallbackException e) {
        throw new RuntimeException(e);
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
    return null;
}
Also used : SecurityIdentityCallback(org.wildfly.security.auth.callback.SecurityIdentityCallback) HttpAuthenticationException(org.wildfly.security.http.HttpAuthenticationException) BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential) IOException(java.io.IOException) AuthorizeCallback(javax.security.sasl.AuthorizeCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) IOException(java.io.IOException) HttpAuthenticationException(org.wildfly.security.http.HttpAuthenticationException) SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) IdentityCredentialCallback(org.wildfly.security.auth.callback.IdentityCredentialCallback) Evidence(org.wildfly.security.evidence.Evidence) EvidenceVerifyCallback(org.wildfly.security.auth.callback.EvidenceVerifyCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) KeycloakPrincipal(org.keycloak.KeycloakPrincipal) Principal(java.security.Principal)

Aggregations

BearerTokenCredential (org.wildfly.security.credential.BearerTokenCredential)11 Test (org.junit.Test)10 Client (javax.ws.rs.client.Client)5 ClientBuilder (javax.ws.rs.client.ClientBuilder)5 RunAsClient (org.jboss.arquillian.container.test.api.RunAsClient)5 AuthenticationConfiguration (org.wildfly.security.auth.client.AuthenticationConfiguration)5 AuthenticationContext (org.wildfly.security.auth.client.AuthenticationContext)5 Response (javax.ws.rs.core.Response)3 IOException (java.io.IOException)2 MalformedURLException (java.net.MalformedURLException)1 URISyntaxException (java.net.URISyntaxException)1 URL (java.net.URL)1 Principal (java.security.Principal)1 EJBAccessException (javax.ejb.EJBAccessException)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)1 KeycloakPrincipal (org.keycloak.KeycloakPrincipal)1 EvidenceVerifyCallback (org.wildfly.security.auth.callback.EvidenceVerifyCallback)1 IdentityCredentialCallback (org.wildfly.security.auth.callback.IdentityCredentialCallback)1 SecurityIdentityCallback (org.wildfly.security.auth.callback.SecurityIdentityCallback)1