use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronHttpFacade method getResponse.
@Override
public Response getResponse() {
return new Response() {
@Override
public void setStatus(final int status) {
if (status < 200 || status > 300) {
responseConsumer = responseConsumer.andThen(response -> response.setStatusCode(status));
}
}
@Override
public void addHeader(final String name, final String value) {
headers.put(name, value);
responseConsumer = responseConsumer.andThen(new Consumer<HttpServerResponse>() {
@Override
public void accept(HttpServerResponse response) {
String latestValue = headers.get(name);
if (latestValue.equals(value)) {
response.addResponseHeader(name, latestValue);
}
}
});
}
@Override
public void setHeader(String name, String value) {
addHeader(name, value);
}
@Override
public void resetCookie(final String name, final String path) {
responseConsumer = responseConsumer.andThen(response -> setCookie(name, "", path, null, 0, false, false, response));
HttpScope exchangeScope = getScope(Scope.EXCHANGE);
ProtectedHttpServerExchange undertowExchange = ProtectedHttpServerExchange.class.cast(exchangeScope.getAttachment(UNDERTOW_EXCHANGE));
if (undertowExchange != null) {
CookieImpl cookie = new CookieImpl(name, "");
cookie.setMaxAge(0);
cookie.setPath(path);
undertowExchange.getExchange().setResponseCookie(cookie);
}
}
@Override
public void setCookie(final String name, final String value, final String path, final String domain, final int maxAge, final boolean secure, final boolean httpOnly) {
responseConsumer = responseConsumer.andThen(response -> setCookie(name, value, path, domain, maxAge, secure, httpOnly, response));
}
private void setCookie(final String name, final String value, final String path, final String domain, final int maxAge, final boolean secure, final boolean httpOnly, HttpServerResponse response) {
response.setResponseCookie(new HttpServerCookie() {
@Override
public String getName() {
return name;
}
@Override
public String getValue() {
return value;
}
@Override
public String getDomain() {
return domain;
}
@Override
public int getMaxAge() {
return maxAge;
}
@Override
public String getPath() {
return path;
}
@Override
public boolean isSecure() {
return secure;
}
@Override
public int getVersion() {
return 0;
}
@Override
public boolean isHttpOnly() {
return httpOnly;
}
});
}
@Override
public OutputStream getOutputStream() {
ByteArrayOutputStream stream = new ByteArrayOutputStream();
responseConsumer = responseConsumer.andThen(new Consumer<HttpServerResponse>() {
@Override
public void accept(HttpServerResponse httpServerResponse) {
try {
httpServerResponse.getOutputStream().write(stream.toByteArray());
} catch (IOException e) {
throw new RuntimeException("Failed to write to response output stream", e);
}
}
});
return stream;
}
@Override
public void sendError(int code) {
setStatus(code);
}
@Override
public void sendError(final int code, final String message) {
responseConsumer = responseConsumer.andThen(response -> {
response.setStatusCode(code);
response.addResponseHeader("Content-Type", "text/html");
try {
response.getOutputStream().write(message.getBytes());
} catch (IOException e) {
throw new RuntimeException(e);
}
});
}
@Override
public void end() {
}
};
}
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronSessionTokenStore method checkCurrentToken.
@Override
public void checkCurrentToken() {
HttpScope session = httpFacade.getScope(Scope.SESSION);
if (session == null || !session.exists())
return;
RefreshableKeycloakSecurityContext securityContext = (RefreshableKeycloakSecurityContext) session.getAttachment(KeycloakSecurityContext.class.getName());
if (securityContext == null)
return;
// just in case session got serialized
if (securityContext.getDeployment() == null)
securityContext.setCurrentRequestInfo(httpFacade.getDeployment(), this);
if (securityContext.isActive() && !securityContext.getDeployment().isAlwaysRefreshToken())
return;
// FYI: A refresh requires same scope, so same roles will be set. Otherwise, refresh will fail and token will
// not be updated
boolean success = securityContext.refreshExpiredToken(false);
if (success && securityContext.isActive())
return;
// Refresh failed, so user is already logged out from keycloak. Cleanup and expire our session
session.setAttachment(KeycloakSecurityContext.class.getName(), null);
session.invalidate();
}
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class KeycloakHttpServerAuthenticationMechanism method getSessionIdMapper.
private SessionIdMapper getSessionIdMapper(HttpServerRequest request) {
HttpScope scope = request.getScope(Scope.APPLICATION);
SessionIdMapper res = scope == null ? null : (SessionIdMapper) scope.getAttachment(KeycloakConfigurationServletListener.ADAPTER_SESSION_ID_MAPPER_ATTRIBUTE_ELYTRON);
return res == null ? this.idMapper : res;
}
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronSamlSessionStore method logoutAccount.
@Override
public void logoutAccount() {
HttpScope session = getSession(false);
if (session.exists()) {
log.debug("Logging out - current account");
SamlSession samlSession = (SamlSession) session.getAttachment(SamlSession.class.getName());
if (samlSession != null) {
if (samlSession.getSessionIndex() != null) {
idMapperUpdater.removeSession(idMapper, session.getID());
}
session.setAttachment(SamlSession.class.getName(), null);
}
session.setAttachment(SAML_REDIRECT_URI, null);
}
}
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronSamlSessionStore method isLoggedIn.
@Override
public boolean isLoggedIn() {
HttpScope session = getSession(false);
if (!session.exists()) {
log.debug("session was null, returning null");
return false;
}
if (!idMapper.hasSession(session.getID()) && !idMapperUpdater.refreshMapping(idMapper, session.getID())) {
log.debugf("Session %s has expired on some other node", session.getID());
session.setAttachment(SamlSession.class.getName(), null);
return false;
}
final SamlSession samlSession = SamlUtil.validateSamlSession(session.getAttachment(SamlSession.class.getName()), deployment);
if (samlSession == null) {
return false;
}
exchange.authenticationComplete(samlSession);
restoreRequest();
return true;
}
Aggregations