Example 11 with HttpScope
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronSamlSessionStore method isLoggingOut.
@Override
public boolean isLoggingOut() {
HttpScope session = exchange.getScope(Scope.SESSION);
if (!session.exists())
return false;
CurrentAction action = (CurrentAction) session.getAttachment(CURRENT_ACTION);
return action == CurrentAction.LOGGING_OUT;
}
Also used :
HttpScope(org.wildfly.security.http.HttpScope)
Example 12 with HttpScope
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronHttpFacade method getRequest.
@Override
public Request getRequest() {
return new Request() {
private InputStream inputStream;
@Override
public String getMethod() {
return request.getRequestMethod();
}
@Override
public String getURI() {
try {
return URLDecoder.decode(request.getRequestURI().toString(), "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new RuntimeException("Failed to decode request URI", e);
}
}
@Override
public String getRelativePath() {
return request.getRequestPath();
}
@Override
public boolean isSecure() {
return request.getRequestURI().getScheme().equals("https");
}
@Override
public String getFirstParam(String param) {
return request.getFirstParameterValue(param);
}
@Override
public String getQueryParamValue(String param) {
URI requestURI = request.getRequestURI();
String query = requestURI.getQuery();
if (query != null) {
String[] parameters = query.split("&");
for (String parameter : parameters) {
String[] keyValue = parameter.split("=", 2);
if (keyValue[0].equals(param)) {
try {
return URLDecoder.decode(keyValue[1], "UTF-8");
} catch (IOException e) {
throw new RuntimeException("Failed to decode request URI", e);
}
}
}
}
return null;
}
@Override
public Cookie getCookie(final String cookieName) {
List<HttpServerCookie> cookies = request.getCookies();
if (cookies != null) {
for (HttpServerCookie cookie : cookies) {
if (cookie.getName().equals(cookieName)) {
return new Cookie(cookie.getName(), cookie.getValue(), cookie.getVersion(), cookie.getDomain(), cookie.getPath());
}
}
}
return null;
}
@Override
public String getHeader(String name) {
return request.getFirstRequestHeaderValue(name);
}
@Override
public List<String> getHeaders(String name) {
return request.getRequestHeaderValues(name);
}
@Override
public InputStream getInputStream() {
return getInputStream(false);
}
@Override
public InputStream getInputStream(boolean buffered) {
if (inputStream != null) {
return inputStream;
}
if (buffered) {
HttpScope exchangeScope = getScope(Scope.EXCHANGE);
HttpServerExchange exchange = ProtectedHttpServerExchange.class.cast(exchangeScope.getAttachment(UNDERTOW_EXCHANGE)).getExchange();
ServletRequestContext context = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
ServletRequest servletRequest = context.getServletRequest();
inputStream = new BufferedInputStream(exchange.getInputStream());
context.setServletRequest(new HttpServletRequestWrapper((HttpServletRequest) servletRequest) {
@Override
public ServletInputStream getInputStream() {
inputStream.mark(0);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return inputStream.read();
}
};
}
});
return inputStream;
}
return request.getInputStream();
}
@Override
public String getRemoteAddr() {
InetSocketAddress sourceAddress = request.getSourceAddress();
if (sourceAddress == null) {
return "";
}
InetAddress address = sourceAddress.getAddress();
if (address == null) {
// returning null
return sourceAddress.getHostString();
}
return address.getHostAddress();
}
@Override
public void setError(AuthenticationError error) {
request.getScope(Scope.EXCHANGE).setAttachment(AuthenticationError.class.getName(), error);
}
@Override
public void setError(LogoutError error) {
request.getScope(Scope.EXCHANGE).setAttachment(LogoutError.class.getName(), error);
}
};
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletRequest(javax.servlet.ServletRequest)
InetSocketAddress(java.net.InetSocketAddress)
URI(java.net.URI)
HttpServerExchange(io.undertow.server.HttpServerExchange)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletInputStream(javax.servlet.ServletInputStream)
BufferedInputStream(java.io.BufferedInputStream)
HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper)
HttpServerCookie(org.wildfly.security.http.HttpServerCookie)
HttpServerCookie(org.wildfly.security.http.HttpServerCookie)
AuthenticationError(org.keycloak.adapters.spi.AuthenticationError)
BufferedInputStream(java.io.BufferedInputStream)
ServletInputStream(javax.servlet.ServletInputStream)
InputStream(java.io.InputStream)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletRequest(javax.servlet.ServletRequest)
HttpServerRequest(org.wildfly.security.http.HttpServerRequest)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext)
IOException(java.io.IOException)
LogoutError(org.keycloak.adapters.spi.LogoutError)
HttpScope(org.wildfly.security.http.HttpScope)
InetAddress(java.net.InetAddress)
Example 13 with HttpScope
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronHttpFacade method authenticationComplete.
void authenticationComplete() {
if (securityIdentity != null) {
HttpScope requestScope = request.getScope(Scope.EXCHANGE);
RefreshableKeycloakSecurityContext keycloakSecurityContext = account.getKeycloakSecurityContext();
requestScope.setAttachment(KeycloakSecurityContext.class.getName(), keycloakSecurityContext);
this.request.authenticationComplete(response -> {
if (!restored) {
responseConsumer.accept(response);
}
}, () -> ((ElytronTokeStore) tokenStore).logout(true));
}
}
Also used :
HttpScope(org.wildfly.security.http.HttpScope)
RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)
KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext)
RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)
Example 14 with HttpScope
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronSessionTokenStore method saveAccountInfo.
@Override
public void saveAccountInfo(OidcKeycloakAccount account) {
HttpScope session = this.httpFacade.getScope(Scope.SESSION);
if (!session.exists()) {
session.create();
session.registerForNotification(httpScopeNotification -> {
if (!httpScopeNotification.isOfType(HttpScopeNotification.SessionNotificationType.UNDEPLOY)) {
HttpScope invalidated = httpScopeNotification.getScope(Scope.SESSION);
if (invalidated != null) {
invalidated.setAttachment(ElytronAccount.class.getName(), null);
invalidated.setAttachment(KeycloakSecurityContext.class.getName(), null);
}
}
});
}
session.setAttachment(ElytronAccount.class.getName(), account);
session.setAttachment(KeycloakSecurityContext.class.getName(), account.getKeycloakSecurityContext());
HttpScope scope = this.httpFacade.getScope(Scope.EXCHANGE);
scope.setAttachment(KeycloakSecurityContext.class.getName(), account.getKeycloakSecurityContext());
}
Also used :
HttpScope(org.wildfly.security.http.HttpScope)
RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)
KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext)
Example 15 with HttpScope
use of org.wildfly.security.http.HttpScope in project keycloak by keycloak.
the class ElytronSessionTokenStore method logout.
@Override
public void logout(boolean glo) {
HttpScope session = this.httpFacade.getScope(Scope.SESSION);
if (!session.exists()) {
return;
}
KeycloakSecurityContext ksc = (KeycloakSecurityContext) session.getAttachment(KeycloakSecurityContext.class.getName());
try {
if (glo && ksc != null) {
KeycloakDeployment deployment = httpFacade.getDeployment();
session.invalidate();
if (!deployment.isBearerOnly() && ksc != null && ksc instanceof RefreshableKeycloakSecurityContext) {
((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
}
} else {
session.setAttachment(ElytronAccount.class.getName(), null);
session.setAttachment(KeycloakSecurityContext.class.getName(), null);
}
} catch (IllegalStateException ise) {
// Session may be already logged-out in case that app has adminUrl
log.debugf("Session %s logged-out already", session.getID());
}
}
Also used :
HttpScope(org.wildfly.security.http.HttpScope)
RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)
KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext)
RefreshableKeycloakSecurityContext(org.keycloak.adapters.RefreshableKeycloakSecurityContext)
KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment)
Aggregations
HttpScope (org.wildfly.security.http.HttpScope)18
KeycloakSecurityContext (org.keycloak.KeycloakSecurityContext)7
RefreshableKeycloakSecurityContext (org.keycloak.adapters.RefreshableKeycloakSecurityContext)7
SamlSession (org.keycloak.adapters.saml.SamlSession)4
URI (java.net.URI)3
KeycloakDeployment (org.keycloak.adapters.KeycloakDeployment)3
HttpServerExchange (io.undertow.server.HttpServerExchange)2
ServletRequestContext (io.undertow.servlet.handlers.ServletRequestContext)2
BufferedInputStream (java.io.BufferedInputStream)2
IOException (java.io.IOException)2
InputStream (java.io.InputStream)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
InetAddress (java.net.InetAddress)2
InetSocketAddress (java.net.InetSocketAddress)2
ServletInputStream (javax.servlet.ServletInputStream)2
ServletRequest (javax.servlet.ServletRequest)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
HttpServletRequestWrapper (javax.servlet.http.HttpServletRequestWrapper)2
AuthenticationError (org.keycloak.adapters.spi.AuthenticationError)2
LogoutError (org.keycloak.adapters.spi.LogoutError)2
