Example 1 with SessionState
use of org.xdi.oxauth.model.common.SessionState in project oxAuth by GluuFederation.
the class Authenticator method prepareAuthenticationForStepImpl.
private String prepareAuthenticationForStepImpl() {
SessionState sessionState = sessionStateService.getSessionState();
Map<String, String> sessionIdAttributes = sessionStateService.getSessionAttributes(sessionState);
if (sessionIdAttributes == null) {
log.error("Failed to get attributes from session");
return Constants.RESULT_EXPIRED;
}
// Set current state into identity to allow use in login form and
// authentication scripts
identity.setSessionState(sessionState);
if (!externalAuthenticationService.isEnabled(AuthenticationScriptUsageType.INTERACTIVE)) {
return Constants.RESULT_SUCCESS;
}
initCustomAuthenticatorVariables(sessionIdAttributes);
if (StringHelper.isEmpty(this.authAcr)) {
return Constants.RESULT_SUCCESS;
}
if ((this.authStep == null) || (this.authStep < 1)) {
return Constants.RESULT_NO_PERMISSIONS;
}
CustomScriptConfiguration customScriptConfiguration = externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, this.authAcr);
if (customScriptConfiguration == null) {
log.error("Failed to get CustomScriptConfiguration. auth_step: '{}', acr: '{}'", this.authStep, this.authAcr);
return Constants.RESULT_FAILURE;
}
String currentauthAcr = customScriptConfiguration.getName();
customScriptConfiguration = externalAuthenticationService.determineExternalAuthenticatorForWorkflow(AuthenticationScriptUsageType.INTERACTIVE, customScriptConfiguration);
if (customScriptConfiguration == null) {
return Constants.RESULT_FAILURE;
} else {
String determinedauthAcr = customScriptConfiguration.getName();
if (!StringHelper.equalsIgnoreCase(currentauthAcr, determinedauthAcr)) {
// Redirect user to alternative login workflow
String redirectTo = externalAuthenticationService.executeExternalGetPageForStep(customScriptConfiguration, this.authStep);
if (StringHelper.isEmpty(redirectTo)) {
redirectTo = "/login.xhtml";
}
CustomScriptConfiguration determinedCustomScriptConfiguration = externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, determinedauthAcr);
if (determinedCustomScriptConfiguration == null) {
log.error("Failed to get determined CustomScriptConfiguration. auth_step: '{}', acr: '{}'", this.authStep, this.authAcr);
return Constants.RESULT_FAILURE;
}
log.debug("Redirect to page: '{}'. Force to use acr: '{}'", redirectTo, determinedauthAcr);
determinedauthAcr = determinedCustomScriptConfiguration.getName();
String determinedAuthLevel = Integer.toString(determinedCustomScriptConfiguration.getLevel());
sessionIdAttributes.put("acr", determinedauthAcr);
sessionIdAttributes.put("auth_level", determinedAuthLevel);
sessionIdAttributes.put("auth_step", Integer.toString(1));
if (sessionState != null) {
boolean updateResult = updateSession(sessionState, sessionIdAttributes);
if (!updateResult) {
return Constants.RESULT_EXPIRED;
}
}
facesService.redirect(redirectTo);
return Constants.RESULT_SUCCESS;
}
}
// Check if all previous steps had passed
boolean passedPreviousSteps = isPassedPreviousAuthSteps(sessionIdAttributes, this.authStep);
if (!passedPreviousSteps) {
log.error("There are authentication steps not marked as passed. acr: '{}', auth_step: '{}'", this.authAcr, this.authStep);
return Constants.RESULT_FAILURE;
}
Boolean result = externalAuthenticationService.executeExternalPrepareForStep(customScriptConfiguration, externalContext.getRequestParameterValuesMap(), this.authStep);
if ((result != null) && result) {
// Store/Update extra parameters in session attributes map
updateExtraParameters(customScriptConfiguration, this.authStep, sessionIdAttributes);
if (sessionState != null) {
boolean updateResult = updateSession(sessionState, sessionIdAttributes);
if (!updateResult) {
return Constants.RESULT_FAILURE;
}
}
return Constants.RESULT_SUCCESS;
} else {
return Constants.RESULT_FAILURE;
}
}
Also used :
SessionState(org.xdi.oxauth.model.common.SessionState)
CustomScriptConfiguration(org.xdi.model.custom.script.conf.CustomScriptConfiguration)
Example 2 with SessionState
use of org.xdi.oxauth.model.common.SessionState in project oxAuth by GluuFederation.
the class AuthorizeAction method permissionGranted.
public void permissionGranted() {
final SessionState session = getSession();
permissionGranted(session);
}
Also used :
SessionState(org.xdi.oxauth.model.common.SessionState)
Example 3 with SessionState
use of org.xdi.oxauth.model.common.SessionState in project oxAuth by GluuFederation.
the class AuthorizeAction method permissionDenied.
public void permissionDenied() {
log.trace("permissionDenied");
final SessionState session = getSession();
StringBuilder sb = new StringBuilder();
if (redirectUri == null) {
redirectUri = session.getSessionAttributes().get(AuthorizeRequestParam.REDIRECT_URI);
}
if (state == null) {
state = session.getSessionAttributes().get(AuthorizeRequestParam.STATE);
}
sb.append(redirectUri);
if (redirectUri != null && redirectUri.contains("?")) {
sb.append("&");
} else {
sb.append("?");
}
sb.append(errorResponseFactory.getErrorAsQueryString(AuthorizeErrorResponseType.ACCESS_DENIED, getState()));
facesService.redirectToExternalURL(sb.toString());
}
Also used :
SessionState(org.xdi.oxauth.model.common.SessionState)
Example 4 with SessionState
use of org.xdi.oxauth.model.common.SessionState in project oxAuth by GluuFederation.
the class LogoutAction method redirect.
public void redirect() {
SessionState sessionState = sessionStateService.getSessionState();
boolean validationResult = validateParameters();
if (!validationResult) {
try {
restoreLogoutParametersFromSession(sessionState);
} catch (IOException ex) {
logoutFailed();
log.debug("Failed to restore logout parameters from session", ex);
}
validationResult = validateParameters();
if (!validationResult) {
missingLogoutParameters();
return;
}
}
ExternalLogoutResult externalLogoutResult = processExternalAuthenticatorLogOut(sessionState);
if (ExternalLogoutResult.FAILURE == externalLogoutResult) {
logoutFailed();
return;
} else if (ExternalLogoutResult.REDIRECT == externalLogoutResult) {
return;
}
StringBuilder sb = new StringBuilder();
// Required parameters
if (idTokenHint != null && !idTokenHint.isEmpty()) {
sb.append(EndSessionRequestParam.ID_TOKEN_HINT + "=").append(idTokenHint);
}
if (sessionState != null && !postLogoutRedirectUri.isEmpty()) {
sb.append("&" + EndSessionRequestParam.SESSION_STATE + "=").append(sessionState.getId());
}
if (postLogoutRedirectUri != null && !postLogoutRedirectUri.isEmpty()) {
sb.append("&" + EndSessionRequestParam.POST_LOGOUT_REDIRECT_URI + "=").append(postLogoutRedirectUri);
}
facesService.redirectToExternalURL("seam/resource/restv1/oxauth/end_session?" + sb.toString());
}
Also used :
SessionState(org.xdi.oxauth.model.common.SessionState)
IOException(java.io.IOException)
Example 5 with SessionState
use of org.xdi.oxauth.model.common.SessionState in project oxAuth by GluuFederation.
the class CheckSessionStatusRestWebServiceImpl method requestCheckSessionStatus.
@GET
@Path("/session_status")
@Produces({ MediaType.APPLICATION_JSON })
@ApiOperation(value = "Determine cussrent sesion status.", notes = "Determine cussrent sesion status.", response = Response.class, responseContainer = "JSON")
@ApiResponses(value = { @ApiResponse(code = 400, message = "invalid_request\n" + "The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed. The resource server SHOULD respond with the HTTP 400 (Bad Request) status code.") })
public Response requestCheckSessionStatus(@Context HttpServletRequest httpRequest, @Context HttpServletResponse httpResponse, @Context SecurityContext securityContext) throws IOException {
String sessionStateCookie = sessionStateService.getSessionStateFromCookie(httpRequest);
log.debug("Found session '{}' cookie: '{}'", SessionStateService.SESSION_STATE_COOKIE_NAME, sessionStateCookie);
CheckSessionResponse response = new CheckSessionResponse("unknown", "");
SessionState sessionState = sessionStateService.getSessionState(sessionStateCookie);
if (sessionState != null) {
response.setState(sessionState.getState().getValue());
response.setAuthTime(sessionState.getAuthenticationTime());
String sessionCustomState = sessionState.getSessionAttributes().get(SessionStateService.SESSION_CUSTOM_STATE);
if (StringHelper.isNotEmpty(sessionCustomState)) {
response.setCustomState(sessionCustomState);
}
}
String responseJson = ServerUtil.asJson(response);
log.debug("Check session status response: '{}'", responseJson);
return Response.ok().type(MediaType.APPLICATION_JSON).entity(responseJson).build();
}
Also used :
SessionState(org.xdi.oxauth.model.common.SessionState)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
ApiOperation(com.wordnik.swagger.annotations.ApiOperation)
ApiResponses(com.wordnik.swagger.annotations.ApiResponses)
Aggregations
SessionState (org.xdi.oxauth.model.common.SessionState)30
AuthorizationGrant (org.xdi.oxauth.model.common.AuthorizationGrant)5
User (org.xdi.oxauth.model.common.User)5
CustomScriptConfiguration (org.xdi.model.custom.script.conf.CustomScriptConfiguration)4
Date (java.util.Date)3
EntryPersistenceException (org.gluu.site.ldap.persistence.exception.EntryPersistenceException)3
Parameters (org.testng.annotations.Parameters)3
Test (org.testng.annotations.Test)3
BaseComponentTest (org.xdi.oxauth.BaseComponentTest)3
SimpleUser (org.xdi.oxauth.model.common.SimpleUser)3
AcrChangedException (org.xdi.oxauth.model.exception.AcrChangedException)3
Client (org.xdi.oxauth.model.registration.Client)3
IOException (java.io.IOException)2
HashMap (java.util.HashMap)2
OAuth2AuditLog (org.xdi.oxauth.model.audit.OAuth2AuditLog)2
Prompt (org.xdi.oxauth.model.common.Prompt)2
InvalidJwtException (org.xdi.oxauth.model.exception.InvalidJwtException)2
ClientAuthorizations (org.xdi.oxauth.model.ldap.ClientAuthorizations)2
LDAPException (com.unboundid.ldap.sdk.LDAPException)1
ApiOperation (com.wordnik.swagger.annotations.ApiOperation)1
