public RequestOAuth2Params(Request request) { this.request = request; this.grantType = request.getParameter(GRANT_TYPE); }
@Override public AuthzSSOSession getSSOSession(Request request, Response response, AuthzAuthentication authc) throws Throwable { return (AuthzSSOSession)request.getAttribute(SSO_SESSION_ATTR_NAME); }
protected void exposeViewData(Request request, OAuth2Params params, AuthzClient client) { request.setAttribute(CLIENT_ATTRIBUTE, client); request.setAttribute(PARAMS_ATTRIBUTE, params); request.setAttribute(STATE_ATTRIBUTE, Urls.encode(request.getQueryString())); }
@Override public Token extractTokenFromRequest(Request request) { String v = extractToken(request.getServletRequest()); return extractTokenFromString(v,request.getParameters()); }
@Override public Token extractTokenFromRequest(Request request) { String v = request.getParameter(OAuth2Constants.ACCESS_TOKEN); if (Strings.isEmpty(v)) { v = request.getHeader(Headers.AUTHORIZATION); if (Strings.startsWithIgnoreCase(v, OAuth2Constants.BEARER_TYPE)) { v = v.substring(OAuth2Constants.BEARER_TYPE.length()).trim(); } else { v = null; } } if (Strings.isEmpty(v)) { return null; } return new SimpleToken(v); }
@Override public State preLogout(Request request, Response response, LogoutContext context) throws Throwable { if(config.isEnabled() && config.isOAuth2LogoutEnabled()) { Boolean reqeustedLogout = (Boolean)request.getAttribute("oauth2_logout"); if(null != reqeustedLogout) { return State.CONTINUE; } String remoteLogoutParam = request.getParameter("remote_logout"); if("0".equals(remoteLogoutParam)) { return State.CONTINUE; }else{ response.sendRedirect(buildRemoteLogoutUrl(request)); return State.INTERCEPTED; } } return State.CONTINUE; }
protected String getReturnUrl(LoginContext context, Request request, String loginUrl){ String returnUrl = context.getReturnUrl() ; if(null == returnUrl){ returnUrl = request.getParameter(config.getReturnUrlParameterName()); } if(Strings.isEmpty(returnUrl)){ if(null != loginUrl) { String loginPath = Urls.removeQueryString(urlHandler.removePrefix(loginUrl)); if(!request.getPath().equals(loginPath)) { return request.getUriWithQueryString(); } } if(config.isLoginRedirectRoot()) { return "/"; }else { return request.getUri(); } } return returnUrl; }
protected ResponseTypeHandler getResponseTypeHandler(Request request, Response response, OAuth2Params params) throws Throwable { //String redirectUri = params.getRedirectUri(); String responseType = params.getResponseType(); if(Strings.isEmpty(responseType)) { //if(Strings.isEmpty(redirectUri)) { log.debug("error : response_type required"); request.getValidation().addError(OAuth2Errors.ERROR_INVALID_REQUEST, "response_type required"); request.forwardToView(config.getErrorView()); //}else{ // OAuth2Errors.redirectInvalidRequest(response, redirectUri, "response_type required"); //} return null; } ResponseTypeHandler handler = factory.tryGetBean(ResponseTypeHandler.class, responseType); if(null == handler) { log.info("error : invalid response type {}", responseType); //if(Strings.isEmpty(redirectUri)) { request.getValidation().addError(OAuth2Errors.ERROR_INVALID_REQUEST, "unsupported or invalid response type"); request.forwardToView(config.getErrorView()); //}else{ // OAuth2Errors.redirectUnsupportedResponseType(response, redirectUri, "unsupported or invalid response type"); //} return null; } return handler; }
/** * Ignores the csrf checking in the http request. */ public static void ignore(Request request) { request.setAttribute(CSRF_IGNORED_KEY, Boolean.TRUE); }
@Override public String resolveUserAgentForwarded(Request request) { if(isProxyRequest(request)){ String host = request.getHeader(X_FORWARDED_HOST); if(Strings.isNotEmpty(host)){ String protocol = resolveProtocol(request); if(Strings.isEmpty(protocol)){ protocol = "http"; } protocol += "://"; return protocol + host + request.getContextPath(); }else{ return host + request.getContextPath(); } }else{ throw new IllegalStateException("this request is not a proxied request"); } }
private boolean checkProfile(MApiOperation o) { if(null == o.getRoute()) { return false; } String[] profiles = tryGetProfiles(o); if(null != profiles) { Request request = Request.tryGetCurrent(); if (null != request) { String requestProfile = request.getParameter("profile"); if (Strings.isNotBlank(requestProfile)) { if(!Arrays2.containsAny(profiles, requestProfile)) { return true; } } } } return false; }
protected boolean isLogoutRequest(Request request, Response response, LogoutContext context) throws Throwable { return request.getPath().equals(config.getLogoutAction()); } }
protected String getReturnUrl(LogoutContext context, Request request){ String returnUrl = context.getReturnUrl() ; if(null == returnUrl){ returnUrl = request.getParameter(context.getSecurityConfig().getReturnUrlParameterName()); } if(Strings.isEmpty(returnUrl)){ returnUrl = context.getSecurityConfig().getLogoutSuccessUrl(); } if(Strings.isEmpty(returnUrl)){ returnUrl = Strings.isEmpty(request.getContextPath()) ? "/" : request.getContextPath(); } return returnUrl; } }
protected void handleAuthzServerLoginResponse(Request request, Response response) throws Throwable { String logoutParam = request.getParameter("oauth2_logout"); if(!Strings.isEmpty(logoutParam)) { request.setAttribute("oauth2_logout", Boolean.TRUE); lom.logout(request, response); }else{ OAuth2Params params = new RequestOAuth2Params(request); if(params.isError()) { handleOAuth2ServerError(request, response, params); }else{ handleOAuth2ServerSuccess(request, response, params); } } }
@Override public State prePromoteLogin(Request request, Response response, LoginContext context) throws Throwable { if(config.isOAuth2LoginEnabled()) { //Check cyclic redirect. if(!Strings.isEmpty(request.getParameter("oauth2_redirect"))) { throw new IllegalStateException("Cannot promote login for oauth2 redirect request : " + request.getUri()); }else{ context.setLoginUrl(buildRemoteLoginUrl(request)); } } return State.CONTINUE; }
protected String buildClientRedirectUri(Request request) { String uri; //todo: reverse proxy String redirectUri = config.getRedirectUri(); if (Strings.isEmpty(redirectUri)) { uri = request.getServletRequest().getRequestURL().toString(); }else{ if(Strings.startsWithIgnoreCase(redirectUri,"http")) { uri = redirectUri; }else{ uri = request.getContextUrl() + redirectUri; } String returnUrl = sc.getReturnUrlParameterName() + "=" + Urls.encode(request.getUri()); uri = Urls.appendQueryString(uri, returnUrl); } String redirectBack = REDIRECT_BACK_PARAM + "=1"; return Urls.appendQueryString(uri, redirectBack); }
public static String formatApiEndPoint(String apiEndPoint) { if (apiEndPoint.contains("{context}")) { String contextPath = Request.tryGetCurrent().getServletRequest().getContextPath(); apiEndPoint = apiEndPoint.replace("{context}", Strings.trimStart(contextPath, '/')); //apiEndPoint=apiEndPoint.replace("//", "/"); } if (apiEndPoint.contains("~")) { HttpServletRequest request = Request.tryGetCurrent().getServletRequest(); apiEndPoint = apiEndPoint.replace("~", Strings.format("{0}://{1}:{2}", request.getScheme(), curServerLocalIp(), request.getLocalPort())); } if (apiEndPoint.startsWith("/")) { HttpServletRequest request = Request.tryGetCurrent().getServletRequest(); apiEndPoint = Strings.format("{0}://{1}:{2}", request.getScheme(), "127.0.0.1", request.getLocalPort()) + apiEndPoint; } if (Strings.endsWith(apiEndPoint, "/")) { apiEndPoint = Strings.trimEnd(apiEndPoint, '/'); } return apiEndPoint; }