@Override protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, method, false); propagateKeycloakContext(account); }
@Override protected void propagateKeycloakContext(KeycloakUndertowAccount account) { super.propagateKeycloakContext(account); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest(); req.setAttribute(KeycloakSecurityContext.class.getName(), account.getKeycloakSecurityContext()); }
@Override protected void propagateKeycloakContext(KeycloakUndertowAccount account) { super.propagateKeycloakContext(account); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest req = (HttpServletRequest) servletRequestContext.getServletRequest(); req.setAttribute(KeycloakSecurityContext.class.getName(), account.getKeycloakSecurityContext()); }
@Override protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, method, false); propagateKeycloakContext(account); }
log.debug("Cached account found"); securityContext.authenticationComplete(account, "KEYCLOAK", false); ((AbstractUndertowRequestAuthenticator)authenticator).propagateKeycloakContext(account); restoreRequest(); return true;
@Override protected void completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, "KEYCLOAK", false); propagateKeycloakContext(account); tokenStore.saveAccountInfo(account); }
log.debug("Cached account found"); securityContext.authenticationComplete(account, "KEYCLOAK", false); ((AbstractUndertowRequestAuthenticator)authenticator).propagateKeycloakContext(account); restoreRequest(); return true;
@Override protected void completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, "KEYCLOAK", false); propagateKeycloakContext(account); tokenStore.saveAccountInfo(account); }
@Override public boolean isCached(RequestAuthenticator authenticator) { KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = CookieTokenStore.getPrincipalFromCookie(deployment, facade, this); if (principal == null) { log.debug("Account was not in cookie or was invalid, returning null"); return false; } KeycloakUndertowAccount account = new KeycloakUndertowAccount(principal); if (!deployment.getRealm().equals(account.getKeycloakSecurityContext().getRealm())) { log.debug("Account in session belongs to a different realm than for this request."); return false; } if (account.checkActive()) { log.debug("Cached account found"); securityContext.authenticationComplete(account, "KEYCLOAK", false); ((AbstractUndertowRequestAuthenticator)authenticator).propagateKeycloakContext(account); return true; } else { log.debug("Account was not active, removing cookie and returning false"); CookieTokenStore.removeCookie(deployment, facade); return false; } }
@Override public boolean isCached(RequestAuthenticator authenticator) { KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = CookieTokenStore.getPrincipalFromCookie(deployment, facade, this); if (principal == null) { log.debug("Account was not in cookie or was invalid, returning null"); return false; } KeycloakUndertowAccount account = new KeycloakUndertowAccount(principal); if (!deployment.getRealm().equals(account.getKeycloakSecurityContext().getRealm())) { log.debug("Account in session belongs to a different realm than for this request."); return false; } if (account.checkActive()) { log.debug("Cached account found"); securityContext.authenticationComplete(account, "KEYCLOAK", false); ((AbstractUndertowRequestAuthenticator)authenticator).propagateKeycloakContext(account); return true; } else { log.debug("Account was not active, removing cookie and returning false"); CookieTokenStore.removeCookie(deployment, facade); return false; } }
@Override public boolean isCached(RequestAuthenticator authenticator) { Session session = Sessions.getSession(exchange); if (session == null) { log.debug("session was null, returning null"); return false; } KeycloakUndertowAccount account = (KeycloakUndertowAccount)session.getAttribute(KeycloakUndertowAccount.class.getName()); if (account == null) { log.debug("Account was not in session, returning null"); return false; } if (!deployment.getRealm().equals(account.getKeycloakSecurityContext().getRealm())) { log.debug("Account in session belongs to a different realm than for this request."); return false; } account.setCurrentRequestInfo(deployment, this); if (account.checkActive()) { log.debug("Cached account found"); securityContext.authenticationComplete(account, "KEYCLOAK", false); ((AbstractUndertowRequestAuthenticator)authenticator).propagateKeycloakContext(account); return true; } else { log.debug("Account was not active, returning false"); session.removeAttribute(KeycloakUndertowAccount.class.getName()); session.removeAttribute(KeycloakSecurityContext.class.getName()); session.invalidate(exchange); return false; } }
@Override public boolean isCached(RequestAuthenticator authenticator) { Session session = Sessions.getSession(exchange); if (session == null) { log.debug("session was null, returning null"); return false; } KeycloakUndertowAccount account = (KeycloakUndertowAccount)session.getAttribute(KeycloakUndertowAccount.class.getName()); if (account == null) { log.debug("Account was not in session, returning null"); return false; } if (!deployment.getRealm().equals(account.getKeycloakSecurityContext().getRealm())) { log.debug("Account in session belongs to a different realm than for this request."); return false; } account.setCurrentRequestInfo(deployment, this); if (account.checkActive()) { log.debug("Cached account found"); securityContext.authenticationComplete(account, "KEYCLOAK", false); ((AbstractUndertowRequestAuthenticator)authenticator).propagateKeycloakContext(account); return true; } else { log.debug("Account was not active, returning false"); session.removeAttribute(KeycloakUndertowAccount.class.getName()); session.removeAttribute(KeycloakSecurityContext.class.getName()); session.invalidate(exchange); return false; } }