/** * Parse request scopes set. * * @param context the context * @return the set */ public static Set<String> parseRequestScopes(final J2EContext context) { return parseRequestScopes(context.getRequest()); }
ticketGrantingTicketCookieGenerator, this.ticketRegistry, context.getRequest());
/** * Gets requested scopes. * * @param context the context * @return the requested scopes */ public static Collection<String> getRequestedScopes(final J2EContext context) { return getRequestedScopes(context.getRequest()); }
val metadata = new BasicCredentialMetaData(new BasicIdentifiableCredential(profile.getId())); val handlerResult = new DefaultAuthenticationHandlerExecutionResult(authenticator, metadata, newPrincipal, new ArrayList<>()); val scopes = CollectionUtils.toCollection(context.getRequest().getParameterValues(OAuth20Constants.SCOPE));
@RequestMapping("/centralLogout") @ResponseBody public void centralLogout() { logoutController.logout(webContext.getRequest(), webContext.getResponse()); }
@Override protected boolean validateInternal(final J2EContext context, final String grantType, final ProfileManager manager, final UserProfile uProfile) { val request = context.getRequest(); val clientId = uProfile.getId(); val redirectUri = request.getParameter(OAuth20Constants.REDIRECT_URI);
/** * Store. * * @param webContext the web context */ public void store(final J2EContext webContext) { val session = Maps.<String, Object>newLinkedHashMap(); val webSession = (HttpSession) webContext.getSessionStore().getTrackableSession(webContext); val names = webSession.getAttributeNames(); while (names.hasMoreElements()) { val name = names.nextElement(); val value = webSession.getAttribute(name); session.put(name, value); } val cookieValue = serializeSessionValues(session); cookieGenerator.addCookie(webContext.getRequest(), webContext.getResponse(), cookieValue); }
/** * Build service. * * @param registeredService the registered service * @param context the context * @param useServiceHeader the use service header * @return the service */ public Service buildService(final OAuthRegisteredService registeredService, final J2EContext context, final boolean useServiceHeader) { var id = StringUtils.EMPTY; if (useServiceHeader) { id = OAuth20Utils.getServiceRequestHeaderIfAny(context.getRequest()); LOGGER.debug("Located service based on request header is [{}]", id); } if (StringUtils.isBlank(id)) { id = registeredService.getClientId(); } return webApplicationServiceServiceFactory.createService(id); }
@Override public boolean validate(final J2EContext context) { val request = context.getRequest(); val responseType = request.getParameter(OAuth20Constants.RESPONSE_TYPE); if (!OAuth20Utils.checkResponseTypes(responseType, OAuth20ResponseTypes.values())) { LOGGER.warn("Response type [{}] is not supported.", responseType); return false; } val clientId = request.getParameter(OAuth20Constants.CLIENT_ID); val registeredService = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, clientId); try { RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService); } catch (final UnauthorizedServiceException e) { LOGGER.warn("Registered service access is not allowed for service definition for client id [{}]", clientId); return false; } return OAuth20Utils.isAuthorizedResponseTypeForService(context, registeredService); }
@Override public boolean validate(final J2EContext context) { val request = context.getRequest(); val response = context.getResponse(); val grantType = request.getParameter(OAuth20Constants.GRANT_TYPE); if (!isGrantTypeSupported(grantType, OAuth20GrantTypes.values())) { LOGGER.warn("Grant type is not supported: [{}]", grantType); return false; } val manager = Pac4jUtils.getPac4jProfileManager(request, response); val profile = (Optional<CommonProfile>) manager.get(true); if (profile.isEmpty()) { LOGGER.warn("Could not locate authenticated profile for this request. Request is not authenticated"); return false; } val uProfile = profile.get(); return validateInternal(context, grantType, manager, uProfile); }
/** * Retrieve. * * @param webContext the web context */ public void restore(final J2EContext webContext) { val value = cookieGenerator.retrieveCookieValue(webContext.getRequest()); if (StringUtils.isNotBlank(value)) { val blob = EncodingUtils.hexDecode(value); val session = serializer.from(blob); session.forEach((k, v) -> webContext.getSessionStore().set(webContext, k, v)); } removeCookie(webContext); }
@Override public boolean validate(final J2EContext context) { val request = context.getRequest(); val checkParameterExist = Stream.of(OAuth20Constants.CLIENT_ID, OAuth20Constants.REDIRECT_URI, OAuth20Constants.RESPONSE_TYPE) .allMatch(s -> HttpRequestUtils.doesParameterExist(request, s));
@Override protected boolean validateInternal(final J2EContext context, final String grantType, final ProfileManager manager, final UserProfile uProfile) { val request = context.getRequest(); if (!HttpRequestUtils.doesParameterExist(request, OAuth20Constants.REFRESH_TOKEN) || !HttpRequestUtils.doesParameterExist(request, OAuth20Constants.CLIENT_ID)) {
@Override protected boolean validateInternal(final J2EContext context, final String grantType, final ProfileManager manager, final UserProfile uProfile) { val request = context.getRequest(); if (!HttpRequestUtils.doesParameterExist(request, OAuth20Constants.CLIENT_ID)) { return false; } val clientId = request.getParameter(OAuth20Constants.CLIENT_ID); LOGGER.debug("Received grant type [{}] with client id [{}]", grantType, clientId); val registeredService = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, clientId); val service = webApplicationServiceServiceFactory.createService(registeredService.getServiceId()); val audit = AuditableContext.builder() .service(service) .registeredService(registeredService) .build(); val accessResult = this.registeredServiceAccessStrategyEnforcer.execute(audit); accessResult.throwExceptionIfNeeded(); if (!isGrantTypeSupportedBy(registeredService, grantType)) { LOGGER.warn("Requested grant type [{}] is not authorized by service definition [{}]", getGrantType(), registeredService.getServiceId()); return false; } return true; } }
@Override public View build(final J2EContext context, final String clientId, final AccessTokenRequestDataHolder holder) { val accessTokenResult = accessTokenGenerator.generate(holder); val result = OAuth20AccessTokenResponseResult.builder() .registeredService(holder.getRegisteredService()) .service(holder.getService()) .accessTokenTimeout(accessTokenExpirationPolicy.getTimeToLive()) .responseType(OAuth20Utils.getResponseType(context)) .casProperties(casProperties) .generatedToken(accessTokenResult) .build(); accessTokenResponseGenerator.generate(context.getRequest(), context.getResponse(), result); return null; }