@Override public void handle(Request req, Response rsp, Route.Chain chain) throws Throwable { try { WebContext context = req.require(WebContext.class); /** 1: don't save authentication urls: */ String existingRequestedUrl = (String) context .getSessionAttribute(Pac4jConstants.REQUESTED_URL); boolean resetRequestedUrl = excludes.stream() .filter(it -> !it.endsWith("/**") && req.matches(it)) .findFirst() .isPresent(); conf.getSecurityLogic() .perform(context, conf, new Pac4jGrantAccessAdapter(req, rsp, chain), conf.getHttpActionAdapter(), clients, authorizers, matchers, multiProfile); /** 2: don't save authentication urls: */ if (resetRequestedUrl && req.ifSession().isPresent()) { // log.info("ignoring {} by {}", ctx.g, existingRequestedUrl); context.setSessionAttribute(Pac4jConstants.REQUESTED_URL, existingRequestedUrl); } } catch (TechnicalException x) { Throwable cause = x.getCause(); if (!(cause instanceof Err)) { // Pac4j wrap everything as TechnicalException, it makes stacktrace ugly, so we rethrow // Err cause = x; } throw cause; } // } }
@Override @SuppressWarnings("unchecked") public void handle(RouteContext routeContext) { Objects.requireNonNull(securityLogic); Objects.requireNonNull(config); PippoWebContext webContext = new PippoWebContext(routeContext, config.getSessionStore()); try { securityLogic.perform(webContext, config, (ctx, parameters) -> { throw new SecurityGrantedAccessException(); }, config.getHttpActionAdapter(), clients, authorizers, matchers, multiProfile); // stop the processing if no success granted access exception has been raised log.debug("Halt the request processing"); } catch (SecurityGrantedAccessException e) { // ignore this exception, it means the access is granted: continue log.debug("Received SecurityGrantedAccessException -> continue"); routeContext.next(); } }
@Override public void doFilter(final ServletRequest req, final ServletResponse resp, final FilterChain filterChain) throws IOException, ServletException { assertNotNull("securityLogic", this.securityLogic); assertNotNull("config", this.config); final HttpServletRequest request = (HttpServletRequest) req; final HttpServletResponse response = (HttpServletResponse) resp; final J2EContext context = new J2EContext(request, response, config.getSessionStore()); securityLogic.perform(context, this.config, (ctx, profiles, parameters) -> { filterChain.doFilter(request, response); return null; }, J2ENopHttpActionAdapter.INSTANCE, this.clients, this.authorizers, this.matchers, this.multiProfile); }
@Override public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException { assertNotNull("securityLogic", securityLogic); assertNotNull("config", config); final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpServletResponse response = (HttpServletResponse) servletResponse; final SessionStore<J2EContext> sessionStore = config.getSessionStore(); final J2EContext context = new J2EContext(request, response, sessionStore != null ? sessionStore : ShiroSessionStore.INSTANCE); securityLogic.perform(context, config, (ctx, profiles, parameters) -> { filterChain.doFilter(request, response); return null; }, J2ENopHttpActionAdapter.INSTANCE, clients, authorizers, matchers, multiProfile); }
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { assertNotNull("securityLogic", securityLogic); assertNotNull("config", config); final J2EContext context = new J2EContext(request, response, config.getSessionStore()); return securityLogic.perform(context, config, (context1, profiles, parameters) -> true , (code, webCtx) -> false, clients, authorizers, matchers, multiProfile); }
@Override protected void filter(JaxRsContext context) throws IOException { Config config = getConfig(); // Note: basically, there is two possible outcomes: // either the access is granted or there was an error or a redirect! // For the former, we do nothing (see SecurityGrantedAccessOutcome comments) // For the later, we interpret the error and abort the request using jax-rs abstractions buildLogic(config).perform(context, config, new SecurityGrantedAccessOutcome(), adapter(config), clients, authorizers, matchers, multiProfile); }
@Override public void handle(final Request request, final Response response) { assertNotNull("securityLogic", securityLogic); assertNotNull("config", config); final SparkWebContext context = new SparkWebContext(request, response, config.getSessionStore()); final Object result = securityLogic.perform(context, this.config, (ctx, profiles, parameters) -> SECURITY_GRANTED_ACCESS, config.getHttpActionAdapter(), this.clients, this.authorizers, this.matchers, this.multiProfile); if (result == SECURITY_GRANTED_ACCESS) { // It means that the access is granted: continue logger.debug("Received SECURITY_GRANTED_ACCESS -> continue"); } else { logger.debug("Halt the request processing"); // stop the processing if no SECURITY_GRANTED_ACCESS has been received halt(); } }
public CompletionStage<Result> internalCall(final Context ctx, final String clients, final String authorizers, final String matchers, final boolean multiProfile) throws Throwable { assertNotNull("securityLogic", securityLogic); assertNotNull("config", config); final PlayWebContext playWebContext = new PlayWebContext(ctx, sessionStore); final HttpActionAdapter<Result, WebContext> actionAdapter = config.getHttpActionAdapter(); assertNotNull("actionAdapter", actionAdapter); final HttpActionAdapter<CompletionStage<Result>, PlayWebContext> actionAdapterWrapper = (code, webCtx) -> CompletableFuture.completedFuture(actionAdapter.adapt(code, webCtx)); return securityLogic.perform(playWebContext, config, (webCtx, profiles, parameters) -> { // when called from Scala if (delegate == null) { return CompletableFuture.completedFuture(null); } else { return delegate.call(ctx); } }, actionAdapterWrapper, clients, authorizers, matchers, multiProfile); }
public CompletionStage<Result> internalCall(final Context ctx, final String clients, final String authorizers, final String matchers, final boolean multiProfile) throws Throwable { assertNotNull("securityLogic", securityLogic); assertNotNull("config", config); final PlayWebContext playWebContext = new PlayWebContext(ctx, sessionStore); final HttpActionAdapter<Result, WebContext> actionAdapter = config.getHttpActionAdapter(); assertNotNull("actionAdapter", actionAdapter); final HttpActionAdapter<CompletionStage<Result>, PlayWebContext> actionAdapterWrapper = (code, webCtx) -> CompletableFuture.completedFuture(actionAdapter.adapt(code, webCtx)); return securityLogic.perform(playWebContext, config, (webCtx, profiles, parameters) -> { // when called from Scala if (delegate == null) { return CompletableFuture.completedFuture(null); } else { return delegate.call(ctx); } }, actionAdapterWrapper, clients, authorizers, matchers, multiProfile); }
@Override protected final void internalFilter(final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain) throws IOException, ServletException { assertNotNull("securityLogic", securityLogic); final Config config = getConfig(); assertNotNull("config", config); final J2EContext context = new J2EContext(request, response, config.getSessionStore()); retrieveSecurityLogic().perform(context, config, (ctx, profiles, parameters) -> { // if no profiles are loaded, pac4j is not concerned with this request filterChain.doFilter(profiles.isEmpty() ? request : new Pac4JHttpServletRequestWrapper(request, profiles), response); return null; }, retrieveHttpActionAdapter(), clients, authorizers, matchers, multiProfile); }
@Override protected final void internalFilter(final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain) throws IOException, ServletException { assertNotNull("securityLogic", securityLogic); final Config config = getConfig(); assertNotNull("config", config); final JEEContext context = new JEEContext(request, response, config.getSessionStore()); retrieveSecurityLogic().perform(context, config, (ctx, profiles, parameters) -> { // if no profiles are loaded, pac4j is not concerned with this request filterChain.doFilter(profiles.isEmpty() ? request : new Pac4JHttpServletRequestWrapper(request, profiles), response); return null; }, retrieveHttpActionAdapter(), clients, authorizers, matchers, multiProfile); }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { assertNotNull("securityLogic", securityLogic); assertNotNull("config", config); final UndertowWebContext context = new UndertowWebContext(exchange, config.getSessionStore()); securityLogic.perform(context, this.config, (ctx, profiles, parameters) -> { toWrap.handleRequest(exchange); return null; }, UndertowNopHttpActionAdapter.INSTANCE, this.clients, this.authorizers, this.matchers, this.multiProfile); }
vertx.executeBlocking(future -> securityLogic.perform(webContext, config, (ctx, profiles, parameters) -> {
vertx.executeBlocking(future -> securityLogic.perform(webContext, config, (ctx, profiles, parameters) -> {