@Bean public Config oauthSecConfig() { val cfg = new CasConfiguration(casProperties.getServer().getLoginUrl()); val oauthCasClient = new CasClient(cfg); oauthCasClient.setRedirectActionBuilder(webContext -> oauthCasClientRedirectActionBuilder().build(oauthCasClient, webContext)); oauthCasClient.setName(Authenticators.CAS_OAUTH_CLIENT); oauthCasClient.setUrlResolver(casCallbackUrlResolver()); val authenticator = oAuthClientAuthenticator(); val basicAuthClient = new DirectBasicAuthClient(authenticator); basicAuthClient.setName(Authenticators.CAS_OAUTH_CLIENT_BASIC_AUTHN); val directFormClient = new DirectFormClient(authenticator); directFormClient.setName(Authenticators.CAS_OAUTH_CLIENT_DIRECT_FORM); directFormClient.setUsernameParameter(OAuth20Constants.CLIENT_ID); directFormClient.setPasswordParameter(OAuth20Constants.CLIENT_SECRET); val pkceAuthnClient = new DirectFormClient(oAuthProofKeyCodeExchangeAuthenticator()); pkceAuthnClient.setName(Authenticators.CAS_OAUTH_CLIENT_PROOF_KEY_CODE_EXCHANGE_AUTHN); pkceAuthnClient.setUsernameParameter(OAuth20Constants.CLIENT_ID); pkceAuthnClient.setPasswordParameter(OAuth20Constants.CODE_VERIFIER); val userFormClient = new DirectFormClient(oAuthUserAuthenticator()); userFormClient.setName(Authenticators.CAS_OAUTH_CLIENT_USER_FORM); val config = new Config(OAuth20Utils.casOAuthCallbackUrl(casProperties.getServer().getPrefix()), oauthCasClient, basicAuthClient, pkceAuthnClient, directFormClient, userFormClient); config.setSessionStore(new J2ESessionStore()); return config; }
default Config getConfig() { // login not used because the ajax resolver always answer true Authenticator<UsernamePasswordCredentials> auth = new SimpleTestUsernamePasswordAuthenticator(); FormClient client = new FormClient("notUsedLoginUrl", auth); DirectFormClient client2 = new DirectFormClient(auth); DirectFormClient client3 = new DirectFormClient(auth); client3.setName(DEFAULT_CLIENT); Clients clients = new Clients("notUsedCallbackUrl", client, client2, client3); // in case of invalid credentials, we simply want the error, not a redirect to the login url clients.setAjaxRequestResolver(new JaxRsAjaxRequestResolver()); // so that callback url have the correct prefix w.r.t. the container's context clients.setUrlResolver(new JaxRsUrlResolver()); clients.setDefaultSecurityClients(DEFAULT_CLIENT); return new Config(clients); } }