@Override public void addResponseCookie(final Cookie cookie) { Definition c = new Definition(cookie.getName(), cookie.getValue()); Optional.ofNullable(cookie.getDomain()).ifPresent(c::domain); Optional.ofNullable(cookie.getPath()).ifPresent(c::path); c.httpOnly(cookie.isHttpOnly()); c.maxAge(cookie.getMaxAge()); c.secure(cookie.isSecure()); rsp.cookie(c); }
public static String getFullRequestURL(WebContext ctx, Request req, String path) { StringBuilder url = new StringBuilder(); url.append(ctx.getScheme()).append("://").append(ctx.getServerName()).append(":") .append(ctx.getServerPort()); url.append(req.contextPath()).append(path); req.queryString().ifPresent(query -> url.append("?").append(query)); return url.toString(); }
@Override public Collection<Cookie> getRequestCookies() { return req.cookies().stream().map(c -> { Cookie cookie = new Cookie(c.name(), c.value().orElse(null)); c.domain().ifPresent(cookie::setDomain); c.path().ifPresent(cookie::setPath); cookie.setHttpOnly(c.httpOnly()); cookie.setSecure(c.secure()); return cookie; }).collect(Collectors.toList()); }
@Override public Collection<Cookie> getRequestCookies() { return getRequest().getCookies().stream().map(c -> { Cookie cookie = new Cookie(c.getName(), c.getValue()); cookie.setComment(c.getComment()); cookie.setSecure(c.getSecure()); cookie.setPath(c.getPath()); cookie.setHttpOnly(c.isHttpOnly()); cookie.setDomain(c.getDomain()); cookie.setMaxAge(c.getMaxAge()); cookie.setVersion(c.getVersion()); return cookie; }).collect(Collectors.toList()); }
@Override public TokenCredentials extract(final WebContext context) { final Collection<Cookie> col = context.getRequestCookies(); for (final Cookie c : col) { if (c.getName().equals(this.cookieName)) { return new TokenCredentials(c.getValue()); } } return null; }
public Object get(WebContext context, String key) { final Cookie cookie = ContextHelper.getCookie(context, PAC4J_SESSION_PREFIX + key); Object value = null; if (cookie != null) { value = uncompressDecryptBase64(cookie.getValue()); } logger.debug("Get from session: {} = {}", key, value); return value; }
/** * Gets pac4j context. * * @param request the request * @param response the response * @param sessionStore the session store * @return the context */ public static J2EContext getPac4jJ2EContext(final HttpServletRequest request, final HttpServletResponse response, final SessionStore sessionStore) { return new J2EContext(request, response, sessionStore); }
public void setNoCacheHeaders() { webContext.setResponseHeader("Cache-control", "no-cache, no-store"); webContext.setResponseHeader("Pragma", "no-cache"); }
@Override public void handle(Request req, Response rsp, Route.Chain chain) throws Throwable { try { WebContext context = req.require(WebContext.class); /** 1: don't save authentication urls: */ String existingRequestedUrl = (String) context .getSessionAttribute(Pac4jConstants.REQUESTED_URL); boolean resetRequestedUrl = excludes.stream() .filter(it -> !it.endsWith("/**") && req.matches(it)) .findFirst() .isPresent(); conf.getSecurityLogic() .perform(context, conf, new Pac4jGrantAccessAdapter(req, rsp, chain), conf.getHttpActionAdapter(), clients, authorizers, matchers, multiProfile); /** 2: don't save authentication urls: */ if (resetRequestedUrl && req.ifSession().isPresent()) { // log.info("ignoring {} by {}", ctx.g, existingRequestedUrl); context.setSessionAttribute(Pac4jConstants.REQUESTED_URL, existingRequestedUrl); } } catch (TechnicalException x) { Throwable cause = x.getCause(); if (!(cause instanceof Err)) { // Pac4j wrap everything as TechnicalException, it makes stacktrace ugly, so we rethrow // Err cause = x; } throw cause; } // } }
final String requestedUrl = req.path() + queryString; log.debug("requestedUrl: {}", requestedUrl); ctx.setSessionAttribute(Pac4jConstants.REQUESTED_URL, requestedUrl); client.redirect(ctx); rsp.end();
@Override public boolean supports(final J2EContext context) { val grantType = context.getRequestParameter(OAuth20Constants.GRANT_TYPE); return OAuth20Utils.isGrantType(grantType, OAuth20GrantTypes.PASSWORD); } }
private String ipFromHeaders(WebContext context) { String ip; for (String header : alternateIpHeaders) { ip = context.getRequestHeader(header); if (ip != null && !ip.isEmpty()) { return ip; } } return null; }
private MockWebContext getContextWithAuthorizationHeader(String value) { MockWebContext context = MockWebContext.create(); return context.addRequestHeader(HttpConstants.AUTHORIZATION_HEADER, value); } }
@Override public void setContentType(final String type) { webContext.setResponseContentType(type + ";charset=" + StandardCharsets.UTF_8); }
@Override public void addResponseCookie(Cookie cookie) { org.jooby.Cookie.Definition c = new org.jooby.Cookie.Definition(cookie.getName(), cookie.getValue()); Optional.ofNullable(cookie.getDomain()).ifPresent(c::domain); Optional.ofNullable(cookie.getPath()).ifPresent(c::path); c.httpOnly(cookie.isHttpOnly()); c.maxAge(cookie.getMaxAge()); c.secure(cookie.isSecure()); rsp.cookie(c); }
@Override public Collection<Cookie> getRequestCookies() { return req.cookies().stream().map(c -> { Cookie cookie = new Cookie(c.name(), c.value().orElse(null)); c.domain().ifPresent(cookie::setDomain); c.path().ifPresent(cookie::setPath); cookie.setSecure(c.secure()); cookie.setHttpOnly(c.httpOnly()); return cookie; }).collect(Collectors.toList()); }
@Override public Object get(WebContext context, String key) { final Cookie cookie = ContextHelper.getCookie(context, PAC4J_SESSION_PREFIX + key); Object value = null; if (cookie != null) { value = uncompressDecryptBase64(cookie.getValue()); } logger.debug("Get from session: {} = {}", key, value); return value; }
@Override protected TokenCredentials retrieveCredentials(final WebContext context) { // set the www-authenticate in case of error context.setResponseHeader(HttpConstants.AUTHENTICATE_HEADER, HttpConstants.BEARER_HEADER_PREFIX + "realm=\"" + realmName + "\""); return super.retrieveCredentials(context); }
@Override public void addResponseCookie(Cookie cookie) { getResponse().cookie(cookie.getPath(), cookie.getDomain(), cookie.getName(), cookie.getValue(), cookie.getMaxAge(), cookie.isSecure() ); javax.servlet.http.Cookie addedCookie = getResponse().getCookie(cookie.getName()); addedCookie.setHttpOnly(cookie.isHttpOnly()); addedCookie.setComment(cookie.getComment()); }
@Override protected UsernamePasswordCredentials retrieveCredentials(final WebContext context) { // set the www-authenticate in case of error context.setResponseHeader(HttpConstants.AUTHENTICATE_HEADER, "Basic realm=\"" + realmName + "\""); return super.retrieveCredentials(context); }