@Override protected UserSubject getGrantSubject(Message message, SamlAssertionWrapper wrapper) { UserSubject userSubject = super.getGrantSubject(message, wrapper); return new UserSubject(userSubject.getLogin(), userSubject.getRoles()); }
public UserSubject(UserSubject sub) { this(sub.getLogin(), sub.getId(), sub.getRoles()); this.properties = sub.getProperties(); this.am = sub.getAuthenticationMethod(); }
public static UserSubject createSubject(SecurityContext securityContext) { List<String> roleNames = Collections.emptyList(); if (securityContext instanceof LoginSecurityContext) { roleNames = new ArrayList<>(); Set<Principal> roles = ((LoginSecurityContext)securityContext).getUserRoles(); for (Principal p : roles) { roleNames.add(p.getName()); } } UserSubject subject = new UserSubject(securityContext.getUserPrincipal().getName(), roleNames); Message m = JAXRSUtils.getCurrentMessage(); if (m != null && m.get(AuthenticationMethod.class) != null) { subject.setAuthenticationMethod(m.get(AuthenticationMethod.class)); } return subject; }
private static UserSubject recreateUserSubject(String sequence) { UserSubject subject = null; if (!sequence.trim().isEmpty()) { String[] subjectParts = sequence.split("\\."); subject = new UserSubject(getStringPart(subjectParts[0]), getStringPart(subjectParts[1])); subject.setRoles(parseSimpleList(subjectParts[2])); subject.setProperties(parseSimpleMap(subjectParts[3])); } return subject; }
public String getName(UserSubject subject) { return subject.getLogin(); } }
protected UserSubject getGrantSubject(Message message, SamlAssertionWrapper wrapper) { SecurityContext sc = scProvider.getSecurityContext(message, wrapper); if (sc instanceof SAMLSecurityContext) { SAMLSecurityContext jaxrsSc = (SAMLSecurityContext)sc; Set<Principal> rolesP = jaxrsSc.getUserRoles(); List<String> roles = new ArrayList<>(); if (rolesP != null) { for (Principal p : rolesP) { roles.add(p.getName()); } } return new SamlUserSubject(jaxrsSc.getUserPrincipal().getName(), roles, jaxrsSc.getClaims()); } return new UserSubject(sc.getUserPrincipal().getName()); }
String username = claims.getStringProperty(usernameClaimName); if (username != null) { UserSubject userSubject = new UserSubject(username); if (claims.getSubject() != null) { userSubject.setId(claims.getSubject()); atv.setTokenSubject(new UserSubject(claims.getSubject()));
@Override public UserSubject createSubject(Client client, String user, String pass) { Document doc = DOMUtils.getEmptyDocument(); UsernameToken token = new UsernameToken(false, doc, WSS4JConstants.PASSWORD_TEXT); token.setName(user); token.setPassword(pass); Credential credential = new Credential(); credential.setUsernametoken(token); RequestData data = new RequestData(); data.setMsgContext(PhaseInterceptorChain.getCurrentMessage()); data.setCallbackHandler(callbackHandler); UsernameTokenValidator validator = new UsernameTokenValidator(); try { credential = validator.validate(credential, data); UserSubject subject = new UserSubject(); subject.setLogin(user); return subject; } catch (Exception ex) { throw ExceptionUtils.toInternalServerErrorException(ex, null); } }
public boolean isUserInRole(String role) { if (theSubject == null) { return false; } return theSubject.getRoles().contains(role); } };
private String getProcessedIdToken(OAuthRedirectionState state, UserSubject subject, List<String> scopes) { if (subject.getProperties().containsKey(OidcUtils.ID_TOKEN)) { return subject.getProperties().get(OidcUtils.ID_TOKEN); } else if (idTokenProvider != null) { IdToken idToken = idTokenProvider.getIdToken(state.getClientId(), subject, scopes); return processIdToken(state, idToken); } else if (subject instanceof OidcUserSubject) { OidcUserSubject sub = (OidcUserSubject)subject; IdToken idToken = new IdToken(sub.getIdToken()); idToken.setAudience(state.getClientId()); idToken.setAuthorizedParty(state.getClientId()); return processIdToken(state, idToken); } else { return null; } }
throw ExceptionUtils.toForbiddenException(null, null); if (am != null && !am.equals(accessTokenV.getTokenSubject().getAuthenticationMethod())) { String message = "The token has been authorized by the resource owner " + "using an unsupported authentication method";
public String getName(UserSubject subject) { return subject.getLogin(); } }
protected UserSubject getGrantSubject(Message message, SamlAssertionWrapper wrapper) { SecurityContext sc = scProvider.getSecurityContext(message, wrapper); if (sc instanceof SAMLSecurityContext) { SAMLSecurityContext jaxrsSc = (SAMLSecurityContext)sc; Set<Principal> rolesP = jaxrsSc.getUserRoles(); List<String> roles = new ArrayList<>(); if (rolesP != null) { for (Principal p : rolesP) { roles.add(p.getName()); } } return new SamlUserSubject(jaxrsSc.getUserPrincipal().getName(), roles, jaxrsSc.getClaims()); } return new UserSubject(sc.getUserPrincipal().getName()); }
String username = claims.getStringProperty(usernameClaimName); if (username != null) { UserSubject userSubject = new UserSubject(username); if (claims.getSubject() != null) { userSubject.setId(claims.getSubject()); atv.setTokenSubject(new UserSubject(claims.getSubject()));
private static UserSubject recreateUserSubject(String sequence) { UserSubject subject = null; if (!sequence.trim().isEmpty()) { String[] subjectParts = sequence.split("\\."); subject = new UserSubject(getStringPart(subjectParts[0]), getStringPart(subjectParts[1])); subject.setRoles(parseSimpleList(subjectParts[2])); subject.setProperties(parseSimpleMap(subjectParts[3])); } return subject; }
public boolean isUserInRole(String role) { if (theSubject == null) { return false; } return theSubject.getRoles().contains(role); } };
private String getProcessedIdToken(OAuthRedirectionState state, UserSubject subject, List<String> scopes) { if (subject.getProperties().containsKey(OidcUtils.ID_TOKEN)) { return subject.getProperties().get(OidcUtils.ID_TOKEN); } else if (idTokenProvider != null) { IdToken idToken = idTokenProvider.getIdToken(state.getClientId(), subject, scopes); return processIdToken(state, idToken); } else if (subject instanceof OidcUserSubject) { OidcUserSubject sub = (OidcUserSubject)subject; IdToken idToken = new IdToken(sub.getIdToken()); idToken.setAudience(state.getClientId()); idToken.setAuthorizedParty(state.getClientId()); return processIdToken(state, idToken); } else { return null; } }
throw ExceptionUtils.toForbiddenException(null, null); if (am != null && !am.equals(accessTokenV.getTokenSubject().getAuthenticationMethod())) { String message = "The token has been authorized by the resource owner " + "using an unsupported authentication method";