/** * Resolve service from authentication request. * * @param service the service * @return the service */ protected Service resolveServiceFromAuthenticationRequest(final Service service) { return authenticationRequestServiceSelectionStrategies.resolveService(service); }
@Override public void configureAuthenticationServiceSelectionStrategy(final AuthenticationServiceSelectionPlan plan) { plan.registerStrategy(samlIdPEntityIdValidationServiceSelectionStrategy()); } }
/** * Resolve service from authentication request. * * @param service the service * @return the service */ protected Service resolveServiceFromAuthenticationRequest(final Service service) { return this.authenticationRequestServiceSelectionStrategies.resolveService(service); }
@Override public void configureAuthenticationServiceSelectionStrategy(final AuthenticationServiceSelectionPlan plan) { plan.registerStrategy(new DefaultAuthenticationServiceSelectionStrategy()); } }
private Service determineService(final HttpServletRequest request) { val serviceParameter = StringUtils.defaultIfBlank(request.getParameter(CasProtocolConstants.PARAMETER_SERVICE), casLoginEndpoint); return this.authenticationRequestServiceSelectionStrategies.resolveService(webApplicationServiceFactory.createService(serviceParameter)); } }
@Override public void configureAuthenticationServiceSelectionStrategy(final AuthenticationServiceSelectionPlan plan) { plan.registerStrategy(oauth20AuthenticationRequestServiceSelectionStrategy()); } }
/** * Gets registered service from request. * Reading the request body by the argument extractor here may cause the underlying request stream * to close. If there are any underlying controllers or components that expect to read * or parse the request body, like those that handle ticket validation, they would fail given the * {@link HttpServletRequest#getReader()} is consumed by the argument extractor here and not available anymore. * Therefor, any of the inner components of the extractor might have to cache the request body * as an attribute, etc so they can re-process and re-extract as needed. * * @param request the request * @return the registered service from request */ private Optional<RegisteredService> getRegisteredServiceFromRequest(final HttpServletRequest request) { val service = this.argumentExtractor.extractService(request); if (service != null) { val resolved = authenticationRequestServiceSelectionStrategies.resolveService(service); return Optional.ofNullable(this.servicesManager.findServiceBy(resolved)); } return Optional.empty(); } }
/** * Prepare cas response attributes for view model. * * @param model the model */ protected void prepareCasResponseAttributesForViewModel(final Map<String, Object> model) { val service = authenticationRequestServiceSelectionStrategies.resolveService(getServiceFrom(model)); val registeredService = this.servicesManager.findServiceBy(service); val principalAttributes = getCasPrincipalAttributes(model, registeredService); val attributes = new HashMap<String, Object>(principalAttributes); LOGGER.trace("Processed principal attributes from the output model to be [{}]", principalAttributes.keySet()); val protocolAttributes = getCasProtocolAuthenticationAttributes(model, registeredService); attributes.putAll(protocolAttributes); LOGGER.debug("Final collection of attributes for the response are [{}].", attributes.keySet()); putCasResponseAttributesIntoModel(model, attributes, registeredService, this.attributesRenderer); }
@Override public Collection<SingleLogoutRequest> handle(final WebApplicationService singleLogoutService, final String ticketId, final TicketGrantingTicket ticketGrantingTicket) { if (singleLogoutService.isLoggedOutAlready()) { LOGGER.debug("Service [{}] is already logged out.", singleLogoutService); return new ArrayList<>(0); } val selectedService = (WebApplicationService) this.authenticationRequestServiceSelectionStrategies.resolveService(singleLogoutService); LOGGER.trace("Processing logout request for service [{}]...", selectedService); val registeredService = this.servicesManager.findServiceBy(selectedService); LOGGER.debug("Service [{}] supports single logout and is found in the registry as [{}]. Proceeding...", selectedService.getId(), registeredService.getName()); val logoutUrls = this.singleLogoutServiceLogoutUrlBuilder.determineLogoutUrl(registeredService, selectedService); LOGGER.debug("Prepared logout url [{}] for service [{}]", logoutUrls, selectedService); if (logoutUrls == null || logoutUrls.isEmpty()) { LOGGER.debug("Service [{}] does not support logout operations given no logout url could be determined.", selectedService); return new ArrayList<>(0); } LOGGER.trace("Creating logout request for [{}] and ticket id [{}]", selectedService, ticketId); return createLogoutRequests(ticketId, selectedService, registeredService, logoutUrls, ticketGrantingTicket); }
val service = this.authenticationRequestServiceSelectionStrategies.resolveService(serviceContext); if (service == null) { LOGGER.trace("No service is found in the request context. Falling back to the default theme [{}]", getDefaultThemeName());
@Override public boolean supports(final WebApplicationService singleLogoutService) { val selectedService = (WebApplicationService) this.authenticationRequestServiceSelectionStrategies.resolveService(singleLogoutService); val registeredService = this.servicesManager.findServiceBy(selectedService); if (registeredService != null && registeredService.getAccessStrategy().isServiceAccessAllowed() && registeredService.getLogoutType() != RegisteredServiceLogoutType.NONE) { return supportsInternal(singleLogoutService, registeredService); } return false; }
@Override protected Event doExecute(final RequestContext requestContext) { val service = this.serviceSelectionStrategy.resolveService(WebUtils.getService(requestContext)); if (service != null) { val registeredService = this.servicesManager.findServiceBy(service); RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService); if (registeredService instanceof SamlRegisteredService) { val samlService = SamlRegisteredService.class.cast(registeredService); val adaptor = SamlRegisteredServiceServiceProviderMetadataFacade.get(resolver, samlService, service.getId()); if (adaptor.isEmpty()) { throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + service.getId()); } val mdui = MetadataUIUtils.locateMetadataUserInterfaceForEntityId(adaptor.get().getEntityDescriptor(), service.getId(), registeredService, WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext)); WebUtils.putServiceUserInterfaceMetadata(requestContext, mdui); } } return success(); } }