Refine search
/** * Creates a new {@link OAuth2CredentialSource} instance. * * @return a OAuth2 credential source */ public OAuth2CredentialSource build() { if (authenticationHandler == null) { authenticationHandler = parameters -> { AuthenticationContext context = AuthenticationContext.captureCurrent(); AuthenticationContextConfigurationClient client = AccessController.doPrivileged(AuthenticationContextConfigurationClient.ACTION); AuthenticationConfiguration configuration = client.getAuthenticationConfiguration(URI.create(tokenEndpointUrl.toString()), context); CallbackHandler handler = client.getCallbackHandler(configuration); NameCallback nameCallback = new NameCallback("Client ID"); PasswordCallback password1 = new PasswordCallback("Client Secret", false); try { handler.handle(new Callback[]{nameCallback, password1}); } catch (Exception ignore) { } String userName = nameCallback.getName(); char[] password = password1.getPassword(); configureClientCredentialsParameters(parameters, userName, password); }; } return new OAuth2CredentialSource(tokenEndpointUrl, authenticationHandler.andThen(parameters -> { if (!parameters.containsKey("client_id") || !parameters.containsKey("client_secret")) { throw saslOAuth2.oauth2ClientCredentialsNotProvided(); } }), scopes, sslContextSupplier, hostnameVerifierSupplier); }
/** * Get a new authentication context which is the same as this one, but which includes the given rule and SSL context at * the end of its SSL context list. * * @param rule the rule to match * @param sslContext the SSL context to select when the rule matches * @return the combined authentication context */ public AuthenticationContext withSsl(MatchRule rule, SecurityFactory<SSLContext> sslContext) { if (sslContext == null || rule == null) return this; return new AuthenticationContext(authRules, with(sslRules, rule, sslContext)); }
private static SecurityFactory<AuthenticationContext> parseLegacyConfiguration() { final ServiceLoader<LegacyConfiguration> loader = ServiceLoader.load(LegacyConfiguration.class, ElytronXmlParser.class.getClassLoader()); final Iterator<LegacyConfiguration> iterator = loader.iterator(); final List<LegacyConfiguration> configs = new ArrayList<>(); for (;;) try { if (! iterator.hasNext()) break; configs.add(iterator.next()); } catch (ServiceConfigurationError ignored) {} return () -> { for (LegacyConfiguration config : configs) { final AuthenticationContext context = config.getConfiguredAuthenticationContext(); if (context != null) { xmlLog.trace("Found AuthenticationContext in legacy configuration"); return context; } } xmlLog.trace("No legacy configuration available, using AuthenticationContext.empty()"); return AuthenticationContext.empty(); }; }
/** * Get a new authentication context which is the same as this one, but without the rule and configuration at the index * indicated by the {@code idx} parameter. * * @param idx the index at which removal should be done * @return the modified authentication context * @throws IndexOutOfBoundsException if the index is out of bounds */ public AuthenticationContext withoutSsl(int idx) throws IndexOutOfBoundsException { return new AuthenticationContext(authRules, without(sslRules, idx)); }
/** * Get a new authentication context which is the same as this one, but which includes the rules, configurations * and SSL contexts of the given context at the end of its list. * * @param other the other authentication context * @return the combined authentication context */ public AuthenticationContext with(AuthenticationContext other) { if (other == null) return this; return new AuthenticationContext(withAll(authRules, other.authRules), withAll(sslRules, other.sslRules)); }
captured = AuthenticationContext.captureCurrent(); } else { try { AuthenticationConfiguration mergedConfiguration = AUTH_CONFIGURATION_CLIENT.getAuthenticationConfiguration(uri, captured); tempContext = AUTH_CONFIGURATION_CLIENT.getSSLContext(uri, captured); } catch (GeneralSecurityException e) { log.trace("No SSLContext available", e); AuthenticationContext context = AuthenticationContext.empty().with(MatchRule.ALL, mergedConfiguration); final SSLContext sslContext = tempContext; context = sslContext != null ? context.withSsl(MatchRule.ALL, () -> sslContext) : context; final IoFuture<Connection> futureConnection = endpoint.connect(convert(serviceUrl), getOptionMap(disabledMechanisms), context); IoFuture.Status result = futureConnection.await(getTimeoutValue(Timeout.CONNECTION, env), TimeUnit.SECONDS);
authContext = this.authContext; } else if(currentIdentity == null || currentIdentity.isAnonymous()) { authContext = AuthenticationContext.captureCurrent(); } else { authContext = AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().useForwardedIdentity(domain)); final AuthenticationConfiguration configuration = AUTH_CONFIG_CLIENT.getAuthenticationConfiguration(uri, authContext, -1, null, null); final Principal principal = AUTH_CONFIG_CLIENT.getPrincipal(configuration);
ConnectionPeerIdentity getPeerIdentity() throws IOException { SSLContext finalSslContext; if (sslContext == null) { try { finalSslContext = CLIENT.getSSLContext(location, AuthenticationContext.captureCurrent(), "jta", "jboss"); } catch (GeneralSecurityException e) { throw new IOException(e); } } else { finalSslContext = sslContext; } AuthenticationConfiguration finalAuthenticationConfiguration; if (authenticationConfiguration == null) { finalAuthenticationConfiguration = CLIENT.getAuthenticationConfiguration(location, AuthenticationContext.captureCurrent(), -1, "jta", "jboss"); } else { finalAuthenticationConfiguration = authenticationConfiguration; } return endpoint.getConnectedIdentity(location, finalSslContext, finalAuthenticationConfiguration).get(); }
@Override public SSLContext get() { AuthenticationContextConfigurationClient contextConfigurationClient = AccessController.doPrivileged(AuthenticationContextConfigurationClient.ACTION); try { return contextConfigurationClient.getSSLContext(tokenEndpointUrl.toURI(), AuthenticationContext.captureCurrent()); } catch (Exception cause) { throw saslOAuth2.failedToObtainSSLContext(cause); } } };
/** * Construct a new instance. * * @param delegate the delegate SASL client */ public AuthenticationContextSaslClient(final SaslClient delegate) { super(delegate); context = AuthenticationContext.captureCurrent(); }
void init() { if (eagerlyAcquireAffinity) { acquireAffinitiy(AUTH_CONTEXT_CLIENT.getAuthenticationConfiguration(uri, AuthenticationContext.captureCurrent())); } }
final OptionMap connectOptions = connectionSpec.getConnectOptions(); authenticationConfiguration = RemotingOptions.mergeOptionsIntoAuthenticationConfiguration(connectOptions, authenticationConfiguration); AuthenticationConfiguration ejbConfiguration = CLIENT.getAuthenticationConfiguration(destinationUri, context, - 1, "ejb", "jboss"); AuthenticationConfiguration jtaConfiguration = CLIENT.getAuthenticationConfiguration(destinationUri, context, - 1, "jta", "jboss"); if (sslContext == null) { try { sslContext = CLIENT.getSSLContext(destinationUri, context); } catch (GeneralSecurityException e) { throw EjbLogger.ROOT_LOGGER.failedToObtainSSLContext(e); AuthenticationContext mergedAuthenticationContext = context.with(0, ejbRule, ejbConfiguration.with(authenticationConfiguration)).with(jtaRule, jtaConfiguration.with(authenticationConfiguration)); return mergedAuthenticationContext.withSsl(0, rule, () -> finalSSLContext);
final AuthenticationContext context = AuthenticationContext.captureCurrent(); final AuthenticationConfiguration authenticationConfiguration; try { authenticationConfiguration = client.getAuthenticationConfiguration(getRequestingURL().toURI(), context); } catch (URISyntaxException e) { log.tracef("URISyntaxException getting URI from the requesting URL [%s]:", getRequestingURL(), e); final CallbackHandler callbackHandler = client.getCallbackHandler(authenticationConfiguration); final NameCallback nameCallback = new NameCallback(getRequestingPrompt()); final CredentialCallback credentialCallback = new CredentialCallback(PasswordCredential.class); return null; final PasswordFactory factory = PasswordFactory.getInstance(twoWayPassword.getAlgorithm(), client.getProviderSupplier(authenticationConfiguration)); password = factory.getKeySpec(factory.translate(twoWayPassword), ClearPasswordSpec.class).getEncodedPassword(); } catch (UnsupportedCallbackException e) {
AuthenticationContext authenticationContext = AuthenticationContext.captureCurrent(); if (sslContextFactory != null) { authenticationContext = authenticationContext.withSsl(MatchRule.ALL, sslContextFactory); this.sslContext = AUTH_CONFIGURATION_CLIENT.getSSLContext(connURI, authenticationContext);
public AuthenticationContext get() { return inherit ? context.with(AuthenticationContext.captureCurrent()) : context; } }
this.prepareInterceptorContext(op, params, interceptorContext); try { final AuthenticationContext context = AuthenticationContext.captureCurrent().with(MatchRule.ALL.matchProtocol("iiop"), authenticationConfiguration); retVal = identity.runAs((PrivilegedExceptionAction<Object>) () -> context.run((PrivilegedExceptionAction<Object>) () -> this.componentView.invoke(interceptorContext))); } catch (PrivilegedActionException e) { throw e.getCause();
Object readResolve() { AuthenticationContext context = AuthenticationContext.captureCurrent(); final NamingProvider currentNamingProvider = NamingProvider.getCurrentNamingProvider(); if (currentNamingProvider != null) { final ProviderEnvironment providerEnvironment = currentNamingProvider.getProviderEnvironment(); context = providerEnvironment.getAuthenticationContextSupplier().get(); } return context.runFunction(RemoteTransactionContext::getUserTransaction, RemoteTransactionContext.getInstancePrivate()); } }
/** * Run a privileged action with this authentication context associated for the duration of the task. * * @param action the action to run * @param <T> the action return type * @param <E> the action exception type * @return the action result (may be {@code null}) * @throws E if the action throws this exception */ public <T, E extends Exception> T runAsSupplierEx(ExceptionSupplier<T, E> action) throws E { return runExFunction(ExceptionSupplier::get, action); }
AuthenticationConfiguration.class, authenticationConfigurationInjector); authContext = authContext.andThen(a -> a.with(matchRuleSuppler.get(), authenticationConfigurationInjector.getValue())); SSLContext.class, sslContextInjector); authContext = authContext.andThen(a -> a.withSsl(matchRuleSuppler.get(), sslContextInjector::getValue));