/** * Required. Returns the {@link UserPrincipal}. */ public UserPrincipal getUser() { return null == authentication ? null : authentication.getUser(); }
@Override public UserPrincipal getUser() { return wrapped.getUser(); }
@Override protected Map<String, Object> createDefaultClaims(Authentication auth) { UserPrincipal user = auth.getUser(); Map<String, Object> claims = new HashMap<>(); claims.put(JWT.CLAIM_JWT_ID, UUID.randomUUID().toString()); claims.put(CLAIM_NAME, user.getLoginName()); return claims; }
@Override public String[] resolveLogoutUrls(Request request, Response response, LogoutContext context) throws Throwable { Authentication authc = context.getAuthentication(); if(null == authc) { return Arrays2.EMPTY_STRING_ARRAY; } String token = context.getAuthenticationToken(); if(Strings.isEmpty(token)) { throw new IllegalStateException("The authentication token must be exists."); } AuthzSSOStore ss = config.getSSOStore(); AuthzSSOSession session = ss.loadSessionByToken(authc.getUser().getLoginName(), token); if(null == session) { return Arrays2.EMPTY_STRING_ARRAY; } List<AuthzSSOLogin> logins = ss.loadLoginsInSession(session); Set<String> urls = new HashSet<>(); for(AuthzSSOLogin login : logins){ if(!Strings.isEmpty(login.getLogoutUri())) { urls.add(login.getLogoutUri()); } } return urls.toArray(new String[urls.size()]); }
@Override public String[] resolveLogoutUrls(Request request, Response response, LogoutContext context) throws Throwable { Authentication authc = context.getAuthentication(); if(null == authc) { return Arrays2.EMPTY_STRING_ARRAY; } String token = context.getAuthenticationToken(); if(Strings.isEmpty(token)) { throw new IllegalStateException("The authentication token must be exists."); } AuthzSSOStore ss = config.getSSOStore(); AuthzSSOSession session = ss.loadSessionByToken(authc.getUser().getLoginName(), token); if(null == session) { return Arrays2.EMPTY_STRING_ARRAY; } List<AuthzSSOLogin> logins = ss.loadLoginsInSession(session); Set<String> urls = new HashSet<>(); for(AuthzSSOLogin login : logins){ if(!Strings.isEmpty(login.getLogoutUri())) { urls.add(login.getLogoutUri()); } } return urls.toArray(new String[urls.size()]); }
@Override public void onLoginSuccess(Request request, Response response, Authentication authentication) { UserPrincipal user = authentication.getUser(); if(user instanceof UserDetails){ String rememberMe = request.getParameter(securityConfig.getRememberMeParameterName()); if(Converts.toBoolean(rememberMe, false)){ setRememberMeCookie(request,response,user.getLoginName(),((UserDetails) user).getPassword()); }else{ removeCookie(request, response); } } }
@Override public State handleLoginAuthentication(Request request, Response response, LoginContext context) throws Throwable { if(!context.isError()) { Credentials credentials = context.getCredentials(); if(null != credentials){ try { Authentication authc = authenticationManager.authenticate(context, credentials); if(null != authc){ context.setUser(authc.getUser()); } } catch (AuthenticationException e) { //TODO : handle authentication exception log.error(e.getMessage(), e); } } } return State.CONTINUE; }
protected AuthzSSOSession newSession(Request request, Response response, AuthzAuthentication authc) { SimpleAuthzSSOSession session = new SimpleAuthzSSOSession(); UserPrincipal user = authc.getAuthentication().getUser(); String token = authc.getAuthentication().getToken(); Map<String, Object> claims = verifier.verify(token); session.setId((String) claims.get(JWT.CLAIM_JWT_ID)); session.setUserId(user.getIdAsString()); session.setUsername(user.getLoginName()); session.setToken(authc.getAuthentication().getToken()); session.setExpiresIn(config.getDefaultLoginSessionExpires()); session.setCreated(System.currentTimeMillis()); return session; }
protected AuthzSSOSession newSession(Request request, Response response, AuthzAuthentication authc) { SimpleAuthzSSOSession session = new SimpleAuthzSSOSession(); UserPrincipal user = authc.getAuthentication().getUser(); String token = authc.getAuthentication().getToken(); Map<String, Object> claims = verifier.verify(token); session.setId((String) claims.get(JwtTokenAuthenticator.JWT_ID)); session.setUserId(user.getIdAsString()); session.setUsername(user.getLoginName()); session.setToken(authc.getAuthentication().getToken()); session.setExpiresIn(config.getDefaultLoginSessionExpires()); session.setCreated(System.currentTimeMillis()); return session; }
@Override public void loginImmediately(Request request, Response response, Authentication authc) { log.debug("User {} logged in", authc.getUser().getLoginName()); saveAuthentication(request, response, authc); if(securityConfig.isAuthenticationTokenEnabled()) { tokenAuthenticationManager.onLoginSuccess(request, response, authc); } if(securityConfig.isRememberMeEnabled() && !authc.isRememberMe()) { rememberMeManager.onLoginSuccess(request, response, authc); } for(AuthenticationResolver h : resolvers) { h.onLoginSuccess(request, response, authc); } }
@Override public OAuth2AccessToken fetchAndSaveAccessToken(Request request, Authentication authc, String code) { HttpRequest req = hc.request(config.getServerTokenEndpointUrl()) .addFormParam("grant_type", "authorization_code") .addFormParam("code", code) .addHeader("Authorization", "Basic " + Base64.encode(config.getClientId()+":"+config.getClientSecret())); HttpResponse resp = req.post(); if(resp.isOk()) { Map<String, Object> map = JSON.decode(resp.getString()); if(!map.containsKey("error")) { SimpleWacAccessToken at = new SimpleWacAccessToken(); at.setCreated(System.currentTimeMillis()); at.setToken((String)map.get("access_token")); at.setRefreshToken((String)map.get("refresh_token")); at.setExpiresIn((Integer)map.get("expires_in")); at.setUserId(authc.getUser().getIdAsString()); saveAccessToken(request, at); return at; }else{ throw new AuthorizationCodeInvalidException("Cannot obtain access token, authorization code may be invalid : " + map.get("error")); } }else { throw new ObtainAccessTokenFailedException("Obtain access token failed, " + resp.getStatus() + " -> " + resp.getString()); } }
@Override public State postResolveAuthentication(Request request, Response response, AuthenticationContext context) throws Throwable { if(!request.getPath().equals(config.getAuthzEndpointPath())) { return State.CONTINUE; } OAuth2Params params = new RequestOAuth2Params(request); ResponseTypeHandler handler = getResponseTypeHandler(request, response, params); if(null == handler) { return State.INTERCEPTED; } Result<AuthzClient> result = handler.validateRequest(request, response, params); if(result.isIntercepted()) { return State.INTERCEPTED; } AuthzClient client = result.get(); //If user not authenticated, redirect to login url. Authentication authc = context.getAuthentication(); //todo: if(null == authc || !authc.isAuthenticated() || (authc instanceof ResAuthentication)) { if(null == authc || !authc.isAuthenticated()) { //Expose view data. exposeViewData(request, params, client); return State.CONTINUE; } //Handle authentication. handleAuthenticated(request, response, new SimpleAuthzAuthentication(params, client, um.getUserDetails(authc.getUser()), authc), handler); //Intercepted. return State.INTERCEPTED; }
@Override public State postResolveAuthentication(Request request, Response response, AuthenticationContext context) throws Throwable { if(!request.getPath().equals(config.getAuthzEndpointPath())) { return State.CONTINUE; } OAuth2Params params = new RequestOAuth2Params(request); ResponseTypeHandler handler = getResponseTypeHandler(request, response, params); if(null == handler) { return State.INTERCEPTED; } Result<AuthzClient> result = handler.validateRequest(request, response, params); if(result.isIntercepted()) { return State.INTERCEPTED; } AuthzClient client = result.get(); //If user not authenticated, redirect to login url. Authentication authc = context.getAuthentication(); if(null == authc || !authc.isAuthenticated() || (authc instanceof ResAuthentication)) { //Expose view data. exposeViewData(request, params, client); return State.CONTINUE; } //Handle authentication. handleAuthenticated(request, response, new SimpleAuthzAuthentication(params, client, um.getUserDetails(authc.getUser()), authc), handler); //Intercepted. return State.INTERCEPTED; }
if(null != authc && !principal.getId().equals(authc.getUser().getId())) { sessionManager.removeAuthentication(request);
handleAuthenticated(request, response, new SimpleAuthzAuthentication(params, client, um.getUserDetails(authc.getUser()), authc), handler);
handleAuthenticated(request, response, new SimpleAuthzAuthentication(params, client, um.getUserDetails(authc.getUser()), authc), handler);
if(null == authc.getUser()) { authc = new WrappedAuthentication(authc,createAnonymous(request, response, context));