@Override public SecurityConfigValidator createConfigurationValidator( GeoServerSecurityManager securityManager) { return new OAuth2FilterConfigValidator(securityManager); } }
/** The cache key is the authentication key (global identifier) */ @Override public String getCacheKey(HttpServletRequest request) { final String access_token = getParameterValue("access_token", request); return access_token != null ? access_token : getCustomSessionCookieValue(request); }
@Override public GeoServerSecurityFilter createFilter(SecurityNamedServiceConfig config) { return new GitHubOAuthAuthenticationFilter( config, tokenServices, oauth2SecurityConfiguration, geoServerOauth2RestTemplate); } }
@Test public void testOAuth2FilterConfigValidation() throws Exception { OpenIdConnectFilterConfig config = new OpenIdConnectFilterConfig(); config.setClassName(GeoServerOAuthAuthenticationFilter.class.getName()); config.setName("testOAuth2"); // the OpenConnectId config is empty as anyone can implement it, fill in some mandatory // values config.setAccessTokenUri("https://www.connectid/fake/test"); config.setUserAuthorizationUri("https://www.connectid/fake/test"); config.setCheckTokenEndpointUrl("https://www.connectid/fake/test"); check(config); validator.validateOAuth2FilterConfig(config); }
protected void configureRestTemplate() { AuthorizationCodeResourceDetails details = (AuthorizationCodeResourceDetails) restTemplate.getResource(); details.setClientId(filterConfig.getCliendId()); details.setClientSecret(filterConfig.getClientSecret()); ((GeoServerOAuthRemoteTokenServices) this.tokenServices) .setClientId(filterConfig.getCliendId()); ((GeoServerOAuthRemoteTokenServices) this.tokenServices) .setClientSecret(filterConfig.getClientSecret()); details.setAccessTokenUri(filterConfig.getAccessTokenUri()); details.setUserAuthorizationUri(filterConfig.getUserAuthorizationUri()); details.setPreEstablishedRedirectUri(filterConfig.getRedirectUri()); ((GeoServerOAuthRemoteTokenServices) this.tokenServices) .setCheckTokenEndpointUrl(filterConfig.getCheckTokenEndpointUrl()); details.setScope(parseScopes(filterConfig.getScopes())); }
@Before public void setValidator() { validator = new OAuth2FilterConfigValidator(getSecurityManager()); }
@Test public void testOAuth2FilterConfigValidation() throws Exception { GoogleOAuth2FilterConfig config = new GoogleOAuth2FilterConfig(); config.setClassName(GeoServerOAuthAuthenticationFilter.class.getName()); config.setName("testOAuth2"); check(config); validator.validateOAuth2FilterConfig(config); }
@Test public void testOAuth2FilterConfigValidation() throws Exception { GitHubOAuth2FilterConfig config = new GitHubOAuth2FilterConfig(); config.setClassName(GeoServerOAuthAuthenticationFilter.class.getName()); config.setName("testOAuth2"); check(config); validator.validateOAuth2FilterConfig(config); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); GeoServerSecurityManager manager = getSecurityManager(); OpenIdConnectFilterConfig filterConfig = new OpenIdConnectFilterConfig(); filterConfig.setName("openIdConnect"); filterConfig.setClassName(OpenIdConnectAuthenticationFilter.class.getName()); filterConfig.setCliendId("foo"); filterConfig.setClientSecret("bar"); filterConfig.setAccessTokenUri("https://www.connectid/fake/test"); filterConfig.setUserAuthorizationUri("https://www.connectid/fake/test"); filterConfig.setCheckTokenEndpointUrl("https://www.connectid/fake/test"); manager.saveFilter(filterConfig); SecurityManagerConfig config = manager.getSecurityConfig(); GeoServerSecurityFilterChain chain = config.getFilterChain(); RequestFilterChain www = chain.getRequestChainByName("web"); www.setFilterNames("openIdConnect", "anonymous"); manager.saveSecurityConfig(config); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); GeoServerSecurityManager manager = getSecurityManager(); GoogleOAuth2FilterConfig filterConfig = new GoogleOAuth2FilterConfig(); filterConfig.setName("google"); filterConfig.setClassName(GoogleOAuthAuthenticationFilter.class.getName()); filterConfig.setCliendId("foo"); filterConfig.setClientSecret("bar"); manager.saveFilter(filterConfig); SecurityManagerConfig config = manager.getSecurityConfig(); GeoServerSecurityFilterChain chain = config.getFilterChain(); RequestFilterChain www = chain.getRequestChainByName("web"); www.setFilterNames("google", "anonymous"); manager.saveSecurityConfig(config); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); GeoServerSecurityManager manager = getSecurityManager(); GitHubOAuth2FilterConfig filterConfig = new GitHubOAuth2FilterConfig(); filterConfig.setName("github"); filterConfig.setClassName(GitHubOAuthAuthenticationFilter.class.getName()); filterConfig.setCliendId("foo"); filterConfig.setClientSecret("bar"); manager.saveFilter(filterConfig); SecurityManagerConfig config = manager.getSecurityConfig(); GeoServerSecurityFilterChain chain = config.getFilterChain(); RequestFilterChain www = chain.getRequestChainByName("web"); www.setFilterNames("github", "anonymous"); manager.saveSecurityConfig(config); }
@Bean(name = "githubOAuth2Resource") public OAuth2ProtectedResourceDetails geoServerOAuth2Resource() { return super.geoServerOAuth2Resource(); }
@Override public void validateFilterConfig(SecurityNamedServiceConfig config) throws FilterConfigException { if (config instanceof OAuth2FilterConfig) { validateOAuth2FilterConfig((OAuth2FilterConfig) config); } else { super.validateFilterConfig(config); } }
@Override protected String getPreAuthenticatedPrincipal(HttpServletRequest request) { try { return getPreAuthenticatedPrincipal(request, null); } catch (IOException e) { return null; } catch (ServletException e) { return null; } }
protected OAuth2FilterConfigException createFilterException(String errorid, Object... args) { return new OAuth2FilterConfigException(errorid, args); } }
public GitHubTokenServices() { super(new GeoServerAccessTokenConverter()); }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { super.initializeFromConfig(config); aep = filterConfig.getAuthenticationEntryPoint(); }
@Test public void smokeTest() { Model<OpenIdConnectFilterConfig> model = new Model<>(new OpenIdConnectFilterConfig()); tester.startComponentInPage(new OpenIdConnectAuthProviderPanel("openid", model)); } }
@Before public void setValidator() { validator = new OAuth2FilterConfigValidator(getSecurityManager()); }
@Before public void setValidator() { validator = new OAuth2FilterConfigValidator(getSecurityManager()); }