Java Code Examples for io.vertx.reactivex.ext.web.RoutingContext#session()
The following examples show how to use
io.vertx.reactivex.ext.web.RoutingContext#session() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: LogoutEndpoint.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
private void invalidateSession(RoutingContext routingContext, Handler<AsyncResult<User>> handler) {
io.gravitee.am.model.User endUser = null;
// clear context and session
if (routingContext.user() != null) {
endUser = ((io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) routingContext.user().getDelegate()).getUser();
// audit event
report(endUser, routingContext.request());
// clear user
routingContext.clearUser();
}
if (routingContext.session() != null) {
routingContext.session().destroy();
}
handler.handle(Future.succeededFuture(endUser));
}
Example 2
| Source File: LoginCallbackEndpoint.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext routingContext) {
Session session = routingContext.session();
if (session != null && session.get(RedirectAuthHandler.DEFAULT_RETURN_URL_PARAM) != null) {
// if we have an id_token, put in the session context for post step (mainly the user consent step)
if (routingContext.data().containsKey(ID_TOKEN_CONTEXT_KEY)) {
session.put(ID_TOKEN_CONTEXT_KEY, routingContext.get(ID_TOKEN_CONTEXT_KEY));
}
final String redirectUrl = session.get(RedirectAuthHandler.DEFAULT_RETURN_URL_PARAM);
doRedirect(routingContext.response(), redirectUrl);
} else {
routingContext.fail(503);
}
}
Example 3
| Source File: MFAChallengeStep.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void execute(RoutingContext routingContext, AuthenticationFlowChain flow) {
final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
final Session session = routingContext.session();
// check if application has enabled MFA
if (client == null) {
flow.doNext(routingContext);
return;
}
if (client.getFactors() == null || client.getFactors().isEmpty()) {
flow.doNext(routingContext);
return;
}
// check if user is already authenticated with strong auth
if (session.get(STRONG_AUTH_COMPLETED) != null && session.get(STRONG_AUTH_COMPLETED).equals(true)) {
flow.doNext(routingContext);
return;
}
// check if user has skipped enrollment step
if (session.get(MFA_SKIPPED_KEY) != null && session.get(MFA_SKIPPED_KEY).equals(true)) {
flow.doNext(routingContext);
return;
}
// else go to the MFA challenge page
flow.exit(this);
}
Example 4
| Source File: UserConsentEndpoint.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext routingContext) {
final Session session = routingContext.session();
final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
final Set<String> requiredConsent = session.get(REQUESTED_CONSENT_CONTEXT_KEY);
// fetch scope information (name + description)
fetchConsentInformation(requiredConsent, h -> {
if (h.failed()) {
routingContext.fail(h.cause());
return;
}
List<Scope> requestedScopes = h.result();
routingContext.put(SCOPES_CONTEXT_KEY, requestedScopes);
engine.render(routingContext.data(), getTemplateFileName(client), res -> {
if (res.succeeded()) {
routingContext.response().putHeader(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_HTML);
routingContext.response().end(res.result());
} else {
logger.error("Unable to render user consent page", res.cause());
routingContext.fail(res.cause());
}
});
});
}
Example 5
| Source File: LoginRequestParseHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
Session session = context.session();
if (session == null || session.get(RedirectAuthHandler.DEFAULT_RETURN_URL_PARAM) == null) {
throw new InvalidRequestException("User cannot log in directly from the login page");
}
context.next();
}
Example 6
| Source File: MFAEnrollStep.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void execute(RoutingContext routingContext, AuthenticationFlowChain flow) {
final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
final Session session = routingContext.session();
final io.gravitee.am.model.User endUser = ((User) routingContext.user().getDelegate()).getUser();
// check if application has enabled MFA
if (client == null) {
flow.doNext(routingContext);
return;
}
if (client.getFactors() == null || client.getFactors().isEmpty()) {
flow.doNext(routingContext);
return;
}
// check if user is already authenticated with strong auth
if (session.get(STRONG_AUTH_COMPLETED) != null && session.get(STRONG_AUTH_COMPLETED).equals(true)) {
flow.doNext(routingContext);
return;
}
// check if user has skipped enrollment step
if (session.get(MFA_SKIPPED_KEY) != null && session.get(MFA_SKIPPED_KEY).equals(true)) {
flow.doNext(routingContext);
return;
}
// check if user is already enrolled for MFA
if (isUserEnrolled(routingContext, endUser, client)) {
flow.doNext(routingContext);
return;
}
// else go to the MFA enroll page
flow.exit(this);
}
Example 7
| Source File: UserConsentProcessHandler.java From graviteeio-access-management with Apache License 2.0 | 4 votes |
|
@Override
public void handle(RoutingContext routingContext) {
final HttpServerRequest request = routingContext.request();
final Session session = routingContext.session();
final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
final io.gravitee.am.model.User user = ((User) routingContext.user().getDelegate()).getUser();
final Set<String> requestedConsent = session.get(REQUESTED_CONSENT_CONTEXT_KEY);
final AuthorizationRequest authorizationRequest = session.get(OAuth2Constants.AUTHORIZATION_REQUEST);
// get user consent
MultiMap params = routingContext.request().formAttributes();
Map<String, String> userConsent = params.entries().stream()
.filter(entry -> entry.getKey().startsWith(SCOPE_PREFIX))
.collect(Collectors.toMap(scopeEntry -> scopeEntry.getKey(), scopeEntry -> params.get(USER_OAUTH_APPROVAL)));
// compute user consent that have been approved / denied
Set<String> approvedConsent = new HashSet<>();
List<ScopeApproval> approvals = new ArrayList<>();
for (String requestedScope : requestedConsent) {
String approvalParameter = requestedScope;
String value = userConsent.get(SCOPE_PREFIX + approvalParameter);
value = value == null ? "" : value.toLowerCase();
if ("true".equals(value) || value.startsWith("approve")) {
approvedConsent.add(requestedScope);
approvals.add(new ScopeApproval(authorizationRequest.transactionId(), user.getId(), client.getClientId(), domain.getId(),
requestedScope, ScopeApproval.ApprovalStatus.APPROVED));
}
else {
approvals.add(new ScopeApproval(authorizationRequest.transactionId(), user.getId(), client.getClientId(), domain.getId(),
requestedScope, ScopeApproval.ApprovalStatus.DENIED));
}
}
// save consent
saveConsent(request, user, client, approvals, h -> {
if (h.failed()) {
routingContext.fail(h.cause());
return;
}
boolean approved = (approvedConsent.isEmpty() && !requestedConsent.isEmpty()) ? false : true;
authorizationRequest.setApproved(approved);
authorizationRequest.setScopes(approvedConsent);
authorizationRequest.setConsents(h.result());
session.put(USER_CONSENT_COMPLETED_CONTEXT_KEY, true);
routingContext.next();
});
}
Example 8
| Source File: AuthorizationRequestEndUserConsentHandler.java From graviteeio-access-management with Apache License 2.0 | 4 votes |
|
@Override
public void handle(RoutingContext routingContext) {
final Session session = routingContext.session();
final HttpServerRequest request = routingContext.request();
final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
final io.gravitee.am.model.User user = routingContext.user() != null ? ((User) routingContext.user().getDelegate()).getUser() : null;
final AuthorizationRequest authorizationRequest = session.get(OAuth2Constants.AUTHORIZATION_REQUEST);
final Set<String> requestedConsent = authorizationRequest.getScopes();
// no consent to check, continue
if (requestedConsent == null || requestedConsent.isEmpty()) {
routingContext.next();
return;
}
// check if user is already set its consent
if (session.get(USER_CONSENT_COMPLETED_CONTEXT_KEY) != null && session.get(USER_CONSENT_COMPLETED_CONTEXT_KEY).equals(true)) {
if (authorizationRequest.isApproved()) {
routingContext.next();
return;
}
// if prompt=none and the Client does not have pre-configured consent for the requested Claims, throw interaction_required exception
// https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
String prompt = request.params().get(Parameters.PROMPT);
if (prompt != null && Arrays.asList(prompt.split("\\s+")).contains("none")) {
routingContext.fail(new InteractionRequiredException("Interaction required"));
} else {
routingContext.fail(new AccessDeniedException("User denied access"));
}
return;
}
// application has forced to prompt consent screen to the user
// go to the user consent page
if (request.params().contains(Parameters.PROMPT)
&& request.params().get(Parameters.PROMPT).contains("consent")) {
session.put(REQUESTED_CONSENT_CONTEXT_KEY, requestedConsent);
redirectToConsentPage(request);
return;
}
// check if application has enabled skip consent option
if (skipConsent(requestedConsent, client)) {
authorizationRequest.setApproved(true);
routingContext.next();
return;
}
// check user consent
checkUserConsent(client, user, h -> {
if (h.failed()) {
routingContext.fail(h.cause());
return;
}
Set<String> approvedConsent = h.result();
// user approved consent, continue
if (approvedConsent.containsAll(requestedConsent)) {
authorizationRequest.setApproved(true);
routingContext.next();
return;
}
// else go to the user consent page
Set<String> requiredConsent = requestedConsent.stream().filter(requestedScope -> !approvedConsent.contains(requestedScope)).collect(Collectors.toSet());
session.put(REQUESTED_CONSENT_CONTEXT_KEY, requiredConsent);
redirectToConsentPage(request);
});
}
