Java Code Examples for org.wso2.carbon.identity.core.util.IdentityUtil#getServerURL()
The following examples show how to use
org.wso2.carbon.identity.core.util.IdentityUtil#getServerURL() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: WorkflowImplTenantMgtListener.java From carbon-identity with Apache License 2.0 | 6 votes |
|
@Override
public void onTenantCreate(TenantInfoBean tenantInfoBean) throws StratosException {
String fullName = tenantInfoBean.getAdmin() + UserCoreConstants.TENANT_DOMAIN_COMBINER + tenantInfoBean.getTenantDomain() ;
BPSProfile bpsProfileDTO = new BPSProfile();
String url = IdentityUtil.getServerURL(WorkflowImplServiceDataHolder.getInstance()
.getConfigurationContextService().getServerConfigContext().getServicePath(), true, true);
try {
bpsProfileDTO.setManagerHostURL(url);
bpsProfileDTO.setWorkerHostURL(url);
bpsProfileDTO.setUsername(fullName);
bpsProfileDTO.setPassword(new char[0]);
bpsProfileDTO.setProfileName(WFImplConstant.DEFAULT_BPS_PROFILE_NAME);
WorkflowImplServiceDataHolder.getInstance().getWorkflowImplService()
.addBPSProfile(bpsProfileDTO, tenantInfoBean
.getTenantId());
}catch (WorkflowImplException e) {
//This is not thrown exception because this is not blocked to the other functionality. User can create
// default profile by manually.
String errorMsg = "Error occured while adding default bps profile, " + e.getMessage();
log.error(errorMsg);
}
}
Example 2
| Source File: EndpointConfigManager.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Get property value by key
*
* @param key Property key
* @return Property value
*/
private static String getPropertyValue(String key) {
if ((Constants.SERVICES_URL.equals(key)) && !prop.containsKey(Constants.SERVICES_URL)) {
String serviceUrl = IdentityUtil.getServicePath();
return IdentityUtil.getServerURL(serviceUrl, true, true);
}
return prop.getProperty(key);
}
Example 3
| Source File: OAuth2Util.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static String getOAuth1RequestTokenUrl() {
String oauth1RequestTokenUrl = OAuthServerConfiguration.getInstance().getOAuth1RequestTokenUrl();
if(StringUtils.isBlank(oauth1RequestTokenUrl)){
oauth1RequestTokenUrl = IdentityUtil.getServerURL("oauth/request-token", true, true);
}
return oauth1RequestTokenUrl;
}
Example 4
| Source File: IWAAuthenticator.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public void sendToLoginPage(HttpServletRequest request, HttpServletResponse response, String ctx)
throws AuthenticationFailedException {
String iwaURL = null;
try {
iwaURL = IdentityUtil.getServerURL(IWAConstants.IWA_AUTH_EP, false, true) +
"?" + IWAConstants.IWA_PARAM_STATE + "=" +URLEncoder.encode(ctx, IWAConstants.UTF_8);
response.sendRedirect(response.encodeRedirectURL(iwaURL));
} catch (IOException e) {
log.error("Error when sending to the login page :" + iwaURL, e);
throw new AuthenticationFailedException("Authentication failed");
}
}
Example 5
| Source File: PassiveSTS.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private void sendToAuthenticationFramework(HttpServletRequest request, HttpServletResponse response,
String sessionDataKey, SessionDTO sessionDTO) throws IOException {
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
String selfPath = request.getRequestURI();
//Authentication context keeps data which should be sent to commonAuth endpoint
AuthenticationRequest authenticationRequest = new AuthenticationRequest();
authenticationRequest.setRelyingParty(sessionDTO.getRealm());
authenticationRequest.setCommonAuthCallerPath(selfPath);
authenticationRequest.setForceAuth(false);
authenticationRequest.setRequestQueryParams(request.getParameterMap());
//adding headers in out going request to authentication request context
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) {
String headerName = e.nextElement().toString();
authenticationRequest.addHeader(headerName, request.getHeader(headerName));
}
//Add authenticationRequest cache entry to cache
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
StringBuilder queryStringBuilder = new StringBuilder();
queryStringBuilder.append("?").
append(FrameworkConstants.SESSION_DATA_KEY).
append("=").
append(sessionDataKey).
append("&").
append(FrameworkConstants.RequestParams.TYPE).
append("=").
append(FrameworkConstants.PASSIVE_STS);
response.sendRedirect(commonAuthURL + queryStringBuilder.toString());
}
Example 6
| Source File: OpenIDUtil.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static String getFronEndUrl(String openId, HttpServletRequest request, String relativeUrl) {
String tenant = MultitenantUtils.getDomainNameFromOpenId(openId);
if (getHostName().equals(tenant)) {
tenant = null;
}
String frontEndUrl = IdentityUtil.getServerURL("/carbon/", false, true) + relativeUrl;
if (tenant != null && tenant.trim().length() > 0) {
return frontEndUrl.replace("/carbon/", "/t/" + tenant + "/carbon/");
}
return frontEndUrl;
}
Example 7
| Source File: OpenIDUtil.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static String getOpenIDUserPattern() {
// Read from OpenID configuration in identity.xml
String openIDUserPattern = IdentityUtil.getProperty(IdentityConstants.ServerConfig.OPENID_USER_PATTERN);
// If configuration are not defined, build URL from server configurations.
if (StringUtils.isBlank(openIDUserPattern)) {
openIDUserPattern = IdentityUtil.getServerURL(OpenIDServerConstants.OPENID, true, true);
}
return openIDUserPattern;
}
Example 8
| Source File: OAuth2Util.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static String getOAuth1AuthorizeUrl() {
String oauth1AuthorizeUrl = OAuthServerConfiguration.getInstance().getOAuth1AuthorizeUrl();
if(StringUtils.isBlank(oauth1AuthorizeUrl)){
oauth1AuthorizeUrl = IdentityUtil.getServerURL("oauth/authorize-url", true, true);
}
return oauth1AuthorizeUrl;
}
Example 9
| Source File: SAMLSSOUtil.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static String getNotificationEndpoint(){
String redirectURL = IdentityUtil.getProperty(IdentityConstants.ServerConfig
.NOTIFICATION_ENDPOINT);
if (StringUtils.isBlank(redirectURL)){
redirectURL = IdentityUtil.getServerURL(SAMLSSOConstants.NOTIFICATION_ENDPOINT, false, false);
}
return redirectURL;
}
Example 10
| Source File: AuthenticationEndpointTenantActivityListener.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* Initialize listener
*/
private synchronized void init() {
try {
tenantDataReceiveURLs = ConfigurationFacade.getInstance().getTenantDataEndpointURLs();
if (!tenantDataReceiveURLs.isEmpty()) {
serverURL = IdentityUtil.getServerURL("", true, true);
int index = 0;
for (String tenantDataReceiveUrl : tenantDataReceiveURLs) {
URI tenantDataReceiveURI = new URI(tenantDataReceiveUrl);
if (log.isDebugEnabled()) {
log.debug("Tenant list receiving url added : " + tenantDataReceiveUrl);
}
if (!tenantDataReceiveURI.isAbsolute()) {
// Set the absolute URL for tenant list receiving endpoint
tenantDataReceiveURLs.set(index, serverURL + tenantDataReceiveUrl);
}
index++;
}
initialized = true;
} else {
if (log.isDebugEnabled()) {
log.debug("TenantDataListenerURLs are not set in configuration");
}
}
} catch (URISyntaxException e) {
log.error("Error while getting TenantDataListenerURLs", e);
}
}
Example 11
| Source File: OAuth2Util.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static String getOAuth2TokenEPUrl() {
String oauth2TokenEPUrl = OAuthServerConfiguration.getInstance().getOAuth2TokenEPUrl();
if(StringUtils.isBlank(oauth2TokenEPUrl)){
oauth2TokenEPUrl = IdentityUtil.getServerURL("oauth2/token", true, false);
}
return oauth2TokenEPUrl;
}
Example 12
| Source File: OAuth2Util.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static String getOAuth2ErrorPageUrl() {
String oAuth2ErrorPageUrl = OAuthServerConfiguration.getInstance().getOauth2ErrorPageUrl();
if(StringUtils.isBlank(oAuth2ErrorPageUrl)){
oAuth2ErrorPageUrl = IdentityUtil.getServerURL("/authenticationendpoint/oauth2_error.do", false, false);
}
return oAuth2ErrorPageUrl;
}
Example 13
| Source File: InboundAuthenticationRequestProcessor.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Build response for framework logout
*
* @param context Inbound authentication context
* @return
* @throws IOException
* @throws IdentityApplicationManagementException
* @throws FrameworkException
*/
protected InboundAuthenticationResponse buildResponseForFrameworkLogout(InboundAuthenticationContext context)
throws IOException, IdentityApplicationManagementException, FrameworkException {
String sessionDataKey = UUIDGenerator.generateUUID();
AuthenticationRequest authenticationRequest = new AuthenticationRequest();
InboundAuthenticationRequest inboundAuthenticationRequest = context.getInboundAuthenticationRequest();
Map<String, String[]> parameterMap = inboundAuthenticationRequest.getParameters();
parameterMap.put(FrameworkConstants.SESSION_DATA_KEY, new String[] { sessionDataKey });
parameterMap.put(FrameworkConstants.RequestParams.TYPE, new String[] { getName() });
authenticationRequest.appendRequestQueryParams(parameterMap);
for (Map.Entry<String, String> entry : inboundAuthenticationRequest.getHeaders().entrySet()) {
authenticationRequest.addHeader(entry.getKey(), entry.getValue());
}
authenticationRequest.setRelyingParty(getRelyingPartyId());
authenticationRequest.setType(getName());
authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getCallbackPath(context), "UTF-8"));
authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT,
new String[]{"true"});
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
InboundAuthenticationContextCacheEntry contextCacheEntry = new InboundAuthenticationContextCacheEntry(context);
InboundAuthenticationUtil.addInboundAuthenticationContextToCache(sessionDataKey, contextCacheEntry);
InboundAuthenticationResponse response = new InboundAuthenticationResponse();
response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_NAME, getName());
response.addParameters(InboundAuthenticationConstants.RequestProcessor.SESSION_DATA_KEY, sessionDataKey);
response.addParameters(InboundAuthenticationConstants.RequestProcessor.CALL_BACK_PATH,
getCallbackPath(context));
response.addParameters(InboundAuthenticationConstants.RequestProcessor.RELYING_PARTY, getRelyingPartyId());
//type parameter is using since framework checking it, but future it'll use AUTH_NAME
response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_TYPE, getName());
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
response.setRedirectURL(commonAuthURL);
return response;
}
Example 14
| Source File: SAMLSSOProviderServlet.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private void sendToFrameworkForLogout(HttpServletRequest request, HttpServletResponse response,
SAMLSSOReqValidationResponseDTO signInRespDTO, String relayState,
String sessionId,
boolean invalid, boolean isPost) throws ServletException, IOException {
SAMLSSOSessionDTO sessionDTO = new SAMLSSOSessionDTO();
sessionDTO.setHttpQueryString(request.getQueryString());
sessionDTO.setRelayState(relayState);
sessionDTO.setSessionId(sessionId);
sessionDTO.setLogoutReq(true);
sessionDTO.setInvalidLogout(invalid);
if (signInRespDTO != null) {
sessionDTO.setDestination(signInRespDTO.getDestination());
sessionDTO.setRequestMessageString(signInRespDTO.getRequestMessageString());
sessionDTO.setIssuer(signInRespDTO.getIssuer());
sessionDTO.setRequestID(signInRespDTO.getId());
sessionDTO.setSubject(signInRespDTO.getSubject());
sessionDTO.setRelyingPartySessionId(signInRespDTO.getRpSessionId());
sessionDTO.setAssertionConsumerURL(signInRespDTO.getAssertionConsumerURL());
sessionDTO.setValidationRespDTO(signInRespDTO);
}
String sessionDataKey = UUIDGenerator.generateUUID();
addSessionDataToCache(sessionDataKey, sessionDTO);
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
String selfPath = request.getContextPath();
//Add all parameters to authentication context before sending to authentication
// framework
AuthenticationRequest authenticationRequest = new
AuthenticationRequest();
authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT,
new String[]{"true"});
authenticationRequest.setRequestQueryParams(request.getParameterMap());
authenticationRequest.setCommonAuthCallerPath(selfPath);
authenticationRequest.setPost(isPost);
if (signInRespDTO != null) {
authenticationRequest.setRelyingParty(signInRespDTO.getIssuer());
}
authenticationRequest.appendRequestQueryParams(request.getParameterMap());
//Add headers to AuthenticationRequestContext
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) {
String headerName = e.nextElement().toString();
authenticationRequest.addHeader(headerName, request.getHeader(headerName));
}
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry
(authenticationRequest);
addAuthenticationRequestToRequest(request, authRequest);
sendRequestToFramework(request, response, sessionDataKey, FrameworkConstants.RequestType.CLAIM_TYPE_SAML_SSO);
}
Example 15
| Source File: FacebookAuthenticator.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
protected void processAuthenticationResponse(HttpServletRequest request,
HttpServletResponse response,
AuthenticationContext context)
throws AuthenticationFailedException {
log.trace("Inside FacebookAuthenticator.authenticate()");
try {
Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
String clientId = authenticatorProperties.get(FacebookAuthenticatorConstants.CLIENT_ID);
String clientSecret =
authenticatorProperties.get(FacebookAuthenticatorConstants.CLIENT_SECRET);
String userInfoFields = authenticatorProperties.get(FacebookAuthenticatorConstants.USER_INFO_FIELDS);
String tokenEndPoint = getTokenEndpoint();
String fbAuthUserInfoUrl = getUserInfoEndpoint();
String callbackUrl = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
String code = getAuthorizationCode(request);
String token = getToken(tokenEndPoint, clientId, clientSecret, callbackUrl, code);
if (!StringUtils.isBlank(userInfoFields)) {
if (context.getExternalIdP().getIdentityProvider().getClaimConfig() != null && !StringUtils.isBlank
(context.getExternalIdP().getIdentityProvider().getClaimConfig().getUserClaimURI())) {
String userClaimUri = context.getExternalIdP().getIdentityProvider().getClaimConfig()
.getUserClaimURI();
if (!Arrays.asList(userInfoFields.split(",")).contains(userClaimUri)) {
userInfoFields += ("," + userClaimUri);
}
} else {
if (!Arrays.asList(userInfoFields.split(",")).contains(FacebookAuthenticatorConstants
.DEFAULT_USER_IDENTIFIER)) {
userInfoFields += ("," + FacebookAuthenticatorConstants.DEFAULT_USER_IDENTIFIER);
}
}
}
Map<String, Object> userInfoJson = getUserInfoJson(fbAuthUserInfoUrl, userInfoFields, token);
buildClaims(context, userInfoJson);
} catch (ApplicationAuthenticatorException e) {
log.error("Failed to process Facebook Connect response.", e);
throw new AuthenticationFailedException(e.getMessage(), e);
}
}
Example 16
| Source File: InboundAuthenticationRequestProcessor.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Build response for framework login
*
* @param context Inbound authentication context
* @return
* @throws IOException
* @throws IdentityApplicationManagementException
* @throws FrameworkException
*/
protected InboundAuthenticationResponse buildResponseForFrameworkLogin(InboundAuthenticationContext context)
throws IOException, IdentityApplicationManagementException, FrameworkException {
String sessionDataKey = UUIDGenerator.generateUUID();
AuthenticationRequest authenticationRequest = new AuthenticationRequest();
InboundAuthenticationRequest inboundAuthenticationRequest = context.getInboundAuthenticationRequest();
Map<String, String[]> parameterMap = inboundAuthenticationRequest.getParameters();
parameterMap.put(FrameworkConstants.SESSION_DATA_KEY, new String[] { sessionDataKey });
parameterMap.put(FrameworkConstants.RequestParams.TYPE, new String[] { getName() });
authenticationRequest.appendRequestQueryParams(parameterMap);
for (Map.Entry<String, String> entry : inboundAuthenticationRequest.getHeaders().entrySet()) {
authenticationRequest.addHeader(entry.getKey(), entry.getValue());
}
authenticationRequest.setRelyingParty(getRelyingPartyId());
authenticationRequest.setType(getName());
authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getCallbackPath(context), "UTF-8"));
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
InboundAuthenticationContextCacheEntry contextCacheEntry = new InboundAuthenticationContextCacheEntry(context);
InboundAuthenticationUtil.addInboundAuthenticationContextToCache(sessionDataKey, contextCacheEntry);
InboundAuthenticationResponse response = new InboundAuthenticationResponse();
response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_NAME, getName());
response.addParameters(InboundAuthenticationConstants.RequestProcessor.SESSION_DATA_KEY, sessionDataKey);
response.addParameters(InboundAuthenticationConstants.RequestProcessor.CALL_BACK_PATH,
getCallbackPath(context));
response.addParameters(InboundAuthenticationConstants.RequestProcessor.RELYING_PARTY, getRelyingPartyId());
//type parameter is using since framework checking it, but future it'll use AUTH_NAME
response.addParameters(InboundAuthenticationConstants.RequestProcessor.AUTH_TYPE, getName());
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
response.setRedirectURL(commonAuthURL);
return response;
}
Example 17
| Source File: OpenIDHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Returns the login page URL. User will be redirected to this URL when they
* are not authenticated.
*
* @param claimedID
* @param request
* @param params
* @return loginPageUrl
* @throws IdentityException
* @throws IOException
*/
private String getLoginPageUrl(String claimedID, HttpServletRequest request, ParameterList params)
throws IdentityException, IOException {
/*
* We are setting the request's openid identifier to the session
* here.
*/
request.getSession().setAttribute(OpenIDConstants.SessionAttribute.OPENID, claimedID);
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
String selfPath = request.getContextPath();
String sessionDataKey = UUIDGenerator.generateUUID();
//Authentication context keeps data which should be sent to commonAuth endpoint
AuthenticationRequest authenticationRequest = new
AuthenticationRequest();
authenticationRequest.setRelyingParty(getRelyingParty(request));
authenticationRequest.setCommonAuthCallerPath(selfPath);
String username = null;
String tenantDomain = null;
if (params.getParameterValue(FrameworkConstants.OPENID_IDENTITY) != null) {
username = OpenIDUtil.getUserName(params.getParameterValue(FrameworkConstants.OPENID_IDENTITY));
authenticationRequest.addRequestQueryParam(FrameworkConstants.USERNAME, new String[] { username });
}
if (params.getParameterValue(FrameworkConstants.RequestParams.TENANT_DOMAIN) != null) {
tenantDomain = params.getParameterValue(FrameworkConstants.RequestParams.TENANT_DOMAIN);
authenticationRequest.setTenantDomain(tenantDomain);
}
boolean forceAuthenticate = false;
if (!claimedID.endsWith("/openid/")) {
String authenticatedUser =
(String) request.getSession().getAttribute(OpenIDConstants.SessionAttribute.AUTHENTICATED_OPENID);
if (log.isDebugEnabled()) {
log.debug("claimedID : " + claimedID + ", authenticated user : " + authenticatedUser);
}
if (authenticatedUser != null && !"".equals(authenticatedUser.trim())
&& !claimedID.equals(authenticatedUser.trim())) {
if (log.isDebugEnabled()) {
log.debug("Overriding previously authenticated OpenID : " + authenticatedUser
+ " with the OpenID in the current request :" + claimedID
+ " and setting forceAuthenticate.");
}
forceAuthenticate = true;
}
}
authenticationRequest.setForceAuth(forceAuthenticate);
//Add request headers to authentication request context. ie to cache
authenticationRequest.setRequestQueryParams(request.getParameterMap());
for (Enumeration headerNames = request.getHeaderNames(); headerNames.hasMoreElements(); ) {
String headerName = headerNames.nextElement().toString();
authenticationRequest.addHeader(headerName, request.getHeader(headerName));
}
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
StringBuilder queryStringBuilder = new StringBuilder();
queryStringBuilder.append(commonAuthURL).
append("?").
append(FrameworkConstants.SESSION_DATA_KEY).
append("=").
append(sessionDataKey).
append("&").
append(FrameworkConstants.RequestParams.TYPE).
append("=").
append(FrameworkConstants.RequestType.CLAIM_TYPE_OPENID);
// reading the authorization header for request path authentication
FrameworkUtils.setRequestPathCredentials(request);
return queryStringBuilder.toString();
}
Example 18
| Source File: EndpointUtil.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Returns the login page URL.
*
* @param clientId
* @param sessionDataKey
* @param reqParams
* @param forceAuthenticate
* @param checkAuthentication
* @param scopes
* @return
* @throws UnsupportedEncodingException
*/
public static String getLoginPageURL(String clientId, String sessionDataKey,
boolean forceAuthenticate, boolean checkAuthentication, Set<String> scopes,
Map<String, String[]> reqParams) throws IdentityOAuth2Exception {
try {
String type = "oauth2";
if (scopes != null && scopes.contains("openid")) {
type = "oidc";
}
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
String selfPath = "/oauth2/authorize";
AuthenticationRequest authenticationRequest = new AuthenticationRequest();
int tenantId = OAuth2Util.getClientTenatId();
//Build the authentication request context.
authenticationRequest.setCommonAuthCallerPath(selfPath);
authenticationRequest.setForceAuth(forceAuthenticate);
authenticationRequest.setPassiveAuth(checkAuthentication);
authenticationRequest.setRelyingParty(clientId);
authenticationRequest.setTenantDomain(OAuth2Util.getTenantDomain(tenantId));
authenticationRequest.setRequestQueryParams(reqParams);
//Build an AuthenticationRequestCacheEntry which wraps AuthenticationRequestContext
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry
(authenticationRequest);
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
// Build new query param with only type and session data key
StringBuilder queryStringBuilder = new StringBuilder();
queryStringBuilder.append(commonAuthURL).
append("?").
append(FrameworkConstants.SESSION_DATA_KEY).
append("=").
append(sessionDataKey).
append("&").
append(FrameworkConstants.RequestParams.TYPE).
append("=").
append(type);
return queryStringBuilder.toString();
} finally {
OAuth2Util.clearClientTenantId();
}
}
Example 19
| Source File: PassiveSTS.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private void sendFrameworkForLogout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Map paramMap = request.getParameterMap();
SessionDTO sessionDTO = new SessionDTO();
sessionDTO.setAction(getAttribute(paramMap, PassiveRequestorConstants.ACTION));
sessionDTO.setAttributes(getAttribute(paramMap, PassiveRequestorConstants.ATTRIBUTE));
sessionDTO.setContext(getAttribute(paramMap, PassiveRequestorConstants.CONTEXT));
sessionDTO.setReplyTo(getAttribute(paramMap, PassiveRequestorConstants.REPLY_TO));
sessionDTO.setPseudo(getAttribute(paramMap, PassiveRequestorConstants.PSEUDO));
sessionDTO.setRealm(getAttribute(paramMap, PassiveRequestorConstants.REALM));
sessionDTO.setRequest(getAttribute(paramMap, PassiveRequestorConstants.REQUEST));
sessionDTO.setRequestPointer(getAttribute(paramMap, PassiveRequestorConstants.REQUEST_POINTER));
sessionDTO.setPolicy(getAttribute(paramMap, PassiveRequestorConstants.POLCY));
sessionDTO.setReqQueryString(request.getQueryString());
String sessionDataKey = UUIDGenerator.generateUUID();
addSessionDataToCache(sessionDataKey, sessionDTO);
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
String selfPath = request.getRequestURI();
AuthenticationRequest authenticationRequest = new AuthenticationRequest();
authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT,
new String[]{Boolean.TRUE.toString()});
authenticationRequest.setRequestQueryParams(request.getParameterMap());
authenticationRequest.setCommonAuthCallerPath(selfPath);
authenticationRequest.appendRequestQueryParams(request.getParameterMap());
// According to ws-federation-1.2-spec; 'wtrealm' will not be sent in the Passive STS Logout Request.
if (sessionDTO.getRealm() == null || sessionDTO.getRealm().trim().length() == 0) {
authenticationRequest.setRelyingParty(new String());
}
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) {
String headerName = e.nextElement().toString();
authenticationRequest.addHeader(headerName, request.getHeader(headerName));
}
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry
(authenticationRequest);
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
String queryParams = "?" + FrameworkConstants.SESSION_DATA_KEY + "=" + sessionDataKey
+ "&" + FrameworkConstants.RequestParams.TYPE + "=" + FrameworkConstants.PASSIVE_STS;
response.sendRedirect(commonAuthURL + queryParams);
}
Example 20
| Source File: IdentityProcessor.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
/**
* Get IdentityResponseBuilder for framework login
*
* @param context IdentityMessageContext
* @return IdentityResponseBuilder
*/
protected FrameworkLoginResponse.FrameworkLoginResponseBuilder buildResponseForFrameworkLogin(
IdentityMessageContext context) {
IdentityRequest identityRequest = context.getRequest();
Map<String, String[]> parameterMap = identityRequest.getParameterMap();
AuthenticationRequest authenticationRequest = new AuthenticationRequest();
authenticationRequest.appendRequestQueryParams(parameterMap);
Set<Map.Entry<String,String>> headers = new HashMap(identityRequest.getHeaderMap()).entrySet();
for (Map.Entry<String,String> header : headers) {
authenticationRequest.addHeader(header.getKey(), header.getValue());
}
authenticationRequest.setTenantDomain(identityRequest.getTenantDomain());
authenticationRequest.setRelyingParty(getRelyingPartyId(context));
authenticationRequest.setType(getType(context));
authenticationRequest.setPassiveAuth(Boolean.parseBoolean(
String.valueOf(context.getParameter(InboundConstants.PassiveAuth))));
authenticationRequest.setForceAuth(Boolean.parseBoolean(
String.valueOf(context.getParameter(InboundConstants.ForceAuth))));
try {
authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getCallbackPath(context),
StandardCharsets.UTF_8.name()));
} catch (UnsupportedEncodingException e) {
throw FrameworkRuntimeException.error("Error occurred while URL encoding callback path " +
getCallbackPath(context), e);
}
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
String sessionDataKey = UUIDGenerator.generateUUID();
authRequest.setValidityPeriod(TimeUnit.MINUTES.toNanos(IdentityUtil.getOperationCleanUpTimeout()));
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
InboundUtil.addContextToCache(sessionDataKey, context);
FrameworkLoginResponse.FrameworkLoginResponseBuilder responseBuilder =
new FrameworkLoginResponse.FrameworkLoginResponseBuilder(context);
responseBuilder.setAuthName(getType(context));
responseBuilder.setContextKey(sessionDataKey);
responseBuilder.setCallbackPath(getCallbackPath(context));
responseBuilder.setRelyingParty(getRelyingPartyId(context));
//type parameter is using since framework checking it, but future it'll use AUTH_NAME
responseBuilder.setAuthType(getType(context));
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
responseBuilder.setRedirectURL(commonAuthURL);
return responseBuilder;
}
