Java Code Examples for org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext#getCallerSessionKey()

The following examples show how to use org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext#getCallerSessionKey() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DefaultAuthenticationRequestHandler.java    From carbon-identity-framework with Apache License 2.0 4 votes vote down vote up
protected void sendResponse(HttpServletRequest request, HttpServletResponse response,
                            AuthenticationContext context) throws FrameworkException {

    if (log.isDebugEnabled()) {
        StringBuilder debugMessage = new StringBuilder();
        debugMessage.append("Sending response back to: ");
        debugMessage.append(context.getCallerPath()).append("...\n");
        debugMessage.append(FrameworkConstants.ResponseParams.AUTHENTICATED).append(": ");
        debugMessage.append(String.valueOf(context.isRequestAuthenticated())).append("\n");
        debugMessage.append(FrameworkConstants.ResponseParams.AUTHENTICATED_USER).append(": ");
        if (context.getSequenceConfig().getAuthenticatedUser() != null) {
            debugMessage.append(context.getSequenceConfig().getAuthenticatedUser()
                    .getAuthenticatedSubjectIdentifier()).append("\n");
        } else {
            debugMessage.append("No Authenticated User").append("\n");
        }
        debugMessage.append(FrameworkConstants.ResponseParams.AUTHENTICATED_IDPS).append(": ");
        debugMessage.append(context.getSequenceConfig().getAuthenticatedIdPs()).append("\n");
        debugMessage.append(FrameworkConstants.SESSION_DATA_KEY).append(": ");
        debugMessage.append(context.getCallerSessionKey());

        log.debug(debugMessage);
    }

    // TODO rememberMe should be handled by a cookie authenticator. For now rememberMe flag that
    // was set in the login page will be sent as a query param to the calling servlet so it will
    // handle rememberMe as usual.
    String rememberMeParam = "";

    if (context.isRequestAuthenticated() && context.isRememberMe()) {
        rememberMeParam = rememberMeParam + "chkRemember=on";
    }

    // if request is not authenticated populate error information sent from authenticators/handlers
    if (!context.isRequestAuthenticated()) {
        populateErrorInformation(request, response, context);
    }

    // redirect to the caller
    String redirectURL;
    String commonauthCallerPath = context.getCallerPath();

    try {
        String queryParamsString = "";
        if (context.getCallerSessionKey() != null) {
            queryParamsString = FrameworkConstants.SESSION_DATA_KEY + "=" +
                    URLEncoder.encode(context.getCallerSessionKey(), "UTF-8");
        }

        if (StringUtils.isNotEmpty(rememberMeParam)) {
            queryParamsString += "&" + rememberMeParam;
        }
        redirectURL = FrameworkUtils.appendQueryParamsStringToUrl(commonauthCallerPath, queryParamsString);
        response.sendRedirect(redirectURL);
    } catch (IOException e) {
        throw new FrameworkException(e.getMessage(), e);
    }
}
 
Example 2
Source File: DefaultLogoutRequestHandler.java    From carbon-identity-framework with Apache License 2.0 4 votes vote down vote up
protected void sendResponse(HttpServletRequest request, HttpServletResponse response,
                            AuthenticationContext context, boolean isLoggedOut)
        throws ServletException, IOException {

    if (log.isTraceEnabled()) {
        log.trace("Inside sendLogoutResponseToCaller()");
    }

    // Set values to be returned to the calling servlet as request
    // attributes
    request.setAttribute(FrameworkConstants.ResponseParams.LOGGED_OUT, isLoggedOut);

    String redirectURL;

    if(context.getCallerSessionKey() != null) {
        request.setAttribute(FrameworkConstants.SESSION_DATA_KEY, context.getCallerSessionKey());

        AuthenticationResult authenticationResult = new AuthenticationResult();
        authenticationResult.setLoggedOut(true);

        SequenceConfig sequenceConfig = context.getSequenceConfig();
        if (sequenceConfig != null) {
            authenticationResult.setSaaSApp(sequenceConfig.getApplicationConfig().isSaaSApp());
        }

        if (FrameworkUtils.getCacheDisabledAuthenticators().contains(context.getRequestType())
                && (response instanceof CommonAuthResponseWrapper) &&
                !((CommonAuthResponseWrapper) response).isWrappedByFramework()) {
            //Set authentication result as request attribute
            addAuthenticationResultToRequest(request, authenticationResult);
        } else {
            FrameworkUtils.addAuthenticationResultToCache(context.getCallerSessionKey(), authenticationResult);
        }

        String sessionDataKeyParam = FrameworkConstants.SESSION_DATA_KEY + "=" +
                URLEncoder.encode(context.getCallerSessionKey(), "UTF-8");
        redirectURL = FrameworkUtils.appendQueryParamsStringToUrl(context.getCallerPath(), sessionDataKeyParam);
    } else {
        redirectURL = context.getCallerPath();
    }

    /*
     * TODO Cache retaining is a temporary fix. Remove after Google fixes
     * http://code.google.com/p/gdata-issues/issues/detail?id=6628
     */
    String retainCache = System.getProperty("retainCache");

    if (retainCache == null) {
        FrameworkUtils.removeAuthenticationContextFromCache(context.getContextIdentifier());
    }

    if (log.isDebugEnabled()) {
        log.debug("Sending response back to: " + context.getCallerPath() + "...\n"
                  + FrameworkConstants.ResponseParams.LOGGED_OUT + " : " + isLoggedOut + "\n"
                  + FrameworkConstants.SESSION_DATA_KEY + ": " + context.getCallerSessionKey());
    }

    // redirect to the caller
    response.sendRedirect(redirectURL);
}
 
Example 3
Source File: DefaultAuthenticationRequestHandler.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
protected void sendResponse(HttpServletRequest request, HttpServletResponse response,
                            AuthenticationContext context) throws FrameworkException {

    if (log.isDebugEnabled()) {
        StringBuilder debugMessage = new StringBuilder();
        debugMessage.append("Sending response back to: ");
        debugMessage.append(context.getCallerPath()).append("...\n");
        debugMessage.append(FrameworkConstants.ResponseParams.AUTHENTICATED).append(": ");
        debugMessage.append(String.valueOf(context.isRequestAuthenticated())).append("\n");
        debugMessage.append(FrameworkConstants.ResponseParams.AUTHENTICATED_USER).append(": ");
        if (context.getSequenceConfig().getAuthenticatedUser() != null) {
            debugMessage.append(context.getSequenceConfig().getAuthenticatedUser().getAuthenticatedSubjectIdentifier()).append("\n");
        } else {
            debugMessage.append("No Authenticated User").append("\n");
        }
        debugMessage.append(FrameworkConstants.ResponseParams.AUTHENTICATED_IDPS).append(": ");
        debugMessage.append(context.getSequenceConfig().getAuthenticatedIdPs()).append("\n");
        debugMessage.append(FrameworkConstants.SESSION_DATA_KEY).append(": ");
        debugMessage.append(context.getCallerSessionKey());

        log.debug(debugMessage);
    }

    // TODO rememberMe should be handled by a cookie authenticator. For now rememberMe flag that
    // was set in the login page will be sent as a query param to the calling servlet so it will
    // handle rememberMe as usual.
    String rememberMeParam = "";

    if (context.isRequestAuthenticated() && context.isRememberMe()) {
        rememberMeParam = rememberMeParam + "&chkRemember=on";
    }

    // redirect to the caller
    String redirectURL = context.getCallerPath() + "?sessionDataKey="
            + context.getCallerSessionKey() + rememberMeParam;
    try {
        response.sendRedirect(redirectURL);
    } catch (IOException e) {
        throw new FrameworkException(e.getMessage(), e);
    }
}
 
Example 4
Source File: DefaultLogoutRequestHandler.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
protected void sendResponse(HttpServletRequest request, HttpServletResponse response,
                            AuthenticationContext context, boolean isLoggedOut)
        throws ServletException, IOException {

    if (log.isTraceEnabled()) {
        log.trace("Inside sendLogoutResponseToCaller()");
    }

    // Set values to be returned to the calling servlet as request
    // attributes
    request.setAttribute(FrameworkConstants.ResponseParams.LOGGED_OUT, isLoggedOut);

    String redirectURL;

    if(context.getCallerSessionKey() != null) {
        request.setAttribute(FrameworkConstants.SESSION_DATA_KEY, context.getCallerSessionKey());

        AuthenticationResult authenticationResult = new AuthenticationResult();
        authenticationResult.setLoggedOut(true);

        SequenceConfig sequenceConfig = context.getSequenceConfig();
        if (sequenceConfig != null) {
            authenticationResult.setSaaSApp(sequenceConfig.getApplicationConfig().isSaaSApp());
        }

        if (FrameworkUtils.getCacheDisabledAuthenticators().contains(context.getRequestType())
                && (response instanceof CommonAuthResponseWrapper)) {
            //Set authentication result as request attribute
            addAuthenticationResultToRequest(request, authenticationResult);
        }else{
            FrameworkUtils.addAuthenticationResultToCache(context.getCallerSessionKey(), authenticationResult);
        }

        redirectURL = context.getCallerPath() + "?sessionDataKey=" + context.getCallerSessionKey();
    } else {
        redirectURL = context.getCallerPath();
    }
    
    /*
     * TODO Cache retaining is a temporary fix. Remove after Google fixes
     * http://code.google.com/p/gdata-issues/issues/detail?id=6628
     */
    String retainCache = System.getProperty("retainCache");

    if (retainCache == null) {
        FrameworkUtils.removeAuthenticationContextFromCache(context.getContextIdentifier());
    }

    if (log.isDebugEnabled()) {
        log.debug("Sending response back to: " + context.getCallerPath() + "...\n"
                  + FrameworkConstants.ResponseParams.LOGGED_OUT + " : " + isLoggedOut + "\n"
                  + FrameworkConstants.SESSION_DATA_KEY + ": " + context.getCallerSessionKey());
    }

    // redirect to the caller
    response.sendRedirect(redirectURL);
}