Java Code Examples for org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils#getAuthCookie()
The following examples show how to use
org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils#getAuthCookie() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DefaultRequestCoordinator.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
/**
* Handles the initial request (from the calling servlet)
*
* @param request
* @param response
* @throws ServletException
* @throws IOException
* @throws
*/
protected AuthenticationContext initializeFlow(HttpServletRequest request, HttpServletResponse response)
throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("Initializing the flow");
}
// "sessionDataKey" - calling servlet maintains its state information
// using this
String callerSessionDataKey = request.getParameter(FrameworkConstants.SESSION_DATA_KEY);
// "commonAuthCallerPath" - path of the calling servlet. This is the url
// response should be sent to
String callerPath = getCallerPath(request);
// "type" - type of the request. e.g. samlsso, openid, oauth, passivests
String requestType = request.getParameter(FrameworkConstants.RequestParams.TYPE);
// "relyingParty"
String relyingParty = request.getParameter(FrameworkConstants.RequestParams.ISSUER);
// tenant domain
String tenantDomain = getTenantDomain(request);
// Store the request data sent by the caller
AuthenticationContext context = new AuthenticationContext();
context.setCallerSessionKey(callerSessionDataKey);
context.setCallerPath(callerPath);
context.setRequestType(requestType);
context.setRelyingParty(relyingParty);
context.setTenantDomain(tenantDomain);
// generate a new key to hold the context data object
String contextId = UUIDGenerator.generateUUID();
context.setContextIdentifier(contextId);
if (log.isDebugEnabled()) {
log.debug("Framework contextId: " + contextId);
}
// if this a logout request from the calling servlet
if (request.getParameter(FrameworkConstants.RequestParams.LOGOUT) != null) {
if (log.isDebugEnabled()) {
log.debug("Starting a logout flow");
}
context.setLogoutRequest(true);
if (context.getRelyingParty() == null || context.getRelyingParty().trim().length() == 0) {
if (log.isDebugEnabled()) {
log.debug("relyingParty param is null. This is a possible logout scenario.");
}
Cookie cookie = FrameworkUtils.getAuthCookie(request);
String sessionContextKey = null;
if (cookie != null) {
sessionContextKey = DigestUtils.sha256Hex(cookie.getValue());
} else {
sessionContextKey = request.getParameter(SESSION_ID);
}
context.setSessionIdentifier(sessionContextKey);
return context;
}
} else {
if (log.isDebugEnabled()) {
log.debug("Starting an authentication flow");
}
}
List<ClaimMapping> requestedClaimsInRequest = (List<ClaimMapping>) request.getAttribute(REQUESTED_ATTRIBUTES);
context.setProperty(FrameworkConstants.SP_REQUESTED_CLAIMS_IN_REQUEST, requestedClaimsInRequest);
associateTransientRequestData(request, response, context);
findPreviousAuthenticatedSession(request, context);
buildOutboundQueryString(request, context);
return context;
}
Example 2
| Source File: DefaultRequestCoordinator.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Handles the initial request (from the calling servlet)
*
* @param request
* @param response
* @throws ServletException
* @throws IOException
* @throws
*/
protected AuthenticationContext initializeFlow(HttpServletRequest request,
HttpServletResponse response) throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("Initializing the flow");
}
// "sessionDataKey" - calling servlet maintains its state information
// using this
String callerSessionDataKey = request.getParameter(FrameworkConstants.SESSION_DATA_KEY);
// "commonAuthCallerPath" - path of the calling servlet. This is the url
// response should be sent to
String callerPath = getCallerPath(request);
// "type" - type of the request. e.g. samlsso, openid, oauth, passivests
String requestType = request.getParameter(FrameworkConstants.RequestParams.TYPE);
// "relyingParty"
String relyingParty = request.getParameter(FrameworkConstants.RequestParams.ISSUER);
// tenant domain
String tenantDomain = getTenantDomain(request);
// Store the request data sent by the caller
AuthenticationContext context = new AuthenticationContext();
context.setCallerSessionKey(callerSessionDataKey);
context.setCallerPath(callerPath);
context.setRequestType(requestType);
context.setRelyingParty(relyingParty);
context.setTenantDomain(tenantDomain);
// generate a new key to hold the context data object
String contextId = UUIDGenerator.generateUUID();
context.setContextIdentifier(contextId);
if (log.isDebugEnabled()) {
log.debug("Framework contextId: " + contextId);
}
// if this a logout request from the calling servlet
if (request.getParameter(FrameworkConstants.RequestParams.LOGOUT) != null) {
if (log.isDebugEnabled()) {
log.debug("Starting a logout flow");
}
context.setLogoutRequest(true);
if (context.getRelyingParty() == null || context.getRelyingParty().trim().length() == 0) {
if (log.isDebugEnabled()) {
log.debug("relyingParty param is null. This is a possible logout scenario.");
}
Cookie cookie = FrameworkUtils.getAuthCookie(request);
if (cookie != null) {
context.setSessionIdentifier(cookie.getValue());
}
return context;
}
} else {
if (log.isDebugEnabled()) {
log.debug("Starting an authentication flow");
}
}
findPreviousAuthenticatedSession(request, context);
buildOutboundQueryString(request, context);
return context;
}
Example 3
| Source File: DefaultRequestCoordinator.java From carbon-identity with Apache License 2.0 | 4 votes |
|
protected void findPreviousAuthenticatedSession(HttpServletRequest request,
AuthenticationContext context) throws FrameworkException {
// Get service provider chain
SequenceConfig sequenceConfig = ConfigurationFacade.getInstance().getSequenceConfig(
context.getRequestType(),
request.getParameter(FrameworkConstants.RequestParams.ISSUER),
context.getTenantDomain());
Cookie cookie = FrameworkUtils.getAuthCookie(request);
// if cookie exists user has previously authenticated
if (cookie != null) {
if (log.isDebugEnabled()) {
log.debug(FrameworkConstants.COMMONAUTH_COOKIE
+ " cookie is available with the value: " + cookie.getValue());
}
// get the authentication details from the cache
SessionContext sessionContext = FrameworkUtils.getSessionContextFromCache(cookie
.getValue());
if (sessionContext != null) {
context.setSessionIdentifier(cookie.getValue());
String appName = sequenceConfig.getApplicationConfig().getApplicationName();
if (log.isDebugEnabled()) {
log.debug("Service Provider is: " + appName);
}
SequenceConfig previousAuthenticatedSeq = sessionContext
.getAuthenticatedSequences().get(appName);
if (previousAuthenticatedSeq != null) {
if (log.isDebugEnabled()) {
log.debug("A previously authenticated sequence found for the SP: "
+ appName);
}
context.setPreviousSessionFound(true);
sequenceConfig = previousAuthenticatedSeq;
AuthenticatedUser authenticatedUser = sequenceConfig.getAuthenticatedUser();
String authenticatedUserTenantDomain = sequenceConfig.getAuthenticatedUser().getTenantDomain();
if (authenticatedUser != null) {
// set the user for the current authentication/logout flow
context.setSubject(authenticatedUser);
if (log.isDebugEnabled()) {
log.debug("Already authenticated by username: " +
authenticatedUser.getAuthenticatedSubjectIdentifier());
}
if (authenticatedUserTenantDomain != null) {
// set the user tenant domain for the current authentication/logout flow
context.setProperty("user-tenant-domain", authenticatedUserTenantDomain);
if (log.isDebugEnabled()) {
log.debug("Authenticated user tenant domain: " + authenticatedUserTenantDomain);
}
}
}
}
context.setPreviousAuthenticatedIdPs(sessionContext.getAuthenticatedIdPs());
} else {
if (log.isDebugEnabled()) {
log.debug("Failed to find the SessionContext from the cache. Possible cache timeout.");
}
}
}
context.setServiceProviderName(sequenceConfig.getApplicationConfig().getApplicationName());
// set the sequence for the current authentication/logout flow
context.setSequenceConfig(sequenceConfig);
}
