Java Code Examples for io.undertow.security.api.SecurityNotification#getEventType()

The following examples show how to use io.undertow.security.api.SecurityNotification#getEventType() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AbstractUndertowKeycloakAuthMech.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
protected void registerNotifications(final SecurityContext securityContext) {

        final NotificationReceiver logoutReceiver = new NotificationReceiver() {
            @Override
            public void handleNotification(SecurityNotification notification) {
                if (notification.getEventType() != SecurityNotification.EventType.LOGGED_OUT) return;

                HttpServerExchange exchange = notification.getExchange();
                UndertowHttpFacade facade = createFacade(exchange);
                KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
                KeycloakSecurityContext ksc = exchange.getAttachment(OIDCUndertowHttpFacade.KEYCLOAK_SECURITY_CONTEXT_KEY);
                if (!deployment.isBearerOnly() && ksc != null && ksc instanceof RefreshableKeycloakSecurityContext) {
                    ((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
                }
                AdapterTokenStore tokenStore = getTokenStore(exchange, facade, deployment, securityContext);
                tokenStore.logout();
            }
        };

        securityContext.registerNotificationReceiver(logoutReceiver);
    }
Example 2
Source File: AbstractSamlAuthMech.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
protected void registerNotifications(final SecurityContext securityContext) {

        final NotificationReceiver logoutReceiver = new NotificationReceiver() {
            @Override
            public void handleNotification(SecurityNotification notification) {
                if (notification.getEventType() != SecurityNotification.EventType.LOGGED_OUT)
                    return;

                HttpServerExchange exchange = notification.getExchange();
                UndertowHttpFacade facade = createFacade(exchange);
                SamlDeployment deployment = deploymentContext.resolveDeployment(facade);
                SamlSessionStore sessionStore = getTokenStore(exchange, facade, deployment, securityContext);
                sessionStore.logoutAccount();
            }
        };

        securityContext.registerNotificationReceiver(logoutReceiver);
    }
Example 3
Source File: CachedAuthenticatedSessionHandler.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up 
@Override
public void handleNotification(SecurityNotification notification) {
    EventType eventType = notification.getEventType();
    HttpServerExchange exchange = notification.getExchange();
    SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
    SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
    if (sessionManager == null || sessionConfig == null) {
        return;
    }
    Session httpSession = sessionManager.getSession(exchange, sessionConfig);
    switch (eventType) {
        case AUTHENTICATED:
            if (isCacheable(notification)) {
                if (httpSession == null) {
                    httpSession = sessionManager.createSession(exchange, sessionConfig);
                }

                // It is normal for this notification to be received when using a previously cached session - in that
                // case the IDM would have been given an opportunity to re-load the Account so updating here ready for
                // the next request is desired.
                httpSession.setAttribute(ATTRIBUTE_NAME,
                        new AuthenticatedSession(notification.getAccount(), notification.getMechanism()));
            }
            break;
        case LOGGED_OUT:
            if (httpSession != null) {
                httpSession.removeAttribute(ATTRIBUTE_NAME);
                httpSession.removeAttribute(NO_ID_CHANGE_REQUIRED);
            }
            break;
    }
}
Example 4
Source File: CachedAuthenticatedSessionHandler.java    From lams with GNU General Public License v2.0 5 votes vote down vote up 
@Override
public void handleNotification(SecurityNotification notification) {
    EventType eventType = notification.getEventType();
    HttpServerExchange exchange = notification.getExchange();
    SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
    SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
    if (sessionManager == null || sessionConfig == null) {
        return;
    }
    Session httpSession = sessionManager.getSession(exchange, sessionConfig);
    switch (eventType) {
        case AUTHENTICATED:
            if (isCacheable(notification)) {
                if (httpSession == null) {
                    httpSession = sessionManager.createSession(exchange, sessionConfig);
                }

                // It is normal for this notification to be received when using a previously cached session - in that
                // case the IDM would have been given an opportunity to re-load the Account so updating here ready for
                // the next request is desired.
                httpSession.setAttribute(ATTRIBUTE_NAME,
                        new AuthenticatedSession(notification.getAccount(), notification.getMechanism()));
            }
            break;
        case LOGGED_OUT:
            if (httpSession != null) {
                httpSession.removeAttribute(ATTRIBUTE_NAME);
                httpSession.removeAttribute(NO_ID_CHANGE_REQUIRED);
            }
            break;
    }
}