From 0e009d9cc2e0a741935ffe1d24b46d0a4b4a6d40 Mon Sep 17 00:00:00 2001 From: Dominik Frantisek Bucik Date: Thu, 27 Jan 2022 12:20:05 +0100 Subject: [PATCH] =?UTF-8?q?refactor:=20=F0=9F=92=A1=20cleanup?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/webapp/WEB-INF/user-context.xml | 2 - .../src/main/webapp/WEB-INF/web-context.xml | 24 +++++----- .../web/endpoint/AuthorizationEndpoint.java} | 15 +++--- .../oauth2/web/endpoint/DeviceEndpoint.java | 14 +++++- .../saml/SamlInvalidateSessionFilter.java | 47 +------------------ .../oidc/server/filters/AuthProcFilter.java | 2 +- ...rParams.java => AuthProcFilterParams.java} | 4 +- .../filters/AuthProcFiltersContainer.java | 6 +-- ...ntext.java => AuthProcFiltersContext.java} | 12 ++--- .../ics/oidc/server/filters/FiltersUtils.java | 2 +- .../impl/PerunAuthorizationFilter.java | 6 +-- .../filters/impl/PerunEnsureVoMember.java | 21 +-------- .../filters/impl/PerunForceAupFilter.java | 6 +-- .../impl/PerunIsCesnetEligibleFilter.java | 6 +-- .../filters/impl/PerunIsTestSpFilter.java | 6 +-- .../filters/impl/ProxyStatisticsFilter.java | 6 +-- .../server/filters/impl/ValidUserFilter.java | 8 ++-- .../web/endpoint/AuthorizationEndpoint.java | 22 --------- 18 files changed, 62 insertions(+), 147 deletions(-) rename perun-oidc-server/src/main/java/cz/muni/ics/{openid/connect/web/endpoint/UserDeviceEndpoint.java => oauth2/web/endpoint/AuthorizationEndpoint.java} (50%) rename perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/{PerunRequestFilterParams.java => AuthProcFilterParams.java} (87%) rename perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/{PerunFiltersContext.java => AuthProcFiltersContext.java} (89%) delete mode 100644 perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/AuthorizationEndpoint.java diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/user-context.xml b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/user-context.xml index babcb8f80..9441f224a 100644 --- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/user-context.xml +++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/user-context.xml @@ -73,8 +73,6 @@ - - urn:cesnet: false urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/web-context.xml b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/web-context.xml index d71d6200b..1c8371d42 100644 --- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/web-context.xml +++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/web-context.xml @@ -241,12 +241,16 @@ create-session="always" authentication-manager-ref="authenticationManager"> - - + + - - + + @@ -337,17 +341,13 @@ - - - - - + - - - + + + diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/UserDeviceEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/AuthorizationEndpoint.java similarity index 50% rename from perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/UserDeviceEndpoint.java rename to perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/AuthorizationEndpoint.java index 81f20091c..339a5caf0 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/UserDeviceEndpoint.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/AuthorizationEndpoint.java @@ -1,22 +1,25 @@ -package cz.muni.ics.openid.connect.web.endpoint; +package cz.muni.ics.oauth2.web.endpoint; import javax.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Controller; -import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.servlet.view.RedirectView; @Controller @Slf4j -public class UserDeviceEndpoint { +public class AuthorizationEndpoint { - @RequestMapping(value = "/device") + public static final String ENDPOINT_INIT_URL = "/authorize"; + public static final String ENDPOINT_URL = "/auth/authorize"; + + @RequestMapping(value = ENDPOINT_INIT_URL) public RedirectView authorize(HttpServletRequest req) { - String redirect = "/auth/device" + (StringUtils.hasText(req.getQueryString()) ? '?' + req.getQueryString() : ""); + String redirect = ENDPOINT_URL + '?' + req.getQueryString(); RedirectView view = new RedirectView(redirect); view.setContextRelative(true); - log.debug("DEVICE_ENDPOINT: Redirecting to: {}", view); + log.debug("Authorization endpoint - {}: user is being redirected to to: {}", ENDPOINT_INIT_URL, redirect); return view; } + } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java index 27036e3c7..967163287 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java @@ -35,7 +35,6 @@ import cz.muni.ics.openid.connect.view.HttpCodeView; import cz.muni.ics.openid.connect.view.JsonEntityView; import cz.muni.ics.openid.connect.view.JsonErrorView; import java.net.URISyntaxException; -import java.security.Principal; import java.util.Collection; import java.util.Date; import java.util.HashMap; @@ -57,13 +56,14 @@ import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.OAuth2Request; import org.springframework.security.oauth2.provider.OAuth2RequestFactory; -import org.springframework.security.saml.SAMLCredential; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.servlet.view.RedirectView; /** * Implements https://tools.ietf.org/html/draft-ietf-oauth-device-flow @@ -211,6 +211,16 @@ public class DeviceEndpoint { } } + @RequestMapping(value = REQUEST_USER_CODE_INIT_URL) + public RedirectView authorize(HttpServletRequest req) { + String redirect = REQUEST_USER_CODE_URL + + (StringUtils.hasText(req.getQueryString()) ? '?' + req.getQueryString() : ""); + RedirectView view = new RedirectView(redirect); + view.setContextRelative(true); + log.debug("User device endpoint - {}: user is being redirected to to: {}", REQUEST_USER_CODE_INIT_URL, redirect); + return view; + } + @PreAuthorize("hasRole('ROLE_USER')") @GetMapping(value = REQUEST_USER_CODE_URL) public String requestUserCode(@RequestParam(value = USER_CODE, required = false) String userCode, diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java index caa993771..483e317aa 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java @@ -1,10 +1,6 @@ package cz.muni.ics.oidc.saml; import java.io.IOException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; -import java.util.stream.Collectors; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; @@ -16,7 +12,6 @@ import org.springframework.security.web.authentication.logout.SecurityContextLog import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; -import org.springframework.util.StringUtils; import org.springframework.web.filter.GenericFilterBean; @Slf4j @@ -28,37 +23,11 @@ public class SamlInvalidateSessionFilter extends GenericFilterBean { ); private final SecurityContextLogoutHandler contextLogoutHandler; - private final List internalReferrers = new ArrayList<>(); public SamlInvalidateSessionFilter(SecurityContextLogoutHandler contextLogoutHandler) { this.contextLogoutHandler = contextLogoutHandler; } - public SamlInvalidateSessionFilter(String idpEntityId, - String oidcIssuer, - String proxySpEntityId, - SecurityContextLogoutHandler contextLogoutHandler, - String[] internalReferrers) - { - if (StringUtils.hasText(idpEntityId)) { - this.internalReferrers.add(idpEntityId); - } - if (StringUtils.hasText(oidcIssuer)) { - this.internalReferrers.add(oidcIssuer); - } - if (StringUtils.hasText(proxySpEntityId)) { - this.internalReferrers.add(proxySpEntityId); - } - this.contextLogoutHandler = contextLogoutHandler; - if (internalReferrers != null && internalReferrers.length > 0) { - List referrers = Arrays.asList(internalReferrers); - referrers = referrers.stream().filter(StringUtils::hasText).collect(Collectors.toList()); - if (!referrers.isEmpty()) { - this.internalReferrers.addAll(referrers); - } - } - } - @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException @@ -66,24 +35,10 @@ public class SamlInvalidateSessionFilter extends GenericFilterBean { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; if (MATCHER.matches(req)) { - log.debug("INV_SESS - invalidate"); + log.debug("Invalidate session to enable SAML IdP re-authentication"); contextLogoutHandler.logout(req, res, null); - } else { - log.debug("INV_SESS - skipping"); } chain.doFilter(req, res); } - private boolean isInternalReferer(String referer) { - if (!StringUtils.hasText(referer)) { - return false; - } - for (String internal : internalReferrers) { - if (referer.startsWith(internal)) { - return true; - } - } - return false; - } - } diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFilter.java index f7266b3a1..d736dc4f8 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFilter.java @@ -43,7 +43,7 @@ public abstract class AuthProcFilter { private Set clientIds = new HashSet<>(); private Set subs = new HashSet<>(); - public AuthProcFilter(PerunRequestFilterParams params) { + public AuthProcFilter(AuthProcFilterParams params) { filterName = params.getFilterName(); if (params.hasProperty(CLIENT_IDS)) { diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/PerunRequestFilterParams.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFilterParams.java similarity index 87% rename from perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/PerunRequestFilterParams.java rename to perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFilterParams.java index 5c370fc0d..749fce772 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/PerunRequestFilterParams.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFilterParams.java @@ -8,7 +8,7 @@ import java.util.Properties; * * @author Dominik Frantisek Bucik */ -public class PerunRequestFilterParams { +public class AuthProcFilterParams { private final String filterName; @@ -16,7 +16,7 @@ public class PerunRequestFilterParams { private final Properties properties; private final BeanUtil beanUtil; - public PerunRequestFilterParams(String filterName, String propertyPrefix, Properties properties, BeanUtil beanUtil) { + public AuthProcFilterParams(String filterName, String propertyPrefix, Properties properties, BeanUtil beanUtil) { this.filterName = filterName; this.propertyPrefix = propertyPrefix; this.properties = properties; diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFiltersContainer.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFiltersContainer.java index eaa6ed5b7..26a6d071d 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFiltersContainer.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFiltersContainer.java @@ -64,11 +64,11 @@ public class AuthProcFiltersContainer extends GenericFilterBean { @Autowired private SamlProperties samlProperties; - private PerunFiltersContext perunFiltersContext; + private AuthProcFiltersContext perunFiltersContext; @PostConstruct public void postConstruct() { - this.perunFiltersContext = new PerunFiltersContext(coreProperties, beanUtil); + this.perunFiltersContext = new AuthProcFiltersContext(coreProperties, beanUtil); } @Override @@ -78,7 +78,7 @@ public class AuthProcFiltersContainer extends GenericFilterBean { HttpServletRequest req = (HttpServletRequest) servletRequest; HttpServletResponse res = (HttpServletResponse) servletResponse; if (!MATCHER.matches(req)) { - log.debug("Custom filters have been skipped, did not match authorization nor device req URL"); + log.debug("AuthProc filters have been skipped, did not match authorization nor device req URL"); } else { List filters = perunFiltersContext.getFilters(); if (filters != null && !filters.isEmpty()) { diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/PerunFiltersContext.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFiltersContext.java similarity index 89% rename from perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/PerunFiltersContext.java rename to perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFiltersContext.java index 04a9b5082..c6f324a2b 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/PerunFiltersContext.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/AuthProcFiltersContext.java @@ -21,7 +21,7 @@ import org.springframework.util.StringUtils; * @author Dominik Frantisek Bucik */ @Slf4j -public class PerunFiltersContext { +public class AuthProcFiltersContext { private static final String FILTER_NAMES = "filter.names"; private static final String FILTER_CLASS = ".class"; @@ -31,7 +31,7 @@ public class PerunFiltersContext { private final Properties properties; private final BeanUtil beanUtil; - public PerunFiltersContext(Properties properties, BeanUtil beanUtil) { + public AuthProcFiltersContext(Properties properties, BeanUtil beanUtil) { this.properties = properties; this.beanUtil = beanUtil; this.filters = new LinkedList<>(); @@ -52,7 +52,7 @@ public class PerunFiltersContext { } private AuthProcFilter loadFilter(String filterName) { - String propPrefix = PerunFiltersContext.PREFIX + filterName; + String propPrefix = AuthProcFiltersContext.PREFIX + filterName; String filterClass = properties.getProperty(propPrefix + FILTER_CLASS, null); if (!StringUtils.hasText(filterClass)) { log.warn("{} - failed to initialized filter: no class has ben configured", filterName); @@ -63,14 +63,14 @@ public class PerunFiltersContext { try { Class rawClazz = Class.forName(filterClass); if (!AuthProcFilter.class.isAssignableFrom(rawClazz)) { - log.warn("{} - failed to initialized filter: class '{}' does not extend PerunRequestFilter", + log.warn("{} - failed to initialized filter: class '{}' does not extend AuthProcFilter", filterName, filterClass); return null; } @SuppressWarnings("unchecked") Class clazz = (Class) rawClazz; - Constructor constructor = clazz.getConstructor(PerunRequestFilterParams.class); - PerunRequestFilterParams params = new PerunRequestFilterParams(filterName, propPrefix, properties, beanUtil); + Constructor constructor = clazz.getConstructor(AuthProcFilterParams.class); + AuthProcFilterParams params = new AuthProcFilterParams(filterName, propPrefix, properties, beanUtil); return constructor.newInstance(params); } catch (ClassNotFoundException e) { log.warn("{} - failed to initialize filter: class '{}' was not found", filterName, filterClass); diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/FiltersUtils.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/FiltersUtils.java index ddbf8245f..2da01950b 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/FiltersUtils.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/FiltersUtils.java @@ -278,7 +278,7 @@ public class FiltersUtils { public static String fillStringMandatoryProperty(String propertyName, String filterName, - PerunRequestFilterParams params) { + AuthProcFilterParams params) { String filled = params.getProperty(propertyName); if (!StringUtils.hasText(filled)) { diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunAuthorizationFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunAuthorizationFilter.java index 35fef0e17..4ef27d2c0 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunAuthorizationFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunAuthorizationFilter.java @@ -10,11 +10,9 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig; import cz.muni.ics.oidc.server.filters.FilterParams; import cz.muni.ics.oidc.server.filters.FiltersUtils; import cz.muni.ics.oidc.server.filters.AuthProcFilter; -import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams; +import cz.muni.ics.oidc.server.filters.AuthProcFilterParams; import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController; import java.util.Map; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -40,7 +38,7 @@ public class PerunAuthorizationFilter extends AuthProcFilter { private final String filterName; private final PerunOidcConfig config; - public PerunAuthorizationFilter(PerunRequestFilterParams params) { + public PerunAuthorizationFilter(AuthProcFilterParams params) { super(params); BeanUtil beanUtil = params.getBeanUtil(); this.perunAdapter = beanUtil.getBean(PerunAdapter.class); diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunEnsureVoMember.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunEnsureVoMember.java index dfae70056..cb736dabe 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunEnsureVoMember.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunEnsureVoMember.java @@ -8,19 +8,13 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig; import cz.muni.ics.oidc.server.filters.FilterParams; import cz.muni.ics.oidc.server.filters.FiltersUtils; import cz.muni.ics.oidc.server.filters.AuthProcFilter; -import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams; +import cz.muni.ics.oidc.server.filters.AuthProcFilterParams; import cz.muni.ics.oidc.web.controllers.ControllerUtils; import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController; import cz.muni.ics.oidc.web.controllers.RegistrationController; -import java.io.IOException; import java.util.Arrays; -import java.util.Collections; import java.util.HashMap; -import java.util.HashSet; import java.util.Map; -import java.util.Set; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -55,7 +49,7 @@ public class PerunEnsureVoMember extends AuthProcFilter { private final String filterName; private final PerunOidcConfig perunOidcConfig; - public PerunEnsureVoMember(PerunRequestFilterParams params) { + public PerunEnsureVoMember(AuthProcFilterParams params) { super(params); BeanUtil beanUtil = params.getBeanUtil(); @@ -139,17 +133,6 @@ public class PerunEnsureVoMember extends AuthProcFilter { return attrValue; } - private boolean canAccess(PerunAttributeValue attrValue, Set memberShortNames) { - if (attrValue.valueAsJson().isArray()) { - Set val = attrValue.valueAsList() == null ? - Collections.emptySet() : new HashSet<>(attrValue.valueAsList()); - return !Collections.disjoint(val, memberShortNames); - } else { - String val = attrValue.valueAsString(); - return memberShortNames.contains(val); - } - } - @Override public String toString() { return "PerunEnsureVoMember{" + diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunForceAupFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunForceAupFilter.java index 62c912d9b..1f738aa93 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunForceAupFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunForceAupFilter.java @@ -15,7 +15,7 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig; import cz.muni.ics.oidc.server.filters.FilterParams; import cz.muni.ics.oidc.server.filters.FiltersUtils; import cz.muni.ics.oidc.server.filters.AuthProcFilter; -import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams; +import cz.muni.ics.oidc.server.filters.AuthProcFilterParams; import cz.muni.ics.oidc.web.controllers.AupController; import java.io.IOException; import java.text.ParseException; @@ -27,8 +27,6 @@ import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -79,7 +77,7 @@ public class PerunForceAupFilter extends AuthProcFilter { private final SamlProperties samlProperties; private final String filterName; - public PerunForceAupFilter(PerunRequestFilterParams params) { + public PerunForceAupFilter(AuthProcFilterParams params) { super(params); BeanUtil beanUtil = params.getBeanUtil(); this.perunAdapter = beanUtil.getBean(PerunAdapter.class); diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsCesnetEligibleFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsCesnetEligibleFilter.java index 6076b4ca4..50a41686e 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsCesnetEligibleFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsCesnetEligibleFilter.java @@ -15,7 +15,7 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig; import cz.muni.ics.oidc.server.filters.FilterParams; import cz.muni.ics.oidc.server.filters.FiltersUtils; import cz.muni.ics.oidc.server.filters.AuthProcFilter; -import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams; +import cz.muni.ics.oidc.server.filters.AuthProcFilterParams; import cz.muni.ics.oidc.web.controllers.ControllerUtils; import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController; import java.time.LocalDateTime; @@ -24,8 +24,6 @@ import java.time.format.DateTimeParseException; import java.util.Collections; import java.util.HashMap; import java.util.Map; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -64,7 +62,7 @@ public class PerunIsCesnetEligibleFilter extends AuthProcFilter { private final PerunAdapter perunAdapter; private final String filterName; - public PerunIsCesnetEligibleFilter(PerunRequestFilterParams params) { + public PerunIsCesnetEligibleFilter(AuthProcFilterParams params) { super(params); BeanUtil beanUtil = params.getBeanUtil(); this.config = beanUtil.getBean(PerunOidcConfig.class); diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsTestSpFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsTestSpFilter.java index 2001378c9..06fc36676 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsTestSpFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/PerunIsTestSpFilter.java @@ -11,14 +11,12 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig; import cz.muni.ics.oidc.server.filters.FilterParams; import cz.muni.ics.oidc.server.filters.FiltersUtils; import cz.muni.ics.oidc.server.filters.AuthProcFilter; -import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams; +import cz.muni.ics.oidc.server.filters.AuthProcFilterParams; import cz.muni.ics.oidc.web.controllers.ControllerUtils; import cz.muni.ics.oidc.web.controllers.IsTestSpController; import java.io.IOException; import java.util.HashMap; import java.util.Map; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -47,7 +45,7 @@ public class PerunIsTestSpFilter extends AuthProcFilter { private final String filterName; private final PerunOidcConfig config; - public PerunIsTestSpFilter(PerunRequestFilterParams params) { + public PerunIsTestSpFilter(AuthProcFilterParams params) { super(params); BeanUtil beanUtil = params.getBeanUtil(); this.perunAdapter = beanUtil.getBean(PerunAdapter.class); diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ProxyStatisticsFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ProxyStatisticsFilter.java index 771ca3e3d..19fc1f3d0 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ProxyStatisticsFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ProxyStatisticsFilter.java @@ -9,7 +9,7 @@ import cz.muni.ics.oidc.saml.SamlProperties; import cz.muni.ics.oidc.server.filters.FilterParams; import cz.muni.ics.oidc.server.filters.FiltersUtils; import cz.muni.ics.oidc.server.filters.AuthProcFilter; -import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams; +import cz.muni.ics.oidc.server.filters.AuthProcFilterParams; import java.sql.Connection; import java.sql.Date; import java.sql.PreparedStatement; @@ -17,8 +17,6 @@ import java.sql.ResultSet; import java.sql.SQLException; import java.time.LocalDate; import java.util.Objects; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.sql.DataSource; @@ -79,7 +77,7 @@ public class ProxyStatisticsFilter extends AuthProcFilter { private final String filterName; private final SamlProperties samlProperties; - public ProxyStatisticsFilter(PerunRequestFilterParams params) { + public ProxyStatisticsFilter(AuthProcFilterParams params) { super(params); BeanUtil beanUtil = params.getBeanUtil(); this.mitreIdStats = beanUtil.getBean("mitreIdStats", DataSource.class); diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ValidUserFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ValidUserFilter.java index 07b948f48..e3d4d2cf9 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ValidUserFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/server/filters/impl/ValidUserFilter.java @@ -10,13 +10,11 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig; import cz.muni.ics.oidc.server.filters.FilterParams; import cz.muni.ics.oidc.server.filters.FiltersUtils; import cz.muni.ics.oidc.server.filters.AuthProcFilter; -import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams; +import cz.muni.ics.oidc.server.filters.AuthProcFilterParams; import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController; import java.util.HashSet; import java.util.Map; import java.util.Set; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -71,7 +69,7 @@ public class ValidUserFilter extends AuthProcFilter { private final String filterName; private final PerunOidcConfig config; - public ValidUserFilter(PerunRequestFilterParams params) { + public ValidUserFilter(AuthProcFilterParams params) { super(params); BeanUtil beanUtil = params.getBeanUtil(); this.perunAdapter = beanUtil.getBean(PerunAdapter.class); @@ -143,7 +141,7 @@ public class ValidUserFilter extends AuthProcFilter { return true; } - private Set getIdsFromParam(PerunRequestFilterParams params, String propKey) { + private Set getIdsFromParam(AuthProcFilterParams params, String propKey) { Set result = new HashSet<>(); String prop = params.getProperty(propKey); diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/AuthorizationEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/AuthorizationEndpoint.java deleted file mode 100644 index 050b07052..000000000 --- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/AuthorizationEndpoint.java +++ /dev/null @@ -1,22 +0,0 @@ -package cz.muni.ics.openid.connect.web.endpoint; - -import javax.servlet.http.HttpServletRequest; -import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.servlet.view.RedirectView; - -@Controller -@Slf4j -public class AuthorizationEndpoint { - - @RequestMapping(value = "/authorize") - public RedirectView authorize(HttpServletRequest req) { - RedirectView view = new RedirectView("/auth/authorize?" + req.getQueryString()); - view.setContextRelative(true); - view.setAttributesMap(req.getParameterMap()); - log.debug("AUTH_ENDPOINT: Redirecting to: {}", view); - return view; - } - -}