refactor: 💡 cleanup
Dominik Frantisek Bucik
parent
c0db96df7d
commit
0e009d9cc2
|
|
@ -73,8 +73,6 @@
|
|||
<prop key="saml.idp.defaultIdpEntityId"/>
|
||||
<prop key="saml.idp.metadataLocation"/> <!-- i.e. /etc/perun/login-cesnet-metadata.xml -->
|
||||
<prop key="saml.idp.metadataUrl"/> <!-- i.e. https://login.cesnet.cz/proxy/module.php/metadata -->
|
||||
<prop key="saml.proxy.spEntityId"/>
|
||||
<prop key="saml.internalReferrers"/> <!-- comma separated list of URLs (which are matched as prefixes) -->
|
||||
<prop key="saml.acrs.reserverdPrefixes">urn:cesnet:</prop>
|
||||
<prop key="saml.acrs.enableComparison">false</prop>
|
||||
<prop key="saml.acrs.onlyreserved.append">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</prop>
|
||||
|
|
|
|||
|
|
@ -241,12 +241,16 @@
|
|||
create-session="always"
|
||||
authentication-manager-ref="authenticationManager">
|
||||
<security:csrf disabled="true"/>
|
||||
<security:intercept-url pattern="/authorize" access="permitAll()"/>
|
||||
<security:intercept-url pattern="/device" access="permitAll()"/>
|
||||
<security:intercept-url pattern="#{T(cz.muni.ics.oauth2.web.endpoint.AuthorizationEndpoint).ENDPOINT_INIT_URL}"
|
||||
access="permitAll()"/>
|
||||
<security:intercept-url pattern="#{T(cz.muni.ics.oauth2.web.endpoint.DeviceEndpoint).REQUEST_USER_CODE_INIT_URL}"
|
||||
access="permitAll()"/>
|
||||
<security:intercept-url pattern="/saml/**" access="permitAll()"/>
|
||||
<security:intercept-url pattern="/logout" access="permitAll()"/>
|
||||
<security:intercept-url pattern="#{T(cz.muni.ics.oidc.web.controllers.LogoutController).MAPPING_SUCCESS}" access="permitAll()"/>
|
||||
<security:intercept-url pattern="#{T(cz.muni.ics.oidc.web.controllers.LoginController).MAPPING_FAILURE}" access="permitAll()"/>
|
||||
<security:intercept-url pattern="#{T(cz.muni.ics.oidc.web.controllers.LogoutController).MAPPING_SUCCESS}"
|
||||
access="permitAll()"/>
|
||||
<security:intercept-url pattern="#{T(cz.muni.ics.oidc.web.controllers.LoginController).MAPPING_FAILURE}"
|
||||
access="permitAll()"/>
|
||||
<security:intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
|
||||
<security:custom-filter ref="mdcMuFilter" before="FIRST"/>
|
||||
<security:custom-filter ref="metadataGeneratorFilter" before="CHANNEL_FILTER"/>
|
||||
|
|
@ -337,17 +341,13 @@
|
|||
|
||||
<!-- SAML -->
|
||||
<bean id="clearSessionFilter" class="cz.muni.ics.oidc.saml.SamlInvalidateSessionFilter">
|
||||
<!-- <constructor-arg name="oidcIssuer" value="${main.oidc.issuer.url}"/>-->
|
||||
<!-- <constructor-arg name="idpEntityId" value="${saml.idp.defaultIdpEntityId}"/>-->
|
||||
<!-- <constructor-arg name="proxySpEntityId" value="${saml.proxy.spEntityId}"/>-->
|
||||
<!-- <constructor-arg name="internalReferrers" value="#{'${saml.internalReferrers}'.split('\s*,\s*')}"/>-->
|
||||
<constructor-arg name="contextLogoutHandler" ref="logoutHandler"/>
|
||||
<constructor-arg name="contextLogoutHandler" ref="logoutHandler"/>
|
||||
</bean>
|
||||
|
||||
<bean id="samlDiscovery" class="org.springframework.security.saml.SAMLDiscovery">
|
||||
<property name="contextProvider" ref="samlContextProvider"/>
|
||||
<property name="samlEntryPoint" ref="samlEntryPoint"/>
|
||||
<property name="metadata" ref="metadata"/>
|
||||
<property name="contextProvider" ref="samlContextProvider"/>
|
||||
<property name="samlEntryPoint" ref="samlEntryPoint"/>
|
||||
<property name="metadata" ref="metadata"/>
|
||||
</bean>
|
||||
|
||||
<bean id="successRedirectHandler" class="cz.muni.ics.oidc.saml.PerunSamlAuthenticationSuccessHandler">
|
||||
|
|
|
|||
|
|
@ -1,22 +1,25 @@
|
|||
package cz.muni.ics.openid.connect.web.endpoint;
|
||||
package cz.muni.ics.oauth2.web.endpoint;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.servlet.view.RedirectView;
|
||||
|
||||
@Controller
|
||||
@Slf4j
|
||||
public class UserDeviceEndpoint {
|
||||
public class AuthorizationEndpoint {
|
||||
|
||||
@RequestMapping(value = "/device")
|
||||
public static final String ENDPOINT_INIT_URL = "/authorize";
|
||||
public static final String ENDPOINT_URL = "/auth/authorize";
|
||||
|
||||
@RequestMapping(value = ENDPOINT_INIT_URL)
|
||||
public RedirectView authorize(HttpServletRequest req) {
|
||||
String redirect = "/auth/device" + (StringUtils.hasText(req.getQueryString()) ? '?' + req.getQueryString() : "");
|
||||
String redirect = ENDPOINT_URL + '?' + req.getQueryString();
|
||||
RedirectView view = new RedirectView(redirect);
|
||||
view.setContextRelative(true);
|
||||
log.debug("DEVICE_ENDPOINT: Redirecting to: {}", view);
|
||||
log.debug("Authorization endpoint - {}: user is being redirected to to: {}", ENDPOINT_INIT_URL, redirect);
|
||||
return view;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -35,7 +35,6 @@ import cz.muni.ics.openid.connect.view.HttpCodeView;
|
|||
import cz.muni.ics.openid.connect.view.JsonEntityView;
|
||||
import cz.muni.ics.openid.connect.view.JsonErrorView;
|
||||
import java.net.URISyntaxException;
|
||||
import java.security.Principal;
|
||||
import java.util.Collection;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
|
|
@ -57,13 +56,14 @@ import org.springframework.security.oauth2.provider.AuthorizationRequest;
|
|||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||
import org.springframework.security.oauth2.provider.OAuth2Request;
|
||||
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
|
||||
import org.springframework.security.saml.SAMLCredential;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.ModelMap;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.servlet.view.RedirectView;
|
||||
|
||||
/**
|
||||
* Implements https://tools.ietf.org/html/draft-ietf-oauth-device-flow
|
||||
|
|
@ -211,6 +211,16 @@ public class DeviceEndpoint {
|
|||
}
|
||||
}
|
||||
|
||||
@RequestMapping(value = REQUEST_USER_CODE_INIT_URL)
|
||||
public RedirectView authorize(HttpServletRequest req) {
|
||||
String redirect = REQUEST_USER_CODE_URL
|
||||
+ (StringUtils.hasText(req.getQueryString()) ? '?' + req.getQueryString() : "");
|
||||
RedirectView view = new RedirectView(redirect);
|
||||
view.setContextRelative(true);
|
||||
log.debug("User device endpoint - {}: user is being redirected to to: {}", REQUEST_USER_CODE_INIT_URL, redirect);
|
||||
return view;
|
||||
}
|
||||
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
@GetMapping(value = REQUEST_USER_CODE_URL)
|
||||
public String requestUserCode(@RequestParam(value = USER_CODE, required = false) String userCode,
|
||||
|
|
|
|||
|
|
@ -1,10 +1,6 @@
|
|||
package cz.muni.ics.oidc.saml;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
|
|
@ -16,7 +12,6 @@ import org.springframework.security.web.authentication.logout.SecurityContextLog
|
|||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.OrRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
@Slf4j
|
||||
|
|
@ -28,37 +23,11 @@ public class SamlInvalidateSessionFilter extends GenericFilterBean {
|
|||
);
|
||||
|
||||
private final SecurityContextLogoutHandler contextLogoutHandler;
|
||||
private final List<String> internalReferrers = new ArrayList<>();
|
||||
|
||||
public SamlInvalidateSessionFilter(SecurityContextLogoutHandler contextLogoutHandler) {
|
||||
this.contextLogoutHandler = contextLogoutHandler;
|
||||
}
|
||||
|
||||
public SamlInvalidateSessionFilter(String idpEntityId,
|
||||
String oidcIssuer,
|
||||
String proxySpEntityId,
|
||||
SecurityContextLogoutHandler contextLogoutHandler,
|
||||
String[] internalReferrers)
|
||||
{
|
||||
if (StringUtils.hasText(idpEntityId)) {
|
||||
this.internalReferrers.add(idpEntityId);
|
||||
}
|
||||
if (StringUtils.hasText(oidcIssuer)) {
|
||||
this.internalReferrers.add(oidcIssuer);
|
||||
}
|
||||
if (StringUtils.hasText(proxySpEntityId)) {
|
||||
this.internalReferrers.add(proxySpEntityId);
|
||||
}
|
||||
this.contextLogoutHandler = contextLogoutHandler;
|
||||
if (internalReferrers != null && internalReferrers.length > 0) {
|
||||
List<String> referrers = Arrays.asList(internalReferrers);
|
||||
referrers = referrers.stream().filter(StringUtils::hasText).collect(Collectors.toList());
|
||||
if (!referrers.isEmpty()) {
|
||||
this.internalReferrers.addAll(referrers);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException
|
||||
|
|
@ -66,24 +35,10 @@ public class SamlInvalidateSessionFilter extends GenericFilterBean {
|
|||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
HttpServletResponse res = (HttpServletResponse) response;
|
||||
if (MATCHER.matches(req)) {
|
||||
log.debug("INV_SESS - invalidate");
|
||||
log.debug("Invalidate session to enable SAML IdP re-authentication");
|
||||
contextLogoutHandler.logout(req, res, null);
|
||||
} else {
|
||||
log.debug("INV_SESS - skipping");
|
||||
}
|
||||
chain.doFilter(req, res);
|
||||
}
|
||||
|
||||
private boolean isInternalReferer(String referer) {
|
||||
if (!StringUtils.hasText(referer)) {
|
||||
return false;
|
||||
}
|
||||
for (String internal : internalReferrers) {
|
||||
if (referer.startsWith(internal)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ public abstract class AuthProcFilter {
|
|||
private Set<String> clientIds = new HashSet<>();
|
||||
private Set<String> subs = new HashSet<>();
|
||||
|
||||
public AuthProcFilter(PerunRequestFilterParams params) {
|
||||
public AuthProcFilter(AuthProcFilterParams params) {
|
||||
filterName = params.getFilterName();
|
||||
|
||||
if (params.hasProperty(CLIENT_IDS)) {
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import java.util.Properties;
|
|||
*
|
||||
* @author Dominik Frantisek Bucik <bucik@ics.muni.cz>
|
||||
*/
|
||||
public class PerunRequestFilterParams {
|
||||
public class AuthProcFilterParams {
|
||||
|
||||
private final String filterName;
|
||||
|
||||
|
|
@ -16,7 +16,7 @@ public class PerunRequestFilterParams {
|
|||
private final Properties properties;
|
||||
private final BeanUtil beanUtil;
|
||||
|
||||
public PerunRequestFilterParams(String filterName, String propertyPrefix, Properties properties, BeanUtil beanUtil) {
|
||||
public AuthProcFilterParams(String filterName, String propertyPrefix, Properties properties, BeanUtil beanUtil) {
|
||||
this.filterName = filterName;
|
||||
this.propertyPrefix = propertyPrefix;
|
||||
this.properties = properties;
|
||||
|
|
@ -64,11 +64,11 @@ public class AuthProcFiltersContainer extends GenericFilterBean {
|
|||
@Autowired
|
||||
private SamlProperties samlProperties;
|
||||
|
||||
private PerunFiltersContext perunFiltersContext;
|
||||
private AuthProcFiltersContext perunFiltersContext;
|
||||
|
||||
@PostConstruct
|
||||
public void postConstruct() {
|
||||
this.perunFiltersContext = new PerunFiltersContext(coreProperties, beanUtil);
|
||||
this.perunFiltersContext = new AuthProcFiltersContext(coreProperties, beanUtil);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -78,7 +78,7 @@ public class AuthProcFiltersContainer extends GenericFilterBean {
|
|||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
HttpServletResponse res = (HttpServletResponse) servletResponse;
|
||||
if (!MATCHER.matches(req)) {
|
||||
log.debug("Custom filters have been skipped, did not match authorization nor device req URL");
|
||||
log.debug("AuthProc filters have been skipped, did not match authorization nor device req URL");
|
||||
} else {
|
||||
List<AuthProcFilter> filters = perunFiltersContext.getFilters();
|
||||
if (filters != null && !filters.isEmpty()) {
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ import org.springframework.util.StringUtils;
|
|||
* @author Dominik Frantisek Bucik <bucik@ics.muni.cz>
|
||||
*/
|
||||
@Slf4j
|
||||
public class PerunFiltersContext {
|
||||
public class AuthProcFiltersContext {
|
||||
|
||||
private static final String FILTER_NAMES = "filter.names";
|
||||
private static final String FILTER_CLASS = ".class";
|
||||
|
|
@ -31,7 +31,7 @@ public class PerunFiltersContext {
|
|||
private final Properties properties;
|
||||
private final BeanUtil beanUtil;
|
||||
|
||||
public PerunFiltersContext(Properties properties, BeanUtil beanUtil) {
|
||||
public AuthProcFiltersContext(Properties properties, BeanUtil beanUtil) {
|
||||
this.properties = properties;
|
||||
this.beanUtil = beanUtil;
|
||||
this.filters = new LinkedList<>();
|
||||
|
|
@ -52,7 +52,7 @@ public class PerunFiltersContext {
|
|||
}
|
||||
|
||||
private AuthProcFilter loadFilter(String filterName) {
|
||||
String propPrefix = PerunFiltersContext.PREFIX + filterName;
|
||||
String propPrefix = AuthProcFiltersContext.PREFIX + filterName;
|
||||
String filterClass = properties.getProperty(propPrefix + FILTER_CLASS, null);
|
||||
if (!StringUtils.hasText(filterClass)) {
|
||||
log.warn("{} - failed to initialized filter: no class has ben configured", filterName);
|
||||
|
|
@ -63,14 +63,14 @@ public class PerunFiltersContext {
|
|||
try {
|
||||
Class<?> rawClazz = Class.forName(filterClass);
|
||||
if (!AuthProcFilter.class.isAssignableFrom(rawClazz)) {
|
||||
log.warn("{} - failed to initialized filter: class '{}' does not extend PerunRequestFilter",
|
||||
log.warn("{} - failed to initialized filter: class '{}' does not extend AuthProcFilter",
|
||||
filterName, filterClass);
|
||||
return null;
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked") Class<AuthProcFilter> clazz = (Class<AuthProcFilter>) rawClazz;
|
||||
Constructor<AuthProcFilter> constructor = clazz.getConstructor(PerunRequestFilterParams.class);
|
||||
PerunRequestFilterParams params = new PerunRequestFilterParams(filterName, propPrefix, properties, beanUtil);
|
||||
Constructor<AuthProcFilter> constructor = clazz.getConstructor(AuthProcFilterParams.class);
|
||||
AuthProcFilterParams params = new AuthProcFilterParams(filterName, propPrefix, properties, beanUtil);
|
||||
return constructor.newInstance(params);
|
||||
} catch (ClassNotFoundException e) {
|
||||
log.warn("{} - failed to initialize filter: class '{}' was not found", filterName, filterClass);
|
||||
|
|
@ -278,7 +278,7 @@ public class FiltersUtils {
|
|||
|
||||
public static String fillStringMandatoryProperty(String propertyName,
|
||||
String filterName,
|
||||
PerunRequestFilterParams params) {
|
||||
AuthProcFilterParams params) {
|
||||
String filled = params.getProperty(propertyName);
|
||||
|
||||
if (!StringUtils.hasText(filled)) {
|
||||
|
|
|
|||
|
|
@ -10,11 +10,9 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
|
|||
import cz.muni.ics.oidc.server.filters.FilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.FiltersUtils;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilter;
|
||||
import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilterParams;
|
||||
import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController;
|
||||
import java.util.Map;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -40,7 +38,7 @@ public class PerunAuthorizationFilter extends AuthProcFilter {
|
|||
private final String filterName;
|
||||
private final PerunOidcConfig config;
|
||||
|
||||
public PerunAuthorizationFilter(PerunRequestFilterParams params) {
|
||||
public PerunAuthorizationFilter(AuthProcFilterParams params) {
|
||||
super(params);
|
||||
BeanUtil beanUtil = params.getBeanUtil();
|
||||
this.perunAdapter = beanUtil.getBean(PerunAdapter.class);
|
||||
|
|
|
|||
|
|
@ -8,19 +8,13 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
|
|||
import cz.muni.ics.oidc.server.filters.FilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.FiltersUtils;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilter;
|
||||
import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilterParams;
|
||||
import cz.muni.ics.oidc.web.controllers.ControllerUtils;
|
||||
import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController;
|
||||
import cz.muni.ics.oidc.web.controllers.RegistrationController;
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -55,7 +49,7 @@ public class PerunEnsureVoMember extends AuthProcFilter {
|
|||
private final String filterName;
|
||||
private final PerunOidcConfig perunOidcConfig;
|
||||
|
||||
public PerunEnsureVoMember(PerunRequestFilterParams params) {
|
||||
public PerunEnsureVoMember(AuthProcFilterParams params) {
|
||||
super(params);
|
||||
BeanUtil beanUtil = params.getBeanUtil();
|
||||
|
||||
|
|
@ -139,17 +133,6 @@ public class PerunEnsureVoMember extends AuthProcFilter {
|
|||
return attrValue;
|
||||
}
|
||||
|
||||
private boolean canAccess(PerunAttributeValue attrValue, Set<String> memberShortNames) {
|
||||
if (attrValue.valueAsJson().isArray()) {
|
||||
Set<String> val = attrValue.valueAsList() == null ?
|
||||
Collections.emptySet() : new HashSet<>(attrValue.valueAsList());
|
||||
return !Collections.disjoint(val, memberShortNames);
|
||||
} else {
|
||||
String val = attrValue.valueAsString();
|
||||
return memberShortNames.contains(val);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "PerunEnsureVoMember{" +
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
|
|||
import cz.muni.ics.oidc.server.filters.FilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.FiltersUtils;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilter;
|
||||
import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilterParams;
|
||||
import cz.muni.ics.oidc.web.controllers.AupController;
|
||||
import java.io.IOException;
|
||||
import java.text.ParseException;
|
||||
|
|
@ -27,8 +27,6 @@ import java.util.HashMap;
|
|||
import java.util.LinkedHashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -79,7 +77,7 @@ public class PerunForceAupFilter extends AuthProcFilter {
|
|||
private final SamlProperties samlProperties;
|
||||
private final String filterName;
|
||||
|
||||
public PerunForceAupFilter(PerunRequestFilterParams params) {
|
||||
public PerunForceAupFilter(AuthProcFilterParams params) {
|
||||
super(params);
|
||||
BeanUtil beanUtil = params.getBeanUtil();
|
||||
this.perunAdapter = beanUtil.getBean(PerunAdapter.class);
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
|
|||
import cz.muni.ics.oidc.server.filters.FilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.FiltersUtils;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilter;
|
||||
import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilterParams;
|
||||
import cz.muni.ics.oidc.web.controllers.ControllerUtils;
|
||||
import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController;
|
||||
import java.time.LocalDateTime;
|
||||
|
|
@ -24,8 +24,6 @@ import java.time.format.DateTimeParseException;
|
|||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -64,7 +62,7 @@ public class PerunIsCesnetEligibleFilter extends AuthProcFilter {
|
|||
private final PerunAdapter perunAdapter;
|
||||
private final String filterName;
|
||||
|
||||
public PerunIsCesnetEligibleFilter(PerunRequestFilterParams params) {
|
||||
public PerunIsCesnetEligibleFilter(AuthProcFilterParams params) {
|
||||
super(params);
|
||||
BeanUtil beanUtil = params.getBeanUtil();
|
||||
this.config = beanUtil.getBean(PerunOidcConfig.class);
|
||||
|
|
|
|||
|
|
@ -11,14 +11,12 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
|
|||
import cz.muni.ics.oidc.server.filters.FilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.FiltersUtils;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilter;
|
||||
import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilterParams;
|
||||
import cz.muni.ics.oidc.web.controllers.ControllerUtils;
|
||||
import cz.muni.ics.oidc.web.controllers.IsTestSpController;
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -47,7 +45,7 @@ public class PerunIsTestSpFilter extends AuthProcFilter {
|
|||
private final String filterName;
|
||||
private final PerunOidcConfig config;
|
||||
|
||||
public PerunIsTestSpFilter(PerunRequestFilterParams params) {
|
||||
public PerunIsTestSpFilter(AuthProcFilterParams params) {
|
||||
super(params);
|
||||
BeanUtil beanUtil = params.getBeanUtil();
|
||||
this.perunAdapter = beanUtil.getBean(PerunAdapter.class);
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ import cz.muni.ics.oidc.saml.SamlProperties;
|
|||
import cz.muni.ics.oidc.server.filters.FilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.FiltersUtils;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilter;
|
||||
import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilterParams;
|
||||
import java.sql.Connection;
|
||||
import java.sql.Date;
|
||||
import java.sql.PreparedStatement;
|
||||
|
|
@ -17,8 +17,6 @@ import java.sql.ResultSet;
|
|||
import java.sql.SQLException;
|
||||
import java.time.LocalDate;
|
||||
import java.util.Objects;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.sql.DataSource;
|
||||
|
|
@ -79,7 +77,7 @@ public class ProxyStatisticsFilter extends AuthProcFilter {
|
|||
private final String filterName;
|
||||
private final SamlProperties samlProperties;
|
||||
|
||||
public ProxyStatisticsFilter(PerunRequestFilterParams params) {
|
||||
public ProxyStatisticsFilter(AuthProcFilterParams params) {
|
||||
super(params);
|
||||
BeanUtil beanUtil = params.getBeanUtil();
|
||||
this.mitreIdStats = beanUtil.getBean("mitreIdStats", DataSource.class);
|
||||
|
|
|
|||
|
|
@ -10,13 +10,11 @@ import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
|
|||
import cz.muni.ics.oidc.server.filters.FilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.FiltersUtils;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilter;
|
||||
import cz.muni.ics.oidc.server.filters.PerunRequestFilterParams;
|
||||
import cz.muni.ics.oidc.server.filters.AuthProcFilterParams;
|
||||
import cz.muni.ics.oidc.web.controllers.PerunUnapprovedController;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -71,7 +69,7 @@ public class ValidUserFilter extends AuthProcFilter {
|
|||
private final String filterName;
|
||||
private final PerunOidcConfig config;
|
||||
|
||||
public ValidUserFilter(PerunRequestFilterParams params) {
|
||||
public ValidUserFilter(AuthProcFilterParams params) {
|
||||
super(params);
|
||||
BeanUtil beanUtil = params.getBeanUtil();
|
||||
this.perunAdapter = beanUtil.getBean(PerunAdapter.class);
|
||||
|
|
@ -143,7 +141,7 @@ public class ValidUserFilter extends AuthProcFilter {
|
|||
return true;
|
||||
}
|
||||
|
||||
private Set<Long> getIdsFromParam(PerunRequestFilterParams params, String propKey) {
|
||||
private Set<Long> getIdsFromParam(AuthProcFilterParams params, String propKey) {
|
||||
Set<Long> result = new HashSet<>();
|
||||
|
||||
String prop = params.getProperty(propKey);
|
||||
|
|
|
|||
|
|
@ -1,22 +0,0 @@
|
|||
package cz.muni.ics.openid.connect.web.endpoint;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.servlet.view.RedirectView;
|
||||
|
||||
@Controller
|
||||
@Slf4j
|
||||
public class AuthorizationEndpoint {
|
||||
|
||||
@RequestMapping(value = "/authorize")
|
||||
public RedirectView authorize(HttpServletRequest req) {
|
||||
RedirectView view = new RedirectView("/auth/authorize?" + req.getQueryString());
|
||||
view.setContextRelative(true);
|
||||
view.setAttributesMap(req.getParameterMap());
|
||||
log.debug("AUTH_ENDPOINT: Redirecting to: {}", view);
|
||||
return view;
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue