本文整理汇总了Java中javax.security.auth.message.AuthStatus.SEND_SUCCESS属性的典型用法代码示例。如果您正苦于以下问题:Java AuthStatus.SEND_SUCCESS属性的具体用法?Java AuthStatus.SEND_SUCCESS怎么用?Java AuthStatus.SEND_SUCCESS使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类javax.security.auth.message.AuthStatus的用法示例。
在下文中一共展示了AuthStatus.SEND_SUCCESS属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: secureResponse
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "secureResponse @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SEND_SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.secureResponse(messageInfo, serviceSubject);
}
return AuthStatus.SEND_FAILURE;
}
示例2: handleLoginPost
/**
* Handles the POST method for login endpoint.
*
* @param req
* request
* @param resp
* response
* @param stateUri
* URI for the state
* @param nonce
* nonce
* @return {@link AuthStatus#SEND_SUCCESS}
* @throws IOException
* servlet error
* @throws ServletException
* servlet error
* @throws AuthException
* authentication error
*/
private static AuthStatus handleLoginPost(final HttpServletRequest req,
final HttpServletResponse resp,
final URI stateUri,
final String nonce) throws ServletException,
IOException,
AuthException {
final HttpSession session = req.getSession(false);
if (session == null) {
throw new AuthException("session is required");
}
if (!nonce.equals(session.getAttribute(NONCE_SESSION_KEY))) {
throw new AuthException("nonce mismatch");
}
final String subject = UriBuilder.fromUri("https://test-server-auth-module").userInfo(req.getParameter("j_username"))
.build().toASCIIString();
session.setAttribute(SUBJECT_SESSION_KEY, subject);
// Remove nonce as it is no longer required
session.removeAttribute(NONCE_SESSION_KEY);
final String redirectUri = req.getContextPath() + stateUri.toASCIIString();
resp.sendRedirect(URI.create(redirectUri).normalize().toASCIIString());
return AuthStatus.SEND_SUCCESS;
}
示例3: handleLogoutEndpoint
/**
* Handle the logout endpoint. This will clear the cookie and redirect to
* the URI that has been specified.
*
* @param req
* request
* @param resp
* response
* @return authentication status
* @throws AuthException
* happens when there is invalid request data
* @throws IOException
* servlet error
* @throws ServletException
* servlet error
*/
private static AuthStatus handleLogoutEndpoint(final HttpServletRequest req,
final HttpServletResponse resp) throws AuthException,
ServletException,
IOException {
final String postLogoutRedirectUri = req.getParameter(POST_LOGOUT_REDIRECT_URI);
if (postLogoutRedirectUri != null) {
final String postLogoutRedirectUriNormalized = URI.create(postLogoutRedirectUri).normalize().toASCIIString();
// Check that the post logout redirect uri is relative to the application if not fail.
final String contextUri = URI.create(req.getRequestURL().toString()).resolve(req.getContextPath()).toASCIIString();
if (!postLogoutRedirectUriNormalized.startsWith(contextUri)) {
throw new AuthException("invalid post_logout_redirect_uri");
}
final HttpSession session = req.getSession(false);
if (session != null) {
session.removeAttribute(SUBJECT_SESSION_KEY);
session.removeAttribute(NONCE_SESSION_KEY);
}
resp.sendRedirect(postLogoutRedirectUriNormalized);
return AuthStatus.SEND_SUCCESS;
}
throw new AuthException("missing post_logout_redirect_uri");
}
示例4: handleLogoutEndpoint
/**
* Handle the logout endpoint. This will clear the cookie and redirect to
* the URI that has been specified.
*
* @param req
* request
* @param resp
* response
* @return authentication status
* @throws AuthException
* happens when there is invalid request data
* @throws IOException
* servlet error
* @throws ServletException
* servlet error
*/
private static AuthStatus handleLogoutEndpoint(final HttpServletRequest req,
final HttpServletResponse resp) throws AuthException,
ServletException,
IOException {
final String postLogoutRedirectUri = req.getParameter(POST_LOGOUT_REDIRECT_URI);
if (postLogoutRedirectUri != null) {
final String postLogoutRedirectUriNormalized = URI.create(postLogoutRedirectUri).normalize().toASCIIString();
// Check that the post logout redirect uri is relative to the application if not fail.
final String contextUri = URI.create(req.getRequestURL().toString()).resolve(req.getContextPath()).toASCIIString();
if (!postLogoutRedirectUriNormalized.startsWith(contextUri)) {
throw new AuthException("invalid post_logout_redirect_uri");
}
final Cookie cookie = new Cookie(SUBJECT_COOKIE_KEY, "");
cookie.setMaxAge(0);
cookie.setSecure(true);
resp.addCookie(cookie);
resp.sendRedirect(postLogoutRedirectUriNormalized);
return AuthStatus.SEND_SUCCESS;
}
throw new AuthException("missing post_logout_redirect_uri");
}
示例5: handleRedirectToLoginEndpoint
/**
* Builds the redirect URI including the assembly of <code>state</code>.
*
* @param req
* servlet request
* @param resp
* servlet response
* @return {@link AuthStatus#SEND_SUCCESS}
* @throws AuthException
* happens when there is invalid request data
* @throws IOException
* servlet error
* @throws ServletException
* servlet error
*/
private static AuthStatus handleRedirectToLoginEndpoint(final HttpServletRequest req,
final HttpServletResponse resp) throws AuthException,
ServletException,
IOException {
if (!"GET".equals(req.getMethod())) {
throw new AuthException("Only 'GET' method is supported when redirecting to the endpoint");
}
final StringBuilder stateBuilder = new StringBuilder(req.getRequestURI().substring(req.getContextPath().length()));
if (req.getQueryString() != null) {
stateBuilder.append('?');
stateBuilder.append(req.getQueryString());
}
final StringBuilder redirectUriBuilder = new StringBuilder(req.getContextPath());
redirectUriBuilder.append(LOGIN_ENDPOINT);
redirectUriBuilder.append("?state=");
redirectUriBuilder.append(
URLEncoder.encode(stateBuilder.toString(), "US-ASCII"));
resp.sendRedirect(URI.create(redirectUriBuilder.toString()).normalize().toASCIIString());
// The JASPIC spec is ambiguous for this scenario, however
// SEND_SUCCESS works on the top three application servers.
return AuthStatus.SEND_SUCCESS;
}
示例6: handleRedirectToLoginEndpoint
/**
* Builds the redirect URI including the assembly of <code>state</code>.
*
* @param req
* servlet request
* @param resp
* servlet response
* @return {@link AuthStatus#SEND_SUCCESS}
* @throws AuthException
* happens when there is invalid request data
* @throws IOException
* servlet error
* @throws ServletException
* servlet error
*/
private static AuthStatus handleRedirectToLoginEndpoint(final HttpServletRequest req,
final HttpServletResponse resp) throws AuthException,
ServletException,
IOException {
if (!"GET".equals(req.getMethod())) {
throw new AuthException("Only 'GET' method is supported when redirecting to the endpoint");
}
final StringBuilder stateBuilder = new StringBuilder(req.getRequestURI().substring(req.getContextPath().length()));
if (req.getQueryString() != null) {
stateBuilder.append('?');
stateBuilder.append(req.getQueryString());
}
final byte[] nonce = new byte[8];
ThreadLocalRandom.current().nextBytes(nonce);
final String nonceString = DatatypeConverter.printHexBinary(nonce);
req.getSession().setAttribute(NONCE_SESSION_KEY, nonceString);
final StringBuilder redirectUriBuilder = new StringBuilder(req.getContextPath());
redirectUriBuilder.append(LOGIN_ENDPOINT);
redirectUriBuilder.append("?state=");
redirectUriBuilder.append(
URLEncoder.encode(stateBuilder.toString(), "US-ASCII"));
redirectUriBuilder.append("&nonce=");
redirectUriBuilder.append(nonceString);
resp.sendRedirect(URI.create(redirectUriBuilder.toString()).normalize().toASCIIString());
// The JASPIC spec is ambiguous for this scenario, however
// SEND_SUCCESS works on the top three application servers.
return AuthStatus.SEND_SUCCESS;
}
示例7: validateRequest
@Override
public AuthStatus validateRequest(final ValidateContext context) throws IOException,
GeneralSecurityException {
context.redirectToState();
return AuthStatus.SEND_SUCCESS;
}
示例8: validateRequest
@Override
public AuthStatus validateRequest(final ValidateContext context) throws IOException,
GeneralSecurityException {
context.getResp()
.sendRedirect(context.getOption(OpenIdConnectAuthModule.LOGOUT_GOTO_URI_KEY));
return AuthStatus.SEND_SUCCESS;
}
示例9: secureResponse
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
return AuthStatus.SEND_SUCCESS;
}
示例10: secureResponse
public AuthStatus secureResponse(MessageInfo info, Subject s)
throws AuthException
{
return AuthStatus.SEND_SUCCESS;
}
示例11: handleLoginPost
/**
* Handles the POST method for login endpoint.
*
* @param req
* request
* @param resp
* response
* @param stateUri
* URI for the state
* @return {@link AuthStatus#SEND_SUCCESS}
* @throws IOException
* servlet error
* @throws ServletException
* servlet error
* @throws AuthException
* authentication error
*/
private static AuthStatus handleLoginPost(final HttpServletRequest req,
final HttpServletResponse resp,
final URI stateUri) throws ServletException,
IOException,
AuthException {
final String subject = UriBuilder.fromUri("https://test-server-auth-module").userInfo(req.getParameter("j_username"))
.build().toASCIIString();
final Cookie cookie = new Cookie(SUBJECT_COOKIE_KEY, subject);
cookie.setSecure(true);
cookie.setHttpOnly(true);
resp.addCookie(cookie);
resp.sendRedirect(URI.create(req.getContextPath() + stateUri.toASCIIString()).normalize().toASCIIString());
return AuthStatus.SEND_SUCCESS;
}
示例12: validateRequest
@Override
public AuthStatus validateRequest(final ValidateContext context) throws IOException,
GeneralSecurityException {
final OpenIdProviderConfiguration oidProviderConfig = context.getOpenIDProviderConfig();
final IdTokenResponse token = getToken(OpenIdConnectKey.CODE, context.getReq()
.getParameter(OpenIdConnectKey.CODE), GrantType.authorization_code, context);
final net.trajano.openidconnect.crypto.JsonWebKeySet webKeys = getWebKeys(context);
LOG.log(Level.FINEST, "tokenValue", token);
final JsonObject claimsSet = new JsonWebTokenProcessor(token.getEncodedIdToken()).jwks(webKeys)
.getJsonPayload();
final String nonceCookie = context.getCookie(OpenIdConnectAuthModule.NET_TRAJANO_AUTH_NONCE);
final String nonce;
if (nonceCookie != null) {
nonce = new String(CipherUtil.decrypt(Encoding.base64urlDecode(nonceCookie), context.getSecret()), "US-ASCII");
} else {
nonce = null;
}
validateIdToken(context.getOption(CLIENT_ID), claimsSet, nonce, token.getAccessToken());
context.deleteCookie(OpenIdConnectAuthModule.NET_TRAJANO_AUTH_NONCE);
final String iss = googleWorkaround(claimsSet.getString("iss"));
final String issuer = googleWorkaround(oidProviderConfig.getIssuer());
if (!iss.equals(issuer)) {
LOG.log(Level.SEVERE, "issuerMismatch", new Object[] {
iss,
issuer
});
throw new GeneralSecurityException(MessageFormat.format(Log.r("issuerMismatch"), iss, issuer));
}
updateSubjectPrincipal(context.getClientSubject(), claimsSet, context);
final TokenCookie tokenCookie;
if (oidProviderConfig.getUserinfoEndpoint() != null && Pattern.compile("\\bprofile\\b")
.matcher(context.getOption(OpenIdConnectKey.SCOPE))
.find()) {
final Response userInfoResponse = context.target(oidProviderConfig.getUserinfoEndpoint())
.request(MediaType.APPLICATION_JSON_TYPE)
.header("Authorization", token.getTokenType() + " " + token.getAccessToken())
.get();
if (userInfoResponse.getStatus() == 200) {
tokenCookie = new TokenCookie(token.getAccessToken(), token.getRefreshToken(), claimsSet, token.getEncodedIdToken(), userInfoResponse.readEntity(JsonObject.class));
} else {
LOG.log(Level.WARNING, "unableToGetProfile");
tokenCookie = new TokenCookie(claimsSet, token.getEncodedIdToken());
}
} else {
tokenCookie = new TokenCookie(claimsSet, token.getEncodedIdToken());
}
context.saveIdTokenCookie(tokenCookie);
context.saveAgeCookie();
context.redirectToState();
return AuthStatus.SEND_SUCCESS;
}
示例13: secureResponse
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
return AuthStatus.SEND_SUCCESS;
}
示例14: secureResponse
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
return AuthStatus.SEND_SUCCESS;
}
示例15: secureResponse
@Override
public AuthStatus secureResponse(final MessageInfo messageInfo, final Subject serviceSubject) throws AuthException {
cdi(messageInfo, "sr");
return AuthStatus.SEND_SUCCESS;
}