当前位置: 首页>>代码示例>>Java>>正文

Java WebContext.getSessionAttribute方法代码示例

本文整理汇总了Java中org.pac4j.core.context.WebContext.getSessionAttribute方法的典型用法代码示例。如果您正苦于以下问题:Java WebContext.getSessionAttribute方法的具体用法?Java WebContext.getSessionAttribute怎么用?Java WebContext.getSessionAttribute使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.pac4j.core.context.WebContext的用法示例。


在下文中一共展示了WebContext.getSessionAttribute方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: getRedirectAction

import org.pac4j.core.context.WebContext; //导入方法依赖的package包/类
/**
 * <p>Get the redirectAction computed for this client. All the logic is encapsulated here. It should not be called be directly, the
 * {@link #redirect(WebContext)} should be generally called instead.</p>
 * <p>If an authentication has already been tried for this client and has failed (<code>null</code> credentials) or if the request is an AJAX one,
 * an authorized response (401 HTTP status code) is returned instead of a redirection.</p>
 *
 * @param context context
 * @return the redirection action
 * @throws HttpAction requires an additional HTTP action
 */
public final RedirectAction getRedirectAction(final WebContext context) throws HttpAction {
    init(context);

    // it's an AJAX request -> unauthorized (instead of a redirection)
    if (ajaxRequestResolver.isAjax(context)) {
        logger.info("AJAX request detected -> returning 401");
        cleanRequestedUrl(context);
        throw HttpAction.unauthorized("AJAX request -> 401", context, null);
    }
    // authentication has already been tried -> unauthorized
    final String attemptedAuth = (String) context.getSessionAttribute(getName() + ATTEMPTED_AUTHENTICATION_SUFFIX);
    if (CommonHelper.isNotBlank(attemptedAuth)) {
        cleanAttemptedAuthentication(context);
        cleanRequestedUrl(context);
        throw HttpAction.unauthorized("authentication already tried -> forbidden", context, null);
    }

    return retrieveRedirectAction(context);
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:30,代码来源:IndirectClient.java

示例2: getOAuthCredentials

import org.pac4j.core.context.WebContext; //导入方法依赖的package包/类
@Override
protected OAuthCredentials getOAuthCredentials(final WebContext context) throws HttpAction {
    final String tokenParameter = context.getRequestParameter(OAUTH_TOKEN);
    final String verifierParameter = context.getRequestParameter(OAUTH_VERIFIER);
    if (tokenParameter != null && verifierParameter != null) {
        // get request token from session
        final OAuth1RequestToken tokenSession = (OAuth1RequestToken) context.getSessionAttribute(getRequestTokenSessionAttributeName());
        logger.debug("tokenRequest: {}", tokenSession);
        final String token = OAuthEncoder.decode(tokenParameter);
        final String verifier = OAuthEncoder.decode(verifierParameter);
        logger.debug("token: {} / verifier: {}", token, verifier);
        return new OAuth10Credentials(tokenSession, token, verifier, getName());
    } else {
        final String message = "No credential found";
        throw new OAuthCredentialsException(message);
    }
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:18,代码来源:BaseOAuth10Client.java

示例3: retrieveCredentials

import org.pac4j.core.context.WebContext; //导入方法依赖的package包/类
@Override
protected OpenIdCredentials retrieveCredentials(final WebContext context) throws HttpAction {
    final String mode = context.getRequestParameter(OPENID_MODE);
    // cancelled authentication
    if (CommonHelper.areEquals(mode, CANCEL_MODE)) {
        logger.debug("authentication cancelled");
        return null;
    }

    // parameters list returned by the provider
    final ParameterList parameterList = new ParameterList(context.getRequestParameters());

    // retrieve the previously stored discovery information
    final DiscoveryInformation discoveryInformation = (DiscoveryInformation) context
            .getSessionAttribute(getDiscoveryInformationSessionAttributeName());

    // create credentials
    final OpenIdCredentials credentials = new OpenIdCredentials(discoveryInformation, parameterList, getName());
    logger.debug("credentials: {}", credentials);
    return credentials;
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:22,代码来源:BaseOpenIdClient.java

示例4: get

import org.pac4j.core.context.WebContext; //导入方法依赖的package包/类
@Override
public String get(final WebContext context) {
    String token = (String) context.getSessionAttribute(Pac4jConstants.CSRF_TOKEN);
    if (token == null) {
        synchronized (this) {
            token = (String) context.getSessionAttribute(Pac4jConstants.CSRF_TOKEN);
            if (token == null) {
                token = java.util.UUID.randomUUID().toString();
                context.setSessionAttribute(Pac4jConstants.CSRF_TOKEN, token);
            }
        }
    }
    return token;
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:15,代码来源:DefaultCsrfTokenGenerator.java

示例5: isAuthorized

import org.pac4j.core.context.WebContext; //导入方法依赖的package包/类
@Override
public boolean isAuthorized(final WebContext context, final List<CommonProfile> profiles) throws HttpAction {
    final boolean checkRequest = !onlyCheckPostRequest || ContextHelper.isPost(context);
    if (checkRequest) {
        final String parameterToken = context.getRequestParameter(parameterName);
        final String headerToken = context.getRequestHeader(headerName);
        final String sessionToken = (String) context.getSessionAttribute(Pac4jConstants.CSRF_TOKEN);
        return sessionToken != null && (sessionToken.equals(parameterToken) || sessionToken.equals(headerToken));
    } else {
        return true;
    }
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:13,代码来源:CsrfAuthorizer.java

示例6: getStateParameter

import org.pac4j.core.context.WebContext; //导入方法依赖的package包/类
@Override
protected String getStateParameter(final WebContext webContext) {
    final String relayState = (String) webContext.getSessionAttribute(SAML_RELAY_STATE_ATTRIBUTE);
    // clean from session after retrieving it
    webContext.setSessionAttribute(SAML_RELAY_STATE_ATTRIBUTE, "");
    return (relayState == null) ? computeFinalCallbackUrl(webContext) : relayState;
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:8,代码来源:SAML2Client.java

示例7: create

import org.pac4j.core.context.WebContext; //导入方法依赖的package包/类
@Override
@SuppressWarnings("unchecked")
public U create(final OidcCredentials credentials, final WebContext context) throws HttpAction {
    init(context);

    final AccessToken accessToken = credentials.getAccessToken();

    // Create profile
    final U profile = getProfileFactory().get();
    profile.setAccessToken(accessToken);
    final JWT idToken = credentials.getIdToken();
    profile.setIdTokenString(idToken.getParsedString());
    // Check if there is a refresh token
    final RefreshToken refreshToken = credentials.getRefreshToken();
    if (refreshToken != null && !refreshToken.getValue().isEmpty()) {
        profile.setRefreshToken(refreshToken);
        logger.debug("Refresh Token successful retrieved");
    }

    try {

        // check idToken
        final Nonce nonce;
        if (configuration.isUseNonce()) {
            nonce = new Nonce((String) context.getSessionAttribute(OidcConfiguration.NONCE_SESSION_ATTRIBUTE));
        } else {
            nonce = null;
        }
        // Check ID Token
        final IDTokenClaimsSet claimsSet = this.idTokenValidator.validate(idToken, nonce);
        assertNotNull("claimsSet", claimsSet);
        profile.setId(claimsSet.getSubject());

        // User Info request
        if (configuration.getProviderMetadata().getUserInfoEndpointURI() != null && accessToken != null) {
            final UserInfoRequest userInfoRequest = new UserInfoRequest(configuration.getProviderMetadata().getUserInfoEndpointURI(), (BearerAccessToken) accessToken);
            final HTTPRequest userInfoHttpRequest = userInfoRequest.toHTTPRequest();
            userInfoHttpRequest.setConnectTimeout(configuration.getConnectTimeout());
            userInfoHttpRequest.setReadTimeout(configuration.getReadTimeout());
            final HTTPResponse httpResponse = userInfoHttpRequest.send();
            logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(),
                    httpResponse.getContent());

            final UserInfoResponse userInfoResponse = UserInfoResponse.parse(httpResponse);
            if (userInfoResponse instanceof UserInfoErrorResponse) {
                logger.error("Bad User Info response, error={}",
                        ((UserInfoErrorResponse) userInfoResponse).getErrorObject());
            } else {
                final UserInfoSuccessResponse userInfoSuccessResponse = (UserInfoSuccessResponse) userInfoResponse;
                final UserInfo userInfo = userInfoSuccessResponse.getUserInfo();
                if (userInfo != null) {
                    profile.addAttributes(userInfo.toJWTClaimsSet().getClaims());
                }
            }
        }

        // add attributes of the ID token if they don't already exist
        for (final Map.Entry<String, Object> entry : idToken.getJWTClaimsSet().getClaims().entrySet()) {
            final String key = entry.getKey();
            final Object value = entry.getValue();
            if (profile.getAttribute(key) == null) {
                profile.addAttribute(key, value);
            }
        }

        return profile;

    } catch (final IOException | ParseException | JOSEException | BadJOSEException | java.text.ParseException e) {
        throw new TechnicalException(e);
    }
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:72,代码来源:OidcProfileCreator.java


注:本文中的org.pac4j.core.context.WebContext.getSessionAttribute方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。