private boolean checkSsl() {
   if (uriInfo.getBaseUri().getScheme().equals("https")) {
     return true;
   } else {
     return !realm.getSslRequired().isRequired(clientConnection);
   }
 }
 private String getActionCookie() {
   Cookie cookie = headers.getCookies().get(ACTION_COOKIE);
   AuthenticationManager.expireCookie(
       realm,
       ACTION_COOKIE,
       AuthenticationManager.getRealmCookiePath(realm, uriInfo),
       realm.getSslRequired().isRequired(clientConnection),
       clientConnection);
   return cookie != null ? cookie.getValue() : null;
 }
 public static void createActionCookie(
     RealmModel realm, UriInfo uriInfo, ClientConnection clientConnection, String sessionId) {
   CookieHelper.addCookie(
       ACTION_COOKIE,
       sessionId,
       AuthenticationManager.getRealmCookiePath(realm, uriInfo),
       null,
       null,
       -1,
       realm.getSslRequired().isRequired(clientConnection),
       true);
 }
Beispiel #4
0
  public String toJBossSubsystemConfig(
      RealmModel realmModel, ClientModel clientModel, URI baseUri) {
    StringBuffer buffer = new StringBuffer();
    buffer.append("<secure-deployment name=\"WAR MODULE NAME.war\">\n");
    buffer.append("    <realm>").append(realmModel.getName()).append("</realm>\n");
    buffer
        .append("    <auth-server-url>")
        .append(baseUri.toString())
        .append("</auth-server-url>\n");
    if (clientModel.isBearerOnly()) {
      buffer.append("    <bearer-only>true</bearer-only>\n");

    } else if (clientModel.isPublicClient()) {
      buffer.append("    <public-client>true</public-client>\n");
    }
    buffer
        .append("    <ssl-required>")
        .append(realmModel.getSslRequired().name())
        .append("</ssl-required>\n");
    buffer.append("    <resource>").append(clientModel.getClientId()).append("</resource>\n");
    String cred = clientModel.getSecret();
    if (showClientCredentialsAdapterConfig(clientModel)) {
      Map<String, Object> adapterConfig = getClientCredentialsAdapterConfig(clientModel);
      for (Map.Entry<String, Object> entry : adapterConfig.entrySet()) {
        buffer.append("    <credential name=\"" + entry.getKey() + "\">");

        Object value = entry.getValue();
        if (value instanceof Map) {
          buffer.append("\n");
          Map<String, Object> asMap = (Map<String, Object>) value;
          for (Map.Entry<String, Object> credEntry : asMap.entrySet()) {
            buffer.append(
                "        <"
                    + credEntry.getKey()
                    + ">"
                    + credEntry.getValue().toString()
                    + "</"
                    + credEntry.getKey()
                    + ">\n");
          }
          buffer.append("    </credential>\n");
        } else {
          buffer.append(value.toString()).append("</credential>\n");
        }
      }
    }
    if (clientModel.getRoles().size() > 0) {
      buffer.append("    <use-resource-role-mappings>true</use-resource-role-mappings>\n");
    }
    buffer.append("</secure-deployment>\n");
    return buffer.toString();
  }
Beispiel #5
0
 public static void updateLocaleCookie(
     Response.ResponseBuilder builder,
     Locale locale,
     RealmModel realm,
     UriInfo uriInfo,
     String path) {
   if (locale == null) {
     return;
   }
   boolean secure = realm.getSslRequired().isRequired(uriInfo.getRequestUri().getHost());
   builder.cookie(
       new NewCookie(
           LocaleHelper.LOCALE_COOKIE,
           locale.toLanguageTag(),
           path,
           null,
           null,
           31536000,
           secure));
 }
Beispiel #6
0
  public InstallationAdapterConfig toInstallationRepresentation(
      RealmModel realmModel, ClientModel clientModel, URI baseUri) {
    InstallationAdapterConfig rep = new InstallationAdapterConfig();
    rep.setAuthServerUrl(baseUri.toString());
    rep.setRealm(realmModel.getName());
    rep.setSslRequired(realmModel.getSslRequired().name().toLowerCase());

    if (clientModel.isPublicClient() && !clientModel.isBearerOnly()) rep.setPublicClient(true);
    if (clientModel.isBearerOnly()) rep.setBearerOnly(true);
    if (clientModel.getRoles().size() > 0) rep.setUseResourceRoleMappings(true);

    rep.setResource(clientModel.getClientId());

    if (showClientCredentialsAdapterConfig(clientModel)) {
      Map<String, Object> adapterConfig = getClientCredentialsAdapterConfig(clientModel);
      rep.setCredentials(adapterConfig);
    }

    return rep;
  }