Beispiel #1
0
 @Override
 protected FacebookProfile retrieveUserProfileFromToken(final Token accessToken) {
   String body = sendRequestForData(accessToken, getProfileUrl(accessToken));
   if (body == null) {
     throw new HttpCommunicationException("Not data found for accessToken : " + accessToken);
   }
   final FacebookProfile profile = extractUserProfile(body);
   addAccessTokenToProfile(profile, accessToken);
   if (profile != null && this.requiresExtendedToken) {
     String url =
         CommonHelper.addParameter(EXCHANGE_TOKEN_URL, OAuthConstants.CLIENT_ID, this.key);
     url = CommonHelper.addParameter(url, OAuthConstants.CLIENT_SECRET, this.secret);
     url = addExchangeToken(url, accessToken);
     final ProxyOAuthRequest request = createProxyRequest(url);
     final long t0 = System.currentTimeMillis();
     final Response response = request.send();
     final int code = response.getCode();
     body = response.getBody();
     final long t1 = System.currentTimeMillis();
     logger.debug("Request took : " + (t1 - t0) + " ms for : " + url);
     logger.debug("response code : {} / response body : {}", code, body);
     if (code == 200) {
       logger.debug("Retrieve extended token from : {}", body);
       final Token extendedAccessToken = this.api20.getAccessTokenExtractor().extract(body);
       logger.debug("Extended token : {}", extendedAccessToken);
       addAccessTokenToProfile(profile, extendedAccessToken);
     } else {
       logger.error("Cannot get extended token : {} / {}", code, body);
     }
   }
   return profile;
 }
 @Override
 protected void internalInit() {
   extractor = new BasicAuthExtractor(headerName, prefixHeader, getName());
   super.internalInit();
   CommonHelper.assertNotBlank("callbackUrl", this.callbackUrl);
   CommonHelper.assertNotBlank("realmName", this.realmName);
 }
Beispiel #3
0
  @Override
  protected void internalInit(final WebContext context) {
    CommonHelper.assertNotBlank("callbackUrl", this.callbackUrl);
    if (CommonHelper.isBlank(this.casLoginUrl) && CommonHelper.isBlank(this.casPrefixUrl)) {
      throw new TechnicalException("casLoginUrl and casPrefixUrl cannot be both blank");
    }

    initializeClientConfiguration();

    initializeLogoutHandler(context);

    if (this.casProtocol == CasProtocol.CAS10) {
      initializeCas10Protocol();
    } else if (this.casProtocol == CasProtocol.CAS20) {
      initializeCas20Protocol(context);
    } else if (this.casProtocol == CasProtocol.CAS20_PROXY) {
      initializeCas20ProxyProtocol(context);
    } else if (this.casProtocol == CasProtocol.CAS30) {
      initializeCas30Protocol(context);
    } else if (this.casProtocol == CasProtocol.CAS30_PROXY) {
      initializeCas30ProxyProtocol(context);
    } else if (this.casProtocol == CasProtocol.SAML) {
      initializeSAMLProtocol();
    }
    addAuthorizationGenerator(new DefaultCasAuthorizationGenerator<CasProfile>());
  }
  /**
   * Extracts digest Authorization header components. As per RFC 2617 : username is the user's name
   * in the specified realm qop is quality of protection uri is the request uri response is the
   * client response nonce is a server-specified data string which should be uniquely generated each
   * time a 401 response is made cnonce is the client nonce nc is the nonce count If in the
   * Authorization header it is not specified a username and response, we throw CredentialsException
   * because the client uses an username and a password to authenticate. response is just a MD5
   * encoded value based on user provided password and RFC 2617 digest authentication encoding rules
   *
   * @param context the current web context
   * @return the Digest credentials
   */
  @Override
  public DigestCredentials extract(WebContext context) throws HttpAction {
    final TokenCredentials credentials = this.extractor.extract(context);

    if (credentials == null) {
      return null;
    }

    String token = credentials.getToken();
    Map<String, String> valueMap = parseTokenValue(token);
    String username = valueMap.get("username");
    String response = valueMap.get("response");

    if (CommonHelper.isBlank(username) || CommonHelper.isBlank(response)) {
      throw new CredentialsException("Bad format of the digest auth header");
    }
    String realm = valueMap.get("realm");
    String nonce = valueMap.get("nonce");
    String uri = valueMap.get("uri");
    String cnonce = valueMap.get("cnonce");
    String nc = valueMap.get("nc");
    String qop = valueMap.get("qop");
    String method = context.getRequestMethod();

    return new DigestCredentials(
        response, method, clientName, username, realm, nonce, uri, cnonce, nc, qop);
  }
  public Result callback() {

    final PlayWebContext context = new PlayWebContext(ctx(), config.getSessionStore());

    CommonHelper.assertNotNull("config", config);
    CommonHelper.assertNotNull("config.httpActionAdapter", config.getHttpActionAdapter());
    final Clients clients = config.getClients();
    CommonHelper.assertNotNull("clients", clients);
    final Client client = clients.findClient(context);
    logger.debug("client: {}", client);
    CommonHelper.assertNotNull("client", client);
    CommonHelper.assertTrue(
        client instanceof IndirectClient, "only indirect clients are allowed on the callback url");

    final Credentials credentials;
    try {
      credentials = client.getCredentials(context);
    } catch (final RequiresHttpAction e) {
      return (Result) config.getHttpActionAdapter().adapt(e.getCode(), context);
    }
    logger.debug("credentials: {}", credentials);

    final UserProfile profile = client.getUserProfile(credentials, context);
    logger.debug("profile: {}", profile);
    saveUserProfile(context, profile);
    return redirectToOriginallyRequestedUrl(context);
  }
Beispiel #6
0
 protected void initializeClientConfiguration() {
   if (this.casPrefixUrl != null && !this.casPrefixUrl.endsWith("/")) {
     this.casPrefixUrl += "/";
   }
   if (CommonHelper.isBlank(this.casPrefixUrl)) {
     this.casPrefixUrl = this.casLoginUrl.replaceFirst("/login$", "/");
   } else if (CommonHelper.isBlank(this.casLoginUrl)) {
     this.casLoginUrl = this.casPrefixUrl + "login";
   }
 }
 public String convert(final Object attribute) {
   if (attribute != null && attribute instanceof String) {
     final String s = (String) attribute;
     if (CommonHelper.isNotBlank(s)
         && CommonHelper.isNotBlank(this.regex)
         && CommonHelper.isNotBlank(this.replacement)) {
       return s.replaceAll(this.regex, this.replacement);
     }
   }
   return null;
 }
Beispiel #8
0
 protected void initializeClientConfiguration(final WebContext context) {
   if (this.casPrefixUrl != null && !this.casPrefixUrl.endsWith("/")) {
     this.casPrefixUrl += "/";
   }
   if (CommonHelper.isBlank(this.casPrefixUrl)) {
     this.casPrefixUrl = this.casLoginUrl.replaceFirst("/login$", "/");
   } else if (CommonHelper.isBlank(this.casLoginUrl)) {
     this.casLoginUrl = this.casPrefixUrl + "login";
   }
   this.casPrefixUrl = callbackUrlResolver.compute(this.casPrefixUrl, context);
   this.casLoginUrl = callbackUrlResolver.compute(this.casLoginUrl, context);
 }
 @Override
 public boolean isAuthorized(
     final WebContext context,
     final UserProfile profile,
     final String authorizerName,
     final Map<String, Authorizer> authorizersMap) {
   final List<Authorizer> authorizers = new ArrayList<>();
   // if we have an authorizer name (which may be a list of authorizer names)
   if (CommonHelper.isNotBlank(authorizerName)) {
     final String[] names = authorizerName.split(Pac4jConstants.ELEMENT_SEPRATOR);
     final int nb = names.length;
     for (int i = 0; i < nb; i++) {
       final String name = names[i];
       if ("hsts".equalsIgnoreCase(name)) {
         authorizers.add(STRICT_TRANSPORT_SECURITY_HEADER);
       } else if ("nosniff".equalsIgnoreCase(name)) {
         authorizers.add(X_CONTENT_TYPE_OPTIONS_HEADER);
       } else if ("noframe".equalsIgnoreCase(name)) {
         authorizers.add(X_FRAME_OPTIONS_HEADER);
       } else if ("xssprotection".equalsIgnoreCase(name)) {
         authorizers.add(XSS_PROTECTION_HEADER);
       } else if ("nocache".equalsIgnoreCase(name)) {
         authorizers.add(CACHE_CONTROL_HEADER);
       } else if ("securityheaders".equalsIgnoreCase(name)) {
         authorizers.add(CACHE_CONTROL_HEADER);
         authorizers.add(X_CONTENT_TYPE_OPTIONS_HEADER);
         authorizers.add(STRICT_TRANSPORT_SECURITY_HEADER);
         authorizers.add(X_FRAME_OPTIONS_HEADER);
         authorizers.add(XSS_PROTECTION_HEADER);
       } else if ("csrfToken".equalsIgnoreCase(name)) {
         authorizers.add(CSRF_TOKEN_GENERATOR_AUTHORIZER);
       } else if ("csrfCheck".equalsIgnoreCase(name)) {
         authorizers.add(CSRF_AUTHORIZER);
       } else if ("csrf".equalsIgnoreCase(name)) {
         authorizers.add(CSRF_TOKEN_GENERATOR_AUTHORIZER);
         authorizers.add(CSRF_AUTHORIZER);
       } else {
         // we must have authorizers
         CommonHelper.assertNotNull("authorizersMap", authorizersMap);
         final Authorizer result = authorizersMap.get(name);
         // we must have an authorizer defined for this name
         CommonHelper.assertNotNull("authorizersMap['" + name + "']", result);
         authorizers.add(result);
       }
     }
   }
   return isAuthorized(context, profile, authorizers);
 }
Beispiel #10
0
 @Override
 public String getName() {
   if (CommonHelper.isBlank(this.name)) {
     return this.getClass().getSimpleName();
   }
   return this.name;
 }
Beispiel #11
0
 @Override
 protected void verifyProfile(UserProfile userProfile) {
   final WordPressProfile profile = (WordPressProfile) userProfile;
   logger.debug("userProfile : {}", profile);
   assertEquals("35944437", profile.getId());
   assertEquals(
       WordPressProfile.class.getName() + UserProfile.SEPARATOR + "35944437",
       profile.getTypedId());
   assertTrue(ProfileHelper.isTypedIdOf(profile.getTypedId(), WordPressProfile.class));
   assertTrue(CommonHelper.isNotBlank(profile.getAccessToken()));
   assertCommonProfile(
       userProfile,
       "*****@*****.**",
       null,
       null,
       "testscribeup",
       "testscribeup",
       Gender.UNSPECIFIED,
       null,
       "https://0.gravatar.com/avatar/67c3844a672979889c1e3abbd8c4eb22?s=96&d=identicon&r=G",
       "http://en.gravatar.com/testscribeup",
       null);
   assertEquals(36224958, profile.getPrimaryBlog().intValue());
   final WordPressLinks links = profile.getLinks();
   assertEquals("https://public-api.wordpress.com/rest/v1/me", links.getSelf());
   assertEquals("https://public-api.wordpress.com/rest/v1/me/help", links.getHelp());
   assertEquals("https://public-api.wordpress.com/rest/v1/sites/36224958", links.getSite());
   assertEquals(8, profile.getAttributes().size());
 }
Beispiel #12
0
 @Override
 public String toString() {
   return CommonHelper.toString(
       this.getClass(),
       "callbackUrl",
       this.callbackUrl,
       "casLoginUrl",
       this.casLoginUrl,
       "casPrefixUrl",
       this.casPrefixUrl,
       "casProtocol",
       this.casProtocol,
       "renew",
       this.renew,
       "gateway",
       this.gateway,
       "logoutHandler",
       this.logoutHandler,
       "acceptAnyProxy",
       this.acceptAnyProxy,
       "allowedProxyChains",
       this.allowedProxyChains,
       "casProxyReceptor",
       this.casProxyReceptor);
 }
Beispiel #13
0
  @Override
  public boolean isAuthorized(final WebContext context, final UserProfile profile) {
    CommonHelper.assertNotNull("pattern", pattern);

    final String ip = context.getRemoteAddr();
    return this.pattern.matcher(ip).matches();
  }
Beispiel #14
0
 @Override
 protected void internalInit() {
   super.internalInit();
   CommonHelper.assertNotBlank("scope", this.scope);
   CommonHelper.assertNotBlank("fields", this.fields);
   StateApi20 api20 = new LinkedInApi20();
   this.service =
       new LinkedInOAuth20ServiceImpl(
           api20,
           new OAuthConfig(
               this.key, this.secret, this.callbackUrl, SignatureType.Header, this.scope, null),
           this.connectTimeout,
           this.readTimeout,
           this.proxyHost,
           this.proxyPort);
 }
Beispiel #15
0
 @Override
 protected void verifyProfile(UserProfile userProfile) {
   final Google2Profile profile = (Google2Profile) userProfile;
   assertEquals("113675986756217860428", profile.getId());
   assertEquals(
       Google2Profile.class.getName() + UserProfile.SEPARATOR + "113675986756217860428",
       profile.getTypedId());
   assertTrue(ProfileHelper.isTypedIdOf(profile.getTypedId(), Google2Profile.class));
   assertTrue(CommonHelper.isNotBlank(profile.getAccessToken()));
   assertCommonProfile(
       userProfile,
       "*****@*****.**",
       "Jérôme",
       "ScribeUP",
       "Jérôme ScribeUP",
       null,
       Gender.MALE,
       Locale.ENGLISH,
       "https://lh4.googleusercontent.com/-fFUNeYqT6bk/AAAAAAAAAAI/AAAAAAAAAAA/5gBL6csVWio/photo.jpg",
       "https://plus.google.com/113675986756217860428",
       null);
   assertNull(profile.getBirthday());
   assertTrue(profile.getEmails() != null && profile.getEmails().size() == 1);
   assertEquals(9, profile.getAttributes().size());
 }
Beispiel #16
0
 @Override
 protected void verifyProfile(CommonProfile userProfile) {
   final PayPalProfile profile = (PayPalProfile) userProfile;
   assertEquals("YAxf5WKSFn4BG_l3wqcBJUSObQTG1Aww5FY0EDf_ccw", profile.getId());
   assertEquals(
       PayPalProfile.class.getName()
           + CommonProfile.SEPARATOR
           + "YAxf5WKSFn4BG_l3wqcBJUSObQTG1Aww5FY0EDf_ccw",
       profile.getTypedId());
   assertTrue(ProfileHelper.isTypedIdOf(profile.getTypedId(), PayPalProfile.class));
   assertTrue(CommonHelper.isNotBlank(profile.getAccessToken()));
   assertCommonProfile(
       userProfile,
       "*****@*****.**",
       "Test",
       "ScribeUP",
       "Test ScribeUP",
       null,
       Gender.UNSPECIFIED,
       Locale.FRANCE,
       null,
       null,
       "Europe/Berlin");
   final PayPalAddress address = profile.getAddress();
   assertEquals("FR", address.getCountry());
   assertEquals("Paris", address.getLocality());
   assertEquals("75001", address.getPostalCode());
   assertEquals("Adr1", address.getStreetAddress());
   final Locale language = profile.getLanguage();
   assertEquals(Locale.FRANCE, language);
   assertEquals(9, profile.getAttributes().size());
 }
Beispiel #17
0
 @Override
 protected void verifyProfile(UserProfile userProfile) {
   final TwitterProfile profile = (TwitterProfile) userProfile;
   assertEquals("488358057", profile.getId());
   assertEquals(
       TwitterProfile.class.getName() + UserProfile.SEPARATOR + "488358057", profile.getTypedId());
   assertTrue(ProfileHelper.isTypedIdOf(profile.getTypedId(), TwitterProfile.class));
   assertTrue(CommonHelper.isNotBlank(profile.getAccessToken()));
   assertCommonProfile(
       userProfile,
       null,
       null,
       null,
       "test scribeUP",
       "testscribeUP",
       Gender.UNSPECIFIED,
       Locale.UK,
       ".twimg.com/sticky/default_profile_images/default_profile_5_normal.png",
       "http://t.co/fNjYqp7wZ8",
       "New York");
   assertFalse(profile.getContributorsEnabled());
   assertEquals(
       TestsHelper.getFormattedDate(1328872224000L, "EEE MMM dd HH:mm:ss Z yyyy", Locale.US),
       profile.getCreatedAt().toString());
   assertTrue(profile.getDefaultProfile());
   assertTrue(profile.getDefaultProfileImage());
   assertEquals("biographie", profile.getDescription());
   assertEquals(0, profile.getFavouritesCount().intValue());
   assertFalse(profile.getFollowRequestSent());
   assertEquals(0, profile.getFollowersCount().intValue());
   assertFalse(profile.getFollowing());
   assertEquals(0, profile.getFriendsCount().intValue());
   assertFalse(profile.getGeoEnabled());
   assertFalse(profile.getIsTranslator());
   assertEquals(0, profile.getListedCount().intValue());
   assertFalse(profile.getNotifications());
   assertTrue(profile.getProfileBackgroundColor() instanceof Color);
   assertTrue(
       profile.getProfileBackgroundImageUrl().contains(".twimg.com/images/themes/theme1/bg.png"));
   assertTrue(
       profile.getProfileBackgroundImageUrlHttps().endsWith("/images/themes/theme1/bg.png"));
   assertFalse(profile.getProfileBackgroundTile());
   assertTrue(
       profile
           .getProfileImageUrlHttps()
           .endsWith("/sticky/default_profile_images/default_profile_5_normal.png"));
   assertTrue(profile.getProfileLinkColor() instanceof Color);
   assertTrue(profile.getProfileSidebarBorderColor() instanceof Color);
   assertTrue(profile.getProfileSidebarFillColor() instanceof Color);
   assertTrue(profile.getProfileTextColor() instanceof Color);
   assertTrue(profile.getProfileUseBackgroundImage());
   assertTrue(profile.getProtected());
   assertNull(profile.getShowAllInlineMedia());
   assertEquals(0, profile.getStatusesCount().intValue());
   assertEquals("Amsterdam", profile.getTimeZone());
   assertEquals(3600, profile.getUtcOffset().intValue());
   assertFalse(profile.getVerified());
   assertNotNull(profile.getAccessSecret());
   assertEquals(37, profile.getAttributes().size());
 }
Beispiel #18
0
 @Override
 protected void internalInit(final WebContext context) {
   super.internalInit(context);
   CommonHelper.assertNotNull("scope", this.scope);
   if (this.scope == Google2Scope.EMAIL) {
     this.scopeValue = this.EMAIL_SCOPE;
   } else if (this.scope == Google2Scope.PROFILE) {
     this.scopeValue = this.PROFILE_SCOPE;
   } else {
     this.scopeValue = this.PROFILE_SCOPE + " " + this.EMAIL_SCOPE;
   }
   this.service =
       new StateOAuth20ServiceImpl(
           new GoogleApi20(),
           new OAuthConfig(
               this.key,
               this.secret,
               computeFinalCallbackUrl(context),
               SignatureType.Header,
               this.scopeValue,
               null),
           this.connectTimeout,
           this.readTimeout,
           this.proxyHost,
           this.proxyPort,
           false,
           true);
 }
Beispiel #19
0
 @Override
 protected boolean hasBeenCancelled(final WebContext context) {
   final String denied = context.getRequestParameter("denied");
   if (CommonHelper.isNotBlank(denied)) {
     return true;
   } else {
     return false;
   }
 }
Beispiel #20
0
 public CredentialProvider(
     final String name, final String storePasswd, final String privateKeyPasswd) {
   InputStream inputStream = CommonHelper.getInputStreamFromName(name);
   KeyStore keyStore = loadKeyStore(inputStream, storePasswd);
   this.privateKey = getPrivateKeyAlias(keyStore);
   Map<String, String> passwords = new HashMap<String, String>();
   passwords.put(this.privateKey, privateKeyPasswd);
   this.credentialResolver = new KeyStoreCredentialResolver(keyStore, passwords);
 }
 protected Result redirectToOriginallyRequestedUrl(final WebContext context) {
   final String requestedUrl = (String) context.getSessionAttribute(Pac4jConstants.REQUESTED_URL);
   logger.debug("requestedUrl: {}", requestedUrl);
   if (CommonHelper.isNotBlank(requestedUrl)) {
     context.setSessionAttribute(Pac4jConstants.REQUESTED_URL, null);
     return redirect(requestedUrl);
   } else {
     return redirect(this.defaultUrl);
   }
 }
  private String buildCallbackUrlForAuthorizationCodeResponseType(
      final Authentication authentication, final Service service, final String redirectUri) {

    final OAuthCode code = this.oAuthCodeFactory.create(service, authentication);
    logger.debug("Generated OAuth code: {}", code);
    this.ticketRegistry.addTicket(code);

    final String state = authentication.getAttributes().get(OAuthConstants.STATE).toString();
    final String nonce = authentication.getAttributes().get(OAuthConstants.NONCE).toString();

    String callbackUrl = redirectUri;
    callbackUrl = CommonHelper.addParameter(callbackUrl, OAuthConstants.CODE, code.getId());
    if (StringUtils.isNotBlank(state)) {
      callbackUrl = CommonHelper.addParameter(callbackUrl, OAuthConstants.STATE, state);
    }
    if (StringUtils.isNotBlank(nonce)) {
      callbackUrl = CommonHelper.addParameter(callbackUrl, OAuthConstants.NONCE, nonce);
    }
    return callbackUrl;
  }
Beispiel #23
0
 @Override
 public String toString() {
   return CommonHelper.toString(
       this.getClass(),
       "requestToken",
       this.requestToken,
       "token",
       this.token,
       "verifier",
       this.verifier,
       "clientName",
       getClientName());
 }
 @Override
 public void validate(final TokenCredentials credentials) throws HttpAction {
   if (credentials == null) {
     throw new CredentialsException("credentials must not be null");
   }
   if (CommonHelper.isBlank(credentials.getToken())) {
     throw new CredentialsException("token must not be blank");
   }
   final String token = credentials.getToken();
   final CommonProfile profile = new CommonProfile();
   profile.setId(token);
   credentials.setUserProfile(profile);
 }
Beispiel #25
0
 /**
  * The code in this method is based on this blog post:
  * https://www.sammyk.me/the-single-most-important-way-to-make-your-facebook-app-more-secure and
  * this answer:
  * https://stackoverflow.com/questions/7124735/hmac-sha256-algorithm-for-signature-calculation
  *
  * @param url the URL to which we're adding the proof
  * @param token the application token we pass back and forth
  * @return URL with the appsecret_proof parameter added
  */
 protected String computeAppSecretProof(String url, Token token) {
   try {
     Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
     SecretKeySpec secret_key = new SecretKeySpec(this.secret.getBytes("UTF-8"), "HmacSHA256");
     sha256_HMAC.init(secret_key);
     String proof =
         org.apache.commons.codec.binary.Hex.encodeHexString(
             sha256_HMAC.doFinal(token.getToken().getBytes("UTF-8")));
     url = CommonHelper.addParameter(url, APPSECRET_PARAMETER, proof);
     return url;
   } catch (Exception e) {
     throw new TechnicalException("Unable to compute appsecret_proof", e);
   }
 }
 @Override
 public boolean isAuthorized(
     final WebContext context, final UserProfile profile, final List<Authorizer> authorizers) {
   // authorizations check comes after authentication and profile must not be null
   CommonHelper.assertNotNull("profile", profile);
   if (authorizers != null && authorizers.size() > 0) {
     // check authorizations using authorizers: all must be satisfied
     for (Authorizer authorizer : authorizers) {
       if (!authorizer.isAuthorized(context, profile)) {
         return false;
       }
     }
   }
   return true;
 }
 @Override
 public String toString() {
   return CommonHelper.toString(
       this.getClass(),
       "callbackUrl",
       this.callbackUrl,
       "name",
       getName(),
       "realmName",
       this.realmName,
       "headerName",
       this.headerName,
       "prefixHeader",
       this.prefixHeader,
       "authenticator",
       getAuthenticator(),
       "profileCreator",
       getProfileCreator());
 }
Beispiel #28
0
 @Override
 public String toString() {
   return CommonHelper.toString(
       this.getClass(),
       "name",
       getName(),
       "callbackUrl",
       getCallbackUrl(),
       "callbackUrlResolver",
       getCallbackUrlResolver(),
       "ajaxRequestResolver",
       getAjaxRequestResolver(),
       "redirectActionBuilder",
       getRedirectActionBuilder(),
       "credentialsExtractor",
       getCredentialsExtractor(),
       "authenticator",
       getAuthenticator(),
       "profileCreator",
       getProfileCreator(),
       "configuration",
       this.configuration);
 }
Beispiel #29
0
 @Override
 protected void internalInit(final WebContext context) {
   super.internalInit(context);
   CommonHelper.assertNotBlank("fields", this.fields);
   this.api20 = new ExtendedFacebookApi();
   if (StringUtils.isNotBlank(this.scope)) {
     this.service =
         new StateOAuth20ServiceImpl(
             this.api20,
             new OAuthConfig(
                 this.key,
                 this.secret,
                 computeFinalCallbackUrl(context),
                 SignatureType.Header,
                 this.scope,
                 null),
             this.connectTimeout,
             this.readTimeout,
             this.proxyHost,
             this.proxyPort);
   } else {
     this.service =
         new StateOAuth20ServiceImpl(
             this.api20,
             new OAuthConfig(
                 this.key,
                 this.secret,
                 computeFinalCallbackUrl(context),
                 SignatureType.Header,
                 null,
                 null),
             this.connectTimeout,
             this.readTimeout,
             this.proxyHost,
             this.proxyPort);
   }
 }
Beispiel #30
0
 @Override
 protected void internalInit() {
   CommonHelper.assertNotBlank("callbackUrl", this.callbackUrl);
   CommonHelper.assertNotNull("logoutHandler", this.logoutHandler);
   if (CommonHelper.isBlank(this.casLoginUrl) && CommonHelper.isBlank(this.casPrefixUrl)) {
     throw new TechnicalException("casLoginUrl and casPrefixUrl cannot be both blank");
   }
   if (this.casPrefixUrl != null && !this.casPrefixUrl.endsWith("/")) {
     this.casPrefixUrl += "/";
   }
   if (CommonHelper.isBlank(this.casPrefixUrl)) {
     this.casPrefixUrl = this.casLoginUrl.replaceFirst("/login", "/");
   } else if (CommonHelper.isBlank(this.casLoginUrl)) {
     this.casLoginUrl = this.casPrefixUrl + "login";
   }
   if (this.casProtocol == CasProtocol.CAS10) {
     this.ticketValidator = new Cas10TicketValidator(this.casPrefixUrl);
   } else if (this.casProtocol == CasProtocol.CAS20) {
     this.ticketValidator = new Cas20ServiceTicketValidator(this.casPrefixUrl);
     if (this.casProxyReceptor != null) {
       final Cas20ServiceTicketValidator cas20ServiceTicketValidator =
           (Cas20ServiceTicketValidator) this.ticketValidator;
       cas20ServiceTicketValidator.setProxyCallbackUrl(this.casProxyReceptor.getCallbackUrl());
       cas20ServiceTicketValidator.setProxyGrantingTicketStorage(
           this.casProxyReceptor.getProxyGrantingTicketStorage());
     }
   } else if (this.casProtocol == CasProtocol.CAS20_PROXY) {
     this.ticketValidator = new Cas20ProxyTicketValidator(this.casPrefixUrl);
     final Cas20ProxyTicketValidator cas20ProxyTicketValidator =
         (Cas20ProxyTicketValidator) this.ticketValidator;
     cas20ProxyTicketValidator.setAcceptAnyProxy(this.acceptAnyProxy);
     cas20ProxyTicketValidator.setAllowedProxyChains(this.allowedProxyChains);
     if (this.casProxyReceptor != null) {
       cas20ProxyTicketValidator.setProxyCallbackUrl(this.casProxyReceptor.getCallbackUrl());
       cas20ProxyTicketValidator.setProxyGrantingTicketStorage(
           this.casProxyReceptor.getProxyGrantingTicketStorage());
     }
   } else if (this.casProtocol == CasProtocol.SAML) {
     this.ticketValidator = new Saml11TicketValidator(this.casPrefixUrl);
   }
 }