From 41a44414a9fed9b3e7ebbadee9b63facdd6416db Mon Sep 17 00:00:00 2001
From: chasegawa <chasegawa@unicon.net>
Date: Wed, 29 Sep 2021 12:55:22 -0700
Subject: [PATCH] SHIBUI-2111

merge gone bad resolution
---
 .../ShibuiPac4JHeaderClientAuthenticator.java | 40 +++++++++++++++++++
 .../ShibuiSAML2Authenticator.java             | 32 +++++++++++++++
 2 files changed, 72 insertions(+)
 create mode 100644 pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiPac4JHeaderClientAuthenticator.java
 create mode 100644 pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiSAML2Authenticator.java

diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiPac4JHeaderClientAuthenticator.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiPac4JHeaderClientAuthenticator.java
new file mode 100644
index 000000000..1109b5d72
--- /dev/null
+++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiPac4JHeaderClientAuthenticator.java
@@ -0,0 +1,40 @@
+package net.unicon.shibui.pac4j.authenticator;
+
+import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService;
+import lombok.AllArgsConstructor;
+import org.apache.commons.lang3.StringUtils;
+import org.pac4j.core.context.WebContext;
+import org.pac4j.core.credentials.Credentials;
+import org.pac4j.core.credentials.TokenCredentials;
+import org.pac4j.core.credentials.authenticator.Authenticator;
+import org.pac4j.core.exception.CredentialsException;
+import org.pac4j.core.profile.CommonProfile;
+
+/**
+ * Handles parsing the header tokens when using the Pac4J Header client
+ */
+@AllArgsConstructor
+public class ShibuiPac4JHeaderClientAuthenticator implements Authenticator {
+    private UserService userService;
+
+    @Override
+    public void validate(Credentials credentials, WebContext context) {
+        {
+            if (credentials instanceof TokenCredentials) {
+                TokenCredentials creds = (TokenCredentials) credentials;
+                String token = creds.getToken();
+                if (StringUtils.isAllBlank(token)) {
+                    throw new CredentialsException("Supplied token value in header was missing or blank");
+                }
+            } else {
+                throw new CredentialsException("Invalid Credentials object generated by HeaderClient");
+            }
+            final CommonProfile profile = new CommonProfile();
+            String token = ((TokenCredentials) credentials).getToken();
+            profile.setId(token);
+            profile.addAttribute("username", token);
+            profile.setRoles(userService.getUserRoles(token));
+            credentials.setUserProfile(profile);
+        }
+    }
+}
\ No newline at end of file
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiSAML2Authenticator.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiSAML2Authenticator.java
new file mode 100644
index 000000000..c5eb8f18b
--- /dev/null
+++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/authenticator/ShibuiSAML2Authenticator.java
@@ -0,0 +1,32 @@
+package net.unicon.shibui.pac4j.authenticator;
+
+import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService;
+import lombok.AllArgsConstructor;
+import org.pac4j.core.context.WebContext;
+import org.pac4j.core.profile.CommonProfile;
+import org.pac4j.saml.credentials.SAML2Credentials;
+import org.pac4j.saml.credentials.authenticator.SAML2Authenticator;
+
+import java.util.Map;
+
+public class ShibuiSAML2Authenticator extends SAML2Authenticator {
+    private final UserService userService;
+
+    public ShibuiSAML2Authenticator(final String attributeAsId, final Map<String, String> mappedAttributes, UserService userService) {
+        super(attributeAsId, mappedAttributes);
+        this.userService = userService;
+    }
+
+    /**
+     * After setting up the information for the user from the SAML, add user roles from the DB if they exist
+     * @param credentials
+     * @param context
+     */
+    @Override
+    public void validate(final SAML2Credentials credentials, final WebContext context) {
+        super.validate(credentials, context);
+        CommonProfile profile = credentials.getUserProfile();
+        profile.setRoles(userService.getUserRoles(profile.getUsername()));
+        credentials.setUserProfile(profile);
+    }
+}
\ No newline at end of file