From a6ed8ff6917ed1d03cbb2cfb87ade69acfc08f6d Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 15 Jan 2019 16:04:21 -0700 Subject: [PATCH] [SHIBUI-1029] First pass at adding a custom new user filter. --- .../unicon/shibui/pac4j/AddNewUserFilter.java | 45 +++++++++++++++++++ .../net/unicon/shibui/pac4j/WebSecurity.java | 13 ++++-- 2 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java new file mode 100644 index 000000000..646c1a3b0 --- /dev/null +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java @@ -0,0 +1,45 @@ +package net.unicon.shibui.pac4j; + +import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; +import org.springframework.security.core.userdetails.UserDetails; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import java.io.IOException; +import java.security.Principal; + +/** + * @author Bill Smith (wsmith@unicon.net) + */ +public class AddNewUserFilter implements Filter { + + private UserRepository userRepository; + + public AddNewUserFilter(UserRepository userRepository) { + this.userRepository = userRepository; + } + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + + } + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { + Principal principal = ((HttpServletRequest) request).getUserPrincipal(); + String username = principal.getName(); + System.out.println("WOO! Principal: " + username); + + chain.doFilter(request, response); + } + + @Override + public void destroy() { + + } +} diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java index e3ff9d4b6..a20f59ebe 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java @@ -1,5 +1,7 @@ package net.unicon.shibui.pac4j; +import edu.internet2.tier.shibboleth.admin.ui.security.model.User; +import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; import org.pac4j.core.config.Config; import org.pac4j.springframework.security.web.CallbackFilter; import org.pac4j.springframework.security.web.SecurityFilter; @@ -17,8 +19,8 @@ @AutoConfigureOrder(-1) public class WebSecurity { @Bean("webSecurityConfig") - public WebSecurityConfigurerAdapter webSecurityConfigurerAdapter(final Config config) { - return new Pac4jWebSecurityConfigurerAdapter(config); + public WebSecurityConfigurerAdapter webSecurityConfigurerAdapter(final Config config, UserRepository userRepository) { + return new Pac4jWebSecurityConfigurerAdapter(config, userRepository); } @Configuration @@ -33,9 +35,11 @@ protected void configure(HttpSecurity http) throws Exception { @Order(1) public static class Pac4jWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { private final Config config; + private UserRepository userRepository; - public Pac4jWebSecurityConfigurerAdapter(final Config config) { + public Pac4jWebSecurityConfigurerAdapter(final Config config, UserRepository userRepository) { this.config = config; + this.userRepository = userRepository; } @Override @@ -48,6 +52,9 @@ protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().fullyAuthenticated(); http.addFilterBefore(securityFilter, BasicAuthenticationFilter.class); + + http.addFilterBefore(new AddNewUserFilter(userRepository), BasicAuthenticationFilter.class); + http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS); // http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());