Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
NOJIRA: Support for callback URL not ending with "callback"
Added additional property for callbackSuffix - callback url suffix doesn't have to be "/callback" now (still the default).
  • Loading branch information
chasegawa committed Aug 16, 2024
1 parent 5330cd4 commit ad1f0f2
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 3 deletions.
Expand Up @@ -17,6 +17,7 @@ public class Pac4jConfigurationProperties {

final static String DEFAULT_AUTH_HEADER = "REMOTE_USER";
private String authenticationHeader = DEFAULT_AUTH_HEADER;
private String callbackSuffix = "/callback";
private String callbackUrl;
private boolean forceServiceProviderMetadataGeneration = false;
private String identityProviderMetadataPath = "/tmp/idp-metadata.xml";
Expand All @@ -32,7 +33,7 @@ public class Pac4jConfigurationProperties {
private String postLogoutURL;

private boolean wantAssertionsSigned = true;

@Getter
@Setter
public static class SimpleProfileMapping {
Expand Down
Expand Up @@ -92,8 +92,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// add correct auth filter
switch (pac4jConfigurationProperties.getTypeOfAuth()) {
case "SAML2":
ShibuiCallbackFilter callbackFilter = new ShibuiCallbackFilter(this.config);
http.securityMatcher("/callback*").addFilterBefore(callbackFilter, BasicAuthenticationFilter.class);
String callbackSuffix = pac4jConfigurationProperties.getCallbackSuffix();
ShibuiCallbackFilter callbackFilter = new ShibuiCallbackFilter(this.config, callbackSuffix);
http.securityMatcher(callbackSuffix +"*").addFilterBefore(callbackFilter, BasicAuthenticationFilter.class);
break;
case "HEADER":
final SecurityFilter securityFilterForHeader = new SecurityFilter(this.config, PAC4J_CLIENT_NAME);
Expand Down
Expand Up @@ -55,6 +55,23 @@ protected HttpAction redirectToOriginallyRequestedUrl(CallContext ctx, String de
setConfig(config);
}

public ShibuiCallbackFilter(Config config, String callbackSuffix) {
// Added this because we were seeing odd behavior where the favicon request was getting in the mix and the return to the
// dashboard url was getting lost.
config.setCallbackLogicIfUndefined(new DefaultCallbackLogic() {
@Override
protected HttpAction redirectToOriginallyRequestedUrl(CallContext ctx, String defaultUrl) {
HttpAction action = super.redirectToOriginallyRequestedUrl(ctx, defaultUrl);
if (action instanceof SeeOtherAction && ((SeeOtherAction) action).getLocation().contains("favicon")) {
return new FoundAction(defaultUrl);
}
return action;
}
});
setConfig(config);
suffix = callbackSuffix;
}

@Override
public void init(final FilterConfig filterConfig) throws ServletException {
super.init(filterConfig);
Expand Down

0 comments on commit ad1f0f2

Please sign in to comment.