adding pac4j header authentication - very much a WIP

TIER · Apr 21, 2021 · ce6489c · ce6489c
1 parent e02aebe
commit ce6489c
Show file tree

Hide file tree

Showing 4 changed files with 106 additions and 0 deletions.
diff --git a/pac4j-module/build.gradle b/pac4j-module/build.gradle
@@ -26,6 +26,7 @@ dependencies {
     compileOnly project(':backend')
 
     compile "org.pac4j:spring-security-pac4j:4.0.0"
+    compile "org.pac4j:pac4j-http:4.0.0"
     compile "org.pac4j:pac4j-core:3.3.0"
     compile "org.pac4j:pac4j-saml:3.3.0", {
         // opensaml libraries are provided

diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/HeaderClient.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/HeaderClient.java
@@ -0,0 +1,77 @@
+package net.unicon.shibui.pac4j;
+
+import org.pac4j.core.client.DirectClient;
+import org.pac4j.core.credentials.authenticator.Authenticator;
+import org.pac4j.core.profile.creator.ProfileCreator;
+import org.pac4j.core.util.CommonHelper;
+import org.pac4j.core.credentials.extractor.HeaderExtractor;
+
+
+public abstract class HeaderClient extends DirectClient {
+
+    private String headerName = "";
+
+    private String prefixHeader = "";
+
+    public HeaderClient() {}
+
+    public HeaderClient(final String headerName, final Authenticator tokenAuthenticator) {
+        this.headerName = headerName;
+        defaultAuthenticator(tokenAuthenticator);
+    }
+
+    public HeaderClient(final String headerName, final String prefixHeader,
+                        final Authenticator tokenAuthenticator) {
+        this.headerName = headerName;
+        this.prefixHeader = prefixHeader;
+        defaultAuthenticator(tokenAuthenticator);
+    }
+
+    public HeaderClient(final String headerName, final Authenticator tokenAuthenticator,
+                        final ProfileCreator profileCreator) {
+        this.headerName = headerName;
+        defaultAuthenticator(tokenAuthenticator);
+        defaultProfileCreator(profileCreator);
+    }
+
+    public HeaderClient(final String headerName, final String prefixHeader,
+                        final Authenticator tokenAuthenticator, final ProfileCreator profileCreator) {
+        this.headerName = headerName;
+        this.prefixHeader = prefixHeader;
+        defaultAuthenticator(tokenAuthenticator);
+        defaultProfileCreator(profileCreator);
+    }
+
+//    @Override
+//    protected void internalInit() {
+//        if (getCredentialsExtractor() == null) {
+//            CommonHelper.assertNotBlank("headerName", this.headerName);
+//            CommonHelper.assertNotNull("prefixHeader", this.prefixHeader);
+//
+//            defaultCredentialsExtractor(new HeaderExtractor(this.headerName, this.prefixHeader));
+//        }
+//    }
+
+    public String getHeaderName() {
+        return headerName;
+    }
+
+    public void setHeaderName(String headerName) {
+        this.headerName = headerName;
+    }
+
+    public String getPrefixHeader() {
+        return prefixHeader;
+    }
+
+    public void setPrefixHeader(String prefixHeader) {
+        this.prefixHeader = prefixHeader;
+    }
+
+    @Override
+    public String toString() {
+        return CommonHelper.toNiceString(this.getClass(), "name", getName(), "headerName", this.headerName,
+                "prefixHeader", this.prefixHeader, "extractor", getCredentialsExtractor(), "authenticator", getAuthenticator(),
+                "profileCreator", getProfileCreator());
+    }
+}
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java
@@ -3,6 +3,8 @@
 import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository;
 import org.pac4j.core.client.Clients;
 import org.pac4j.core.config.Config;
+import org.pac4j.core.credentials.TokenCredentials;
+import org.pac4j.core.profile.CommonProfile;
 import org.pac4j.core.profile.definition.CommonProfileDefinition;
 import org.pac4j.saml.client.SAML2Client;
 import org.pac4j.saml.client.SAML2ClientConfiguration;
@@ -47,4 +49,26 @@ public Config config(final Pac4jConfigurationProperties pac4jConfigurationProper
         final Config config = new Config(clients);
         return config;
     }
+
+    @Bean
+    public Config headerConfig() {
+        HeaderClient client = new HeaderClient("Authorization", "Basic ", (credentials, ctx) -> {
+            String token = ((TokenCredentials) credentials).getToken();
+            // check the token and create a profile
+            if ("goodToken".equals(token)) {
+                CommonProfile profile = new CommonProfile();
+                profile.setId("myId");
+                // save in the credentials to be passed to the default AuthenticatorProfileCreator
+                credentials.setUserProfile(profile);
+            }
+        }) {
+                @Override
+                protected void clientInit() {
+                }
+            };
+
+        final Config config = new Config(client);
+        return config;
+    }
+
 }
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java
@@ -21,6 +21,7 @@ public class Pac4jConfigurationProperties {
     private String callbackUrl;
     private boolean wantAssertionsSigned = true;
     private SAML2ProfileMapping saml2ProfileMapping;
+    private boolean enableHeaderAuthentication = true;
 
     public static class SAML2ProfileMapping {
         private String username;
@@ -148,4 +149,7 @@ public SAML2ProfileMapping getSaml2ProfileMapping() {
     public void setSaml2ProfileMapping(SAML2ProfileMapping saml2ProfileMapping) {
         this.saml2ProfileMapping = saml2ProfileMapping;
     }
+
+    public boolean getEnableHeaderAuthentication() { return enableHeaderAuthentication; }
+
 }