diff --git a/pac4j-module/build.gradle b/pac4j-module/build.gradle index 2d952a4c8..18eb7be38 100644 --- a/pac4j-module/build.gradle +++ b/pac4j-module/build.gradle @@ -26,6 +26,7 @@ dependencies { compileOnly project(':backend') compile "org.pac4j:spring-security-pac4j:4.0.0" + compile "org.pac4j:pac4j-http:4.0.0" compile "org.pac4j:pac4j-core:3.3.0" compile "org.pac4j:pac4j-saml:3.3.0", { // opensaml libraries are provided diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/HeaderClient.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/HeaderClient.java new file mode 100644 index 000000000..95ed9e414 --- /dev/null +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/HeaderClient.java @@ -0,0 +1,77 @@ +package net.unicon.shibui.pac4j; + +import org.pac4j.core.client.DirectClient; +import org.pac4j.core.credentials.authenticator.Authenticator; +import org.pac4j.core.profile.creator.ProfileCreator; +import org.pac4j.core.util.CommonHelper; +import org.pac4j.core.credentials.extractor.HeaderExtractor; + + +public abstract class HeaderClient extends DirectClient { + + private String headerName = ""; + + private String prefixHeader = ""; + + public HeaderClient() {} + + public HeaderClient(final String headerName, final Authenticator tokenAuthenticator) { + this.headerName = headerName; + defaultAuthenticator(tokenAuthenticator); + } + + public HeaderClient(final String headerName, final String prefixHeader, + final Authenticator tokenAuthenticator) { + this.headerName = headerName; + this.prefixHeader = prefixHeader; + defaultAuthenticator(tokenAuthenticator); + } + + public HeaderClient(final String headerName, final Authenticator tokenAuthenticator, + final ProfileCreator profileCreator) { + this.headerName = headerName; + defaultAuthenticator(tokenAuthenticator); + defaultProfileCreator(profileCreator); + } + + public HeaderClient(final String headerName, final String prefixHeader, + final Authenticator tokenAuthenticator, final ProfileCreator profileCreator) { + this.headerName = headerName; + this.prefixHeader = prefixHeader; + defaultAuthenticator(tokenAuthenticator); + defaultProfileCreator(profileCreator); + } + +// @Override +// protected void internalInit() { +// if (getCredentialsExtractor() == null) { +// CommonHelper.assertNotBlank("headerName", this.headerName); +// CommonHelper.assertNotNull("prefixHeader", this.prefixHeader); +// +// defaultCredentialsExtractor(new HeaderExtractor(this.headerName, this.prefixHeader)); +// } +// } + + public String getHeaderName() { + return headerName; + } + + public void setHeaderName(String headerName) { + this.headerName = headerName; + } + + public String getPrefixHeader() { + return prefixHeader; + } + + public void setPrefixHeader(String prefixHeader) { + this.prefixHeader = prefixHeader; + } + + @Override + public String toString() { + return CommonHelper.toNiceString(this.getClass(), "name", getName(), "headerName", this.headerName, + "prefixHeader", this.prefixHeader, "extractor", getCredentialsExtractor(), "authenticator", getAuthenticator(), + "profileCreator", getProfileCreator()); + } +} diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java index d96e4b352..21ece558b 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java @@ -3,6 +3,8 @@ import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; import org.pac4j.core.client.Clients; import org.pac4j.core.config.Config; +import org.pac4j.core.credentials.TokenCredentials; +import org.pac4j.core.profile.CommonProfile; import org.pac4j.core.profile.definition.CommonProfileDefinition; import org.pac4j.saml.client.SAML2Client; import org.pac4j.saml.client.SAML2ClientConfiguration; @@ -47,4 +49,26 @@ public Config config(final Pac4jConfigurationProperties pac4jConfigurationProper final Config config = new Config(clients); return config; } + + @Bean + public Config headerConfig() { + HeaderClient client = new HeaderClient("Authorization", "Basic ", (credentials, ctx) -> { + String token = ((TokenCredentials) credentials).getToken(); + // check the token and create a profile + if ("goodToken".equals(token)) { + CommonProfile profile = new CommonProfile(); + profile.setId("myId"); + // save in the credentials to be passed to the default AuthenticatorProfileCreator + credentials.setUserProfile(profile); + } + }) { + @Override + protected void clientInit() { + } + }; + + final Config config = new Config(client); + return config; + } + } diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java index 47defac65..8103f7356 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java @@ -21,6 +21,7 @@ public class Pac4jConfigurationProperties { private String callbackUrl; private boolean wantAssertionsSigned = true; private SAML2ProfileMapping saml2ProfileMapping; + private boolean enableHeaderAuthentication = true; public static class SAML2ProfileMapping { private String username; @@ -148,4 +149,7 @@ public SAML2ProfileMapping getSaml2ProfileMapping() { public void setSaml2ProfileMapping(SAML2ProfileMapping saml2ProfileMapping) { this.saml2ProfileMapping = saml2ProfileMapping; } + + public boolean getEnableHeaderAuthentication() { return enableHeaderAuthentication; } + }