initial exposing of BasicAuthRequestAuthenticator to make extensible
This commit is contained in:
Frank Schmager
Sebastien Blanc
parent
653d3f4f5d
commit
dda365e002
5 changed files with 49 additions and 6 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
|
@ -8,6 +8,9 @@
|
|||
.project
|
||||
.settings
|
||||
.classpath
|
||||
bin
|
||||
.factorypath
|
||||
|
||||
|
||||
# NetBeans #
|
||||
############
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
|
|||
return authenticateToken(exchange, atr.getToken());
|
||||
}
|
||||
|
||||
private AccessTokenResponse getToken(String username, String password) throws Exception {
|
||||
protected AccessTokenResponse getToken(String username, String password) throws Exception {
|
||||
AccessTokenResponse tokenResponse=null;
|
||||
HttpClient client = deployment.getClient();
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,13 @@
|
|||
package org.keycloak.adapters.springsecurity.authentication;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.keycloak.adapters.AdapterTokenStore;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.RequestAuthenticator;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
|
||||
public interface RequestAuthenticatorFactory {
|
||||
RequestAuthenticator createRequestAuthenticator(HttpFacade facade, HttpServletRequest request,
|
||||
KeycloakDeployment deployment, AdapterTokenStore tokenStore, int sslRedirectPort);
|
||||
}
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
package org.keycloak.adapters.springsecurity.authentication;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.keycloak.adapters.AdapterTokenStore;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.RequestAuthenticator;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
|
||||
public class SpringSecurityRequestAuthenticatorFactor implements RequestAuthenticatorFactory {
|
||||
@Override
|
||||
public RequestAuthenticator createRequestAuthenticator(HttpFacade facade,
|
||||
HttpServletRequest request, KeycloakDeployment deployment, AdapterTokenStore tokenStore,
|
||||
int sslRedirectPort) {
|
||||
return new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, sslRedirectPort);
|
||||
}
|
||||
}
|
||||
|
|
@ -27,16 +27,15 @@ import javax.servlet.http.HttpServletResponse;
|
|||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.adapters.AdapterDeploymentContext;
|
||||
import org.keycloak.adapters.AdapterTokenStore;
|
||||
import org.keycloak.adapters.AuthenticatedActionsHandler;
|
||||
import org.keycloak.adapters.KeycloakDeployment;
|
||||
import org.keycloak.adapters.OIDCHttpFacade;
|
||||
import org.keycloak.adapters.RequestAuthenticator;
|
||||
import org.keycloak.adapters.spi.AuthChallenge;
|
||||
import org.keycloak.adapters.spi.AuthOutcome;
|
||||
import org.keycloak.adapters.spi.HttpFacade;
|
||||
import org.keycloak.adapters.springsecurity.KeycloakAuthenticationException;
|
||||
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationFailureHandler;
|
||||
import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticator;
|
||||
import org.keycloak.adapters.springsecurity.authentication.RequestAuthenticatorFactory;
|
||||
import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticatorFactor;
|
||||
import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
|
||||
import org.keycloak.adapters.springsecurity.token.AdapterTokenStoreFactory;
|
||||
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
|
||||
|
|
@ -85,6 +84,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
|
|||
private AdapterDeploymentContext adapterDeploymentContext;
|
||||
private AdapterTokenStoreFactory adapterTokenStoreFactory = new SpringSecurityAdapterTokenStoreFactory();
|
||||
private AuthenticationManager authenticationManager;
|
||||
private RequestAuthenticatorFactory requestAuthenticatorFactory = new SpringSecurityRequestAuthenticatorFactor();
|
||||
|
||||
/**
|
||||
* Creates a new Keycloak authentication processing filter with given {@link AuthenticationManager} and the
|
||||
|
|
@ -144,7 +144,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
|
|||
|
||||
AdapterTokenStore tokenStore = adapterTokenStoreFactory.createAdapterTokenStore(deployment, request);
|
||||
RequestAuthenticator authenticator
|
||||
= new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, -1);
|
||||
= requestAuthenticatorFactory.createRequestAuthenticator(facade, request, deployment, tokenStore, -1);
|
||||
|
||||
AuthOutcome result = authenticator.authenticate();
|
||||
log.debug("Auth outcome: {}", result);
|
||||
|
|
@ -251,4 +251,14 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
|
|||
public final void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication) {
|
||||
throw new UnsupportedOperationException("This filter does not support explicitly setting a continue chain before success policy");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the request authenticator factory to use when creating per-request authenticators.
|
||||
*
|
||||
* @param requestAuthenticatorFactory the <code>RequestAuthenticatorFactory</code> to use
|
||||
*/
|
||||
public void setRequestAuthenticatorFactory(RequestAuthenticatorFactory requestAuthenticatorFactory) {
|
||||
Assert.notNull(requestAuthenticatorFactory, "RequestAuthenticatorFactory cannot be null");
|
||||
this.requestAuthenticatorFactory = requestAuthenticatorFactory;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue