initial exposing of BasicAuthRequestAuthenticator to make extensible

This commit is contained in:
Frank Schmager 2018-08-14 11:25:36 -04:00 committed by Sebastien Blanc
parent 653d3f4f5d
commit dda365e002
5 changed files with 49 additions and 6 deletions

3
.gitignore vendored
View file

@ -8,6 +8,9 @@
.project
.settings
.classpath
bin
.factorypath
# NetBeans #
############

View file

@ -85,7 +85,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
return authenticateToken(exchange, atr.getToken());
}
private AccessTokenResponse getToken(String username, String password) throws Exception {
protected AccessTokenResponse getToken(String username, String password) throws Exception {
AccessTokenResponse tokenResponse=null;
HttpClient client = deployment.getClient();

View file

@ -0,0 +1,13 @@
package org.keycloak.adapters.springsecurity.authentication;
import javax.servlet.http.HttpServletRequest;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.HttpFacade;
public interface RequestAuthenticatorFactory {
RequestAuthenticator createRequestAuthenticator(HttpFacade facade, HttpServletRequest request,
KeycloakDeployment deployment, AdapterTokenStore tokenStore, int sslRedirectPort);
}

View file

@ -0,0 +1,17 @@
package org.keycloak.adapters.springsecurity.authentication;
import javax.servlet.http.HttpServletRequest;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.HttpFacade;
public class SpringSecurityRequestAuthenticatorFactor implements RequestAuthenticatorFactory {
@Override
public RequestAuthenticator createRequestAuthenticator(HttpFacade facade,
HttpServletRequest request, KeycloakDeployment deployment, AdapterTokenStore tokenStore,
int sslRedirectPort) {
return new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, sslRedirectPort);
}
}

View file

@ -27,16 +27,15 @@ import javax.servlet.http.HttpServletResponse;
import org.keycloak.OAuth2Constants;
import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.AuthenticatedActionsHandler;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OIDCHttpFacade;
import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.AuthChallenge;
import org.keycloak.adapters.spi.AuthOutcome;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.springsecurity.KeycloakAuthenticationException;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationFailureHandler;
import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticator;
import org.keycloak.adapters.springsecurity.authentication.RequestAuthenticatorFactory;
import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticatorFactor;
import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
import org.keycloak.adapters.springsecurity.token.AdapterTokenStoreFactory;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
@ -85,6 +84,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
private AdapterDeploymentContext adapterDeploymentContext;
private AdapterTokenStoreFactory adapterTokenStoreFactory = new SpringSecurityAdapterTokenStoreFactory();
private AuthenticationManager authenticationManager;
private RequestAuthenticatorFactory requestAuthenticatorFactory = new SpringSecurityRequestAuthenticatorFactor();
/**
* Creates a new Keycloak authentication processing filter with given {@link AuthenticationManager} and the
@ -144,7 +144,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
AdapterTokenStore tokenStore = adapterTokenStoreFactory.createAdapterTokenStore(deployment, request);
RequestAuthenticator authenticator
= new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, -1);
= requestAuthenticatorFactory.createRequestAuthenticator(facade, request, deployment, tokenStore, -1);
AuthOutcome result = authenticator.authenticate();
log.debug("Auth outcome: {}", result);
@ -251,4 +251,14 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
public final void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication) {
throw new UnsupportedOperationException("This filter does not support explicitly setting a continue chain before success policy");
}
/**
* Sets the request authenticator factory to use when creating per-request authenticators.
*
* @param requestAuthenticatorFactory the <code>RequestAuthenticatorFactory</code> to use
*/
public void setRequestAuthenticatorFactory(RequestAuthenticatorFactory requestAuthenticatorFactory) {
Assert.notNull(requestAuthenticatorFactory, "RequestAuthenticatorFactory cannot be null");
this.requestAuthenticatorFactory = requestAuthenticatorFactory;
}
}