List of usage examples for io.vertx.core.json JsonObject getString
public String getString(String key)
From source file:org.entcore.auth.Auth.java
License:Open Source License
@Override public void start() throws Exception { final EventBus eb = getEventBus(vertx); super.start(); setDefaultResourceFilter(new AuthResourcesProvider(new Neo(vertx, eb, null))); final UserAuthAccount userAuthAccount = new DefaultUserAuthAccount(vertx, config); final EventStore eventStore = EventStoreFactory.getFactory().getEventStore(Auth.class.getSimpleName()); AuthController authController = new AuthController(); authController.setEventStore(eventStore); authController.setUserAuthAccount(userAuthAccount); addController(authController);/*from ww w .j a va2s .co m*/ final ConfigurationController configurationController = new ConfigurationController(); configurationController.setConfigurationService(new DefaultConfigurationService()); addController(configurationController); final String samlMetadataFolder = config.getString("saml-metadata-folder"); if (samlMetadataFolder != null && !samlMetadataFolder.trim().isEmpty()) { vertx.fileSystem().readDir(samlMetadataFolder, new Handler<AsyncResult<List<String>>>() { @Override public void handle(AsyncResult<List<String>> event) { if (event.succeeded() && event.result().size() > 0) { try { SamlController samlController = new SamlController(); JsonObject conf = config; vertx.deployVerticle(SamlValidator.class, new DeploymentOptions().setConfig(conf).setWorker(true)); samlController.setEventStore(eventStore); samlController.setUserAuthAccount(userAuthAccount); samlController.setServiceProviderFactory(new DefaultServiceProviderFactory( config.getJsonObject("saml-services-providers"))); samlController .setSignKey((String) vertx.sharedData().getLocalMap("server").get("signKey")); samlController.setSamlWayfParams(config.getJsonObject("saml-wayf")); samlController.setIgnoreCallBackPattern(config.getString("ignoreCallBackPattern")); addController(samlController); LocalMap<Object, Object> server = vertx.sharedData().getLocalMap("server"); if (server != null) { String loginUri = config.getString("loginUri"); String callbackParam = config.getString("callbackParam"); if (loginUri != null && !loginUri.trim().isEmpty()) { server.putIfAbsent("loginUri", loginUri); } if (callbackParam != null && !callbackParam.trim().isEmpty()) { server.putIfAbsent("callbackParam", callbackParam); } final JsonObject authLocations = config.getJsonObject("authLocations"); if (authLocations != null && authLocations.size() > 0) { server.putIfAbsent("authLocations", authLocations.encode()); } } } catch (ConfigurationException e) { log.error("Saml loading error.", e); } } } }); } final JsonObject openidFederate = config.getJsonObject("openid-federate"); final JsonObject openidConnect = config.getJsonObject("openid-connect"); final OpenIdConnectController openIdConnectController; if (openidFederate != null || openidConnect != null) { openIdConnectController = new OpenIdConnectController(); addController(openIdConnectController); } else { openIdConnectController = null; } if (openidConnect != null) { final String certsPath = openidConnect.getString("certs"); if (isNotEmpty(certsPath)) { JWT.listCertificates(vertx, certsPath, new Handler<JsonObject>() { @Override public void handle(JsonObject certs) { openIdConnectController.setCertificates(certs); } }); } } if (openidFederate != null) { openIdConnectController.setEventStore(eventStore); openIdConnectController.setUserAuthAccount(userAuthAccount); openIdConnectController.setSignKey((String) vertx.sharedData().getLocalMap("server").get("signKey")); openIdConnectController.setOpenIdConnectServiceProviderFactory( new DefaultOpenIdServiceProviderFactory(vertx, openidFederate.getJsonObject("domains"))); openIdConnectController.setSubMapping(openidFederate.getBoolean("authorizeSubMapping", false)); final JsonArray authorizedHostsLogin = openidFederate.getJsonArray("authorizedHostsLogin"); if (authorizedHostsLogin != null && authorizedHostsLogin.size() > 0) { authController.setAuthorizedHostsLogin(authorizedHostsLogin); } } }
From source file:org.entcore.auth.controllers.AbstractFederateController.java
License:Open Source License
protected void authenticate(JsonObject res, String sessionIndex, String nameId, HttpServerRequest request) { final String userId = res.getString("id"); final String activationCode = res.getString("activationCode"); final String login = res.getString("login"); final String email = res.getString("email"); final String mobile = res.getString("mobile"); if (userId != null) { userAuthAccount.storeDomain(userId, getHost(request), getScheme(request), new Handler<Boolean>() { @Override/* ww w.j av a2s. com*/ public void handle(Boolean event) { if (Boolean.FALSE.equals(event)) { log.error("[Federate] Error while storing last known domain for user " + userId); } } }); } if (activationCode != null && login != null) { activateUser(activationCode, login, email, mobile, sessionIndex, nameId, request); } else if (activationCode == null && userId != null && !userId.trim().isEmpty()) { log.info("Connexion de l'utilisateur fdr " + login); eventStore.createAndStoreEvent(AuthController.AuthEvent.LOGIN.name(), login); createSession(userId, sessionIndex, nameId, request); } else { redirect(request, LOGIN_PAGE); } }
From source file:org.entcore.auth.controllers.AuthController.java
License:Open Source License
@Override public void init(Vertx vertx, JsonObject config, RouteMatcher rm, Map<String, fr.wseduc.webutils.security.SecuredAction> securedActions) { super.init(vertx, config, rm, securedActions); JsonObject oic = config.getJsonObject("openid-connect"); OpenIdConnectService openIdConnectService = (oic != null) ? new DefaultOpendIdConnectService(oic.getString("iss"), vertx, oic.getString("keys")) : null;/*ww w .j a va 2 s . c o m*/ checkFederatedLogin = config.getBoolean("check-federated-login", false); oauthDataFactory = new OAuthDataHandlerFactory(Neo4j.getInstance(), MongoDb.getInstance(), openIdConnectService, checkFederatedLogin); GrantHandlerProvider grantHandlerProvider = new DefaultGrantHandlerProvider(); ClientCredentialFetcher clientCredentialFetcher = new ClientCredentialFetcherImpl(); token = new Token(); token.setDataHandlerFactory(oauthDataFactory); token.setGrantHandlerProvider(grantHandlerProvider); token.setClientCredentialFetcher(clientCredentialFetcher); AccessTokenFetcherProvider accessTokenFetcherProvider = new DefaultAccessTokenFetcherProvider(); protectedResource = new ProtectedResource(); protectedResource.setDataHandlerFactory(oauthDataFactory); protectedResource.setAccessTokenFetcherProvider(accessTokenFetcherProvider); passwordPattern = Pattern.compile(config.getString("passwordRegex", ".{8}.*")); LocalMap<Object, Object> server = vertx.sharedData().getLocalMap("server"); if (server != null && server.get("smsProvider") != null) smsProvider = (String) server.get("smsProvider"); slo = config.getBoolean("slo", false); // if (server != null) { // Boolean cluster = (Boolean) server.get("cluster"); // if (Boolean.TRUE.equals(cluster)) { // ClusterManager cm = ((VertxInternal) vertx).clusterManager(); // invalidEmails = cm.getSyncMap("invalidEmails"); // } else { // invalidEmails = vertx.sharedData().getMap("invalidEmails"); // } // } else { invalidEmails = MapFactory.getSyncClusterMap("invalidEmails", vertx); internalAddress = config.getJsonArray("internalAddress", new fr.wseduc.webutils.collections.JsonArray().add("localhost").add("127.0.0.1")).getList(); }
From source file:org.entcore.auth.controllers.AuthController.java
License:Open Source License
@Post("/forgot-id") public void forgetId(final HttpServerRequest request) { RequestUtils.bodyToJson(request, new io.vertx.core.Handler<JsonObject>() { public void handle(JsonObject data) { final String mail = data.getString("mail"); final String service = data.getString("service"); final String firstName = data.getString("firstName"); final String structure = data.getString("structureId"); if (mail == null || mail.trim().isEmpty()) { badRequest(request);// w w w.j a v a 2s . com return; } userAuthAccount.findByMailAndFirstNameAndStructure(mail, firstName, structure, new io.vertx.core.Handler<Either<String, JsonArray>>() { @Override public void handle(Either<String, JsonArray> event) { //No user with that email, or more than one found. if (event.isLeft()) { badRequest(request, event.left().getValue()); return; } JsonArray results = event.right().getValue(); if (results.size() == 0) { badRequest(request, "no.match"); return; } JsonArray structures = new fr.wseduc.webutils.collections.JsonArray(); if (results.size() > 1) { for (Object ob : results) { JsonObject j = (JsonObject) ob; j.remove("login"); j.remove("mobile"); if (!structures.toString().contains(j.getString("structureId"))) structures.add(j); } if (firstName != null && structures.size() == 1) badRequest(request, "non.unique.result"); else renderJson(request, new JsonObject().put("structures", structures)); return; } JsonObject match = results.getJsonObject(0); final String id = match.getString("login", ""); final String mobile = match.getString("mobile", ""); //Force mail if ("mail".equals(service)) { userAuthAccount.sendForgottenIdMail(request, id, mail, new io.vertx.core.Handler<Either<String, JsonObject>>() { public void handle(Either<String, JsonObject> event) { if (event.isLeft()) { badRequest(request, event.left().getValue()); return; } if (smsProvider != null && !smsProvider.isEmpty()) { final String obfuscatedMobile = StringValidation .obfuscateMobile(mobile); renderJson(request, new JsonObject().put("mobile", obfuscatedMobile)); } else { renderJson(request, new JsonObject()); } } }); } else if ("mobile".equals(service) && !mobile.isEmpty() && smsProvider != null && !smsProvider.isEmpty()) { eventStore.createAndStoreEvent(AuthEvent.SMS.name(), id); userAuthAccount.sendForgottenIdSms(request, id, mobile, DefaultResponseHandler.defaultResponseHandler(request)); } else { badRequest(request); } } }); } }); }
From source file:org.entcore.auth.controllers.AuthController.java
License:Open Source License
@Post("/forgot-password") public void forgotPasswordSubmit(final HttpServerRequest request) { RequestUtils.bodyToJson(request, new io.vertx.core.Handler<JsonObject>() { public void handle(JsonObject data) { final String login = data.getString("login"); final String service = data.getString("service"); final String resetCode = StringValidation.generateRandomCode(8); if (login == null || login.trim().isEmpty() || service == null || service.trim().isEmpty()) { badRequest(request, "invalid.login"); return; }//from w w w. j av a 2 s .c o m userAuthAccount.findByLogin(login, resetCode, checkFederatedLogin, new io.vertx.core.Handler<Either<String, JsonObject>>() { public void handle(Either<String, JsonObject> result) { if (result.isLeft()) { badRequest(request, result.left().getValue()); return; } if (result.right().getValue().size() == 0) { badRequest(request, "no.match"); return; } final String mail = result.right().getValue().getString("email", ""); final String mobile = result.right().getValue().getString("mobile", ""); if ("mail".equals(service)) { userAuthAccount.sendResetPasswordMail(request, mail, resetCode, DefaultResponseHandler.defaultResponseHandler(request)); } else if ("mobile".equals(service) && smsProvider != null && !smsProvider.isEmpty()) { eventStore.createAndStoreEvent(AuthEvent.SMS.name(), login); userAuthAccount.sendResetPasswordSms(request, mobile, resetCode, DefaultResponseHandler.defaultResponseHandler(request)); } else { badRequest(request, "invalid.service"); } } }); } }); }
From source file:org.entcore.auth.controllers.OpenIdConnectController.java
License:Open Source License
@Get("/openid/authenticate") public void authenticate(final HttpServerRequest request) { final OpenIdConnectServiceProvider openIdConnectServiceProvider = openIdConnectServiceProviderFactory .serviceProvider(request);//w w w . j a v a 2 s .c om if (openIdConnectServiceProvider == null) return; OpenIdConnectClient oic = openIdConnectServiceProviderFactory.openIdClient(request); if (oic == null) return; final String state = CookieHelper.getInstance().getSigned("csrfstate", request); if (state == null) { forbidden(request, "invalid_state"); return; } final String nonce = CookieHelper.getInstance().getSigned("nonce", request); if (nonce == null) { forbidden(request, "invalid_replay"); return; } oic.authorizationCodeToken(request, state, nonce, new Handler<JsonObject>() { @Override public void handle(final JsonObject payload) { if (payload != null) { log.info("payload : " + payload.encode()); openIdConnectServiceProvider.executeFederate(payload, new Handler<Either<String, Object>>() { @Override public void handle(Either<String, Object> res) { if (res.isRight() && res.right().getValue() instanceof JsonObject) { authenticate((JsonObject) res.right().getValue(), "_", payload.getString("id_token_hint"), request); } else if (subMapping && res.isLeft() && OpenIdConnectServiceProvider.UNRECOGNIZED_USER_IDENTITY .equals(res.left().getValue())) { final String p = payload.encode(); try { JsonObject params = new JsonObject().put("payload", p).put("key", HmacSha1.sign(p, signKey)); renderView(request, params, "mappingFederatedUser.html", null); } catch (Exception e) { log.error("Error loading mapping openid connect identity.", e); renderError(request); } } else { forbidden(request, "invalid.payload"); } } }); } else { forbidden(request, "invalid_token"); } } }); }
From source file:org.entcore.auth.controllers.OpenIdConnectController.java
License:Open Source License
@Post("/openid/mappingUser") public void mappingUser(final HttpServerRequest request) { final OpenIdConnectServiceProvider openIdConnectServiceProvider = openIdConnectServiceProviderFactory .serviceProvider(request);/*ww w .j a v a2 s .c o m*/ if (openIdConnectServiceProvider == null) return; if (!subMapping) { forbidden(request, "unauthorized.sub.mapping"); return; } request.setExpectMultipart(true); request.endHandler(new Handler<Void>() { @Override public void handle(Void v) { final String login = request.formAttributes().get("login"); final String password = request.formAttributes().get("password"); final String payload = request.formAttributes().get("payload"); final String key = request.formAttributes().get("key"); try { if (isEmpty(login) || isEmpty(password) || isEmpty(payload) || isEmpty(key) || !key.equals(HmacSha1.sign(payload, signKey))) { badRequest(request, "invalid.attribute"); return; } final JsonObject p = new JsonObject(payload); openIdConnectServiceProvider.mappingUser(login, password, p, new Handler<Either<String, Object>>() { @Override public void handle(Either<String, Object> event) { if (event.isRight()) { authenticate((JsonObject) event.right().getValue(), "_", p.getString("id_token_hint"), request); } else { forbidden(request, "invalid.sub.mapping"); } } }); } catch (Exception e) { log.error("Error mapping OpenId Connect user.", e); badRequest(request, "invalid.attribute"); } } }); }
From source file:org.entcore.auth.controllers.OpenIdConnectController.java
License:Open Source License
@Override protected void afterDropSession(JsonObject meta, HttpServerRequest request, UserInfos user, String c) { OpenIdConnectClient oic = openIdConnectServiceProviderFactory.openIdClient(request); if (oic != null && meta != null && isNotEmpty(meta.getString("NameID"))) { String callback = oic.logoutUri(UUID.randomUUID().toString(), meta.getString("NameID"), c); AuthController.logoutCallback(request, callback, config, eb); } else {/*from w w w .j av a 2 s . c o m*/ AuthController.logoutCallback(request, c, config, eb); } }
From source file:org.entcore.auth.controllers.SamlController.java
License:Open Source License
@Override public void init(Vertx vertx, JsonObject config, RouteMatcher rm, Map<String, fr.wseduc.webutils.security.SecuredAction> securedActions) { super.init(vertx, config, rm, securedActions); // load soft-slo property : true = normal slo, false = redirect instead of slo softSlo = config.getBoolean("soft-slo", false); federatedAuthenticateError = config.getBoolean("federated-authenticate-error", false); // load nameQualifierRegex (in-case mongoDb NameId format change) String nameQualifierRegex = config.getString("nameQualifierRegex"); if (nameQualifierRegex != null && !nameQualifierRegex.trim().isEmpty()) { if (log.isDebugEnabled()) { log.debug("Using nameQualifierRegex specified : " + nameQualifierRegex); }/*w w w . j a v a2s.co m*/ this.NAME_QUALIFIER_REGEXP = nameQualifierRegex; } else { if (log.isDebugEnabled()) { log.debug("Using default nameQualifierRegex : " + NAME_QUALIFIER_REGEXP); } } }
From source file:org.entcore.auth.controllers.SamlController.java
License:Open Source License
@Get("/saml/wayf") public void wayf(HttpServerRequest request) { if (samlWayfParams != null) { if (samlWayfMustacheFormat == null) { final JsonArray wmf = new fr.wseduc.webutils.collections.JsonArray(); for (String attr : samlWayfParams.fieldNames()) { JsonObject i = samlWayfParams.getJsonObject(attr); if (i == null) continue; final String acs = i.getString("acs"); if (isEmpty(acs)) continue; URI uri;//from w w w. jav a2 s . c om try { uri = new URI(acs); } catch (URISyntaxException e) { log.error("Invalid acs URI", e); continue; } JsonObject o = new JsonObject().put("name", attr).put("uri", uri.getScheme() + "://" + uri.getHost() + (attr.startsWith("login") ? "/auth/login" : "/auth/saml/authn/" + attr)); wmf.add(o); } samlWayfMustacheFormat = new JsonObject().put("providers", wmf); } String callBack = request.params().get("callBack"); final JsonObject swmf; if (isNotEmpty(callBack) && (ignoreCallBackPattern == null || !callBack.matches(ignoreCallBackPattern))) { try { callBack = URLEncoder.encode(callBack, "UTF-8"); } catch (UnsupportedEncodingException e) { log.error("Error encode wayf callback.", e); } swmf = samlWayfMustacheFormat.copy(); for (Object o : swmf.getJsonArray("providers")) { if (!(o instanceof JsonObject)) continue; final String uri = ((JsonObject) o).getString("uri"); if (isNotEmpty(uri) && !uri.contains("callBack")) { ((JsonObject) o).put("uri", uri + (uri.contains("?") ? "&" : "?") + "callBack=" + callBack); } } } else { swmf = samlWayfMustacheFormat; } renderView(request, swmf, "wayf.html", null); } else { request.response().setStatusCode(401).setStatusMessage("Unauthorized") .putHeader("content-type", "text/html").end(DefaultPages.UNAUTHORIZED.getPage()); } }