All Downloads are FREE. Search and download functionalities are using the official Maven repository.
  • Log In
  • Register

    • org.apereo.cas.pac4j.web.DelegatedClientOidcSessionManager Maven / Gradle / Ivy

    There is a newer version: 7.2.0-RC3
    Show newest version
    package org.apereo.cas.pac4j.web;

import org.apereo.cas.support.pac4j.authentication.clients.DelegatedClientSessionManager;
import org.apereo.cas.ticket.TransientSessionTicket;
import org.apereo.cas.web.flow.DelegatedClientAuthenticationConfigurationContext;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import lombok.val;
import org.apache.commons.lang3.StringUtils;
import org.pac4j.core.client.Client;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.oauth.client.OAuth10Client;
import org.pac4j.oauth.client.OAuth20Client;
import org.pac4j.oidc.client.OidcClient;
import org.springframework.beans.factory.ObjectProvider;
import java.util.List;

/**
 * This is {@link org.apereo.cas.pac4j.web.DelegatedClientOidcSessionManager}.
 *
 * @author Misagh Moayyed
 * @since 7.1.0
 */
@RequiredArgsConstructor
@Slf4j
public class DelegatedClientOidcSessionManager implements DelegatedClientSessionManager {
    private static final String OIDC_CLIENT_ID_SESSION_KEY = "OIDC_CLIENT_ID";

    private static final String OAUTH20_CLIENT_ID_SESSION_KEY = "OAUTH20_CLIENT_ID";


    private static final List SESSION_KEYS = List.of(OIDC_CLIENT_ID_SESSION_KEY, OAUTH20_CLIENT_ID_SESSION_KEY);

    private final ObjectProvider contextProvider;

    @Override
    public void trackIdentifier(final WebContext webContext, final TransientSessionTicket ticket, final Client client) {
        if (client instanceof final OAuth20Client instance) {
            trackSessionIdForOAuth20Client(webContext, instance, ticket);
        }
        if (client instanceof final OidcClient instance) {
            trackSessionIdForOidcClient(webContext, instance, ticket);
        }
    }

    @Override
    public boolean supports(final Client client) {
        return client instanceof OAuth20Client || client instanceof OidcClient || client instanceof OAuth10Client;
    }

    @Override
    public String retrieveIdentifier(final WebContext webContext, final Client client) {
        for (val sessionKey : SESSION_KEYS) {
            val clientId = getSessionStore().get(webContext, sessionKey);
            if (clientId.isPresent()) {
                LOGGER.trace("Found client id [{}] for key [{}]", clientId, sessionKey);
                getSessionStore().set(webContext, sessionKey, null);
                return clientId.map(Object::toString).orElse(StringUtils.EMPTY);
            }
        }
        return StringUtils.EMPTY;
    }

    private SessionStore getSessionStore() {
        return contextProvider.getObject().getSessionStore();
    }

    protected void trackSessionIdForOidcClient(final WebContext webContext, final OidcClient client,
                                               final TransientSessionTicket ticket) {
        getSessionStore().set(webContext, OIDC_CLIENT_ID_SESSION_KEY, ticket.getId());
    }

    protected void trackSessionIdForOAuth20Client(final WebContext webContext,
                                                  final OAuth20Client client,
                                                  final TransientSessionTicket ticket) {
        getSessionStore().set(webContext, OAUTH20_CLIENT_ID_SESSION_KEY, ticket.getId());
    }
}




    © 2015 - 2025 Weber Informatics LLC | Privacy Policy