keycloakjar.org.apache.hc.client5.http.impl.DefaultUserTokenHandler Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of camunda-platform-7-keycloak-all Show documentation
Show all versions of camunda-platform-7-keycloak-all Show documentation
Camunda 7 Keycloak Identity Provider Plugin including all transitive dependencies
/*
* ====================================================================
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
*
* DefaultUserTokenHandler will use the user principal of connection
* based authentication schemes such as NTLM or that of the SSL session
* with the client authentication turned on. If both are unavailable,
* {@code null} token will be returned.
*
*
* @since 4.0
*/
@Contract(threading = ThreadingBehavior.STATELESS)
public class DefaultUserTokenHandler implements UserTokenHandler {
public static final DefaultUserTokenHandler INSTANCE = new DefaultUserTokenHandler();
@Override
public Object getUserToken(final HttpRoute route, final HttpContext context) {
return getUserToken(route, null, context);
}
@Override
public Object getUserToken(final HttpRoute route, final HttpRequest request, final HttpContext context) {
final HttpClientContext clientContext = HttpClientContext.adapt(context);
final HttpHost target = request != null ? new HttpHost(request.getScheme(), request.getAuthority()) : route.getTargetHost();
final AuthExchange targetAuthExchange = clientContext.getAuthExchange(target);
if (targetAuthExchange != null) {
final Principal authPrincipal = getAuthPrincipal(targetAuthExchange);
if (authPrincipal != null) {
return authPrincipal;
}
}
final HttpHost proxy = route.getProxyHost();
if (proxy != null) {
final AuthExchange proxyAuthExchange = clientContext.getAuthExchange(proxy);
if (proxyAuthExchange != null) {
final Principal authPrincipal = getAuthPrincipal(proxyAuthExchange);
if (authPrincipal != null) {
return authPrincipal;
}
}
}
final SSLSession sslSession = clientContext.getSSLSession();
if (sslSession != null) {
return sslSession.getLocalPrincipal();
}
return null;
}
private static Principal getAuthPrincipal(final AuthExchange authExchange) {
final AuthScheme scheme = authExchange.getAuthScheme();
if (scheme != null && scheme.isConnectionBased()) {
return scheme.getPrincipal();
}
return null;
}
}