Skip to content

Commit

Permalink
Fix #759
Browse files Browse the repository at this point in the history
  • Loading branch information
pavel.stastny committed Jun 29, 2020
1 parent 036e4ab commit 82a48a6
Show file tree
Hide file tree
Showing 38 changed files with 1,350 additions and 832 deletions.
58 changes: 58 additions & 0 deletions ...ters/src/main/java/cz/incad/kramerius/auth/mochshib/MockHTTPServletInvocationHandler.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
package cz.incad.kramerius.auth.mochshib;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.util.*;

public class MockHTTPServletInvocationHandler implements InvocationHandler{

public static class EmbeddedEnumeration implements Enumeration<String>{
private HttpServletRequest request;
private Hashtable<String,String> table;

private List<String> list = new ArrayList<>();
public EmbeddedEnumeration(HttpServletRequest request, Hashtable<String, String> table) {
this.request = request;
this.table = table;
Enumeration headerNames = request.getHeaderNames();
while(headerNames.hasMoreElements()) list.add((String) headerNames.nextElement());
Enumeration tableKeys = table.keys();
while(tableKeys.hasMoreElements()) list.add((String) tableKeys.nextElement());
}

@Override
public boolean hasMoreElements() {
return !this.list.isEmpty();
}

@Override
public String nextElement() {
return this.list.remove(0);
}
}

private Hashtable<String, String> attributes = new Hashtable<>();
private HttpServletRequest request;

public MockHTTPServletInvocationHandler(Hashtable<String, String> attributes, HttpServletRequest request) {
this.attributes = attributes;
this.request = request;
}

@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {

String methodName = method.getName();
if (methodName.equals("getHeaderNames")) {
return new EmbeddedEnumeration(this.request, this.attributes);
}
if (methodName.equals("getHeader")) {
String param = (String) args[0];
String header = this.request.getHeader(param);
if (header != null && !header.trim().equals("")) return header;
else return this.attributes.get(param);
}
return method.invoke(this.request, args);
}
}
54 changes: 54 additions & 0 deletions authfilters/src/main/java/cz/incad/kramerius/auth/mochshib/MockShibFilter.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
package cz.incad.kramerius.auth.mochshib;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.lang.reflect.Proxy;
import java.util.Hashtable;
import java.util.logging.Level;

public class MockShibFilter implements Filter {

public static boolean ENABLED = true;

public static final Hashtable<String,String> shibTable = new Hashtable<>();
static {
shibTable.put("shib-session-id", "_dd68cbd66641c9b647b05509ac0241f7");
shibTable.put("shib-session-index", "_36e3755e67acdeaf1b8b6f7ebebecdeb3abd6ddc98");
shibTable.put("shib-session-expires", "1592847906");
shibTable.put("shib-identity-provider", "https://shibboleth.mzk.cz/simplesaml/metadata.xml");
shibTable.put("shib-authentication-method", "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
shibTable.put("shib-handler", "https://dnnt.mzk.cz/Shibboleth.sso");
//remote_user = [email protected]
shibTable.put("remote_user", "[email protected]");
//affiliation = [email protected];[email protected];[email protected]
shibTable.put("affilation","[email protected];[email protected];[email protected]");
shibTable.put("edupersonuniqueid","[email protected]");
}



@Override
public void init(FilterConfig filterConfig) throws ServletException {

}

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
String shib = servletRequest.getParameter("shib");
if (shib != null && !shib.trim().equals("")) {
ENABLED = false;
}
if (ENABLED) {
HttpServletRequest httpReq = (HttpServletRequest) servletRequest;
Object o = Proxy.newProxyInstance(servletRequest.getClass().getClassLoader(), new Class[]{HttpServletRequest.class}, new MockHTTPServletInvocationHandler(shibTable, httpReq));
filterChain.doFilter((ServletRequest) o, servletResponse);
} else {
filterChain.doFilter(servletRequest, servletResponse);
}

}

@Override
public void destroy() { }
}
6 changes: 6 additions & 0 deletions authfilters/src/main/java/cz/incad/kramerius/auth/thirdparty/UsersWrapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@

import org.json.JSONObject;

import java.util.Set;

/**
* Represents third party authenticated user
* @author pavels
Expand All @@ -21,6 +23,10 @@ public interface UsersWrapper {
*/
public String getProperty(String key);

public Set<String> getPropertyKeys();



/**
* Returns json representation
* @param pass
Expand Down
8 changes: 8 additions & 0 deletions ...ers/src/main/java/cz/incad/kramerius/auth/thirdparty/impl/AbstractAuthenticatedUsers.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@

import java.security.Principal;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
Expand Down Expand Up @@ -97,6 +99,12 @@ public synchronized String storeUserPropertiesToSession(HttpServletRequest req,
req.getSession().setAttribute(UserUtils.FIRST_NAME_KEY, wrapper.getProperty(UserUtils.FIRST_NAME_KEY));
req.getSession().setAttribute(UserUtils.LAST_NAME_KEY, wrapper.getProperty(UserUtils.LAST_NAME_KEY));

wrapper.getPropertyKeys().stream().filter(it -> !it.equals(UserUtils.FIRST_NAME_KEY) && !it.equals(UserUtils.LAST_NAME_KEY)).forEach(it-> {
String property = wrapper.getProperty(it);

req.getSession().setAttribute(UserUtils.THIRD_PARTY_SESSION_PARAMS +it, wrapper.getProperty(it));
});

return password;
}

Expand Down
8 changes: 5 additions & 3 deletions ...s/src/main/java/cz/incad/kramerius/auth/thirdparty/shibb/impl/ShibAuthenticatedUsers.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ protected String readShibbolethConfigFile() throws Exception {
}

public ShibbolethUserWrapper createUserWrapper(HttpServletRequest req, String userName) throws Exception {
LOGGER.fine(String.format("---------- Shibboleth user %s -----------------", userName));
ShibbolethUserWrapper wrap = new ShibbolethUserWrapper(userName);
ClientShibbolethContext ctx = new ClientShibbolethContext(req, wrap);

Expand All @@ -47,10 +48,8 @@ public ShibbolethUserWrapper createUserWrapper(HttpServletRequest req, String us
ShibRuleParser shibRuleParser = new ShibRuleParser(shibRuleLexer);

ShibRules shibRules = shibRuleParser.shibRules();
LOGGER.fine("shib rules parsed and trying to evaluate");

shibRules.evaluate(ctx);
LOGGER.fine("shib rules evaluated");
LOGGER.fine(String.format("---------- Shibboleth user evaluated -----------------"));
return wrap;
}

Expand All @@ -72,6 +71,9 @@ public String calculateUserName(HttpServletRequest request) {
uname = request.getRemoteUser();
} else {
uname = request.getHeader("REMOTE_USER");
if (uname == null) {
uname = request.getHeader("remote_user");
}
}
if (uname != null) {
return SHIBBOLETH_USER_PREFIX+"_"+uname;
Expand Down
Loading

0 comments on commit 82a48a6

Please sign in to comment.