Package io.vertigo.vega.plugins.authentication.keycloak

Class KeycloakWebAuthenticationPlugin

java.lang.Object

io.vertigo.vega.plugins.authentication.keycloak.KeycloakWebAuthenticationPlugin

All Implemented Interfaces:

io.vertigo.core.node.component.CoreComponent, io.vertigo.core.node.component.Plugin, WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

public class KeycloakWebAuthenticationPlugin
extends Object
implements WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

This class provides workflow for authenticating Vertigo users with a keycloak server using OpenIdConnect protocol. It wraps official keycloack servlet filter KeycloakOIDCFilter for compatibility with Vertigo

Author:

mlaroche, skerdudou

Constructor Summary

Constructors

Constructor	Description
KeycloakWebAuthenticationPlugin(Optional<String> urlPrefixOpt, Optional<String> urlHandlerPrefixOpt, Optional<String> connectorNameOpt, Optional<String> postUrlRedirectOpt, List<io.vertigo.connectors.keycloak.KeycloakDeploymentConnector> keycloakDeploymentConnectors, VSecurityManager securityManager)

Method Summary

Modifier and Type	Method	Description
AuthenticationResult<org.keycloak.KeycloakPrincipal>	doHandleCallback(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Handle the callback request after login on the sso
io.vertigo.core.lang.Tuple<AuthenticationResult<org.keycloak.KeycloakPrincipal>,javax.servlet.http.HttpServletRequest>	doInterceptRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
boolean	doLogout(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
void	doRedirectToSso(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Handle the redirect to the sso login page
String	getCallbackUrl()	Returns the url for callback
Optional<String>	getExternalUrlOptional()	Return an optional external url of the application (if it is behind a firewall or a proxy)
String	getLogoutUrl()	Returns the url for logout
Optional<String>	getRequestedUri(javax.servlet.http.HttpServletRequest httpRequest)	Return the original request a user wanted before beeing redirected to the sso
String	getUrlHandlerPrefix()	Url prefix of request directly handled by the plugin
Map<String,BiFunction<javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,io.vertigo.core.lang.Tuple<Boolean,javax.servlet.http.HttpServletRequest>>>	getUrlHandlers()	Register additionnal handler for specific request necessary for the plugin
String	getUrlPrefix()	Url prefix of urls that are protected with this authentication plugin

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

KeycloakWebAuthenticationPlugin

@Inject
public KeycloakWebAuthenticationPlugin(Optional<String> urlPrefixOpt,
                                       Optional<String> urlHandlerPrefixOpt,
                                       Optional<String> connectorNameOpt,
                                       Optional<String> postUrlRedirectOpt,
                                       List<io.vertigo.connectors.keycloak.KeycloakDeploymentConnector> keycloakDeploymentConnectors,
                                       VSecurityManager securityManager)

Method Detail

getUrlPrefix

public String getUrlPrefix()

Url prefix of urls that are protected with this authentication plugin

Specified by:

getUrlPrefix in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Returns:

the prefix

getUrlHandlerPrefix

public String getUrlHandlerPrefix()

Url prefix of request directly handled by the plugin

Specified by:

getUrlHandlerPrefix in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Returns:

the prefix

getCallbackUrl

public String getCallbackUrl()

Returns the url for callback

Specified by:

getCallbackUrl in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Returns:

url for callback

getLogoutUrl

public String getLogoutUrl()

Returns the url for logout

Specified by:

getLogoutUrl in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Returns:

url for logout

getExternalUrlOptional

public Optional<String> getExternalUrlOptional()

Return an optional external url of the application (if it is behind a firewall or a proxy)

Specified by:

getExternalUrlOptional in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Returns:

the external url of the app : as seen by the end user

doHandleCallback

public AuthenticationResult<org.keycloak.KeycloakPrincipal> doHandleCallback(javax.servlet.http.HttpServletRequest request,
                                                                             javax.servlet.http.HttpServletResponse response)

Description copied from interface: WebAuthenticationPlugin

Handle the callback request after login on the sso

Specified by:

doHandleCallback in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Parameters:

request - the request

response - the response to consume

Returns:

result of login challenge, providing info of the logged in user

doInterceptRequest

public io.vertigo.core.lang.Tuple<AuthenticationResult<org.keycloak.KeycloakPrincipal>,javax.servlet.http.HttpServletRequest> doInterceptRequest(javax.servlet.http.HttpServletRequest request,
                                                                                                                                                       javax.servlet.http.HttpServletResponse response)

Specified by:

doInterceptRequest in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

doRedirectToSso

public void doRedirectToSso(javax.servlet.http.HttpServletRequest request,
                            javax.servlet.http.HttpServletResponse response)

Description copied from interface: WebAuthenticationPlugin

Handle the redirect to the sso login page

Specified by:

doRedirectToSso in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Parameters:

request - the request

response - the response to consume

doLogout

public boolean doLogout(javax.servlet.http.HttpServletRequest httpRequest,
                        javax.servlet.http.HttpServletResponse httpResponse)

Specified by:

doLogout in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

getUrlHandlers

public Map<String,BiFunction<javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,io.vertigo.core.lang.Tuple<Boolean,javax.servlet.http.HttpServletRequest>>> getUrlHandlers()

Description copied from interface: WebAuthenticationPlugin

Register additionnal handler for specific request necessary for the plugin

Specified by:

getUrlHandlers in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Returns:

le map of specific handlers

getRequestedUri

public Optional<String> getRequestedUri(javax.servlet.http.HttpServletRequest httpRequest)

Description copied from interface: WebAuthenticationPlugin

Return the original request a user wanted before beeing redirected to the sso

Specified by:

getRequestedUri in interface WebAuthenticationPlugin<org.keycloak.KeycloakPrincipal>

Parameters:

httpRequest - the request

Returns:

the uri