Ejemplo n.º 1
0
    def createClient(self, context):
        registerRequest = context.getRegisterRequest()
        configurationAttributes = context.getConfigurationAttibutes()
        client = context.getClient()

        print "Casa client registration. CreateClient method"
        redirectUris = client.getRedirectUris()
        print "Casa client registration. Redirect Uris: %s" % redirectUris

        credManagerClient = False
        for redirectUri in redirectUris:
            if self.clientRedirectUrisSet.contains(redirectUri):
                credManagerClient = True
                break
        
        if not credManagerClient:
            return True

        print "Casa client registration. Client is Janssen Casa"
        self.setClientScopes(client, configurationAttributes.get("scopes"))
        #Extend client lifetime for one year
        cal=GregorianCalendar()
        cal.add(1,10)
        client.setClientSecretExpiresAt(Date(cal.getTimeInMillis()))
        client.setTrustedClient(True)
        return True
Ejemplo n.º 2
0
    def updateClient(self, registerRequest, client, configurationAttributes):
        print "Casa client registration. UpdateClient method"

        redirectUris = client.getRedirectUris()
        print "Casa client registration. Redirect Uris: %s" % redirectUris

        credManagerClient = False
        for redirectUri in redirectUris:
            if (self.clientRedirectUrisSet.contains(redirectUri)):
                credManagerClient = True
                break

        if not credManagerClient:
            return True

        print "Casa client registration. Client is Cred-manager"

        newScopes = client.getScopes()

        scopeService = CdiUtil.bean(ScopeService)

        requiredScopes = [
            "openid", "profile", "user_name", "clientinfo", "uma_protection"
        ]
        for scopeName in requiredScopes:
            scope = scopeService.getScopeByDisplayName(scopeName)
            if not scope.getIsDefault():
                print "Casa client registration. Adding scope '%s'" % scopeName
                newScopes = ArrayHelper.addItemToStringArray(
                    newScopes, scope.getDn())

        print "Casa client registration. Result scopes: %s" % newScopes
        client.setScopes(newScopes)

        #Extend client lifetime for one year
        cal = GregorianCalendar()
        cal.add(1, 1)
        client.setClientSecretExpiresAt(Date(cal.getTimeInMillis()))
        #this style complains:  client.setClientSecretExpiresAt(Date(Date().getTime + 31536000000))

        return True
Ejemplo n.º 3
0
    def createClient(self, registerRequest, client, configurationAttributes):

        print "Casa client registration. CreateClient method"
        redirectUris = client.getRedirectUris()
        print "Casa client registration. Redirect Uris: %s" % redirectUris

        credManagerClient = False
        for redirectUri in redirectUris:
            if self.clientRedirectUrisSet.contains(redirectUri):
                credManagerClient = True
                break
        
        if not credManagerClient:
            return True

        print "Casa client registration. Client is Gluu Casa"
        self.setClientScopes(client, configurationAttributes.get("scopes"))
        #Extend client lifetime for one year
        cal=GregorianCalendar()
        cal.add(1,1)
        client.setClientSecretExpiresAt(Date(cal.getTimeInMillis()))
        return True
Ejemplo n.º 4
0
    def authenticate(self, configurationAttributes, requestParameters, step):
        authenticationService = CdiUtil.bean(AuthenticationService)
        userService = CdiUtil.bean(UserService)

        identity = CdiUtil.bean(Identity)
        credentials = identity.getCredentials()
        if step == 1:
            print "Basic (with password update). Authenticate for step 1"
            user_name = credentials.getUsername()
            user_password = credentials.getPassword()

            logged_in = False
            if StringHelper.isNotEmptyString(
                    user_name) and StringHelper.isNotEmptyString(
                        user_password):
                logged_in = authenticationService.authenticate(
                    user_name, user_password)

            if not logged_in:
                return False

            find_user_by_uid = authenticationService.getAuthenticatedUser()
            user_expDate = find_user_by_uid.getAttribute(
                "oxPasswordExpirationDate", False)

            if user_expDate == None:
                print "Basic (with password update). Authenticate for step 1. User has no oxPasswordExpirationDate date"
                return False

            dt = StaticUtils.decodeGeneralizedTime(user_expDate)

            # Get Current Date
            calendar = GregorianCalendar(TimeZone.getTimeZone("UTC"))
            now = calendar.getTime()
            if now.compareTo(dt) > 0:
                # Add 90 Days to current date
                calendar.setTime(now)
                calendar.add(calendar.DATE, 90)
                dt_plus_90 = calendar.getTime()
                expDate = StaticUtils.encodeGeneralizedTime(dt_plus_90)
                identity.setWorkingParameter("expDate", expDate)

            return True
        elif step == 2:
            print "Basic (with password update). Authenticate for step 2"
            user = authenticationService.getAuthenticatedUser()
            if user == None:
                print "Basic (with password update). Authenticate for step 2. Failed to determine user name"
                return False

            user_name = user.getUserId()
            find_user_by_uid = userService.getUser(user_name)
            newExpDate = identity.getWorkingParameter("expDate")

            if find_user_by_uid == None:
                print "Basic (with password update). Authenticate for step 2. Failed to find user"
                return False

            print "Basic (with password update). Authenticate for step 2"
            update_button = requestParameters.get("loginForm:updateButton")

            if ArrayHelper.isEmpty(update_button):
                return True

            find_user_by_uid.setAttribute("oxPasswordExpirationDate",
                                          newExpDate)
            new_password_array = requestParameters.get("new_password")
            if ArrayHelper.isEmpty(new_password_array) or StringHelper.isEmpty(
                    new_password_array[0]):
                print "Basic (with password update). Authenticate for step 2. New password is empty"
                return False

            new_password = new_password_array[0]
            find_user_by_uid.setAttribute("userPassword", new_password)
            print "Basic (with password update). Authenticate for step 2. Attempting to set new user '%s' password" % user_name

            userService.updateUser(find_user_by_uid)
            print "Basic (with password update). Authenticate for step 2. Password updated successfully"

            return True
        else:
            return False