def createClient(self, context):
registerRequest = context.getRegisterRequest()
configurationAttributes = context.getConfigurationAttibutes()
client = context.getClient()
print "Casa client registration. CreateClient method"
redirectUris = client.getRedirectUris()
print "Casa client registration. Redirect Uris: %s" % redirectUris
credManagerClient = False
for redirectUri in redirectUris:
if self.clientRedirectUrisSet.contains(redirectUri):
credManagerClient = True
break
if not credManagerClient:
return True
print "Casa client registration. Client is Janssen Casa"
self.setClientScopes(client, configurationAttributes.get("scopes"))
#Extend client lifetime for one year
cal=GregorianCalendar()
cal.add(1,10)
client.setClientSecretExpiresAt(Date(cal.getTimeInMillis()))
client.setTrustedClient(True)
return True
def updateClient(self, registerRequest, client, configurationAttributes):
print "Casa client registration. UpdateClient method"
redirectUris = client.getRedirectUris()
print "Casa client registration. Redirect Uris: %s" % redirectUris
credManagerClient = False
for redirectUri in redirectUris:
if (self.clientRedirectUrisSet.contains(redirectUri)):
credManagerClient = True
break
if not credManagerClient:
return True
print "Casa client registration. Client is Cred-manager"
newScopes = client.getScopes()
scopeService = CdiUtil.bean(ScopeService)
requiredScopes = [
"openid", "profile", "user_name", "clientinfo", "uma_protection"
]
for scopeName in requiredScopes:
scope = scopeService.getScopeByDisplayName(scopeName)
if not scope.getIsDefault():
print "Casa client registration. Adding scope '%s'" % scopeName
newScopes = ArrayHelper.addItemToStringArray(
newScopes, scope.getDn())
print "Casa client registration. Result scopes: %s" % newScopes
client.setScopes(newScopes)
#Extend client lifetime for one year
cal = GregorianCalendar()
cal.add(1, 1)
client.setClientSecretExpiresAt(Date(cal.getTimeInMillis()))
#this style complains: client.setClientSecretExpiresAt(Date(Date().getTime + 31536000000))
return True
def createClient(self, registerRequest, client, configurationAttributes):
print "Casa client registration. CreateClient method"
redirectUris = client.getRedirectUris()
print "Casa client registration. Redirect Uris: %s" % redirectUris
credManagerClient = False
for redirectUri in redirectUris:
if self.clientRedirectUrisSet.contains(redirectUri):
credManagerClient = True
break
if not credManagerClient:
return True
print "Casa client registration. Client is Gluu Casa"
self.setClientScopes(client, configurationAttributes.get("scopes"))
#Extend client lifetime for one year
cal=GregorianCalendar()
cal.add(1,1)
client.setClientSecretExpiresAt(Date(cal.getTimeInMillis()))
return True
def authenticate(self, configurationAttributes, requestParameters, step):
authenticationService = CdiUtil.bean(AuthenticationService)
userService = CdiUtil.bean(UserService)
identity = CdiUtil.bean(Identity)
credentials = identity.getCredentials()
if step == 1:
print "Basic (with password update). Authenticate for step 1"
user_name = credentials.getUsername()
user_password = credentials.getPassword()
logged_in = False
if StringHelper.isNotEmptyString(
user_name) and StringHelper.isNotEmptyString(
user_password):
logged_in = authenticationService.authenticate(
user_name, user_password)
if not logged_in:
return False
find_user_by_uid = authenticationService.getAuthenticatedUser()
user_expDate = find_user_by_uid.getAttribute(
"oxPasswordExpirationDate", False)
if user_expDate == None:
print "Basic (with password update). Authenticate for step 1. User has no oxPasswordExpirationDate date"
return False
dt = StaticUtils.decodeGeneralizedTime(user_expDate)
# Get Current Date
calendar = GregorianCalendar(TimeZone.getTimeZone("UTC"))
now = calendar.getTime()
if now.compareTo(dt) > 0:
# Add 90 Days to current date
calendar.setTime(now)
calendar.add(calendar.DATE, 90)
dt_plus_90 = calendar.getTime()
expDate = StaticUtils.encodeGeneralizedTime(dt_plus_90)
identity.setWorkingParameter("expDate", expDate)
return True
elif step == 2:
print "Basic (with password update). Authenticate for step 2"
user = authenticationService.getAuthenticatedUser()
if user == None:
print "Basic (with password update). Authenticate for step 2. Failed to determine user name"
return False
user_name = user.getUserId()
find_user_by_uid = userService.getUser(user_name)
newExpDate = identity.getWorkingParameter("expDate")
if find_user_by_uid == None:
print "Basic (with password update). Authenticate for step 2. Failed to find user"
return False
print "Basic (with password update). Authenticate for step 2"
update_button = requestParameters.get("loginForm:updateButton")
if ArrayHelper.isEmpty(update_button):
return True
find_user_by_uid.setAttribute("oxPasswordExpirationDate",
newExpDate)
new_password_array = requestParameters.get("new_password")
if ArrayHelper.isEmpty(new_password_array) or StringHelper.isEmpty(
new_password_array[0]):
print "Basic (with password update). Authenticate for step 2. New password is empty"
return False
new_password = new_password_array[0]
find_user_by_uid.setAttribute("userPassword", new_password)
print "Basic (with password update). Authenticate for step 2. Attempting to set new user '%s' password" % user_name
userService.updateUser(find_user_by_uid)
print "Basic (with password update). Authenticate for step 2. Password updated successfully"
return True
else:
return False