Skip to content

Commit

Permalink
authentication providers configuration
Browse files Browse the repository at this point in the history
  • Loading branch information
@katkav
katkav committed Jul 27, 2023
1 parent 64eccab commit 8df1a3f
Show file tree
Hide file tree
Showing 36 changed files with 127 additions and 73 deletions.
13 changes: 6 additions & 7 deletions ...evolveum/midpoint/authentication/impl/factory/module/AbstractCredentialModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ public abstract class AbstractCredentialModuleFactory<
@Override
public abstract boolean match(AbstractAuthenticationModuleType moduleType, AuthenticationChannel authenticationChannel);

@Override
public AuthModule<MA> createModuleFilter(
MT moduleType,
String sequenceSuffix,
Expand Down Expand Up @@ -149,14 +148,14 @@ private String getCredentialAuthModuleIdentifier(AbstractCredentialAuthenticatio
return StringUtils.isNotEmpty(module.getIdentifier()) ? module.getIdentifier() : module.getName();
}

protected abstract MA createEmptyModuleAuthentication(
MT moduleType, C configuration, AuthenticationSequenceModuleType sequenceModule, ServletRequest request);
// protected abstract MA createEmptyModuleAuthentication(
// MT moduleType, C configuration, AuthenticationSequenceModuleType sequenceModule, ServletRequest request);


protected abstract CA createModuleConfigurer(MT moduleType,
String sequenceSuffix,
AuthenticationChannel authenticationChannel,
ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request);
// protected abstract CA createModuleConfigurer(MT moduleType,
// String sequenceSuffix,
// AuthenticationChannel authenticationChannel,
// ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request);


protected abstract AuthenticationProvider createProvider(CredentialPolicyType usedPolicy);
Expand Down
10 changes: 4 additions & 6 deletions .../java/com/evolveum/midpoint/authentication/impl/factory/module/AbstractModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,11 +70,6 @@ public ObjectPostProcessor<Object> getObjectObjectPostProcessor() {

public abstract boolean match(AbstractAuthenticationModuleType moduleType, AuthenticationChannel authenticationChannel);

public abstract AuthModule<MA> createModuleFilter(MT moduleType, String sequenceSuffix,
ServletRequest request, Map<Class<?>, Object> sharedObjects,
AuthenticationModulesType authenticationsPolicy, CredentialsPolicyType credentialPolicy,
AuthenticationChannel authenticationChannel, AuthenticationSequenceModuleType sequenceModule) throws Exception;

@Override
public AuthModule<MA> createAuthModule(MT moduleType, String sequenceSuffix,
ServletRequest request, Map<Class<?>, Object> sharedObjects,
Expand All @@ -88,9 +83,12 @@ public AuthModule<MA> createAuthModule(MT moduleType, String sequenceSuffix,
// configuration.addAuthenticationProvider(
// getProvider((AbstractCredentialAuthenticationModuleType) moduleType, credentialPolicy));

CA configurer = createModuleConfigurer(moduleType, sequenceSuffix, authenticationChannel, getObjectObjectPostProcessor(), request);
// configurer.addAuthenticationProvider(
// getProvider((AbstractCredentialAuthenticationModuleType) moduleType, credentialPolicy));

CA moduleConfigurer = getObjectObjectPostProcessor()
.postProcess(createModuleConfigurer(moduleType, sequenceSuffix, authenticationChannel, getObjectObjectPostProcessor(), request));
.postProcess(configurer);

HttpSecurity http = moduleConfigurer.getNewHttpSecurity();
http.addFilterAfter(new RefuseUnauthenticatedRequestFilter(), SwitchUserFilter.class);
Expand Down
4 changes: 3 additions & 1 deletion ...evolveum/midpoint/authentication/impl/factory/module/ArchetypeSelectionModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,9 @@ protected ArchetypeSelectionModuleWebSecurityConfigurer<LoginFormModuleWebSecuri
String sequenceSuffix,
AuthenticationChannel authenticationChannel,
ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new ArchetypeSelectionModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new ArchetypeSelectionModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix,
authenticationChannel, objectPostProcessor, request,
new ArchetypeSelectionAuthenticationProvider());
// return null;
}

Expand Down
4 changes: 3 additions & 1 deletion ...lveum/midpoint/authentication/impl/factory/module/AttributeVerificationModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,9 @@ protected AttributeVerificationModuleWebSecurityConfigurer<LoginFormModuleWebSec
String sequenceSuffix,
AuthenticationChannel authenticationChannel,
ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new AttributeVerificationModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new AttributeVerificationModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix,
authenticationChannel, objectPostProcessor, request,
new AttributeVerificationProvider());
// return null;
}

Expand Down
4 changes: 3 additions & 1 deletion ...om/evolveum/midpoint/authentication/impl/factory/module/CorrelationModuleFactoryImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected CorrelationModuleWebSecurityConfigurer<LoginFormModuleWebSecurityConfiguration> createModuleConfigurer(CorrelationAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new CorrelationModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new CorrelationModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new CorrelationProvider());
}

@Override
Expand Down
4 changes: 3 additions & 1 deletion ...eum/midpoint/authentication/impl/factory/module/FocusIdentificationModuleFactoryImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected FocusIdentificationModuleWebSecurityConfigurer<LoginFormModuleWebSecurityConfiguration> createModuleConfigurer(FocusIdentificationAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new FocusIdentificationModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new FocusIdentificationModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new FocusIdentificationProvider());
}

@Override
Expand Down
4 changes: 3 additions & 1 deletion ...veum/midpoint/authentication/impl/factory/module/HintAuthenticationModuleFactoryImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected HintModuleWebSecurityConfigurer<LoginFormModuleWebSecurityConfiguration> createModuleConfigurer(HintAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new HintModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new HintModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new HintAuthenticationProvider());
}

@Override
Expand Down
4 changes: 3 additions & 1 deletion ...java/com/evolveum/midpoint/authentication/impl/factory/module/HttpBasicModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected HttpBasicModuleWebSecurityConfigurer createModuleConfigurer(HttpBasicAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new HttpBasicModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new HttpBasicModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new PasswordProvider());
}

@Override
Expand Down
5 changes: 3 additions & 2 deletions ...va/com/evolveum/midpoint/authentication/impl/factory/module/HttpClusterModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected HttpClusterModuleWebSecurityConfigurer createModuleConfigurer(AbstractAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new HttpClusterModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new HttpClusterModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new ClusterProvider());
}

@Override
Expand All @@ -55,7 +57,6 @@ protected ModuleAuthenticationImpl createEmptyModuleAuthentication(AbstractAuthe
return moduleAuthentication;
}

@Override
public AuthModule<ModuleAuthenticationImpl> createModuleFilter(AbstractAuthenticationModuleType moduleType, String sequenceSuffix,
ServletRequest request, Map<Class<?>, Object> sharedObjects,
AuthenticationModulesType authenticationsPolicy, CredentialsPolicyType credentialPolicy,
Expand Down
5 changes: 3 additions & 2 deletions ...ava/com/evolveum/midpoint/authentication/impl/factory/module/HttpHeaderModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected HttpHeaderModuleWebSecurityConfigurer createModuleConfigurer(HttpHeaderAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new HttpHeaderModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new HttpHeaderModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new PasswordProvider());
}

@Override
Expand All @@ -60,7 +62,6 @@ protected ModuleAuthenticationImpl createEmptyModuleAuthentication(HttpHeaderAut
return moduleAuthentication;
}

@Override
public AuthModule<ModuleAuthenticationImpl> createModuleFilter(HttpHeaderAuthenticationModuleType httpModuleType, String sequenceSuffix, ServletRequest request,
Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationsPolicy,
CredentialsPolicyType credentialPolicy, AuthenticationChannel authenticationChannel, AuthenticationSequenceModuleType sequenceModule) throws Exception {
Expand Down
4 changes: 3 additions & 1 deletion ...olveum/midpoint/authentication/impl/factory/module/HttpSecurityQuestionModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected HttpSecurityQuestionsModuleWebSecurityConfigurer createModuleConfigurer(HttpSecQAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new HttpSecurityQuestionsModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new HttpSecurityQuestionsModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new SecurityQuestionProvider());
}

@Override
Expand Down
5 changes: 3 additions & 2 deletions ...main/java/com/evolveum/midpoint/authentication/impl/factory/module/LdapModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected LdapWebSecurityConfigurer createModuleConfigurer(LdapAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new LdapWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new LdapWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
getProvider(moduleType));
}

@Override
Expand All @@ -76,7 +78,6 @@ protected ModuleAuthenticationImpl createEmptyModuleAuthentication(LdapAuthentic
return moduleAuthentication;
}

@Override
public AuthModule<ModuleAuthenticationImpl> createModuleFilter(LdapAuthenticationModuleType moduleType, String sequenceSuffix,
ServletRequest request, Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationsPolicy,
CredentialsPolicyType credentialPolicy, AuthenticationChannel authenticationChannel, AuthenticationSequenceModuleType sequenceModule) throws Exception {
Expand Down
4 changes: 3 additions & 1 deletion .../com/evolveum/midpoint/authentication/impl/factory/module/LoginFormModuleFactoryImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected LoginFormModuleWebSecurityConfigurer<LoginFormModuleWebSecurityConfiguration, LoginFormAuthenticationModuleType> createModuleConfigurer(LoginFormAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new LoginFormModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new LoginFormModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new PasswordProvider());
}

@Override
Expand Down
4 changes: 3 additions & 1 deletion ...java/com/evolveum/midpoint/authentication/impl/factory/module/MailNonceModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected MailNonceFormModuleWebSecurityConfigurer createModuleConfigurer(MailNonceAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new MailNonceFormModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new MailNonceFormModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new MailNonceProvider());
}

//TODO
Expand Down
5 changes: 3 additions & 2 deletions ...ava/com/evolveum/midpoint/authentication/impl/factory/module/OidcClientModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,11 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected OidcClientModuleWebSecurityConfigurer createModuleConfigurer(OidcAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new OidcClientModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new OidcClientModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new OidcClientProvider(null));//TODO configuration.getAdditionalConfiguration()));
}

@Override
public AuthModule<ModuleAuthenticationImpl> createModuleFilter(OidcAuthenticationModuleType moduleType, String sequenceSuffix, ServletRequest request,
Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationsPolicy,
CredentialsPolicyType credentialPolicy, AuthenticationChannel authenticationChannel, AuthenticationSequenceModuleType sequenceModule) throws Exception {
Expand Down
3 changes: 1 addition & 2 deletions ...evolveum/midpoint/authentication/impl/factory/module/OidcResourceServerModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected OidcResourceServerModuleWebSecurityConfigurer createModuleConfigurer(OidcAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new OidcResourceServerModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new OidcResourceServerModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request, null);
}

@Override
Expand All @@ -62,7 +62,6 @@ protected ModuleAuthenticationImpl createEmptyModuleAuthentication(OidcAuthentic
return moduleAuthentication;
}

@Override
public AuthModule<ModuleAuthenticationImpl> createModuleFilter(OidcAuthenticationModuleType moduleType, String sequenceSuffix, ServletRequest request,
Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationsPolicy,
CredentialsPolicyType credentialPolicy, AuthenticationChannel authenticationChannel, AuthenticationSequenceModuleType necessity) throws Exception {
Expand Down
3 changes: 1 addition & 2 deletions ...ain/java/com/evolveum/midpoint/authentication/impl/factory/module/Saml2ModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,11 +53,10 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected SamlModuleWebSecurityConfigurer createModuleConfigurer(Saml2AuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor objectPostProcessor, ServletRequest request) {
return new SamlModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new SamlModuleWebSecurityConfigurer(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request, new Saml2Provider());

}

@Override
public AuthModule<ModuleAuthenticationImpl> createModuleFilter(Saml2AuthenticationModuleType moduleType, String sequenceSuffix, ServletRequest request,
Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationsPolicy,
CredentialsPolicyType credentialPolicy, AuthenticationChannel authenticationChannel, AuthenticationSequenceModuleType sequenceModule) throws Exception {
Expand Down
4 changes: 3 additions & 1 deletion ...olveum/midpoint/authentication/impl/factory/module/SecurityQuestionFormModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,9 @@ public boolean match(AbstractAuthenticationModuleType moduleType, Authentication

@Override
protected SecurityQuestionsFormModuleWebSecurityConfigurer<LoginFormModuleWebSecurityConfiguration> createModuleConfigurer(SecurityQuestionsFormAuthenticationModuleType moduleType, String sequenceSuffix, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest request) {
return new SecurityQuestionsFormModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
return new SecurityQuestionsFormModuleWebSecurityConfigurer<>(moduleType, sequenceSuffix, authenticationChannel,
objectPostProcessor, request,
new SecurityQuestionProvider());
}

@Override
Expand Down
6 changes: 4 additions & 2 deletions .../authentication/impl/module/configurer/ArchetypeSelectionModuleWebSecurityConfigurer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import com.evolveum.midpoint.xml.ns._public.common.common_3.ArchetypeSelectionModuleType;

import jakarta.servlet.ServletRequest;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
Expand All @@ -36,8 +37,9 @@ public ArchetypeSelectionModuleWebSecurityConfigurer(ArchetypeSelectionModuleTyp
String sequenceSuffix,
AuthenticationChannel authenticationChannel,
ObjectPostProcessor<Object> objectPostProcessor,
ServletRequest request) {
super(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request);
ServletRequest request,
AuthenticationProvider provider) {
super(moduleType, sequenceSuffix, authenticationChannel, objectPostProcessor, request, provider);
}

@Override
Expand Down

0 comments on commit 8df1a3f

Please sign in to comment.