appserver/security/jaspic-provider-framework/src/main/java/com/sun/jaspic/config/servlet/JAASServletAuthConfigProvider.java - glassfish - Git at Google

 /*
  * Copyright (c) 1997, 2020 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
  * http://www.eclipse.org/legal/epl-2.0.
  *
  * This Source Code may also be made available under the following Secondary
  * Licenses when the conditions for such availability set forth in the
  * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
  * version 2 with the GNU Classpath Exception, which is available at
  * https://www.gnu.org/software/classpath/license.html.
  *
  * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
  */

 package com.sun.jaspic.config.servlet;

 import com.sun.jaspic.config.delegate.MessagePolicyDelegate;
 import com.sun.jaspic.config.helper.AuthContextHelper;
 import com.sun.jaspic.config.jaas.JAASAuthConfigProvider;
 import java.util.Map;
 import jakarta.security.auth.message.AuthException;
 import jakarta.security.auth.message.MessageInfo;
 import jakarta.security.auth.message.MessagePolicy;
 import jakarta.security.auth.message.config.AuthConfigFactory;
 import jakarta.security.auth.message.module.ServerAuthModule;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;

 /**
  *
  * @author Ron Monzillo
  */
 public class JAASServletAuthConfigProvider extends JAASAuthConfigProvider {

     private static final String HTTP_SERVLET_LAYER = "HttpServlet";
     private static final String MANDATORY_KEY = "jakarta.security.auth.message.MessagePolicy.isMandatory";
     private static final String MANDATORY_AUTH_CONTEXT_ID = "mandatory";
     private static final String OPTIONAL_AUTH_CONTEXT_ID = "optional";
     private static final Class[] moduleTypes = new Class[] {ServerAuthModule.class};
     private static final Class[] messageTypes = new Class[] {HttpServletRequest.class, HttpServletResponse.class};
     final static MessagePolicy mandatoryPolicy =
             new MessagePolicy(new MessagePolicy.TargetPolicy[]{
                 new MessagePolicy.TargetPolicy((MessagePolicy.Target[]) null,
                 new MessagePolicy.ProtectionPolicy() {

                     public String getID() {
                         return MessagePolicy.ProtectionPolicy.AUTHENTICATE_SENDER;
                     }
                 })}, true);
     final static MessagePolicy optionalPolicy =
             new MessagePolicy(new MessagePolicy.TargetPolicy[]{
                 new MessagePolicy.TargetPolicy((MessagePolicy.Target[]) null,
                 new MessagePolicy.ProtectionPolicy() {

                     public String getID() {
                         return MessagePolicy.ProtectionPolicy.AUTHENTICATE_SENDER;
                     }
                 })}, false);

     public JAASServletAuthConfigProvider(Map properties, AuthConfigFactory factory) {
         super(properties, factory);
     }

     public MessagePolicyDelegate getMessagePolicyDelegate(String appContext) throws AuthException {

         return new MessagePolicyDelegate() {

             public MessagePolicy getRequestPolicy(String authContextID, Map properties) {
                 MessagePolicy rvalue;
                 if (MANDATORY_AUTH_CONTEXT_ID.equals(authContextID)) {
                     rvalue = mandatoryPolicy;
                 } else {
                     rvalue = optionalPolicy;
                 }
                 return rvalue;
             }

             public MessagePolicy getResponsePolicy(String authContextID, Map properties) {
                 return null;
             }

             public Class[] getMessageTypes() {
                 return messageTypes;
             }

             public String getAuthContextID(MessageInfo messageInfo) {
                 String rvalue;
                 if (messageInfo.getMap().containsKey(MANDATORY_KEY)) {
                     rvalue = MANDATORY_AUTH_CONTEXT_ID;
                 } else {
                     rvalue = OPTIONAL_AUTH_CONTEXT_ID;
                 }
                 return rvalue;
             }

             public boolean isProtected() {
                 return true;
             }

         };
     }

     @Override
     protected Class[] getModuleTypes() {
         return moduleTypes;
     }

     @Override
     protected String getLayer() {
         return HTTP_SERVLET_LAYER;
     }

     @Override
     public AuthContextHelper getAuthContextHelper(String appContext, boolean returnNullContexts)
             throws AuthException {
         // overrides returnNullContexts to false (as required by Servlet Profile)
         return super.getAuthContextHelper(appContext,false);
     }
 }
	/*
	* Copyright (c) 1997, 2020 Oracle and/or its affiliates. All rights reserved.
	*
	* This program and the accompanying materials are made available under the
	* terms of the Eclipse Public License v. 2.0, which is available at
	* http://www.eclipse.org/legal/epl-2.0.
	*
	* This Source Code may also be made available under the following Secondary
	* Licenses when the conditions for such availability set forth in the
	* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
	* version 2 with the GNU Classpath Exception, which is available at
	* https://www.gnu.org/software/classpath/license.html.
	*
	* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
	*/

	package com.sun.jaspic.config.servlet;

	import com.sun.jaspic.config.delegate.MessagePolicyDelegate;
	import com.sun.jaspic.config.helper.AuthContextHelper;
	import com.sun.jaspic.config.jaas.JAASAuthConfigProvider;
	import java.util.Map;
	import jakarta.security.auth.message.AuthException;
	import jakarta.security.auth.message.MessageInfo;
	import jakarta.security.auth.message.MessagePolicy;
	import jakarta.security.auth.message.config.AuthConfigFactory;
	import jakarta.security.auth.message.module.ServerAuthModule;
	import jakarta.servlet.http.HttpServletRequest;
	import jakarta.servlet.http.HttpServletResponse;

	/**
	*
	* @author Ron Monzillo
	*/
	public class JAASServletAuthConfigProvider extends JAASAuthConfigProvider {

	private static final String HTTP_SERVLET_LAYER = "HttpServlet";
	private static final String MANDATORY_KEY = "jakarta.security.auth.message.MessagePolicy.isMandatory";
	private static final String MANDATORY_AUTH_CONTEXT_ID = "mandatory";
	private static final String OPTIONAL_AUTH_CONTEXT_ID = "optional";
	private static final Class[] moduleTypes = new Class[] {ServerAuthModule.class};
	private static final Class[] messageTypes = new Class[] {HttpServletRequest.class, HttpServletResponse.class};
	final static MessagePolicy mandatoryPolicy =
	new MessagePolicy(new MessagePolicy.TargetPolicy[]{
	new MessagePolicy.TargetPolicy((MessagePolicy.Target[]) null,
	new MessagePolicy.ProtectionPolicy() {

	public String getID() {
	return MessagePolicy.ProtectionPolicy.AUTHENTICATE_SENDER;
	}
	})}, true);
	final static MessagePolicy optionalPolicy =
	new MessagePolicy(new MessagePolicy.TargetPolicy[]{
	new MessagePolicy.TargetPolicy((MessagePolicy.Target[]) null,
	new MessagePolicy.ProtectionPolicy() {

	public String getID() {
	return MessagePolicy.ProtectionPolicy.AUTHENTICATE_SENDER;
	}
	})}, false);

	public JAASServletAuthConfigProvider(Map properties, AuthConfigFactory factory) {
	super(properties, factory);
	}

	public MessagePolicyDelegate getMessagePolicyDelegate(String appContext) throws AuthException {

	return new MessagePolicyDelegate() {

	public MessagePolicy getRequestPolicy(String authContextID, Map properties) {
	MessagePolicy rvalue;
	if (MANDATORY_AUTH_CONTEXT_ID.equals(authContextID)) {
	rvalue = mandatoryPolicy;
	} else {
	rvalue = optionalPolicy;
	}
	return rvalue;
	}

	public MessagePolicy getResponsePolicy(String authContextID, Map properties) {
	return null;
	}

	public Class[] getMessageTypes() {
	return messageTypes;
	}

	public String getAuthContextID(MessageInfo messageInfo) {
	String rvalue;
	if (messageInfo.getMap().containsKey(MANDATORY_KEY)) {
	rvalue = MANDATORY_AUTH_CONTEXT_ID;
	} else {
	rvalue = OPTIONAL_AUTH_CONTEXT_ID;
	}
	return rvalue;
	}

	public boolean isProtected() {
	return true;
	}

	};
	}

	@Override
	protected Class[] getModuleTypes() {
	return moduleTypes;
	}

	@Override
	protected String getLayer() {
	return HTTP_SERVLET_LAYER;
	}

	@Override
	public AuthContextHelper getAuthContextHelper(String appContext, boolean returnNullContexts)
	throws AuthException {
	// overrides returnNullContexts to false (as required by Servlet Profile)
	return super.getAuthContextHelper(appContext,false);
	}
	}