List of usage examples for org.apache.http.impl.conn BasicHttpClientConnectionManager BasicHttpClientConnectionManager
public BasicHttpClientConnectionManager(final Lookup<ConnectionSocketFactory> socketFactoryRegistry)
From source file:net.shibboleth.idp.cas.authn.PkixProxyAuthenticator.java
private CloseableHttpClient createHttpClient() { final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create() .register(HTTPS_SCHEME, socketFactory).build(); final BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(registry); return HttpClients.custom().setConnectionManager(connectionManager).build(); }
From source file:com.tremolosecurity.unison.proxy.auth.twitter.TwitterAuth.java
public void doGet(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException { HttpSession session = ((HttpServletRequest) request).getSession(); HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session .getAttribute(ProxyConstants.AUTH_MECH_PARAMS); ConfigManager cfg = (ConfigManager) request.getAttribute(ProxyConstants.TREMOLO_CFG_OBJ); MyVDConnection myvd = cfg.getMyVD(); String consumerKey = authParams.get("consumerKey").getValues().get(0); String consumerSecret = authParams.get("consumerSecret").getValues().get(0); String accessToken = authParams.get("accessToken").getValues().get(0); String accessSecret = authParams.get("accessSecret").getValues().get(0); boolean linkToDirectory = Boolean.parseBoolean(authParams.get("linkToDirectory").getValues().get(0)); String noMatchOU = authParams.get("noMatchOU").getValues().get(0); String uidAttr = authParams.get("uidAttr").getValues().get(0); String lookupFilter = authParams.get("lookupFilter").getValues().get(0); //String userLookupClassName = authParams.get("userLookupClassName").getValues().get(0); UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG); RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder(); URL reqURL = new URL(request.getRequestURL().toString()); String redirectURL = reqURL.getProtocol() + "://" + reqURL.getHost(); if (reqURL.getPort() != -1) { redirectURL += ":" + reqURL.getPort(); }/* w ww .j a va2 s .c om*/ String urlChain = holder.getUrl().getAuthChain(); AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName()); AuthMechType amt = act.getAuthMech().get(as.getId()); String authMechName = amt.getName(); redirectURL += cfg.getAuthMechs().get(authMechName).getUri(); if (request.getParameter("oauth_verifier") == null) { BasicHttpClientConnectionManager bhcm = new BasicHttpClientConnectionManager( GlobalEntries.getGlobalEntries().getConfigManager().getHttpClientSocketRegistry()); RequestConfig rc = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build(); CloseableHttpClient http = HttpClients.custom().setConnectionManager(bhcm).setDefaultRequestConfig(rc) .build(); HttpPost post = new HttpPost("https://api.twitter.com/oauth/request_token"); this.signRequest(post, "", accessToken, accessSecret, consumerKey, consumerSecret); CloseableHttpResponse httpResp = http.execute(post); BufferedReader in = new BufferedReader(new InputStreamReader(httpResp.getEntity().getContent())); StringBuffer token = new StringBuffer(); String line = null; while ((line = in.readLine()) != null) { token.append(line); } httpResp.close(); bhcm.close(); System.err.println(token); List<NameValuePair> parsed = URLEncodedUtils.parse(token.toString(), Charsets.UTF_8); HashMap<String, String> accessTokens = new HashMap<String, String>(); for (NameValuePair nvp : parsed) { accessTokens.put(nvp.getName(), nvp.getValue()); } request.getSession().setAttribute("twitterAccessToken", accessTokens); StringBuffer b = new StringBuffer().append("https://api.twitter.com/oauth/authenticate?oauth_token=") .append(accessTokens.get("oauth_token")); response.sendRedirect(b.toString()); } else { String oauthVerifier = request.getParameter("oauth_verifier"); HashMap<String, String> accessTokens = (HashMap<String, String>) request.getSession() .getAttribute("twitterAccessToken"); BasicHttpClientConnectionManager bhcm = new BasicHttpClientConnectionManager( GlobalEntries.getGlobalEntries().getConfigManager().getHttpClientSocketRegistry()); RequestConfig rc = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build(); CloseableHttpClient http = HttpClients.custom().setConnectionManager(bhcm).setDefaultRequestConfig(rc) .build(); HttpUriRequest post = new HttpPost(); try { post = RequestBuilder.post().setUri(new java.net.URI("https://api.twitter.com/oauth/access_token")) .addParameter("oauth_verifier", oauthVerifier).build(); } catch (URISyntaxException e) { throw new ServletException("Could not create post request"); } this.signRequest(post, "oauth_verifier=" + oauthVerifier, accessTokens.get("oauth_token"), accessTokens.get("oauth_token_secret"), consumerKey, consumerSecret); CloseableHttpResponse httpResp = http.execute(post); BufferedReader in = new BufferedReader(new InputStreamReader(httpResp.getEntity().getContent())); StringBuffer token = new StringBuffer(); String line = null; while ((line = in.readLine()) != null) { token.append(line); } EntityUtils.consumeQuietly(httpResp.getEntity()); httpResp.close(); System.err.println(token); List<NameValuePair> parsed = URLEncodedUtils.parse(token.toString(), Charsets.UTF_8); HashMap<String, String> userTokens = new HashMap<String, String>(); for (NameValuePair nvp : parsed) { userTokens.put(nvp.getName(), nvp.getValue()); } request.getSession().setAttribute("twitterUserToken", accessTokens); HttpGet get = new HttpGet( "https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true"); this.signRequest(get, "", userTokens.get("oauth_token"), userTokens.get("oauth_token_secret"), consumerKey, consumerSecret); httpResp = http.execute(get); in = new BufferedReader(new InputStreamReader(httpResp.getEntity().getContent())); token.setLength(0); line = null; while ((line = in.readLine()) != null) { token.append(line); } EntityUtils.consumeQuietly(httpResp.getEntity()); httpResp.close(); System.err.println(token); httpResp.close(); bhcm.close(); Map attrs = com.cedarsoftware.util.io.JsonReader.jsonToMaps(token.toString()); if (!linkToDirectory) { loadUnlinkedUser(session, noMatchOU, uidAttr, act, attrs); as.setSuccess(true); } else { lookupUser(as, session, myvd, noMatchOU, uidAttr, lookupFilter, act, attrs); } String redirectToURL = request.getParameter("target"); if (redirectToURL != null && !redirectToURL.isEmpty()) { reqHolder.setURL(redirectToURL); } holder.getConfig().getAuthManager().nextAuth(request, response, session, false); } }
From source file:org.eclipse.jgit.transport.http.apache.HttpClientConnection.java
private HttpClient getClient() { if (client == null) { HttpClientBuilder clientBuilder = HttpClients.custom(); RequestConfig.Builder configBuilder = RequestConfig.custom(); if (proxy != null && !Proxy.NO_PROXY.equals(proxy)) { isUsingProxy = true;// w ww . java2s . com InetSocketAddress adr = (InetSocketAddress) proxy.address(); clientBuilder.setProxy(new HttpHost(adr.getHostName(), adr.getPort())); } if (timeout != null) { configBuilder.setConnectTimeout(timeout.intValue()); } if (readTimeout != null) { configBuilder.setSocketTimeout(readTimeout.intValue()); } if (followRedirects != null) { configBuilder.setRedirectsEnabled(followRedirects.booleanValue()); } if (hostnameverifier != null) { SSLConnectionSocketFactory sslConnectionFactory = new SSLConnectionSocketFactory(getSSLContext(), hostnameverifier); clientBuilder.setSSLSocketFactory(sslConnectionFactory); Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create() .register("https", sslConnectionFactory) .register("http", PlainConnectionSocketFactory.INSTANCE).build(); clientBuilder.setConnectionManager(new BasicHttpClientConnectionManager(registry)); } clientBuilder.setDefaultRequestConfig(configBuilder.build()); client = clientBuilder.build(); } return client; }
From source file:com.tremolosecurity.provisioning.customTasks.CallRemoteWorkflow.java
@Override public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException { HashMap<String, Object> newRequest = new HashMap<String, Object>(); for (String name : this.fromRequest) { newRequest.put(name, request.get(name)); }/*from ww w.ja va 2s . com*/ for (String key : this.staticRequest.keySet()) { newRequest.put(key, this.staticRequest.get(key)); } WFCall wfCall = new WFCall(); wfCall.setName(this.workflowName); wfCall.setRequestParams(newRequest); wfCall.setUser(new TremoloUser()); wfCall.getUser().setUid(user.getUserID()); wfCall.getUser().setUserPassword(user.getPassword()); wfCall.getUser().setGroups(user.getGroups()); wfCall.getUser().setAttributes(new ArrayList<Attribute>()); wfCall.getUser().getAttributes().addAll(user.getAttribs().values()); wfCall.setUidAttributeName(uidAttributeName); wfCall.setReason(task.getWorkflow().getUser().getRequestReason()); if (task.getWorkflow().getRequester() != null) { wfCall.setRequestor(task.getWorkflow().getRequester().getUserID()); } else { wfCall.setRequestor(this.lastMileUser); } DateTime notBefore = new DateTime(); notBefore = notBefore.minusSeconds(timeSkew); DateTime notAfter = new DateTime(); notAfter = notAfter.plusSeconds(timeSkew); com.tremolosecurity.lastmile.LastMile lastmile = null; try { lastmile = new com.tremolosecurity.lastmile.LastMile(this.uri, notBefore, notAfter, 0, "oauth2"); } catch (URISyntaxException e) { throw new ProvisioningException("Could not generate lastmile", e); } Attribute attrib = new Attribute(this.lastMileUid, this.lastMileUser); lastmile.getAttributes().add(attrib); String encryptedXML = null; try { encryptedXML = lastmile .generateLastMileToken(this.task.getConfigManager().getSecretKey(this.lastmileKeyName)); } catch (Exception e) { throw new ProvisioningException("Could not generate lastmile", e); } StringBuffer header = new StringBuffer(); header.append("Bearer ").append(encryptedXML); BasicHttpClientConnectionManager bhcm = null; CloseableHttpClient http = null; try { bhcm = new BasicHttpClientConnectionManager(this.task.getConfigManager().getHttpClientSocketRegistry()); RequestConfig rc = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).setRedirectsEnabled(false) .build(); http = HttpClients.custom().setConnectionManager(bhcm).setDefaultRequestConfig(rc).build(); HttpPost post = new HttpPost(this.url); post.addHeader(new BasicHeader("Authorization", header.toString())); Gson gson = new Gson(); StringEntity str = new StringEntity(gson.toJson(wfCall), ContentType.APPLICATION_JSON); post.setEntity(str); HttpResponse resp = http.execute(post); if (resp.getStatusLine().getStatusCode() != 200) { throw new ProvisioningException("Call failed"); } } catch (IOException e) { throw new ProvisioningException("Could not make call", e); } finally { if (http != null) { try { http.close(); } catch (IOException e) { logger.warn(e); } } if (bhcm != null) { bhcm.close(); } } return true; }
From source file:com.waitwha.nessus.server.Server.java
/** * Constructor// ww w.java 2 s . com * * @param url End-point URL of the Nessus Server. (i.e. https://localhost:8834) */ public Server(final String url) { this.url = url; /* * Configure XML parsing. */ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); try { this.builder = factory.newDocumentBuilder(); log.finest(String.format("Successfully configured XML parsing using builder: %s", this.builder.getClass().getName())); } catch (ParserConfigurationException e) { log.warning(String.format("Could not configure XML parsing: %s", e.getMessage())); } /* * Setup SSL for HttpClient configurations. Here we will configure SSL/TLS to * accept all hosts (no verification on certificates). This is because Nessus by * default used a self-generate CA and certificate for the servers. So, a simple * self-signed-strategy will not work as we are not dealing with strictly * self-signed certs, but ones generated and signed by a self-generated CA. * * TODO Perhaps the serial number of the CA is always the same so in the future we * could use a strategy to only accept certs by this one serial. * * See http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientConfiguration.java. * * TODO We need to work on the code here to be more up-to-date. SSLSocketFactory is deprecated, but * finding up-to-date docs on how to use SSLContext with a custom TrustStrategy and not using a KeyStore is * not currently available. */ //SSLContext sslContext = SSLContexts.createSystemDefault(); Registry<ConnectionSocketFactory> socketFactoryRegistry = null; try { socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.INSTANCE) .register("https", new SSLSocketFactory(new MyTrustStrategy(), SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)) .build(); log.finest(String.format("Configured SSL/TLS connections for %s.", url)); } catch (Exception e) { log.warning( String.format("Could not configure SSL/TLS: %s %s", e.getClass().getName(), e.getMessage())); } SocketConfig socketConfig = SocketConfig.custom().setTcpNoDelay(true).build(); this.connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry); this.connectionManager.setSocketConfig(socketConfig); log.finest(String.format("Configured socket connections for %s.", url)); this.cookieStore = new BasicCookieStore() { private static final long serialVersionUID = 1L; /** * @see org.apache.http.impl.client.BasicCookieStore#addCookie(org.apache.http.cookie.Cookie) */ @Override public synchronized void addCookie(Cookie cookie) { log.finest(String.format("[%s] Cookie added: %s=%s", url, cookie.getName(), cookie.getValue())); super.addCookie(cookie); } }; log.finest(String.format("Configured default/basic cookie storage for connections to %s", url)); }
From source file:net.shibboleth.idp.cas.proxy.impl.HttpClientProxyAuthenticator.java
private CloseableHttpClient createHttpClient(final TrustEngine<? super X509Credential> x509TrustEngine) { final SSLConnectionSocketFactory socketFactory; try {//from www .ja v a 2 s .co m final SSLContext sslContext = SSLContexts.custom().useTLS() .loadTrustMaterial(null, new TrustEngineTrustStrategy(x509TrustEngine)).build(); socketFactory = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER); } catch (Exception e) { throw new RuntimeException("SSL initialization error", e); } final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create() .register(HTTPS_SCHEME, socketFactory).build(); final BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(registry); return HttpClients.custom().setConnectionManager(connectionManager).build(); }
From source file:microsoft.exchange.webservices.data.core.ExchangeServiceBase.java
private void initializeHttpClient() { Registry<ConnectionSocketFactory> registry = createConnectionSocketFactoryRegistry(); HttpClientConnectionManager httpConnectionManager = new BasicHttpClientConnectionManager(registry); AuthenticationStrategy authStrategy = new CookieProcessingTargetAuthenticationStrategy(); httpClient = HttpClients.custom().setConnectionManager(httpConnectionManager) .setTargetAuthenticationStrategy(authStrategy).build(); }
From source file:com.tremolosecurity.proxy.filters.PreAuthFilter.java
@Override public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception { AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)) .getAuthInfo();//from ww w . j a v a 2 s . c o m ConfigManager cfg = (ConfigManager) request.getAttribute(ProxyConstants.TREMOLO_CFG_OBJ); List<Cookie> cookies = null; if (userData.getAuthLevel() > 0 && userData.isAuthComplete()) { UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG); HttpSession session = request.getSession(); String uid = (String) session.getAttribute("TREMOLO_PRE_AUTH"); if (uid == null || !uid.equals(userData.getUserDN())) { session.setAttribute("TREMOLO_PRE_AUTH", userData.getUserDN()); HashMap<String, String> uriParams = new HashMap<String, String>(); uriParams.put("fullURI", this.uri); UrlHolder remHolder = cfg.findURL(this.url); org.apache.http.client.methods.HttpRequestBase method = null; if (this.postSAML) { PrivateKey pk = holder.getConfig().getPrivateKey(this.keyAlias); java.security.cert.X509Certificate cert = holder.getConfig().getCertificate(this.keyAlias); Saml2Assertion assertion = new Saml2Assertion( userData.getAttribs().get(this.nameIDAttribute).getValues().get(0), pk, cert, null, this.issuer, this.assertionConsumerURL, this.audience, this.signAssertion, this.signResponse, false, this.nameIDType, this.authnCtxClassRef); String respXML = ""; try { respXML = assertion.generateSaml2Response(); } catch (Exception e) { throw new ServletException("Could not generate SAMLResponse", e); } List<NameValuePair> formparams = new ArrayList<NameValuePair>(); String base64 = Base64.encodeBase64String(respXML.getBytes("UTF-8")); formparams.add(new BasicNameValuePair("SAMLResponse", base64)); if (this.relayState != null && !this.relayState.isEmpty()) { formparams.add(new BasicNameValuePair("RelayState", this.relayState)); } UrlEncodedFormEntity entity = new UrlEncodedFormEntity(formparams, "UTF-8"); HttpPost post = new HttpPost(this.assertionConsumerURL); post.setEntity(entity); method = post; } else { HttpGet get = new HttpGet(remHolder.getProxyURL(uriParams)); method = get; } LastMileUtil.addLastMile(cfg, userData.getAttribs().get(loginAttribute).getValues().get(0), this.loginAttribute, method, lastMileKeyAlias, true); BasicHttpClientConnectionManager bhcm = new BasicHttpClientConnectionManager( cfg.getHttpClientSocketRegistry()); try { CloseableHttpClient httpclient = HttpClients.custom().setConnectionManager(bhcm) .setDefaultRequestConfig(cfg.getGlobalHttpClientConfig()).build(); HttpResponse resp = httpclient.execute(method); if (resp.getStatusLine().getStatusCode() == 500) { BufferedReader in = new BufferedReader( new InputStreamReader(resp.getEntity().getContent())); StringBuffer error = new StringBuffer(); String line = null; while ((line = in.readLine()) != null) { error.append(line).append('\n'); } logger.warn("Pre-Auth Failed : " + error); } org.apache.http.Header[] headers = resp.getAllHeaders(); StringBuffer stmp = new StringBuffer(); cookies = new ArrayList<Cookie>(); for (org.apache.http.Header header : headers) { if (header.getName().equalsIgnoreCase("set-cookie") || header.getName().equalsIgnoreCase("set-cookie2")) { //System.out.println(header.getValue()); String cookieVal = header.getValue(); /*if (cookieVal.endsWith("HttpOnly")) { cookieVal = cookieVal.substring(0,cookieVal.indexOf("HttpOnly")); } //System.out.println(cookieVal);*/ List<HttpCookie> cookiesx = HttpCookie.parse(cookieVal); for (HttpCookie cookie : cookiesx) { String cookieFinalName = cookie.getName(); if (cookieFinalName.equalsIgnoreCase("JSESSIONID")) { stmp.setLength(0); stmp.append("JSESSIONID").append('-') .append(holder.getApp().getName().replaceAll(" ", "|")); cookieFinalName = stmp.toString(); } //logger.info("Adding cookie name '" + cookieFinalName + "'='" + cookie.getValue() + "'"); Cookie respcookie = new Cookie(cookieFinalName, cookie.getValue()); respcookie.setComment(cookie.getComment()); if (cookie.getDomain() != null) { //respcookie.setDomain(cookie.getDomain()); } respcookie.setMaxAge((int) cookie.getMaxAge()); respcookie.setPath(cookie.getPath()); respcookie.setSecure(cookie.getSecure()); respcookie.setVersion(cookie.getVersion()); cookies.add(respcookie); if (request.getCookieNames().contains(respcookie.getName())) { request.removeCookie(cookieFinalName); } request.addCookie(new Cookie(cookie.getName(), cookie.getValue())); } } } } finally { bhcm.shutdown(); } } } chain.nextFilter(request, response, chain); if (cookies != null) { for (Cookie cookie : cookies) { response.addCookie(cookie); } } }
From source file:com.tremolosecurity.unison.proxy.auth.openidconnect.OpenIDConnectAuthMech.java
public void doGet(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException { HttpSession session = ((HttpServletRequest) request).getSession(); HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session .getAttribute(ProxyConstants.AUTH_MECH_PARAMS); ConfigManager cfg = (ConfigManager) request.getAttribute(ProxyConstants.TREMOLO_CFG_OBJ); MyVDConnection myvd = cfg.getMyVD(); String bearerTokenName = authParams.get("bearerTokenName").getValues().get(0); String clientid = authParams.get("clientid").getValues().get(0); String secret = authParams.get("secretid").getValues().get(0); String idpURL = authParams.get("idpURL").getValues().get(0); String responseType = authParams.get("responseType").getValues().get(0); String scope = authParams.get("scope").getValues().get(0); boolean linkToDirectory = Boolean.parseBoolean(authParams.get("linkToDirectory").getValues().get(0)); String noMatchOU = authParams.get("noMatchOU").getValues().get(0); String uidAttr = authParams.get("uidAttr").getValues().get(0); String lookupFilter = authParams.get("lookupFilter").getValues().get(0); String userLookupClassName = authParams.get("userLookupClassName").getValues().get(0); String defaultObjectClass = authParams.get("defaultObjectClass").getValues().get(0); boolean forceAuth = true;//authParams.get("forceAuthentication") != null ? authParams.get("forceAuthentication").getValues().get(0).equalsIgnoreCase("true") : false; UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG); RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder(); StringBuffer b = new StringBuffer(); URL reqURL = new URL(request.getRequestURL().toString()); b.append(reqURL.getProtocol()).append("://").append(reqURL.getHost()); if (reqURL.getPort() != -1) { b.append(":").append(reqURL.getPort()); }// w w w .j a va 2 s.c o m String urlChain = holder.getUrl().getAuthChain(); AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName()); AuthMechType amt = act.getAuthMech().get(as.getId()); String authMechName = amt.getName(); b.append(holder.getConfig().getContextPath()).append(cfg.getAuthMechs().get(authMechName).getUri()); String hd = authParams.get("hd").getValues().get(0); String loadTokenURL = authParams.get("loadTokenURL").getValues().get(0); if (request.getParameter("state") == null) { //initialize openidconnect String state = new BigInteger(130, new SecureRandom()).toString(32); request.getSession().setAttribute("UNISON_OPENIDCONNECT_STATE", state); StringBuffer redirToSend = new StringBuffer(); redirToSend.append(idpURL).append("?client_id=").append(URLEncoder.encode(clientid, "UTF-8")) .append("&response_type=").append(URLEncoder.encode(responseType, "UTF-8")).append("&scope=") .append(URLEncoder.encode(scope, "UTF-8")).append("&redirect_uri=") .append(URLEncoder.encode(b.toString(), "UTF-8")).append("&state=") .append(URLEncoder.encode("security_token=", "UTF-8")) .append(URLEncoder.encode(state, "UTF-8")); if (forceAuth) { redirToSend.append("&max_age=0"); } if (!hd.isEmpty()) { redirToSend.append("&hd=").append(hd); } response.sendRedirect(redirToSend.toString()); } else { String stateFromURL = request.getParameter("state"); stateFromURL = URLDecoder.decode(stateFromURL, "UTF-8"); stateFromURL = stateFromURL.substring(stateFromURL.indexOf('=') + 1); String stateFromSession = (String) request.getSession().getAttribute("UNISON_OPENIDCONNECT_STATE"); if (!stateFromSession.equalsIgnoreCase(stateFromURL)) { throw new ServletException("Invalid State"); } HttpUriRequest post = null; try { post = RequestBuilder.post().setUri(new java.net.URI(loadTokenURL)) .addParameter("code", request.getParameter("code")).addParameter("client_id", clientid) .addParameter("client_secret", secret).addParameter("redirect_uri", b.toString()) .addParameter("grant_type", "authorization_code").build(); } catch (URISyntaxException e) { throw new ServletException("Could not create post request"); } BasicHttpClientConnectionManager bhcm = new BasicHttpClientConnectionManager( GlobalEntries.getGlobalEntries().getConfigManager().getHttpClientSocketRegistry()); RequestConfig rc = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build(); CloseableHttpClient http = HttpClients.custom().setConnectionManager(bhcm).setDefaultRequestConfig(rc) .build(); CloseableHttpResponse httpResp = http.execute(post); BufferedReader in = new BufferedReader(new InputStreamReader(httpResp.getEntity().getContent())); StringBuffer token = new StringBuffer(); String line = null; while ((line = in.readLine()) != null) { token.append(line); } httpResp.close(); bhcm.close(); Gson gson = new Gson(); Map tokenNVP = com.cedarsoftware.util.io.JsonReader.jsonToMaps(token.toString()); String accessToken; //Store the bearer token for use by Unison request.getSession().setAttribute(bearerTokenName, tokenNVP.get("access_token")); Map jwtNVP = null; LoadUserData loadUser = null; try { loadUser = (LoadUserData) Class.forName(userLookupClassName).newInstance(); jwtNVP = loadUser.loadUserAttributesFromIdP(request, response, cfg, authParams, tokenNVP); } catch (Exception e) { throw new ServletException("Could not load user data", e); } if (jwtNVP == null) { as.setSuccess(false); } else { if (!linkToDirectory) { loadUnlinkedUser(session, noMatchOU, uidAttr, act, jwtNVP, defaultObjectClass); as.setSuccess(true); } else { lookupUser(as, session, myvd, noMatchOU, uidAttr, lookupFilter, act, jwtNVP, defaultObjectClass); } String redirectToURL = request.getParameter("target"); if (redirectToURL != null && !redirectToURL.isEmpty()) { reqHolder.setURL(redirectToURL); } } holder.getConfig().getAuthManager().nextAuth(request, response, session, false); } }
From source file:com.mirth.connect.client.core.ConnectServiceUtil.java
private static CloseableHttpClient getClient(String[] protocols, String[] cipherSuites) { RegistryBuilder<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder .<ConnectionSocketFactory>create(); String[] enabledProtocols = MirthSSLUtil.getEnabledHttpsProtocols(protocols); String[] enabledCipherSuites = MirthSSLUtil.getEnabledHttpsCipherSuites(cipherSuites); SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory( SSLContexts.createSystemDefault(), enabledProtocols, enabledCipherSuites, SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER); socketFactoryRegistry.register("https", sslConnectionSocketFactory); BasicHttpClientConnectionManager httpClientConnectionManager = new BasicHttpClientConnectionManager( socketFactoryRegistry.build()); httpClientConnectionManager.setSocketConfig(SocketConfig.custom().setSoTimeout(TIMEOUT).build()); return HttpClients.custom().setConnectionManager(httpClientConnectionManager).build(); }