View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.syncope.sra.security.saml2;
20  
21  import java.net.URI;
22  import org.apache.syncope.sra.security.PublicRouteMatcher;
23  import org.apache.syncope.sra.session.SessionUtils;
24  import org.springframework.http.HttpStatus;
25  import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
26  import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
27  import org.springframework.web.server.ServerWebExchange;
28  import org.springframework.web.server.WebFilter;
29  import org.springframework.web.server.WebFilterChain;
30  import reactor.core.publisher.Mono;
31  
32  public class SAML2AnonymousWebFilter implements WebFilter {
33  
34      private final ServerWebExchangeMatcher matcher;
35  
36      public SAML2AnonymousWebFilter(final PublicRouteMatcher publicRouteMatcher) {
37          this.matcher = ServerWebExchangeMatchers.matchers(
38                  publicRouteMatcher,
39                  SessionUtils.authInSession(),
40                  SAML2LogoutResponseWebFilter.MATCHER);
41      }
42  
43      @Override
44      public Mono<Void> filter(final ServerWebExchange exchange, final WebFilterChain chain) {
45          return matcher.matches(exchange).
46                  filter(matchResult -> !matchResult.isMatch()).
47                  switchIfEmpty(chain.filter(exchange).then(Mono.empty())).
48                  flatMap(r -> exchange.getSession()).
49                  flatMap(session -> {
50                      session.getAttributes().put(SessionUtils.INITIAL_REQUEST_URI, exchange.getRequest().getURI());
51  
52                      exchange.getResponse().setStatusCode(HttpStatus.SEE_OTHER);
53                      exchange.getResponse().getHeaders().
54                              setLocation(URI.create(SAML2WebSsoAuthenticationRequestWebFilter.AUTHENTICATE_URL));
55                      return exchange.getResponse().setComplete();
56                  });
57      }
58  }