Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-01-19 00:07:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

info to debug

Browse Source
This commit is contained in:
Anthony Stirling 2024-11-29 08:53:54 +00:00
parent 5171088fca
commit 2d6fe55985
2 changed files with 30 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
View File

@ -312,31 +312,6 @@ public class SecurityConfiguration {
return http.build();
}
// @Bean
// public Saml2WebSsoAuthenticationRequestFilter saml2WebSsoAuthenticationRequestFilter(
// RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
// OpenSaml4AuthenticationRequestResolver authenticationRequestResolver =
// new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationRepository);
//
// Saml2WebSsoAuthenticationRequestFilter filter =
// new Saml2WebSsoAuthenticationRequestFilter(
// authenticationRequestResolver
// );
// return filter;
// }
//
@Bean
@ConditionalOnProperty(
value = "security.saml2.enabled",
havingValue = "true",
matchIfMissing = false)
public AuthenticationProvider samlAuthenticationProvider() {
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
provider.setResponseAuthenticationConverter(
new CustomSaml2ResponseAuthenticationConverter(userService));
return provider;
}
@Bean
@ConditionalOnProperty(
value = "security.oauth2.enabled",
@ -525,12 +500,12 @@ public class SecurityConfiguration {
new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationRepository);
resolver.setAuthnRequestCustomizer(
customizer -> {
log.info("Customizing SAML Authentication request");
log.debug("Customizing SAML Authentication request");
AuthnRequest authnRequest = customizer.getAuthnRequest();
log.info("AuthnRequest ID: {}", authnRequest.getID());
log.info("AuthnRequest IssueInstant: {}", authnRequest.getIssueInstant());
log.info(
log.debug("AuthnRequest ID: {}", authnRequest.getID());
log.debug("AuthnRequest IssueInstant: {}", authnRequest.getIssueInstant());
log.debug(
"AuthnRequest Issuer: {}",
authnRequest.getIssuer() != null
? authnRequest.getIssuer().getValue()
@ -539,42 +514,42 @@ public class SecurityConfiguration {
HttpServletRequest request = customizer.getRequest();
// Log HTTP request details
log.info("HTTP Request Method: {}", request.getMethod());
log.info("Request URI: {}", request.getRequestURI());
log.info("Request URL: {}", request.getRequestURL().toString());
log.info("Query String: {}", request.getQueryString());
log.info("Remote Address: {}", request.getRemoteAddr());
log.debug("HTTP Request Method: {}", request.getMethod());
log.debug("Request URI: {}", request.getRequestURI());
log.debug("Request URL: {}", request.getRequestURL().toString());
log.debug("Query String: {}", request.getQueryString());
log.debug("Remote Address: {}", request.getRemoteAddr());
// Log headers
Collections.list(request.getHeaderNames())
.forEach(
headerName -> {
log.info(
log.debug(
"Header - {}: {}",
headerName,
request.getHeader(headerName));
});
// Log SAML specific parameters
log.info("SAML Request Parameters:");
log.info("SAMLRequest: {}", request.getParameter("SAMLRequest"));
log.info("RelayState: {}", request.getParameter("RelayState"));
log.debug("SAML Request Parameters:");
log.debug("SAMLRequest: {}", request.getParameter("SAMLRequest"));
log.debug("RelayState: {}", request.getParameter("RelayState"));
// Log session information if exists
// Log session debugrmation if exists
if (request.getSession(false) != null) {
log.info("Session ID: {}", request.getSession().getId());
log.debug("Session ID: {}", request.getSession().getId());
}
// Log any assertions consumer service details if present
if (authnRequest.getAssertionConsumerServiceURL() != null) {
log.info(
log.debug(
"AssertionConsumerServiceURL: {}",
authnRequest.getAssertionConsumerServiceURL());
}
// Log NameID policy if present
if (authnRequest.getNameIDPolicy() != null) {
log.info(
log.debug(
"NameIDPolicy Format: {}",
authnRequest.getNameIDPolicy().getFormat());
}

26
src/main/java/stirling/software/SPDF/config/security/saml2/CustomSaml2AuthenticationSuccessHandler.java
View File

@ -35,11 +35,11 @@ public class CustomSaml2AuthenticationSuccessHandler
throws ServletException, IOException {
Object principal = authentication.getPrincipal();
log.info("Starting SAML2 authentication success handling");
log.debug("Starting SAML2 authentication success handling");
if (principal instanceof CustomSaml2AuthenticatedPrincipal) {
String username = ((CustomSaml2AuthenticatedPrincipal) principal).getName();
log.info("Authenticated principal found for user: {}", username);
log.debug("Authenticated principal found for user: {}", username);
HttpSession session = request.getSession(false);
String contextPath = request.getContextPath();
@ -48,7 +48,7 @@ public class CustomSaml2AuthenticationSuccessHandler
? (SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST")
: null;
log.info(
log.debug(
"Session exists: {}, Saved request exists: {}",
session != null,
savedRequest != null);
@ -56,18 +56,18 @@ public class CustomSaml2AuthenticationSuccessHandler
if (savedRequest != null
&& !RequestUriUtils.isStaticResource(
contextPath, savedRequest.getRedirectUrl())) {
log.info(
log.debug(
"Valid saved request found, redirecting to original destination: {}",
savedRequest.getRedirectUrl());
super.onAuthenticationSuccess(request, response, authentication);
} else {
SAML2 saml2 = applicationProperties.getSecurity().getSaml2();
log.info(
log.debug(
"Processing SAML2 authentication with autoCreateUser: {}",
saml2.getAutoCreateUser());
if (loginAttemptService.isBlocked(username)) {
log.info("User {} is blocked due to too many login attempts", username);
log.debug("User {} is blocked due to too many login attempts", username);
if (session != null) {
session.removeAttribute("SPRING_SECURITY_SAVED_REQUEST");
}
@ -82,14 +82,14 @@ public class CustomSaml2AuthenticationSuccessHandler
&& userService.isAuthenticationTypeByUsername(
username, AuthenticationType.SSO);
log.info(
log.debug(
"User status - Exists: {}, Has password: {}, Is SSO user: {}",
userExists,
hasPassword,
isSSOUser);
if (userExists && hasPassword && !isSSOUser && saml2.getAutoCreateUser()) {
log.info(
log.debug(
"User {} exists with password but is not SSO user, redirecting to logout",
username);
response.sendRedirect(
@ -99,18 +99,18 @@ public class CustomSaml2AuthenticationSuccessHandler
try {
if (saml2.getBlockRegistration() && !userExists) {
log.info("Registration blocked for new user: {}", username);
log.debug("Registration blocked for new user: {}", username);
response.sendRedirect(
contextPath + "/login?erroroauth=oauth2_admin_blocked_user");
return;
}
log.info("Processing SSO post-login for user: {}", username);
log.debug("Processing SSO post-login for user: {}", username);
userService.processSSOPostLogin(username, saml2.getAutoCreateUser());
log.info("Successfully processed authentication for user: {}", username);
log.debug("Successfully processed authentication for user: {}", username);
response.sendRedirect(contextPath + "/");
return;
} catch (IllegalArgumentException e) {
log.info(
log.debug(
"Invalid username detected for user: {}, redirecting to logout",
username);
response.sendRedirect(contextPath + "/logout?invalidUsername=true");
@ -118,7 +118,7 @@ public class CustomSaml2AuthenticationSuccessHandler
}
}
} else {
log.info("Non-SAML2 principal detected, delegating to parent handler");
log.debug("Non-SAML2 principal detected, delegating to parent handler");
super.onAuthenticationSuccess(request, response, authentication);
}
}