mirror of
https://github.com/Frooodle/Stirling-PDF.git
synced 2025-03-16 00:16:35 +01:00
info to debug
This commit is contained in:
Anthony Stirling
parent
5171088fca
commit
2d6fe55985
@ -312,31 +312,6 @@ public class SecurityConfiguration {
|
|||||||
return http.build();
|
return http.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
// @Bean
|
|
||||||
// public Saml2WebSsoAuthenticationRequestFilter saml2WebSsoAuthenticationRequestFilter(
|
|
||||||
// RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
|
|
||||||
// OpenSaml4AuthenticationRequestResolver authenticationRequestResolver =
|
|
||||||
// new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationRepository);
|
|
||||||
//
|
|
||||||
// Saml2WebSsoAuthenticationRequestFilter filter =
|
|
||||||
// new Saml2WebSsoAuthenticationRequestFilter(
|
|
||||||
// authenticationRequestResolver
|
|
||||||
// );
|
|
||||||
// return filter;
|
|
||||||
// }
|
|
||||||
//
|
|
||||||
@Bean
|
|
||||||
@ConditionalOnProperty(
|
|
||||||
value = "security.saml2.enabled",
|
|
||||||
havingValue = "true",
|
|
||||||
matchIfMissing = false)
|
|
||||||
public AuthenticationProvider samlAuthenticationProvider() {
|
|
||||||
OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
|
|
||||||
provider.setResponseAuthenticationConverter(
|
|
||||||
new CustomSaml2ResponseAuthenticationConverter(userService));
|
|
||||||
return provider;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@ConditionalOnProperty(
|
@ConditionalOnProperty(
|
||||||
value = "security.oauth2.enabled",
|
value = "security.oauth2.enabled",
|
||||||
@ -525,12 +500,12 @@ public class SecurityConfiguration {
|
|||||||
new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationRepository);
|
new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationRepository);
|
||||||
resolver.setAuthnRequestCustomizer(
|
resolver.setAuthnRequestCustomizer(
|
||||||
customizer -> {
|
customizer -> {
|
||||||
log.info("Customizing SAML Authentication request");
|
log.debug("Customizing SAML Authentication request");
|
||||||
|
|
||||||
AuthnRequest authnRequest = customizer.getAuthnRequest();
|
AuthnRequest authnRequest = customizer.getAuthnRequest();
|
||||||
log.info("AuthnRequest ID: {}", authnRequest.getID());
|
log.debug("AuthnRequest ID: {}", authnRequest.getID());
|
||||||
log.info("AuthnRequest IssueInstant: {}", authnRequest.getIssueInstant());
|
log.debug("AuthnRequest IssueInstant: {}", authnRequest.getIssueInstant());
|
||||||
log.info(
|
log.debug(
|
||||||
"AuthnRequest Issuer: {}",
|
"AuthnRequest Issuer: {}",
|
||||||
authnRequest.getIssuer() != null
|
authnRequest.getIssuer() != null
|
||||||
? authnRequest.getIssuer().getValue()
|
? authnRequest.getIssuer().getValue()
|
||||||
@ -539,42 +514,42 @@ public class SecurityConfiguration {
|
|||||||
HttpServletRequest request = customizer.getRequest();
|
HttpServletRequest request = customizer.getRequest();
|
||||||
|
|
||||||
// Log HTTP request details
|
// Log HTTP request details
|
||||||
log.info("HTTP Request Method: {}", request.getMethod());
|
log.debug("HTTP Request Method: {}", request.getMethod());
|
||||||
log.info("Request URI: {}", request.getRequestURI());
|
log.debug("Request URI: {}", request.getRequestURI());
|
||||||
log.info("Request URL: {}", request.getRequestURL().toString());
|
log.debug("Request URL: {}", request.getRequestURL().toString());
|
||||||
log.info("Query String: {}", request.getQueryString());
|
log.debug("Query String: {}", request.getQueryString());
|
||||||
log.info("Remote Address: {}", request.getRemoteAddr());
|
log.debug("Remote Address: {}", request.getRemoteAddr());
|
||||||
|
|
||||||
// Log headers
|
// Log headers
|
||||||
Collections.list(request.getHeaderNames())
|
Collections.list(request.getHeaderNames())
|
||||||
.forEach(
|
.forEach(
|
||||||
headerName -> {
|
headerName -> {
|
||||||
log.info(
|
log.debug(
|
||||||
"Header - {}: {}",
|
"Header - {}: {}",
|
||||||
headerName,
|
headerName,
|
||||||
request.getHeader(headerName));
|
request.getHeader(headerName));
|
||||||
});
|
});
|
||||||
|
|
||||||
// Log SAML specific parameters
|
// Log SAML specific parameters
|
||||||
log.info("SAML Request Parameters:");
|
log.debug("SAML Request Parameters:");
|
||||||
log.info("SAMLRequest: {}", request.getParameter("SAMLRequest"));
|
log.debug("SAMLRequest: {}", request.getParameter("SAMLRequest"));
|
||||||
log.info("RelayState: {}", request.getParameter("RelayState"));
|
log.debug("RelayState: {}", request.getParameter("RelayState"));
|
||||||
|
|
||||||
// Log session information if exists
|
// Log session debugrmation if exists
|
||||||
if (request.getSession(false) != null) {
|
if (request.getSession(false) != null) {
|
||||||
log.info("Session ID: {}", request.getSession().getId());
|
log.debug("Session ID: {}", request.getSession().getId());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Log any assertions consumer service details if present
|
// Log any assertions consumer service details if present
|
||||||
if (authnRequest.getAssertionConsumerServiceURL() != null) {
|
if (authnRequest.getAssertionConsumerServiceURL() != null) {
|
||||||
log.info(
|
log.debug(
|
||||||
"AssertionConsumerServiceURL: {}",
|
"AssertionConsumerServiceURL: {}",
|
||||||
authnRequest.getAssertionConsumerServiceURL());
|
authnRequest.getAssertionConsumerServiceURL());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Log NameID policy if present
|
// Log NameID policy if present
|
||||||
if (authnRequest.getNameIDPolicy() != null) {
|
if (authnRequest.getNameIDPolicy() != null) {
|
||||||
log.info(
|
log.debug(
|
||||||
"NameIDPolicy Format: {}",
|
"NameIDPolicy Format: {}",
|
||||||
authnRequest.getNameIDPolicy().getFormat());
|
authnRequest.getNameIDPolicy().getFormat());
|
||||||
}
|
}
|
||||||
|
|||||||
@ -35,11 +35,11 @@ public class CustomSaml2AuthenticationSuccessHandler
|
|||||||
throws ServletException, IOException {
|
throws ServletException, IOException {
|
||||||
|
|
||||||
Object principal = authentication.getPrincipal();
|
Object principal = authentication.getPrincipal();
|
||||||
log.info("Starting SAML2 authentication success handling");
|
log.debug("Starting SAML2 authentication success handling");
|
||||||
|
|
||||||
if (principal instanceof CustomSaml2AuthenticatedPrincipal) {
|
if (principal instanceof CustomSaml2AuthenticatedPrincipal) {
|
||||||
String username = ((CustomSaml2AuthenticatedPrincipal) principal).getName();
|
String username = ((CustomSaml2AuthenticatedPrincipal) principal).getName();
|
||||||
log.info("Authenticated principal found for user: {}", username);
|
log.debug("Authenticated principal found for user: {}", username);
|
||||||
|
|
||||||
HttpSession session = request.getSession(false);
|
HttpSession session = request.getSession(false);
|
||||||
String contextPath = request.getContextPath();
|
String contextPath = request.getContextPath();
|
||||||
@ -48,7 +48,7 @@ public class CustomSaml2AuthenticationSuccessHandler
|
|||||||
? (SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST")
|
? (SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST")
|
||||||
: null;
|
: null;
|
||||||
|
|
||||||
log.info(
|
log.debug(
|
||||||
"Session exists: {}, Saved request exists: {}",
|
"Session exists: {}, Saved request exists: {}",
|
||||||
session != null,
|
session != null,
|
||||||
savedRequest != null);
|
savedRequest != null);
|
||||||
@ -56,18 +56,18 @@ public class CustomSaml2AuthenticationSuccessHandler
|
|||||||
if (savedRequest != null
|
if (savedRequest != null
|
||||||
&& !RequestUriUtils.isStaticResource(
|
&& !RequestUriUtils.isStaticResource(
|
||||||
contextPath, savedRequest.getRedirectUrl())) {
|
contextPath, savedRequest.getRedirectUrl())) {
|
||||||
log.info(
|
log.debug(
|
||||||
"Valid saved request found, redirecting to original destination: {}",
|
"Valid saved request found, redirecting to original destination: {}",
|
||||||
savedRequest.getRedirectUrl());
|
savedRequest.getRedirectUrl());
|
||||||
super.onAuthenticationSuccess(request, response, authentication);
|
super.onAuthenticationSuccess(request, response, authentication);
|
||||||
} else {
|
} else {
|
||||||
SAML2 saml2 = applicationProperties.getSecurity().getSaml2();
|
SAML2 saml2 = applicationProperties.getSecurity().getSaml2();
|
||||||
log.info(
|
log.debug(
|
||||||
"Processing SAML2 authentication with autoCreateUser: {}",
|
"Processing SAML2 authentication with autoCreateUser: {}",
|
||||||
saml2.getAutoCreateUser());
|
saml2.getAutoCreateUser());
|
||||||
|
|
||||||
if (loginAttemptService.isBlocked(username)) {
|
if (loginAttemptService.isBlocked(username)) {
|
||||||
log.info("User {} is blocked due to too many login attempts", username);
|
log.debug("User {} is blocked due to too many login attempts", username);
|
||||||
if (session != null) {
|
if (session != null) {
|
||||||
session.removeAttribute("SPRING_SECURITY_SAVED_REQUEST");
|
session.removeAttribute("SPRING_SECURITY_SAVED_REQUEST");
|
||||||
}
|
}
|
||||||
@ -82,14 +82,14 @@ public class CustomSaml2AuthenticationSuccessHandler
|
|||||||
&& userService.isAuthenticationTypeByUsername(
|
&& userService.isAuthenticationTypeByUsername(
|
||||||
username, AuthenticationType.SSO);
|
username, AuthenticationType.SSO);
|
||||||
|
|
||||||
log.info(
|
log.debug(
|
||||||
"User status - Exists: {}, Has password: {}, Is SSO user: {}",
|
"User status - Exists: {}, Has password: {}, Is SSO user: {}",
|
||||||
userExists,
|
userExists,
|
||||||
hasPassword,
|
hasPassword,
|
||||||
isSSOUser);
|
isSSOUser);
|
||||||
|
|
||||||
if (userExists && hasPassword && !isSSOUser && saml2.getAutoCreateUser()) {
|
if (userExists && hasPassword && !isSSOUser && saml2.getAutoCreateUser()) {
|
||||||
log.info(
|
log.debug(
|
||||||
"User {} exists with password but is not SSO user, redirecting to logout",
|
"User {} exists with password but is not SSO user, redirecting to logout",
|
||||||
username);
|
username);
|
||||||
response.sendRedirect(
|
response.sendRedirect(
|
||||||
@ -99,18 +99,18 @@ public class CustomSaml2AuthenticationSuccessHandler
|
|||||||
|
|
||||||
try {
|
try {
|
||||||
if (saml2.getBlockRegistration() && !userExists) {
|
if (saml2.getBlockRegistration() && !userExists) {
|
||||||
log.info("Registration blocked for new user: {}", username);
|
log.debug("Registration blocked for new user: {}", username);
|
||||||
response.sendRedirect(
|
response.sendRedirect(
|
||||||
contextPath + "/login?erroroauth=oauth2_admin_blocked_user");
|
contextPath + "/login?erroroauth=oauth2_admin_blocked_user");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
log.info("Processing SSO post-login for user: {}", username);
|
log.debug("Processing SSO post-login for user: {}", username);
|
||||||
userService.processSSOPostLogin(username, saml2.getAutoCreateUser());
|
userService.processSSOPostLogin(username, saml2.getAutoCreateUser());
|
||||||
log.info("Successfully processed authentication for user: {}", username);
|
log.debug("Successfully processed authentication for user: {}", username);
|
||||||
response.sendRedirect(contextPath + "/");
|
response.sendRedirect(contextPath + "/");
|
||||||
return;
|
return;
|
||||||
} catch (IllegalArgumentException e) {
|
} catch (IllegalArgumentException e) {
|
||||||
log.info(
|
log.debug(
|
||||||
"Invalid username detected for user: {}, redirecting to logout",
|
"Invalid username detected for user: {}, redirecting to logout",
|
||||||
username);
|
username);
|
||||||
response.sendRedirect(contextPath + "/logout?invalidUsername=true");
|
response.sendRedirect(contextPath + "/logout?invalidUsername=true");
|
||||||
@ -118,7 +118,7 @@ public class CustomSaml2AuthenticationSuccessHandler
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
log.info("Non-SAML2 principal detected, delegating to parent handler");
|
log.debug("Non-SAML2 principal detected, delegating to parent handler");
|
||||||
super.onAuthenticationSuccess(request, response, authentication);
|
super.onAuthenticationSuccess(request, response, authentication);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user