Migrate to latest Play version - addresses #92

Moves session storage to cookie instead of cache.
resamsel · Nov 9, 2020 · 4007133 · 4007133
1 parent e28aa5e
commit 4007133
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 4 deletions.
diff --git a/app/auth/CustomCodeVerifier.java b/app/auth/CustomCodeVerifier.java
@@ -0,0 +1,15 @@
+package auth;
+
+import com.nimbusds.oauth2.sdk.pkce.CodeVerifier;
+
+import java.io.Serializable;
+
+public class CustomCodeVerifier extends CodeVerifier implements Serializable {
+  public CustomCodeVerifier(String value) {
+    super(value);
+  }
+
+  public static CustomCodeVerifier from(CodeVerifier codeVerifier) {
+    return new CustomCodeVerifier(codeVerifier.getValue());
+  }
+}
diff --git a/app/auth/CustomCookieSessionStore.java b/app/auth/CustomCookieSessionStore.java
@@ -0,0 +1,26 @@
+package auth;
+
+import com.nimbusds.oauth2.sdk.pkce.CodeVerifier;
+import org.pac4j.play.PlayWebContext;
+import org.pac4j.play.store.NoOpDataEncrypter;
+import org.pac4j.play.store.PlayCookieSessionStore;
+
+import javax.inject.Singleton;
+
+@Singleton
+public class CustomCookieSessionStore extends PlayCookieSessionStore {
+
+  public CustomCookieSessionStore() {
+    super(new NoOpDataEncrypter());
+  }
+
+  @Override
+  public void set(PlayWebContext context, String key, Object value) {
+    Object cleanedValue = value;
+    if (key.endsWith("$codeVerifierSessionParameter") && value instanceof CodeVerifier) {
+      cleanedValue = CustomCodeVerifier.from((CodeVerifier) value);
+    }
+
+    super.set(context, key, cleanedValue);
+  }
+}
diff --git a/app/mappers/ActivityMapper.java b/app/mappers/ActivityMapper.java
@@ -33,7 +33,6 @@ public static LogEntry toModel(Activity in, LogEntry out) {
     out = out != null ? out : new LogEntry();
 
     out.id = in.id;
-    // TODO
 
     return out;
   }

diff --git a/app/modules/SecurityModule.java b/app/modules/SecurityModule.java
@@ -5,6 +5,7 @@
 import auth.ClientName;
 import auth.CustomAuthorizer;
 import auth.CustomCallbackLogic;
+import auth.CustomCookieSessionStore;
 import be.objectify.deadbolt.java.cache.HandlerCache;
 import com.google.inject.AbstractModule;
 import com.google.inject.Provides;
@@ -31,7 +32,6 @@
 import org.pac4j.play.deadbolt2.Pac4jHandlerCache;
 import org.pac4j.play.deadbolt2.Pac4jRoleHandler;
 import org.pac4j.play.http.PlayHttpActionAdapter;
-import org.pac4j.play.store.PlayCacheSessionStore;
 import org.pac4j.play.store.PlayCookieSessionStore;
 import org.pac4j.play.store.PlaySessionStore;
 import play.Environment;
@@ -74,9 +74,9 @@ protected void configure() {
     bind(HandlerCache.class).to(Pac4jHandlerCache.class);
 
     bind(Pac4jRoleHandler.class).to(MyPac4jRoleHandler.class);
-    bind(PlaySessionStore.class).to(PlayCacheSessionStore.class);
+//    bind(PlaySessionStore.class).to(PlayCacheSessionStore.class);
     // com.nimbusds.oauth2.sdk.pkce.CodeVerifier cannot be cast to java.io.Serializable
-//    bind(PlaySessionStore.class).to(PlayCookieSessionStore.class);
+    bind(PlaySessionStore.class).to(CustomCookieSessionStore.class);
 
     // callback
     final CallbackController callbackController = new CallbackController();
@@ -171,6 +171,7 @@ protected KeycloakOidcClient provideKeycloakClient() {
       config.setBaseUri(KeycloakBaseUri.get(configuration));
       config.setRealm(KeycloakRealm.get(configuration));
       config.setWithState(false);
+      config.setDisablePkce(true);
 
       return new KeycloakOidcClient(config);
     });
-Original file line number
+Diff line change
@@ Expand Up / @@ -33,7 +33,6 @@ public static LogEntry toModel(Activity in, LogEntry out) { @@
         out = out != null ? out : new LogEntry();
         out.id = in.id;
-        // TODO
         return out;
       }
@@ Expand Down @@