public class org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler extends org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
{
private static final java.lang.String UI_PATH;
private static final java.lang.String ROOT_PATH;
private final org.apache.nifi.web.security.cookie.ApplicationCookieService applicationCookieService;
private final org.apache.nifi.web.security.jwt.provider.BearerTokenProvider bearerTokenProvider;
private final java.util.List userIdentityMappings;
private final java.util.List groupIdentityMappings;
private final java.util.List userClaimNames;
private final java.lang.String groupsClaimName;
public void <init>(org.apache.nifi.web.security.jwt.provider.BearerTokenProvider, java.util.List, java.util.List, java.util.List, java.lang.String)
{
org.apache.nifi.web.security.cookie.StandardApplicationCookieService v;
org.apache.nifi.web.security.jwt.provider.BearerTokenProvider v;
java.util.List v, v, v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
java.lang.Object v, v, v, v;
java.lang.String v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: org.apache.nifi.web.security.jwt.provider.BearerTokenProvider;
v := @parameter: java.util.List;
v := @parameter: java.util.List;
v := @parameter: java.util.List;
v := @parameter: java.lang.String;
specialinvoke v.<org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler: void <init>()>();
v = new org.apache.nifi.web.security.cookie.StandardApplicationCookieService;
specialinvoke v.<org.apache.nifi.web.security.cookie.StandardApplicationCookieService: void <init>()>();
v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: org.apache.nifi.web.security.cookie.ApplicationCookieService applicationCookieService> = v;
v = staticinvoke <java.util.Objects: java.lang.Object requireNonNull(java.lang.Object,java.lang.String)>(v, "Bearer Token Provider required");
v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: org.apache.nifi.web.security.jwt.provider.BearerTokenProvider bearerTokenProvider> = v;
v = staticinvoke <java.util.Objects: java.lang.Object requireNonNull(java.lang.Object,java.lang.String)>(v, "User Identity Mappings required");
v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.util.List userIdentityMappings> = v;
v = staticinvoke <java.util.Objects: java.lang.Object requireNonNull(java.lang.Object,java.lang.String)>(v, "Group Identity Mappings required");
v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.util.List groupIdentityMappings> = v;
v = staticinvoke <java.util.Objects: java.lang.Object requireNonNull(java.lang.Object,java.lang.String)>(v, "User Claim Names required");
v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.util.List userClaimNames> = v;
v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.lang.String groupsClaimName> = v;
return;
}
public java.lang.String determineTargetUrl(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication)
{
javax.servlet.http.HttpServletResponse v;
javax.servlet.http.HttpServletRequest v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
org.apache.nifi.web.util.RequestUriBuilder v, v, v, v;
java.lang.String v;
java.net.URI v, v;
org.springframework.security.core.Authentication v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: javax.servlet.http.HttpServletRequest;
v := @parameter: javax.servlet.http.HttpServletResponse;
v := @parameter: org.springframework.security.core.Authentication;
v = staticinvoke <org.apache.nifi.web.util.RequestUriBuilder: org.apache.nifi.web.util.RequestUriBuilder fromHttpServletRequest(javax.servlet.http.HttpServletRequest)>(v);
v = virtualinvoke v.<org.apache.nifi.web.util.RequestUriBuilder: org.apache.nifi.web.util.RequestUriBuilder path(java.lang.String)>("/");
v = virtualinvoke v.<org.apache.nifi.web.util.RequestUriBuilder: java.net.URI build()>();
specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: void processAuthentication(javax.servlet.http.HttpServletResponse,org.springframework.security.core.Authentication,java.net.URI)>(v, v, v);
v = staticinvoke <org.apache.nifi.web.util.RequestUriBuilder: org.apache.nifi.web.util.RequestUriBuilder fromHttpServletRequest(javax.servlet.http.HttpServletRequest)>(v);
v = virtualinvoke v.<org.apache.nifi.web.util.RequestUriBuilder: org.apache.nifi.web.util.RequestUriBuilder path(java.lang.String)>("/nifi/");
v = virtualinvoke v.<org.apache.nifi.web.util.RequestUriBuilder: java.net.URI build()>();
v = virtualinvoke v.<java.net.URI: java.lang.String toString()>();
return v;
}
private void processAuthentication(javax.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication, java.net.URI)
{
org.springframework.security.oauth.core.oidc.user.OidcUser v;
javax.servlet.http.HttpServletResponse v;
java.util.Set v;
org.apache.nifi.web.security.cookie.ApplicationCookieService v;
org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
org.apache.nifi.web.security.cookie.ApplicationCookieName v;
java.lang.String v, v;
java.net.URI v;
org.springframework.security.oauth.core.OAuth2AccessToken v;
org.springframework.security.core.Authentication v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: javax.servlet.http.HttpServletResponse;
v := @parameter: org.springframework.security.core.Authentication;
v := @parameter: java.net.URI;
v = specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken getAuthenticationToken(org.springframework.security.core.Authentication)>(v);
v = specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: org.springframework.security.oauth.core.oidc.user.OidcUser getOidcUser(org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken)>(v);
v = specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.lang.String getIdentity(org.springframework.security.oauth.core.oidc.user.OidcUser)>(v);
v = specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.util.Set getGroups(org.springframework.security.oauth.core.oidc.user.OidcUser)>(v);
v = specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: org.springframework.security.oauth.core.OAuth2AccessToken getAccessToken(org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken)>(v);
v = specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.lang.String getBearerToken(java.lang.String,org.springframework.security.oauth.core.OAuth2AccessToken,java.util.Set)>(v, v, v);
v = v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: org.apache.nifi.web.security.cookie.ApplicationCookieService applicationCookieService>;
v = <org.apache.nifi.web.security.cookie.ApplicationCookieName: org.apache.nifi.web.security.cookie.ApplicationCookieName AUTHORIZATION_BEARER>;
interfaceinvoke v.<org.apache.nifi.web.security.cookie.ApplicationCookieService: void addSessionCookie(java.net.URI,javax.servlet.http.HttpServletResponse,org.apache.nifi.web.security.cookie.ApplicationCookieName,java.lang.String)>(v, v, v, v);
return;
}
private java.lang.String getBearerToken(java.lang.String, org.springframework.security.oauth.core.OAuth2AccessToken, java.util.Set)
{
org.apache.nifi.web.security.token.LoginAuthenticationToken v;
org.apache.nifi.web.security.jwt.provider.BearerTokenProvider v;
java.util.Set v;
java.time.Instant v;
java.util.function.Function v;
java.util.stream.Stream v, v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
java.lang.Object v;
java.lang.String v, v;
java.util.stream.Collector v;
org.springframework.security.oauth.core.OAuth2AccessToken v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: java.lang.String;
v := @parameter: org.springframework.security.oauth.core.OAuth2AccessToken;
v := @parameter: java.util.Set;
v = specialinvoke v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.time.Instant getSessionExpiration(org.springframework.security.oauth.core.OAuth2Token)>(v);
v = interfaceinvoke v.<java.util.Set: java.util.stream.Stream stream()>();
v = staticinvoke <org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler$init__29: java.util.function.Function bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
v = staticinvoke <java.util.stream.Collectors: java.util.stream.Collector toSet()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.lang.Object collect(java.util.stream.Collector)>(v);
v = new org.apache.nifi.web.security.token.LoginAuthenticationToken;
specialinvoke v.<org.apache.nifi.web.security.token.LoginAuthenticationToken: void <init>(java.lang.String,java.time.Instant,java.util.Collection)>(v, v, v);
v = v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: org.apache.nifi.web.security.jwt.provider.BearerTokenProvider bearerTokenProvider>;
v = interfaceinvoke v.<org.apache.nifi.web.security.jwt.provider.BearerTokenProvider: java.lang.String getBearerToken(org.apache.nifi.web.security.token.LoginAuthenticationToken)>(v);
return v;
}
private java.time.Instant getSessionExpiration(org.springframework.security.oauth.core.OAuth2Token)
{
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
java.lang.IllegalArgumentException v;
java.time.Instant v;
org.springframework.security.oauth.core.OAuth2Token v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: org.springframework.security.oauth.core.OAuth2Token;
v = interfaceinvoke v.<org.springframework.security.oauth.core.OAuth2Token: java.time.Instant getExpiresAt()>();
if v != null goto label;
v = new java.lang.IllegalArgumentException;
specialinvoke v.<java.lang.IllegalArgumentException: void <init>(java.lang.String)>("Token expiration claim not found");
throw v;
label:
return v;
}
private org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken getAuthenticationToken(org.springframework.security.core.Authentication)
{
java.lang.Object[] v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
java.lang.Class v;
java.lang.String v;
java.lang.IllegalArgumentException v;
org.springframework.security.core.Authentication v;
boolean v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: org.springframework.security.core.Authentication;
v = v instanceof org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken;
if v == 0 goto label;
return v;
label:
v = newarray (java.lang.Object)[1];
v = virtualinvoke v.<java.lang.Object: java.lang.Class getClass()>();
v[0] = v;
v = staticinvoke <java.lang.String: java.lang.String format(java.lang.String,java.lang.Object[])>("OAuth2AuthenticationToken not found [%s]", v);
v = new java.lang.IllegalArgumentException;
specialinvoke v.<java.lang.IllegalArgumentException: void <init>(java.lang.String)>(v);
throw v;
}
private org.springframework.security.oauth.core.OAuth2AccessToken getAccessToken(org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken)
{
java.lang.Object[] v;
java.lang.IllegalArgumentException v;
org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
java.lang.Class v;
java.lang.Object v;
java.lang.String v;
boolean v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken;
v = virtualinvoke v.<org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken: java.lang.Object getCredentials()>();
v = v instanceof org.springframework.security.oauth.core.OAuth2AccessToken;
if v == 0 goto label;
return v;
label:
v = newarray (java.lang.Object)[1];
v = virtualinvoke v.<java.lang.Object: java.lang.Class getClass()>();
v[0] = v;
v = staticinvoke <java.lang.String: java.lang.String format(java.lang.String,java.lang.Object[])>("OAuth2AccessToken not found in credentials [%s]", v);
v = new java.lang.IllegalArgumentException;
specialinvoke v.<java.lang.IllegalArgumentException: void <init>(java.lang.String)>(v);
throw v;
}
private org.springframework.security.oauth.core.oidc.user.OidcUser getOidcUser(org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken)
{
java.lang.Object[] v;
java.lang.IllegalArgumentException v;
org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
org.springframework.security.oauth.core.user.OAuth2User v;
java.lang.Class v;
java.lang.String v;
boolean v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken;
v = virtualinvoke v.<org.springframework.security.oauth.client.authentication.OAuth2AuthenticationToken: org.springframework.security.oauth.core.user.OAuth2User getPrincipal()>();
v = v instanceof org.springframework.security.oauth.core.oidc.user.OidcUser;
if v == 0 goto label;
return v;
label:
v = newarray (java.lang.Object)[1];
v = virtualinvoke v.<java.lang.Object: java.lang.Class getClass()>();
v[0] = v;
v = staticinvoke <java.lang.String: java.lang.String format(java.lang.String,java.lang.Object[])>("OpenID Connect User not found [%s]", v);
v = new java.lang.IllegalArgumentException;
specialinvoke v.<java.lang.IllegalArgumentException: void <init>(java.lang.String)>(v);
throw v;
}
private java.lang.String getIdentity(org.springframework.security.oauth.core.oidc.user.OidcUser)
{
org.springframework.security.oauth.core.oidc.user.OidcUser v;
java.util.function.Predicate v;
java.util.function.Function v;
java.util.function.Supplier v;
java.util.List v, v;
java.util.stream.Stream v, v, v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
java.util.Optional v;
java.lang.Object v;
java.lang.String v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: org.springframework.security.oauth.core.oidc.user.OidcUser;
v = v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.util.List userClaimNames>;
v = interfaceinvoke v.<java.util.List: java.util.stream.Stream stream()>();
virtualinvoke v.<java.lang.Object: java.lang.Class getClass()>();
v = staticinvoke <org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler$getClaimAsString__30: java.util.function.Function bootstrap$(org.springframework.security.oauth.core.oidc.user.OidcUser)>(v);
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
v = staticinvoke <org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler$nonNull__31: java.util.function.Predicate bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream filter(java.util.function.Predicate)>(v);
v = interfaceinvoke v.<java.util.stream.Stream: java.util.Optional findFirst()>();
v = staticinvoke <org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler$lambda_getIdentity_0__32: java.util.function.Supplier bootstrap$(org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler)>(v);
v = virtualinvoke v.<java.util.Optional: java.lang.Object orElseThrow(java.util.function.Supplier)>(v);
v = v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.util.List userIdentityMappings>;
v = staticinvoke <org.apache.nifi.authorization.util.IdentityMappingUtil: java.lang.String mapIdentity(java.lang.String,java.util.List)>(v, v);
return v;
}
private java.util.Set getGroups(org.springframework.security.oauth.core.oidc.user.OidcUser)
{
org.springframework.security.oauth.core.oidc.user.OidcUser v;
java.util.function.Function v;
java.util.List v, v;
java.util.stream.Stream v, v;
org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler v;
java.lang.Object v;
java.lang.String v, v, v;
java.util.stream.Collector v;
boolean v;
v := @this: org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler;
v := @parameter: org.springframework.security.oauth.core.oidc.user.OidcUser;
v = v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.lang.String groupsClaimName>;
if v == null goto label;
v = v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.lang.String groupsClaimName>;
v = virtualinvoke v.<java.lang.String: boolean isEmpty()>();
if v == 0 goto label;
label:
staticinvoke <java.util.Collections: java.util.Set emptySet()>();
goto label;
label:
v = v.<org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler: java.lang.String groupsClaimName>;
v = interfaceinvoke v.<org.springframework.security.oauth.core.oidc.user.OidcUser: java.util.List getClaimAsStringList(java.lang.String)>(v);
if v != null goto label;
v = staticinvoke <java.util.Collections: java.util.List emptyList()>();
goto label;
label:
v = v;
label:
v = interfaceinvoke v.<java.util.List: java.util.stream.Stream stream()>();
v = staticinvoke <org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler$lambda_getGroups_1__33: java.util.function.Function bootstrap$(org.apache.nifi.web.security.oidc.web.authentication.OidcAuthenticationSuccessHandler)>(v);
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
v = staticinvoke <java.util.stream.Collectors: java.util.stream.Collector toSet()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.lang.Object collect(java.util.stream.Collector)>(v);
label:
return v;
}
}