001/* 002 * Copyright 2024 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.ametys.plugins.extrausermgt.proxy; 017 018import org.apache.cocoon.environment.Request; 019import org.apache.http.client.methods.HttpUriRequest; 020 021import org.ametys.core.authentication.CredentialProvider; 022import org.ametys.plugins.extrausermgt.authentication.msal.AbstractMSALCredentialProvider; 023import org.ametys.plugins.site.proxy.SessionAttributeRequestProxy; 024import org.ametys.site.FrontAuthenticateAction; 025 026/** 027 * Request proxy to forward the MS authentication token to the back office. 028 * If needed, the token is refreshed before the forward 029 */ 030public class MSALSessionAttributeRequestProxy extends SessionAttributeRequestProxy 031{ 032 @Override 033 public void prepareBackOfficeRequest(Request request, HttpUriRequest backOfficeRequest) 034 { 035 CredentialProvider credentialProvider = FrontAuthenticateAction.getCredentialProviderFromSession(request); 036 if (credentialProvider instanceof AbstractMSALCredentialProvider msalCP) 037 { 038 try 039 { 040 msalCP.refreshTokenIfNeeded(request.getSession()); 041 super.prepareBackOfficeRequest(request, backOfficeRequest); 042 } 043 catch (Exception e) 044 { 045 getLogger().warn("An error prevented refreshing the token before forwaring it to the back office. See previous exception for more details", e); 046 } 047 } 048 } 049}