allow to remove or replace a specific default matcher or autorizer by name
30 views
Skip to first unread message
Benjamin Dansokho
Aug 13, 2022, 2:57:15 PM8/13/22
to Pac4j development mailing list
My problem: I had a angular app authenticating through saml session. pac4j were sending csrftoken httpONly, so i had to use withCredentials when making http request with angular httpClientModule. The problems began when a request comes after two subsequent requests.
in that case the token sent by the browser is too old even if it's in the same second and then it is not seen by the crsfAutorizer as a current nor a previousToken. Moreoever before that i had to create an autorizer that would read into the cookies as the browser sent them because the default one looks only into header and request param.
Now this solve my issue but still i have to put my new autorizer into the config and now i see that i can only had new autorizers by beginning the matcher string with a "+" or i can replace them all. because the default one prevented my angular app to authentcate I had to replace it a thus I had to copy all the other default matchers so they're still existing in my new config.
This pull request tries to answer this problem by allow users to put at the end of the matcher (or autorizer) string a "-" specifying which of the default he wants to be removed from his config, the others would stay.
As an addendum I would think interesting to completely remove the new for this string for matcher or authorizer one could just give a map of the added matchers or a map of mathers that ovverides the defaults. For the case of removal the user would give a list of names in an enumeration that describe the default matchers
in that case the token sent by the browser is too old even if it's in the same second and then it is not seen by the crsfAutorizer as a current nor a previousToken. Moreoever before that i had to create an autorizer that would read into the cookies as the browser sent them because the default one looks only into header and request param.
Now this solve my issue but still i have to put my new autorizer into the config and now i see that i can only had new autorizers by beginning the matcher string with a "+" or i can replace them all. because the default one prevented my angular app to authentcate I had to replace it a thus I had to copy all the other default matchers so they're still existing in my new config.
This pull request tries to answer this problem by allow users to put at the end of the matcher (or autorizer) string a "-" specifying which of the default he wants to be removed from his config, the others would stay.
As an addendum I would think interesting to completely remove the new for this string for matcher or authorizer one could just give a map of the added matchers or a map of mathers that ovverides the defaults. For the case of removal the user would give a list of names in an enumeration that describe the default matchers
Jérôme LELEU
Aug 17, 2022, 2:51:11 AM8/17/22
to Benjamin Dansokho, Pac4j development mailing list
Feedbacks on the PR: https://github.com/pac4j/pac4j/pull/2301
--
You received this message because you are subscribed to the Google Groups "Pac4j development mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pac4j-dev+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pac4j-dev/b8f635e4-dde5-4f46-a37f-e4b6dd0e1682n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages