Re: initialializers documentation

[Ernesto Reinaldo Barreiro]

Thanks for your super fast reply.

On Wed, Jan 19, 2022 at 4:16 PM Sven Meier  wrote:

> Hi Ernesto,
>
> yes, that is outdated, see
>
>  https://issues.apache.org/jira/browse/WICKET-5997
>
> Sven
>
>
> On 19.01.22 16:10, Ernesto Reinaldo Barreiro wrote:
> > Hi,
> >
> > A colleague pointed me to
> >
> > https://nightlies.apache.org/wicket/guide/9.x/single.html#_initializers
> >
> > and remarked that we are using them differently. I digged the source code
> > and it seems this is  now working by means of
> >
> > https://docs.oracle.com/javase/9/docs/api/java/util/ServiceLoader.html
> >
> > Is the documentation outdated?
> >
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>

-- 
Regards - Ernesto Reinaldo Barreiro

Re: initialializers documentation

[Sven Meier]

Hi Ernesto,

yes, that is outdated, see

    https://issues.apache.org/jira/browse/WICKET-5997

Sven


On 19.01.22 16:10, Ernesto Reinaldo Barreiro wrote:

Hi,

A colleague pointed me to

https://nightlies.apache.org/wicket/guide/9.x/single.html#_initializers

and remarked that we are using them differently. I digged the source code
and it seems this is  now working by means of

https://docs.oracle.com/javase/9/docs/api/java/util/ServiceLoader.html

Is the documentation outdated?



-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

initialializers documentation

[Ernesto Reinaldo Barreiro]

Hi,

A colleague pointed me to

https://nightlies.apache.org/wicket/guide/9.x/single.html#_initializers

and remarked that we are using them differently. I digged the source code
and it seems this is  now working by means of

https://docs.oracle.com/javase/9/docs/api/java/util/ServiceLoader.html

Is the documentation outdated?

-- 
Regards - Ernesto Reinaldo Barreiro

Re: OAuth authentication

[Emond Papegaaij]

I've received the code from Martijn Dashorst. It should be enough to get
you up and running.
This page is mounted like this: mountPage("/oidc/#{action}",
KeyhubOidcPage.class);
Redirect to this page to start the authentication.


package nl.topicus.iridium.conversie.web.pages.public_pages.keyhub;

import static 
nl.topicus.iridium.conversie.keyhub.KeyhubEnvironmentVariables.Names.*;

import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import nl.topicus.iridium.conversie.environment.Environment;
import nl.topicus.iridium.conversie.web.app.ConversieWebSession;
import nl.topicus.iridium.conversie.web.pages.dashboard.DashboardPage;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.request.Url;
import org.apache.wicket.request.http.WebRequest;
import org.apache.wicket.request.http.WebResponse;
import org.apache.wicket.request.mapper.parameter.PageParameters;
import org.pac4j.core.context.JEEContext;
import org.pac4j.core.context.session.JEESessionStore;
import org.pac4j.core.exception.http.RedirectionAction;
import org.pac4j.core.http.adapter.JEEHttpActionAdapter;
import org.pac4j.oidc.client.OidcClient;
import org.pac4j.oidc.config.OidcConfiguration;
import org.pac4j.oidc.credentials.OidcCredentials;
import org.pac4j.oidc.profile.OidcProfile;

public class KeyhubOidcPage extends WebPage
{
private static final long serialVersionUID = 1L;

@Inject
private Environment environment;

public KeyhubOidcPage(PageParameters pars)
{
super(pars);

OidcConfiguration configuration = new OidcConfiguration();

configuration.setClientId(environment.getRequiredValue(KEYHUB_API_CLIENTID));

configuration.setSecret(environment.getRequiredValue(KEYHUB_API_SECRET));
configuration.setConnectTimeout(2000);
configuration.setReadTimeout(5000);
configuration

.setDiscoveryURI("https://keyhub.topicusonderwijs.nl/.well-known/openid-configuration;);

HttpServletRequest request =
(HttpServletRequest) ((WebRequest) 
getRequest()).getContainerRequest();
HttpServletResponse response =
(HttpServletResponse) ((WebResponse) 
getResponse()).getContainerResponse();

JEEContext context = new JEEContext(request, response);

OidcClient keyhub = new OidcClient(configuration);
keyhub.setCallbackUrl(getAuthenticateCallbackUrl());

if (pars.isEmpty())
{
keyhub.getRedirectionAction(context, 
JEESessionStore.INSTANCE)
.ifPresent(action -> apply(action, context));
}
else
{
OidcCredentials credentials =
(OidcCredentials) keyhub.getCredentials(context,
JEESessionStore.INSTANCE).get();
OidcProfile profile =
(OidcProfile) 
keyhub.getUserProfile(credentials, context,
JEESessionStore.INSTANCE)
.get();

ConversieWebSession.get().setKeyhubProfile(profile);
continueToOriginalDestination();
setResponsePage(DashboardPage.class);
}
}

private String getAuthenticateCallbackUrl()
{
PageParameters callbackPars = new PageParameters();
callbackPars.set("action", "callback");

return getRequestCycle().getUrlRenderer()
.renderFullUrl(Url.parse(urlFor(KeyhubOidcPage.class, 
callbackPars)))
.toString();
}

private void apply(RedirectionAction action, JEEContext context)
{
JEEHttpActionAdapter.INSTANCE.adapt(action, context);
}
}


On Wed, Jan 19, 2022 at 8:36 AM Emond Papegaaij 
wrote:

> Hi Boris,
>
> I would go for pac4j-oidc. It does not provide Wicket integration out of
> the box, but it is very easy to setup and you only need a few lines of code
> to check the authentication. Perhaps @dashorst can share the code:
> https://twitter.com/dashorst/status/280001847054336
>
> You can find an example of the pac4j code in a presentation a gave some
> time ago:
> https://blog.topicus-keyhub.com/oauth-2-0-demystified-j-spring-2019/
>
> Best regards,
> Emond
>
> On Tue, Jan 18, 2022 at 11:39 PM Boris Goldowsky 
> wrote:
>
>> What is the current best practice for allowing users to sign in to a
>> Wicket application using an OAuth2 provider (eg Google account, Twitter,
>> Canvas, etc).
>>
>>   *   Is Apache Shiro a possibility?  Looks like it’s got some Wicket
>> integration, but OAuth2 is listed as “coming”.
>>   *   PicketLink?
>>   *   Something from