Example 1 with DefaultServiceMatchingStrategy
use of org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy in project cas by apereo.
the class DefaultCentralAuthenticationServiceTests method verifyDestroyRemoteRegistry.
/**
* This test checks that the TGT destruction happens properly for a remote registry.
* It previously failed when the deletion happens before the ticket was marked expired because an update was necessary for that.
*/
@Test
public void verifyDestroyRemoteRegistry() throws Exception {
val registry = new MockOnlyOneTicketRegistry();
val expirationPolicy = mock(ExpirationPolicy.class);
when(expirationPolicy.getClock()).thenReturn(Clock.systemUTC());
val tgt = new TicketGrantingTicketImpl("TGT-1", mock(Authentication.class), expirationPolicy);
registry.addTicket(tgt);
val servicesManager = mock(ServicesManager.class);
val applicationContext = new StaticApplicationContext();
applicationContext.refresh();
val context = CentralAuthenticationServiceContext.builder().applicationContext(applicationContext).ticketRegistry(registry).servicesManager(servicesManager).principalFactory(PrincipalFactoryUtils.newPrincipalFactory()).cipherExecutor(CipherExecutor.noOpOfStringToString()).registeredServiceAccessStrategyEnforcer(mock(AuditableExecution.class)).serviceMatchingStrategy(new DefaultServiceMatchingStrategy(servicesManager)).lockRepository(LockRepository.asDefault()).build();
val cas = new DefaultCentralAuthenticationService(context);
cas.deleteTicket(tgt.getId());
}
Also used :
lombok.val(lombok.val)
StaticApplicationContext(org.springframework.context.support.StaticApplicationContext)
DefaultServiceMatchingStrategy(org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy)
Authentication(org.apereo.cas.authentication.Authentication)
TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl)
MockOnlyOneTicketRegistry(org.apereo.cas.util.MockOnlyOneTicketRegistry)
Test(org.junit.jupiter.api.Test)
Example 2 with DefaultServiceMatchingStrategy
use of org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy in project cas by apereo.
the class DefaultCentralAuthenticationServiceMockitoTests method prepareNewCAS.
@BeforeEach
public void prepareNewCAS() {
this.authentication = mock(Authentication.class);
when(this.authentication.getAuthenticationDate()).thenReturn(ZonedDateTime.now(ZoneOffset.UTC));
val metadata = new BasicCredentialMetaData(RegisteredServiceTestUtils.getCredentialsWithSameUsernameAndPassword("principal"));
val successes = new HashMap<String, AuthenticationHandlerExecutionResult>();
successes.put("handler1", new DefaultAuthenticationHandlerExecutionResult(mock(AuthenticationHandler.class), metadata));
when(this.authentication.getCredentials()).thenReturn(List.of(metadata));
when(this.authentication.getSuccesses()).thenReturn(successes);
when(this.authentication.getPrincipal()).thenReturn(PrincipalFactoryUtils.newPrincipalFactory().createPrincipal(PRINCIPAL));
val tgtRootMock = createRootTicketGrantingTicket();
val service1 = getService(SVC1_ID);
val stMock = createMockServiceTicket(ST_ID, service1);
val tgtMock = createMockTicketGrantingTicket(TGT_ID, stMock, false, tgtRootMock, new ArrayList<>());
when(tgtMock.getProxiedBy()).thenReturn(getService("proxiedBy"));
stMock.setTicketGrantingTicket(tgtMock);
val authnListMock = mock(List.class);
/*
* Size is required to be 2, so that
* we can simulate proxying capabilities
*/
when(authnListMock.size()).thenReturn(2);
when(authnListMock.toArray()).thenReturn(new Object[] { this.authentication, this.authentication });
when(authnListMock.get(anyInt())).thenReturn(this.authentication);
when(tgtMock.getChainedAuthentications()).thenReturn(authnListMock);
val service2 = getService(SVC2_ID);
val stMock2 = createMockServiceTicket(ST2_ID, service2);
val tgtMock2 = createMockTicketGrantingTicket(TGT2_ID, stMock2, false, tgtRootMock, authnListMock);
stMock2.setTicketGrantingTicket(tgtMock2);
mockTicketRegistry(stMock, tgtMock, stMock2, tgtMock2);
val smMock = getServicesManager(service1, service2);
val factory = getTicketFactory();
val authenticationRequestServiceSelectionStrategies = new DefaultAuthenticationServiceSelectionPlan(new DefaultAuthenticationServiceSelectionStrategy());
val enforcer = mock(AuditableExecution.class);
when(enforcer.execute(any())).thenReturn(new AuditableExecutionResult());
val applicationContext = new StaticApplicationContext();
applicationContext.refresh();
val context = CentralAuthenticationServiceContext.builder().applicationContext(applicationContext).ticketRegistry(ticketRegMock).servicesManager(smMock).ticketFactory(factory).lockRepository(LockRepository.asDefault()).authenticationServiceSelectionPlan(authenticationRequestServiceSelectionStrategies).authenticationPolicyFactory(new AcceptAnyAuthenticationPolicyFactory()).principalFactory(PrincipalFactoryUtils.newPrincipalFactory()).cipherExecutor(CipherExecutor.noOpOfStringToString()).registeredServiceAccessStrategyEnforcer(enforcer).serviceMatchingStrategy(new DefaultServiceMatchingStrategy(smMock)).build();
this.cas = new DefaultCentralAuthenticationService(context);
}
Also used :
lombok.val(lombok.val)
AcceptAnyAuthenticationPolicyFactory(org.apereo.cas.authentication.policy.AcceptAnyAuthenticationPolicyFactory)
DefaultAuthenticationServiceSelectionStrategy(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy)
HashMap(java.util.HashMap)
StaticApplicationContext(org.springframework.context.support.StaticApplicationContext)
DefaultAuthenticationServiceSelectionPlan(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan)
DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult)
DefaultServiceMatchingStrategy(org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy)
Authentication(org.apereo.cas.authentication.Authentication)
AuditableExecutionResult(org.apereo.cas.audit.AuditableExecutionResult)
BasicCredentialMetaData(org.apereo.cas.authentication.metadata.BasicCredentialMetaData)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Example 3 with DefaultServiceMatchingStrategy
use of org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy in project cas by apereo.
the class SamlServiceTests method verifyTargetMatchingSamlService.
@Test
public void verifyTargetMatchingSamlService() {
val request = new MockHttpServletRequest();
request.setParameter(SamlProtocolConstants.CONST_PARAM_TARGET, "https://some.service.edu/path/to/app");
val service = new DefaultArgumentExtractor(samlServiceFactory).extractService(request);
val impl = new DefaultArgumentExtractor(samlServiceFactory).extractService(request);
val manager = mock(ServicesManager.class);
assertTrue(new DefaultServiceMatchingStrategy(manager).matches(impl, service));
}
Also used :
lombok.val(lombok.val)
DefaultArgumentExtractor(org.apereo.cas.web.support.DefaultArgumentExtractor)
DefaultServiceMatchingStrategy(org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Test(org.junit.jupiter.api.Test)
Example 4 with DefaultServiceMatchingStrategy
use of org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy in project cas by apereo.
the class SamlServiceTests method verifyTargetMatchesNoSamlService.
@Test
public void verifyTargetMatchesNoSamlService() {
val request = new MockHttpServletRequest();
request.setParameter(SamlProtocolConstants.CONST_PARAM_TARGET, "https://some.service.edu/path/to/app");
val impl = new DefaultArgumentExtractor(samlServiceFactory).extractService(request);
val request2 = new MockHttpServletRequest();
request2.setParameter(SamlProtocolConstants.CONST_PARAM_TARGET, "https://some.SERVICE.edu");
val service = new DefaultArgumentExtractor(samlServiceFactory).extractService(request2);
val manager = mock(ServicesManager.class);
assertFalse(new DefaultServiceMatchingStrategy(manager).matches(impl, service));
}
Also used :
lombok.val(lombok.val)
DefaultArgumentExtractor(org.apereo.cas.web.support.DefaultArgumentExtractor)
DefaultServiceMatchingStrategy(org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Test(org.junit.jupiter.api.Test)
Aggregations
lombok.val (lombok.val)4
DefaultServiceMatchingStrategy (org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy)4
Test (org.junit.jupiter.api.Test)3
Authentication (org.apereo.cas.authentication.Authentication)2
DefaultArgumentExtractor (org.apereo.cas.web.support.DefaultArgumentExtractor)2
StaticApplicationContext (org.springframework.context.support.StaticApplicationContext)2
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2
HashMap (java.util.HashMap)1
AuditableExecutionResult (org.apereo.cas.audit.AuditableExecutionResult)1
DefaultAuthenticationHandlerExecutionResult (org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult)1
DefaultAuthenticationServiceSelectionPlan (org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan)1
DefaultAuthenticationServiceSelectionStrategy (org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy)1
BasicCredentialMetaData (org.apereo.cas.authentication.metadata.BasicCredentialMetaData)1
AcceptAnyAuthenticationPolicyFactory (org.apereo.cas.authentication.policy.AcceptAnyAuthenticationPolicyFactory)1
TicketGrantingTicketImpl (org.apereo.cas.ticket.TicketGrantingTicketImpl)1
MockOnlyOneTicketRegistry (org.apereo.cas.util.MockOnlyOneTicketRegistry)1
BeforeEach (org.junit.jupiter.api.BeforeEach)1
