Examples with Service org.apereo.cas.authentication.principal.Service used on opensource projects

Search in sources :

Example 11 with Service

use of org.apereo.cas.authentication.principal.Service in project cas by apereo.

the class HazelcastTicketRegistryReplicationTests method verifyDeleteTicketWithPGT.

@Test
public void verifyDeleteTicketWithPGT() {
    final Authentication a = CoreAuthenticationTestUtils.getAuthentication();
    this.hzTicketRegistry1.addTicket(new TicketGrantingTicketImpl(TGT_ID, a, new NeverExpiresExpirationPolicy()));
    final TicketGrantingTicket tgt = this.hzTicketRegistry1.getTicket(TGT_ID, TicketGrantingTicket.class);
    final Service service = RegisteredServiceTestUtils.getService("TGT_DELETE_TEST");
    final ServiceTicket st1 = tgt.grantServiceTicket(ST_ID_1, service, new NeverExpiresExpirationPolicy(), false, true);
    this.hzTicketRegistry1.addTicket(st1);
    assertNotNull(this.hzTicketRegistry1.getTicket(TGT_ID, TicketGrantingTicket.class));
    assertNotNull(this.hzTicketRegistry1.getTicket(ST_ID_1, ServiceTicket.class));
    final ProxyGrantingTicket pgt = st1.grantProxyGrantingTicket(PGT_ID_1, a, new NeverExpiresExpirationPolicy());
    assertEquals(a, pgt.getAuthentication());
    this.hzTicketRegistry1.addTicket(pgt);
    this.hzTicketRegistry1.updateTicket(tgt);
    assertSame(3, this.hzTicketRegistry1.deleteTicket(tgt.getId()));
    assertNull(this.hzTicketRegistry1.getTicket(TGT_ID, TicketGrantingTicket.class));
    assertNull(this.hzTicketRegistry1.getTicket(ST_ID_1, ServiceTicket.class));
    assertNull(this.hzTicketRegistry1.getTicket(PGT_ID_1, ProxyGrantingTicket.class));
}
Also used : NeverExpiresExpirationPolicy(org.apereo.cas.ticket.support.NeverExpiresExpirationPolicy) Authentication(org.apereo.cas.authentication.Authentication) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Service(org.apereo.cas.authentication.principal.Service) TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl) MockServiceTicket(org.apereo.cas.mock.MockServiceTicket) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) ProxyGrantingTicket(org.apereo.cas.ticket.proxy.ProxyGrantingTicket) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 12 with Service

use of org.apereo.cas.authentication.principal.Service in project cas by apereo.

the class HazelcastTicketRegistryReplicationTests method verifyDeleteTicketWithChildren.

@Test
public void verifyDeleteTicketWithChildren() throws Exception {
    this.hzTicketRegistry1.addTicket(new TicketGrantingTicketImpl(TGT_ID, CoreAuthenticationTestUtils.getAuthentication(), new NeverExpiresExpirationPolicy()));
    final TicketGrantingTicket tgt = this.hzTicketRegistry1.getTicket(TGT_ID, TicketGrantingTicket.class);
    final Service service = RegisteredServiceTestUtils.getService("TGT_DELETE_TEST");
    final ServiceTicket st1 = tgt.grantServiceTicket(ST_ID_1, service, new NeverExpiresExpirationPolicy(), false, false);
    final ServiceTicket st2 = tgt.grantServiceTicket("ST2", service, new NeverExpiresExpirationPolicy(), false, false);
    final ServiceTicket st3 = tgt.grantServiceTicket("ST3", service, new NeverExpiresExpirationPolicy(), false, false);
    this.hzTicketRegistry1.addTicket(st1);
    this.hzTicketRegistry1.addTicket(st2);
    this.hzTicketRegistry1.addTicket(st3);
    this.hzTicketRegistry1.updateTicket(tgt);
    assertNotNull(this.hzTicketRegistry1.getTicket(tgt.getId(), TicketGrantingTicket.class));
    assertNotNull(this.hzTicketRegistry1.getTicket(ST_ID_1, ServiceTicket.class));
    assertNotNull(this.hzTicketRegistry1.getTicket("ST2", ServiceTicket.class));
    assertNotNull(this.hzTicketRegistry1.getTicket("ST3", ServiceTicket.class));
    assertTrue("TGT and children were deleted", this.hzTicketRegistry1.deleteTicket(tgt.getId()) > 0);
    assertNull(this.hzTicketRegistry1.getTicket(tgt.getId(), TicketGrantingTicket.class));
    assertNull(this.hzTicketRegistry1.getTicket(ST_ID_1, ServiceTicket.class));
    assertNull(this.hzTicketRegistry1.getTicket("ST2", ServiceTicket.class));
    assertNull(this.hzTicketRegistry1.getTicket("ST3", ServiceTicket.class));
}
Also used : NeverExpiresExpirationPolicy(org.apereo.cas.ticket.support.NeverExpiresExpirationPolicy) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Service(org.apereo.cas.authentication.principal.Service) TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl) MockServiceTicket(org.apereo.cas.mock.MockServiceTicket) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 13 with Service

use of org.apereo.cas.authentication.principal.Service in project cas by apereo.

the class AbstractSamlProfileHandlerController method registerCallback.

/**
     * Initialize callback service.
     *
     * @param callbackUrl the callback url
     * @return the service
     */
protected Service registerCallback(final String callbackUrl) {
    final Service callbackService = this.webApplicationServiceFactory.createService(this.serverPrefix.concat(callbackUrl.concat(".+")));
    if (!this.servicesManager.matchesExistingService(callbackService)) {
        LOGGER.debug("Initializing callback service [{}]", callbackService);
        final RegexRegisteredService service = new RegexRegisteredService();
        service.setId(Math.abs(new SecureRandom().nextLong()));
        service.setEvaluationOrder(0);
        service.setName(service.getClass().getSimpleName());
        service.setDescription("SAML Authentication Request");
        service.setServiceId(callbackService.getId());
        LOGGER.debug("Saving callback service [{}] into the registry", service);
        this.servicesManager.save(service);
        this.servicesManager.load();
    }
    return callbackService;
}
Also used : RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) SecureRandom(java.security.SecureRandom) RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService)

Example 14 with Service

use of org.apereo.cas.authentication.principal.Service in project cas by apereo.

the class MemCacheTicketRegistryTests method verifyDeleteTicketWithChildren.

@Test
public void verifyDeleteTicketWithChildren() throws Exception {
    this.registry.addTicket(new TicketGrantingTicketImpl(TGT_ID, CoreAuthenticationTestUtils.getAuthentication(), new NeverExpiresExpirationPolicy()));
    final TicketGrantingTicket tgt = this.registry.getTicket(TGT_ID, TicketGrantingTicket.class);
    final Service service = RegisteredServiceTestUtils.getService("TGT_DELETE_TEST");
    final ServiceTicket st1 = tgt.grantServiceTicket(ST_1_ID, service, new NeverExpiresExpirationPolicy(), false, false);
    final ServiceTicket st2 = tgt.grantServiceTicket("ST2", service, new NeverExpiresExpirationPolicy(), false, false);
    final ServiceTicket st3 = tgt.grantServiceTicket("ST3", service, new NeverExpiresExpirationPolicy(), false, false);
    this.registry.addTicket(st1);
    this.registry.addTicket(st2);
    this.registry.addTicket(st3);
    this.registry.updateTicket(tgt);
    assertNotNull(this.registry.getTicket(TGT_ID, TicketGrantingTicket.class));
    assertNotNull(this.registry.getTicket(ST_1_ID, ServiceTicket.class));
    assertNotNull(this.registry.getTicket("ST2", ServiceTicket.class));
    assertNotNull(this.registry.getTicket("ST3", ServiceTicket.class));
    this.registry.deleteTicket(tgt.getId());
    assertNull(this.registry.getTicket(TGT_ID, TicketGrantingTicket.class));
    assertNull(this.registry.getTicket(ST_1_ID, ServiceTicket.class));
    assertNull(this.registry.getTicket("ST2", ServiceTicket.class));
    assertNull(this.registry.getTicket("ST3", ServiceTicket.class));
}
Also used : NeverExpiresExpirationPolicy(org.apereo.cas.ticket.support.NeverExpiresExpirationPolicy) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Service(org.apereo.cas.authentication.principal.Service) TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl) MockServiceTicket(org.apereo.cas.mock.MockServiceTicket) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) Test(org.junit.Test)

Example 15 with Service

use of org.apereo.cas.authentication.principal.Service in project cas by apereo.

the class OAuth20AccessTokenEndpointController method handleRequestInternal.

/**
     * Handle request internal model and view.
     *
     * @param request  the request
     * @param response the response
     * @return the model and view
     * @throws Exception the exception
     */
@PostMapping(path = OAuthConstants.BASE_OAUTH20_URL + '/' + OAuthConstants.ACCESS_TOKEN_URL)
public ModelAndView handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response) throws Exception {
    try {
        response.setContentType(MediaType.TEXT_PLAIN_VALUE);
        if (!verifyAccessTokenRequest(request, response)) {
            LOGGER.error("Access token request verification fails");
            return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_REQUEST);
        }
        final String grantType = request.getParameter(OAuthConstants.GRANT_TYPE);
        final Service service;
        final Authentication authentication;
        final boolean generateRefreshToken;
        final OAuthRegisteredService registeredService;
        final J2EContext context = WebUtils.getPac4jJ2EContext(request, response);
        final ProfileManager manager = WebUtils.getPac4jProfileManager(request, response);
        if (isGrantType(grantType, OAuth20GrantTypes.AUTHORIZATION_CODE) || isGrantType(grantType, OAuth20GrantTypes.REFRESH_TOKEN)) {
            final Optional<UserProfile> profile = manager.get(true);
            final String clientId = profile.get().getId();
            registeredService = OAuthUtils.getRegisteredOAuthService(getServicesManager(), clientId);
            // we generate a refresh token if requested by the service but not from a refresh token
            generateRefreshToken = registeredService != null && registeredService.isGenerateRefreshToken() && isGrantType(grantType, OAuth20GrantTypes.AUTHORIZATION_CODE);
            final String parameterName;
            if (isGrantType(grantType, OAuth20GrantTypes.AUTHORIZATION_CODE)) {
                parameterName = OAuthConstants.CODE;
            } else {
                parameterName = OAuthConstants.REFRESH_TOKEN;
            }
            final OAuthToken token = getToken(request, parameterName);
            if (token == null) {
                LOGGER.error("No token found for authorization_code or refresh_token grant types");
                return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_GRANT);
            }
            service = token.getService();
            authentication = token.getAuthentication();
        } else {
            final String clientId = request.getParameter(OAuthConstants.CLIENT_ID);
            registeredService = OAuthUtils.getRegisteredOAuthService(getServicesManager(), clientId);
            generateRefreshToken = registeredService != null && registeredService.isGenerateRefreshToken();
            try {
                // resource owner password grant type
                final Optional<OAuthUserProfile> profile = manager.get(true);
                if (!profile.isPresent()) {
                    throw new UnauthorizedServiceException("OAuth user profile cannot be determined");
                }
                service = createService(registeredService, context);
                authentication = createAuthentication(profile.get(), registeredService, context, service);
                RegisteredServiceAccessStrategyUtils.ensurePrincipalAccessIsAllowedForService(service, registeredService, authentication);
            } catch (final Exception e) {
                LOGGER.error(e.getMessage(), e);
                return OAuthUtils.writeTextError(response, OAuthConstants.INVALID_GRANT);
            }
        }
        final AccessToken accessToken = generateAccessToken(service, authentication, context);
        RefreshToken refreshToken = null;
        if (generateRefreshToken) {
            refreshToken = this.refreshTokenFactory.create(service, authentication);
            getTicketRegistry().addTicket(refreshToken);
        }
        LOGGER.debug("access token: [{}] / timeout: [{}] / refresh token: [{}]", accessToken, casProperties.getTicket().getTgt().getTimeToKillInSeconds(), refreshToken);
        final String responseType = context.getRequestParameter(OAuthConstants.RESPONSE_TYPE);
        final OAuth20ResponseTypes type = Arrays.stream(OAuth20ResponseTypes.values()).filter(t -> t.getType().equalsIgnoreCase(responseType)).findFirst().orElse(OAuth20ResponseTypes.CODE);
        this.accessTokenResponseGenerator.generate(request, response, registeredService, service, accessToken, refreshToken, casProperties.getTicket().getTgt().getTimeToKillInSeconds(), type);
        getTicketRegistry().addTicket(accessToken);
        response.setStatus(HttpServletResponse.SC_OK);
        return null;
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
        throw Throwables.propagate(e);
    }
}
Also used : ProfileManager(org.pac4j.core.profile.ProfileManager) OAuth20ResponseTypes(org.apereo.cas.support.oauth.OAuth20ResponseTypes) OAuthUserProfile(org.apereo.cas.support.oauth.profile.OAuthUserProfile) UserProfile(org.pac4j.core.profile.UserProfile) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) Service(org.apereo.cas.authentication.principal.Service) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) J2EContext(org.pac4j.core.context.J2EContext) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) OAuthToken(org.apereo.cas.ticket.OAuthToken) RefreshToken(org.apereo.cas.ticket.refreshtoken.RefreshToken) Authentication(org.apereo.cas.authentication.Authentication) AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken) OAuthUserProfile(org.apereo.cas.support.oauth.profile.OAuthUserProfile) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Aggregations

Service (org.apereo.cas.authentication.principal.Service)162 lombok.val (lombok.val)54 RegisteredService (org.apereo.cas.services.RegisteredService)53 Authentication (org.apereo.cas.authentication.Authentication)44 Test (org.junit.Test)36 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)34 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)31 Slf4j (lombok.extern.slf4j.Slf4j)30 CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)26 WebApplicationService (org.apereo.cas.authentication.principal.WebApplicationService)25 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)25 ServiceTicket (org.apereo.cas.ticket.ServiceTicket)25 Test (org.junit.jupiter.api.Test)25 Optional (java.util.Optional)24 HttpServletRequest (javax.servlet.http.HttpServletRequest)23 StringUtils (org.apache.commons.lang3.StringUtils)18 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)18 AbstractWebApplicationService (org.apereo.cas.authentication.principal.AbstractWebApplicationService)17 UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)17 HashMap (java.util.HashMap)16
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial