Example 16 with Service
use of org.apereo.cas.authentication.principal.Service in project cas by apereo.
the class BaseWSFederationRequestController method registerCallback.
/**
* Register callback service.
*
* @param callbackUrl the callback url
* @return the service
*/
private Service registerCallback(final String callbackUrl) {
final Service callbackService = this.webApplicationServiceFactory.createService(callbackUrl);
if (!this.servicesManager.matchesExistingService(callbackService)) {
LOGGER.debug("Initializing callback service [{}]", callbackService);
final RegexRegisteredService service = new RegexRegisteredService();
service.setId(Math.abs(new SecureRandom().nextLong()));
service.setEvaluationOrder(0);
service.setName(service.getClass().getSimpleName());
service.setDescription("WS-Federation Authentication Request");
service.setServiceId(callbackService.getId().concat(".+"));
LOGGER.debug("Saving callback service [{}] into the registry", service);
this.servicesManager.save(service);
this.servicesManager.load();
}
return callbackService;
}
Also used :
RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
WSFederationRegisteredService(org.apereo.cas.ws.idp.services.WSFederationRegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
SecureRandom(java.security.SecureRandom)
RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService)
Example 17 with Service
use of org.apereo.cas.authentication.principal.Service in project cas by apereo.
the class OAuthUserAuthenticator method validate.
@Override
public void validate(final UsernamePasswordCredentials credentials, final WebContext context) throws CredentialsException {
final UsernamePasswordCredential casCredential = new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
try {
final String clientId = context.getRequestParameter(OAuthConstants.CLIENT_ID);
final Service service = this.webApplicationServiceFactory.createService(clientId);
final RegisteredService registeredService = OAuthUtils.getRegisteredOAuthService(this.servicesManager, clientId);
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService);
final AuthenticationResult authenticationResult = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(null, casCredential);
final Authentication authentication = authenticationResult.getAuthentication();
final Principal principal = authentication.getPrincipal();
final OAuthUserProfile profile = new OAuthUserProfile();
final String id = registeredService.getUsernameAttributeProvider().resolveUsername(principal, service);
LOGGER.debug("Created profile id [{}]", id);
profile.setId(id);
final Map<String, Object> attributes = registeredService.getAttributeReleasePolicy().getAttributes(principal, registeredService);
profile.addAttributes(attributes);
LOGGER.debug("Authenticated user profile [{}]", profile);
credentials.setUserProfile(profile);
} catch (final Exception e) {
throw new CredentialsException("Cannot login user using CAS internal authentication", e);
}
}
Also used :
RegisteredService(org.apereo.cas.services.RegisteredService)
Authentication(org.apereo.cas.authentication.Authentication)
RegisteredService(org.apereo.cas.services.RegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
CredentialsException(org.pac4j.core.exception.CredentialsException)
UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)
OAuthUserProfile(org.apereo.cas.support.oauth.profile.OAuthUserProfile)
Principal(org.apereo.cas.authentication.principal.Principal)
CredentialsException(org.pac4j.core.exception.CredentialsException)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
Example 18 with Service
use of org.apereo.cas.authentication.principal.Service in project cas by apereo.
the class PersonDirectoryAttributeResolutionController method releasePrincipalAttributes.
/**
* Release principal attributes map.
*
* @param username the username
* @param password the password
* @param service the service
* @param request the request
* @param response the response
* @return the map
* @throws Exception the exception
*/
@PostMapping(value = "/releaseattrs")
@ResponseBody
public Map<String, Object> releasePrincipalAttributes(@RequestParam final String username, @RequestParam final String password, @RequestParam final String service, final HttpServletRequest request, final HttpServletResponse response) throws Exception {
ensureEndpointAccessIsAuthorized(request, response);
final Map<String, Object> resValidation = new HashMap<>();
final Service selectedService = this.serviceFactory.createService(service);
final RegisteredService registeredService = this.servicesManager.findServiceBy(selectedService);
final UsernamePasswordCredential credential = new UsernamePasswordCredential(username, password);
final AuthenticationResult result = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(selectedService, credential);
final Authentication authentication = result.getAuthentication();
final Principal principal = authentication.getPrincipal();
final Map<String, Object> attributesToRelease = registeredService.getAttributeReleasePolicy().getAttributes(principal, selectedService, registeredService);
final String principalId = registeredService.getUsernameAttributeProvider().resolveUsername(principal, selectedService, registeredService);
final Principal modifiedPrincipal = this.principalFactory.createPrincipal(principalId, attributesToRelease);
final AuthenticationBuilder builder = DefaultAuthenticationBuilder.newInstance(authentication);
builder.setPrincipal(modifiedPrincipal);
final Authentication finalAuthentication = builder.build();
final Assertion assertion = new DefaultAssertionBuilder(finalAuthentication).with(selectedService).with(CollectionUtils.wrap(finalAuthentication)).build();
final Map<String, Object> model = new LinkedHashMap<>();
model.put(CasViewConstants.MODEL_ATTRIBUTE_NAME_ASSERTION, assertion);
model.put(CasViewConstants.MODEL_ATTRIBUTE_NAME_SERVICE, selectedService);
resValidation.put("registeredService", registeredService);
String copy = renderViewAndGetResult(this.cas1ServiceSuccessView, model, request, response).getKey().getCopy();
resValidation.put("cas1Response", StringEscapeUtils.escapeXml11(copy));
if (casProperties.getView().getCas2().isV3ForwardCompatible()) {
copy = renderViewAndGetResult(this.cas3ServiceSuccessView, model, request, response).getKey().getCopy();
} else {
copy = renderViewAndGetResult(this.cas2ServiceSuccessView, model, request, response).getKey().getCopy();
}
resValidation.put("cas2Response", StringEscapeUtils.escapeXml11(copy));
copy = renderViewAndGetResult(this.cas3ServiceSuccessView, model, request, response).getKey().getCopy();
resValidation.put("cas3XmlResponse", StringEscapeUtils.escapeXml11(copy));
copy = renderViewAndGetResult(this.cas3ServiceJsonView, model, request, response).getValue().getStringCopy();
resValidation.put("cas3JsonResponse", copy);
response.reset();
return resValidation;
}
Also used :
RegisteredService(org.apereo.cas.services.RegisteredService)
DefaultAuthenticationBuilder(org.apereo.cas.authentication.DefaultAuthenticationBuilder)
AuthenticationBuilder(org.apereo.cas.authentication.AuthenticationBuilder)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Assertion(org.apereo.cas.validation.Assertion)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
RegisteredService(org.apereo.cas.services.RegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
LinkedHashMap(java.util.LinkedHashMap)
DefaultAssertionBuilder(org.apereo.cas.validation.DefaultAssertionBuilder)
Authentication(org.apereo.cas.authentication.Authentication)
UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)
Principal(org.apereo.cas.authentication.principal.Principal)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 19 with Service
use of org.apereo.cas.authentication.principal.Service in project cas by apereo.
the class JWTServiceTicketResourceEntityResponseFactoryTests method verifyServiceTicketAsJwt.
@Test
public void verifyServiceTicketAsJwt() throws Exception {
final AuthenticationResult result = CoreAuthenticationTestUtils.getAuthenticationResult(authenticationSystemSupport, CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword("casuser"));
final TicketGrantingTicket tgt = centralAuthenticationService.createTicketGrantingTicket(result);
final Service service = RegisteredServiceTestUtils.getService("jwtservice");
final ResponseEntity<String> response = serviceTicketResourceEntityResponseFactory.build(tgt.getId(), service, result);
assertNotNull(response);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertFalse(response.getBody().startsWith(ServiceTicket.PREFIX));
final Object jwt = this.tokenCipherExecutor.decode(response.getBody());
final JWTClaimsSet claims = JWTClaimsSet.parse(jwt.toString());
assertEquals(claims.getSubject(), tgt.getAuthentication().getPrincipal().getId());
}
Also used :
TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService)
Service(org.apereo.cas.authentication.principal.Service)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Test(org.junit.Test)
Example 20 with Service
use of org.apereo.cas.authentication.principal.Service in project cas by apereo.
the class JWTServiceTicketResourceEntityResponseFactoryTests method verifyServiceTicketAsDefault.
@Test
public void verifyServiceTicketAsDefault() {
final AuthenticationResult result = CoreAuthenticationTestUtils.getAuthenticationResult(authenticationSystemSupport);
final TicketGrantingTicket tgt = centralAuthenticationService.createTicketGrantingTicket(result);
final Service service = RegisteredServiceTestUtils.getService("test");
final ResponseEntity<String> response = serviceTicketResourceEntityResponseFactory.build(tgt.getId(), service, result);
assertNotNull(response);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
Also used :
TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket)
CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService)
Service(org.apereo.cas.authentication.principal.Service)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Test(org.junit.Test)
Aggregations
Service (org.apereo.cas.authentication.principal.Service)162
lombok.val (lombok.val)54
RegisteredService (org.apereo.cas.services.RegisteredService)53
Authentication (org.apereo.cas.authentication.Authentication)44
Test (org.junit.Test)36
TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)34
AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)31
Slf4j (lombok.extern.slf4j.Slf4j)30
CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)26
WebApplicationService (org.apereo.cas.authentication.principal.WebApplicationService)25
CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)25
ServiceTicket (org.apereo.cas.ticket.ServiceTicket)25
Test (org.junit.jupiter.api.Test)25
Optional (java.util.Optional)24
HttpServletRequest (javax.servlet.http.HttpServletRequest)23
StringUtils (org.apache.commons.lang3.StringUtils)18
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)18
AbstractWebApplicationService (org.apereo.cas.authentication.principal.AbstractWebApplicationService)17
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)17
HashMap (java.util.HashMap)16
