Example 11 with WebApplicationService
use of org.apereo.cas.authentication.principal.WebApplicationService in project cas by apereo.
the class TokenWebApplicationServiceResponseBuilder method buildInternal.
@Override
protected WebApplicationService buildInternal(final WebApplicationService service, final Map<String, String> parameters) {
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService);
final Map.Entry<String, RegisteredServiceProperty> property = registeredService.getProperties().entrySet().stream().filter(entry -> entry.getKey().equalsIgnoreCase(TokenConstants.PROPERTY_NAME_TOKEN_AS_RESPONSE) && BooleanUtils.toBoolean(entry.getValue().getValue())).distinct().findFirst().orElse(null);
if (property == null) {
return super.buildInternal(service, parameters);
}
final String jwt = generateToken(service, parameters);
final TokenWebApplicationService jwtService = new TokenWebApplicationService(service.getId(), service.getOriginalUrl(), service.getArtifactId());
jwtService.setFormat(service.getFormat());
jwtService.setLoggedOutAlready(service.isLoggedOutAlready());
parameters.put(CasProtocolConstants.PARAMETER_TICKET, jwt);
return jwtService;
}
Also used :
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
CasProtocolConstants(org.apereo.cas.CasProtocolConstants)
DateTimeUtils(org.apereo.cas.util.DateTimeUtils)
Cas30ServiceTicketValidator(org.jasig.cas.client.validation.Cas30ServiceTicketValidator)
ZonedDateTime(java.time.ZonedDateTime)
RegisteredServiceProperty(org.apereo.cas.services.RegisteredServiceProperty)
Throwables(com.google.common.base.Throwables)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
Autowired(org.springframework.beans.factory.annotation.Autowired)
BooleanUtils(org.apache.commons.lang3.BooleanUtils)
RegisteredServiceAccessStrategyUtils(org.apereo.cas.services.RegisteredServiceAccessStrategyUtils)
CipherExecutor(org.apereo.cas.CipherExecutor)
Assertion(org.jasig.cas.client.validation.Assertion)
RegisteredService(org.apereo.cas.services.RegisteredService)
AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
JSONObject(net.minidev.json.JSONObject)
Service(org.apereo.cas.authentication.principal.Service)
Map(java.util.Map)
ExpirationPolicy(org.apereo.cas.ticket.ExpirationPolicy)
WebApplicationServiceResponseBuilder(org.apereo.cas.authentication.principal.WebApplicationServiceResponseBuilder)
TokenConstants(org.apereo.cas.token.TokenConstants)
ServicesManager(org.apereo.cas.services.ServicesManager)
RegisteredServiceProperty(org.apereo.cas.services.RegisteredServiceProperty)
RegisteredService(org.apereo.cas.services.RegisteredService)
Map(java.util.Map)
Example 12 with WebApplicationService
use of org.apereo.cas.authentication.principal.WebApplicationService in project cas by apereo.
the class RegisteredServiceThemeBasedViewResolver method loadView.
@Override
protected View loadView(final String viewName, final Locale locale) throws Exception {
final View view = super.loadView(viewName, locale);
final RequestContext requestContext = RequestContextHolder.getRequestContext();
final WebApplicationService service;
final HttpServletResponse response;
final List<ArgumentExtractor> argumentExtractorList = Collections.singletonList(this.argumentExtractor);
if (requestContext != null) {
response = WebUtils.getHttpServletResponse(requestContext);
service = WebUtils.getService(argumentExtractorList, requestContext);
} else {
final HttpServletRequest request = WebUtils.getHttpServletRequestFromRequestAttributes();
service = WebUtils.getService(argumentExtractorList, request);
response = WebUtils.getHttpServletResponseFromRequestAttributes();
}
if (service == null) {
return view;
}
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
if (registeredService != null) {
try {
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService);
} catch (final Exception e) {
response.setStatus(HttpStatus.UNAUTHORIZED.value());
}
}
if (registeredService != null && StringUtils.hasText(registeredService.getTheme()) && view instanceof AbstractThymeleafView) {
LOGGER.debug("Attempting to locate views for service [{}] with theme [{}]", registeredService.getServiceId(), registeredService.getTheme());
final AbstractThymeleafView thymeleafView = (AbstractThymeleafView) view;
final String viewUrl = registeredService.getTheme() + '/' + thymeleafView.getTemplateName();
final String viewLocationUrl = prefix.concat(viewUrl).concat(suffix);
LOGGER.debug("Attempting to locate view at [{}]", viewLocationUrl);
final TemplateLocation location = new TemplateLocation(viewLocationUrl);
if (location.exists(getApplicationContext())) {
LOGGER.debug("Found view [{}]", viewUrl);
thymeleafView.setTemplateName(viewUrl);
} else {
LOGGER.debug("View [{}] does not exist. Falling back to default view at [{}]", viewLocationUrl, thymeleafView.getTemplateName());
}
}
return view;
}
Also used :
ArgumentExtractor(org.apereo.cas.web.support.ArgumentExtractor)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
RegisteredService(org.apereo.cas.services.RegisteredService)
TemplateLocation(org.springframework.boot.autoconfigure.template.TemplateLocation)
AbstractThymeleafView(org.thymeleaf.spring4.view.AbstractThymeleafView)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
RequestContext(org.springframework.webflow.execution.RequestContext)
AbstractThymeleafView(org.thymeleaf.spring4.view.AbstractThymeleafView)
View(org.springframework.web.servlet.View)
Example 13 with WebApplicationService
use of org.apereo.cas.authentication.principal.WebApplicationService in project cas by apereo.
the class AbstractSaml10ResponseView method renderMergedOutputModel.
@Override
protected void renderMergedOutputModel(final Map<String, Object> model, final HttpServletRequest request, final HttpServletResponse response) throws Exception {
String serviceId = null;
try {
response.setCharacterEncoding(this.encoding);
final WebApplicationService service = this.samlArgumentExtractor.extractService(request);
if (service == null || StringUtils.isBlank(service.getId())) {
serviceId = "UNKNOWN";
} else {
try {
serviceId = new URL(service.getId()).getHost();
} catch (final MalformedURLException e) {
LOGGER.debug(e.getMessage(), e);
}
}
LOGGER.debug("Using [{}] as the recipient of the SAML response for [{}]", serviceId, service);
final Response samlResponse = this.samlObjectBuilder.newResponse(this.samlObjectBuilder.generateSecureRandomId(), ZonedDateTime.now(ZoneOffset.UTC).minusSeconds(this.skewAllowance), serviceId, service);
LOGGER.debug("Created SAML response for service [{}]", serviceId);
prepareResponse(samlResponse, model);
LOGGER.debug("Starting to encode SAML response for service [{}]", serviceId);
this.samlObjectBuilder.encodeSamlResponse(response, request, samlResponse);
} catch (final Exception e) {
LOGGER.error("Error generating SAML response for service [{}].", serviceId, e);
throw e;
}
}
Also used :
Response(org.opensaml.saml.saml1.core.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
MalformedURLException(java.net.MalformedURLException)
URL(java.net.URL)
MalformedURLException(java.net.MalformedURLException)
Example 14 with WebApplicationService
use of org.apereo.cas.authentication.principal.WebApplicationService in project cas by apereo.
the class SamlServiceTests method verifyTargetMatchesNoSamlService.
@Test
public void verifyTargetMatchesNoSamlService() {
final MockHttpServletRequest request = new MockHttpServletRequest();
request.setParameter(SamlProtocolConstants.CONST_PARAM_TARGET, "https://some.service.edu/path/to/app");
final Service impl = new DefaultArgumentExtractor(new SamlServiceFactory()).extractService(request);
final MockHttpServletRequest request2 = new MockHttpServletRequest();
request2.setParameter(SamlProtocolConstants.CONST_PARAM_TARGET, "https://some.SERVICE.edu");
final WebApplicationService service = new DefaultArgumentExtractor(new SamlServiceFactory()).extractService(request2);
assertFalse(impl.matches(service));
}
Also used :
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
DefaultArgumentExtractor(org.apereo.cas.web.support.DefaultArgumentExtractor)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
Service(org.apereo.cas.authentication.principal.Service)
Test(org.junit.Test)
Example 15 with WebApplicationService
use of org.apereo.cas.authentication.principal.WebApplicationService in project cas by apereo.
the class SamlServiceTests method verifyTargetMatchesingSamlService.
@Test
public void verifyTargetMatchesingSamlService() {
final MockHttpServletRequest request = new MockHttpServletRequest();
request.setParameter(SamlProtocolConstants.CONST_PARAM_TARGET, "https://some.service.edu/path/to/app");
final WebApplicationService service = new DefaultArgumentExtractor(new SamlServiceFactory()).extractService(request);
final Service impl = new DefaultArgumentExtractor(new SamlServiceFactory()).extractService(request);
assertTrue(impl.matches(service));
}
Also used :
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
DefaultArgumentExtractor(org.apereo.cas.web.support.DefaultArgumentExtractor)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
Service(org.apereo.cas.authentication.principal.Service)
Test(org.junit.Test)
Aggregations
WebApplicationService (org.apereo.cas.authentication.principal.WebApplicationService)19
Test (org.junit.Test)8
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6
Service (org.apereo.cas.authentication.principal.Service)4
RegisteredService (org.apereo.cas.services.RegisteredService)4
URL (java.net.URL)3
HttpServletRequest (javax.servlet.http.HttpServletRequest)3
HttpServletResponse (javax.servlet.http.HttpServletResponse)3
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)3
TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)2
DefaultArgumentExtractor (org.apereo.cas.web.support.DefaultArgumentExtractor)2
Throwables (com.google.common.base.Throwables)1
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
InputStream (java.io.InputStream)1
MalformedURLException (java.net.MalformedURLException)1
ZonedDateTime (java.time.ZonedDateTime)1
ArrayList (java.util.ArrayList)1
Collection (java.util.Collection)1
Collections (java.util.Collections)1
