Examples with DefaultRegisteredServiceAccessStrategy org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy used on opensource projects

Search in sources :

Example 1 with DefaultRegisteredServiceAccessStrategy

use of org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy in project cas by apereo.

the class CentralAuthenticationServiceImplWithMockitoTests method createMockRegisteredService.

private static RegisteredService createMockRegisteredService(final String svcId, final boolean enabled, final RegisteredServiceProxyPolicy proxy) {
    final RegisteredService mockRegSvc = mock(RegisteredService.class);
    when(mockRegSvc.getServiceId()).thenReturn(svcId);
    when(mockRegSvc.getProxyPolicy()).thenReturn(proxy);
    when(mockRegSvc.getName()).thenReturn(svcId);
    when(mockRegSvc.matches(argThat(new VerifyServiceByIdMatcher(svcId)))).thenReturn(true);
    when(mockRegSvc.getAttributeReleasePolicy()).thenReturn(new ReturnAllAttributeReleasePolicy());
    when(mockRegSvc.getUsernameAttributeProvider()).thenReturn(new DefaultRegisteredServiceUsernameProvider());
    when(mockRegSvc.getAccessStrategy()).thenReturn(new DefaultRegisteredServiceAccessStrategy(enabled, true));
    return mockRegSvc;
}
Also used : ReturnAllAttributeReleasePolicy(org.apereo.cas.services.ReturnAllAttributeReleasePolicy) RegisteredService(org.apereo.cas.services.RegisteredService) DefaultRegisteredServiceUsernameProvider(org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)

Example 2 with DefaultRegisteredServiceAccessStrategy

use of org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy in project cas by apereo.

the class CasRegisteredServicesTestConfiguration method inMemoryRegisteredServices.

@Bean
public List inMemoryRegisteredServices() {
    final List l = new ArrayList();
    AbstractRegisteredService svc = RegisteredServiceTestUtils.getRegisteredService("testencryption$");
    final ReturnAllowedAttributeReleasePolicy policy = new ReturnAllowedAttributeReleasePolicy();
    policy.setAuthorizedToReleaseCredentialPassword(true);
    policy.setAuthorizedToReleaseProxyGrantingTicket(true);
    final RegisteredServicePublicKeyImpl publicKey = new RegisteredServicePublicKeyImpl();
    publicKey.setLocation("classpath:keys/RSA1024Public.key");
    svc.setPublicKey(publicKey);
    svc.setAttributeReleasePolicy(policy);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("testDefault");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://example\\.com/normal/.*");
    svc.setEvaluationOrder(10);
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://example\\.com/high/.*");
    svc.setEvaluationOrder(20);
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    final HashSet handlers = CollectionUtils.wrapHashSet(AcceptUsersAuthenticationHandler.class.getSimpleName(), TestOneTimePasswordAuthenticationHandler.class.getSimpleName());
    svc.setRequiredHandlers(handlers);
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("(https://)*google.com$");
    svc.setEvaluationOrder(1);
    svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+"));
    svc.setPublicKey(new RegisteredServicePublicKeyImpl("classpath:keys/RSA4096Public.key", "RSA"));
    final ReturnAllowedAttributeReleasePolicy policy1 = new ReturnAllowedAttributeReleasePolicy();
    policy1.setAuthorizedToReleaseCredentialPassword(true);
    policy1.setAuthorizedToReleaseProxyGrantingTicket(true);
    svc.setAttributeReleasePolicy(policy1);
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("eduPersonTest");
    svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("eduPersonAffiliation"));
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("testencryption$");
    final ReturnAllowedAttributeReleasePolicy policy2 = new ReturnAllowedAttributeReleasePolicy();
    policy2.setAuthorizedToReleaseCredentialPassword(true);
    policy2.setAuthorizedToReleaseProxyGrantingTicket(true);
    svc.setAttributeReleasePolicy(policy2);
    svc.setPublicKey(new RegisteredServicePublicKeyImpl("classpath:keys/RSA1024Public.key", "RSA"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^TestServiceAttributeForAuthzFails");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(CollectionUtils.wrap("cn", CollectionUtils.wrapSet("cnValue"), "givenName", CollectionUtils.wrapSet("gnameValue"))));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^TestSsoFalse");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(true, false));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("TestServiceAttributeForAuthzPasses");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(CollectionUtils.wrap("groupMembership", CollectionUtils.wrapSet("adopters"))));
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("eduPersonTestInvalid");
    svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("nonExistentAttributeName"));
    svc.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(CollectionUtils.wrap("groupMembership")));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("testAnonymous");
    svc.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^http://www.jasig.org.+");
    svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("usernameAttributeProviderService");
    svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("cn"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("proxyService");
    svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy("^https://.+"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^test.*");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setEvaluationOrder(1000);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://localhost.*");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setEvaluationOrder(100);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://carmenwiki.osu.edu.*");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setEvaluationOrder(99);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("jwtservice");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    final DefaultRegisteredServiceProperty prop = new DefaultRegisteredServiceProperty();
    prop.setValues(CollectionUtils.wrapSet(Boolean.TRUE.toString()));
    svc.getProperties().put(RegisteredServiceProperty.RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET.getPropertyName(), prop);
    svc.setEvaluationOrder(2000);
    l.add(svc);
    return l;
}
Also used : AnonymousRegisteredServiceUsernameAttributeProvider(org.apereo.cas.services.AnonymousRegisteredServiceUsernameAttributeProvider) ReturnAllAttributeReleasePolicy(org.apereo.cas.services.ReturnAllAttributeReleasePolicy) HashMap(java.util.HashMap) RegexMatchingRegisteredServiceProxyPolicy(org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy) ArrayList(java.util.ArrayList) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy) DefaultRegisteredServiceProperty(org.apereo.cas.services.DefaultRegisteredServiceProperty) RegisteredServicePublicKeyImpl(org.apereo.cas.services.RegisteredServicePublicKeyImpl) PrincipalAttributeRegisteredServiceUsernameProvider(org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) DefaultRegisteredServiceUsernameProvider(org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider) ArrayList(java.util.ArrayList) List(java.util.List) TestOneTimePasswordAuthenticationHandler(org.apereo.cas.TestOneTimePasswordAuthenticationHandler) AcceptUsersAuthenticationHandler(org.apereo.cas.authentication.AcceptUsersAuthenticationHandler) HashSet(java.util.HashSet) Bean(org.springframework.context.annotation.Bean)

Example 3 with DefaultRegisteredServiceAccessStrategy

use of org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy in project cas by apereo.

the class ServiceAuthorizationCheckTests method setUpMocks.

@Before
public void setUpMocks() {
    final RegexRegisteredService authorizedRegisteredService = new RegexRegisteredService();
    final RegexRegisteredService unauthorizedRegisteredService = new RegexRegisteredService();
    unauthorizedRegisteredService.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(false, false));
    final List<RegisteredService> list = new ArrayList<>();
    list.add(authorizedRegisteredService);
    list.add(unauthorizedRegisteredService);
    when(this.servicesManager.findServiceBy(this.authorizedService)).thenReturn(authorizedRegisteredService);
    when(this.servicesManager.findServiceBy(this.unauthorizedService)).thenReturn(unauthorizedRegisteredService);
    when(this.servicesManager.findServiceBy(this.undefinedService)).thenReturn(null);
    when(this.servicesManager.getAllServices()).thenReturn(list);
    this.serviceAuthorizationCheck = new ServiceAuthorizationCheck(this.servicesManager, new DefaultAuthenticationServiceSelectionPlan(new DefaultAuthenticationServiceSelectionStrategy()));
}
Also used : DefaultAuthenticationServiceSelectionStrategy(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy) RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) ArrayList(java.util.ArrayList) RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService) DefaultAuthenticationServiceSelectionPlan(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy) Before(org.junit.Before)

Example 4 with DefaultRegisteredServiceAccessStrategy

use of org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy in project cas by apereo.

the class CasAddonsRegisteredServicesJsonSerializer method convertServiceProperties.

private RegisteredService convertServiceProperties(final Map serviceDataMap) {
    final RegexRegisteredService service = new RegexRegisteredService();
    service.setId(Long.parseLong(serviceDataMap.get("id").toString()));
    service.setName(serviceDataMap.get("name").toString());
    service.setDescription(serviceDataMap.getOrDefault("description", StringUtils.EMPTY).toString());
    service.setServiceId(serviceDataMap.get("serviceId").toString().replace("**", ".*"));
    service.setTheme(serviceDataMap.getOrDefault("theme", StringUtils.EMPTY).toString());
    service.setEvaluationOrder(Integer.parseInt(serviceDataMap.getOrDefault("evaluationOrder", Integer.MAX_VALUE).toString()));
    final boolean allowedProxy = Boolean.parseBoolean(serviceDataMap.getOrDefault("allowedToProxy", Boolean.FALSE).toString());
    final boolean enabled = Boolean.parseBoolean(serviceDataMap.getOrDefault("enabled", Boolean.TRUE).toString());
    final boolean ssoEnabled = Boolean.parseBoolean(serviceDataMap.getOrDefault("ssoEnabled", Boolean.TRUE).toString());
    final boolean anonymousAccess = Boolean.parseBoolean(serviceDataMap.getOrDefault("anonymousAccess", Boolean.TRUE).toString());
    if (allowedProxy) {
        service.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+"));
    }
    service.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(enabled, ssoEnabled));
    if (anonymousAccess) {
        service.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider());
    }
    final List<String> attributes = (List<String>) serviceDataMap.getOrDefault("allowedAttributes", new ArrayList<>());
    service.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(attributes));
    return service;
}
Also used : AnonymousRegisteredServiceUsernameAttributeProvider(org.apereo.cas.services.AnonymousRegisteredServiceUsernameAttributeProvider) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) RegexMatchingRegisteredServiceProxyPolicy(org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy) ArrayList(java.util.ArrayList) RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService) ArrayList(java.util.ArrayList) List(java.util.List) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)

Example 5 with DefaultRegisteredServiceAccessStrategy

use of org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method getServicesManagerWith.

private ServicesManager getServicesManagerWith(final Service service, final BaseClient client) {
    final ServicesManager mgr = mock(ServicesManager.class);
    final AbstractRegisteredService regSvc = RegisteredServiceTestUtils.getRegisteredService(service.getId());
    final DefaultRegisteredServiceAccessStrategy strategy = new DefaultRegisteredServiceAccessStrategy();
    strategy.setDelegatedAuthenticationPolicy(new DefaultRegisteredServiceDelegatedAuthenticationPolicy(CollectionUtils.wrapList(client.getName())));
    regSvc.setAccessStrategy(strategy);
    when(mgr.findServiceBy(any(Service.class))).thenReturn(regSvc);
    return mgr;
}
Also used : ServicesManager(org.apereo.cas.services.ServicesManager) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) Service(org.apereo.cas.authentication.principal.Service) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) DefaultRegisteredServiceDelegatedAuthenticationPolicy(org.apereo.cas.services.DefaultRegisteredServiceDelegatedAuthenticationPolicy) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)

Aggregations

DefaultRegisteredServiceAccessStrategy (org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)48 lombok.val (lombok.val)39 Test (org.junit.jupiter.api.Test)35 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)24 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)24 MockRequestContext (org.springframework.webflow.test.MockRequestContext)18 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)16 MockServletContext (org.springframework.mock.web.MockServletContext)13 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)10 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)9 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)7 DefaultRegisteredServiceDelegatedAuthenticationPolicy (org.apereo.cas.services.DefaultRegisteredServiceDelegatedAuthenticationPolicy)7 URI (java.net.URI)6 RegisteredServiceAccessStrategyAuditableEnforcer (org.apereo.cas.services.RegisteredServiceAccessStrategyAuditableEnforcer)6 RegexRegisteredService (org.apereo.cas.services.RegexRegisteredService)5 ArrayList (java.util.ArrayList)4 DefaultRegisteredServiceUsernameProvider (org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider)4 JEEContext (org.pac4j.core.context.JEEContext)4 Service (org.apereo.cas.authentication.principal.Service)3 RefuseRegisteredServiceProxyPolicy (org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial