Examples with RegisteredService org.apereo.cas.services.RegisteredService used on opensource projects

Search in sources :

Example 11 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class LogoutAction method doInternalExecute.

@Override
protected Event doInternalExecute(final HttpServletRequest request, final HttpServletResponse response, final RequestContext context) throws Exception {
    boolean needFrontSlo = false;
    final List<LogoutRequest> logoutRequests = WebUtils.getLogoutRequests(context);
    if (logoutRequests != null) {
        // if some logout request must still be attempted
        needFrontSlo = logoutRequests.stream().anyMatch(logoutRequest -> logoutRequest.getStatus() == LogoutRequestStatus.NOT_ATTEMPTED);
    }
    final String paramName = StringUtils.defaultIfEmpty(logoutProperties.getRedirectParameter(), CasProtocolConstants.PARAMETER_SERVICE);
    LOGGER.debug("Using parameter name [{}] to detect destination service, if any", paramName);
    final String service = request.getParameter(paramName);
    LOGGER.debug("Located target service [{}] for redirection after logout", paramName);
    if (logoutProperties.isFollowServiceRedirects() && StringUtils.isNotBlank(service)) {
        final Service webAppService = webApplicationServiceFactory.createService(service);
        final RegisteredService rService = this.servicesManager.findServiceBy(webAppService);
        if (rService != null && rService.getAccessStrategy().isServiceAccessAllowed()) {
            LOGGER.debug("Redirecting to service [{}]", service);
            WebUtils.putLogoutRedirectUrl(context, service);
        } else {
            LOGGER.warn("Cannot redirect to [{}] given the service is unauthorized to use CAS. " + "Ensure the service is registered with CAS and is enabled to allowed access", service);
        }
    } else {
        LOGGER.debug("No target service is located for redirection after logout, or CAS is not allowed to follow redirects after logout");
    }
    // there are some front services to logout, perform front SLO
    if (needFrontSlo) {
        LOGGER.debug("Proceeding forward with front-channel single logout");
        return new Event(this, FRONT_EVENT);
    }
    LOGGER.debug("Moving forward to finish the logout process");
    return new Event(this, FINISH_EVENT);
}
Also used : CasProtocolConstants(org.apereo.cas.CasProtocolConstants) LogoutRequest(org.apereo.cas.logout.LogoutRequest) Logger(org.slf4j.Logger) LoggerFactory(org.slf4j.LoggerFactory) HttpServletResponse(javax.servlet.http.HttpServletResponse) LogoutRequestStatus(org.apereo.cas.logout.LogoutRequestStatus) LogoutProperties(org.apereo.cas.configuration.model.core.logout.LogoutProperties) StringUtils(org.apache.commons.lang3.StringUtils) RequestContext(org.springframework.webflow.execution.RequestContext) RegisteredService(org.apereo.cas.services.RegisteredService) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) HttpServletRequest(javax.servlet.http.HttpServletRequest) List(java.util.List) Service(org.apereo.cas.authentication.principal.Service) WebUtils(org.apereo.cas.web.support.WebUtils) ServiceFactory(org.apereo.cas.authentication.principal.ServiceFactory) Event(org.springframework.webflow.execution.Event) ServicesManager(org.apereo.cas.services.ServicesManager) RegisteredService(org.apereo.cas.services.RegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) Service(org.apereo.cas.authentication.principal.Service) Event(org.springframework.webflow.execution.Event) LogoutRequest(org.apereo.cas.logout.LogoutRequest)

Example 12 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class SendTicketGrantingTicketAction method isAuthenticationRenewed.

/**
     * Tries to determine if authentication was created as part of a "renew" event.
     * Renewed authentications can occur if the service is not allowed to participate
     * in SSO or if a "renew" request parameter is specified.
     *
     * @param ctx the request context
     * @return true if renewed
     */
private boolean isAuthenticationRenewed(final RequestContext ctx) {
    if (ctx.getRequestParameters().contains(CasProtocolConstants.PARAMETER_RENEW)) {
        LOGGER.debug("[{}] is specified for the request. The authentication session will be considered renewed.", CasProtocolConstants.PARAMETER_RENEW);
        return true;
    }
    final Service service = WebUtils.getService(ctx);
    if (service != null) {
        final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
        if (registeredService != null) {
            final boolean isAllowedForSso = registeredService.getAccessStrategy().isServiceAccessAllowedForSso();
            LOGGER.debug("Located [{}] in registry. Service access to participate in SSO is set to [{}]", registeredService.getServiceId(), isAllowedForSso);
            return !isAllowedForSso;
        }
    }
    return false;
}
Also used : RegisteredService(org.apereo.cas.services.RegisteredService) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service)

Example 13 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class GatewayServicesManagementCheck method doExecute.

@Override
protected Event doExecute(final RequestContext context) throws Exception {
    final Service service = WebUtils.getService(context);
    final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
    if (registeredService == null) {
        final String msg = String.format("Service Management: Unauthorized Service Access. " + "Service [%s] does not match entries in service registry.", service.getId());
        LOGGER.warn(msg);
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg);
    }
    if (!registeredService.getAccessStrategy().isServiceAccessAllowed()) {
        final String msg = String.format("Service Management: Access to service [%s] " + "is disabled by the service registry.", service.getId());
        LOGGER.warn(msg);
        WebUtils.putUnauthorizedRedirectUrlIntoFlowScope(context, registeredService.getAccessStrategy().getUnauthorizedRedirectUrl());
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg);
    }
    return success();
}
Also used : RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) RegisteredService(org.apereo.cas.services.RegisteredService) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)

Example 14 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class ServiceAuthorizationCheckTests method setUpMocks.

@Before
public void setUpMocks() {
    final RegexRegisteredService authorizedRegisteredService = new RegexRegisteredService();
    final RegexRegisteredService unauthorizedRegisteredService = new RegexRegisteredService();
    unauthorizedRegisteredService.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(false, false));
    final List<RegisteredService> list = new ArrayList<>();
    list.add(authorizedRegisteredService);
    list.add(unauthorizedRegisteredService);
    when(this.servicesManager.findServiceBy(this.authorizedService)).thenReturn(authorizedRegisteredService);
    when(this.servicesManager.findServiceBy(this.unauthorizedService)).thenReturn(unauthorizedRegisteredService);
    when(this.servicesManager.findServiceBy(this.undefinedService)).thenReturn(null);
    when(this.servicesManager.getAllServices()).thenReturn(list);
    this.serviceAuthorizationCheck = new ServiceAuthorizationCheck(this.servicesManager);
}
Also used : RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) ArrayList(java.util.ArrayList) RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy) Before(org.junit.Before)

Example 15 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class CentralAuthenticationServiceImplWithMockitoTests method createMockRegisteredService.

private static RegisteredService createMockRegisteredService(final String svcId, final boolean enabled, final RegisteredServiceProxyPolicy proxy) {
    final RegisteredService mockRegSvc = mock(RegisteredService.class);
    when(mockRegSvc.getServiceId()).thenReturn(svcId);
    when(mockRegSvc.getProxyPolicy()).thenReturn(proxy);
    when(mockRegSvc.getName()).thenReturn(svcId);
    when(mockRegSvc.matches(argThat(new VerifyServiceByIdMatcher(svcId)))).thenReturn(true);
    when(mockRegSvc.getAttributeReleasePolicy()).thenReturn(new ReturnAllAttributeReleasePolicy());
    when(mockRegSvc.getUsernameAttributeProvider()).thenReturn(new DefaultRegisteredServiceUsernameProvider());
    when(mockRegSvc.getAccessStrategy()).thenReturn(new DefaultRegisteredServiceAccessStrategy(enabled, true));
    return mockRegSvc;
}
Also used : ReturnAllAttributeReleasePolicy(org.apereo.cas.services.ReturnAllAttributeReleasePolicy) RegisteredService(org.apereo.cas.services.RegisteredService) DefaultRegisteredServiceUsernameProvider(org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)

Aggregations

RegisteredService (org.apereo.cas.services.RegisteredService)109 Test (org.junit.Test)39 Authentication (org.apereo.cas.authentication.Authentication)35 Service (org.apereo.cas.authentication.principal.Service)30 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)27 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)22 Principal (org.apereo.cas.authentication.principal.Principal)21 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)18 RegexRegisteredService (org.apereo.cas.services.RegexRegisteredService)17 AbstractRegisteredService (org.apereo.cas.services.AbstractRegisteredService)13 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)12 Event (org.springframework.webflow.execution.Event)12 ServicesManager (org.apereo.cas.services.ServicesManager)11 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 MultifactorAuthenticationProvider (org.apereo.cas.services.MultifactorAuthenticationProvider)10 OAuthCode (org.apereo.cas.ticket.code.OAuthCode)10 CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)9 Logger (org.slf4j.Logger)9 LoggerFactory (org.slf4j.LoggerFactory)9 Collection (java.util.Collection)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial