use of org.apereo.cas.services.RegisteredService in project cas by apereo.
the class GoogleAccountsServiceResponseBuilder method constructSamlResponse.
/**
* Construct SAML response.
* <a href="http://bit.ly/1uI8Ggu">See this reference for more info.</a>
*
* @param service the service
* @return the SAML response
*/
protected String constructSamlResponse(final GoogleAccountsService service) {
final ZonedDateTime currentDateTime = ZonedDateTime.now(ZoneOffset.UTC);
final ZonedDateTime notBeforeIssueInstant = ZonedDateTime.parse("2003-04-17T00:46:02Z");
final RegisteredService registeredService = servicesManager.findServiceBy(service);
if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
}
final String userId = registeredService.getUsernameAttributeProvider().resolveUsername(service.getPrincipal(), service);
final org.opensaml.saml.saml2.core.Response response = this.samlObjectBuilder.newResponse(this.samlObjectBuilder.generateSecureRandomId(), currentDateTime, service.getId(), service);
response.setStatus(this.samlObjectBuilder.newStatus(StatusCode.SUCCESS, null));
final String sessionIndex = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
final AuthnStatement authnStatement = this.samlObjectBuilder.newAuthnStatement(AuthnContext.PASSWORD_AUTHN_CTX, currentDateTime, sessionIndex);
final Assertion assertion = this.samlObjectBuilder.newAssertion(authnStatement, casServerPrefix, notBeforeIssueInstant, this.samlObjectBuilder.generateSecureRandomId());
final Conditions conditions = this.samlObjectBuilder.newConditions(notBeforeIssueInstant, currentDateTime.plusSeconds(this.skewAllowance), service.getId());
assertion.setConditions(conditions);
final Subject subject = this.samlObjectBuilder.newSubject(NameID.EMAIL, userId, service.getId(), currentDateTime.plusSeconds(this.skewAllowance), service.getRequestId());
assertion.setSubject(subject);
response.getAssertions().add(assertion);
final StringWriter writer = new StringWriter();
this.samlObjectBuilder.marshalSamlXmlObject(response, writer);
final String result = writer.toString();
LOGGER.debug("Generated Google SAML response: [{}]", result);
return result;
}
use of org.apereo.cas.services.RegisteredService in project cas by apereo.
the class Saml10SuccessResponseView method prepareSamlAttributes.
/**
* Prepare saml attributes. Combines both principal and authentication
* attributes. If the authentication is to be remembered, uses {@link #rememberMeAttributeName}
* for the remember-me attribute name.
*
* @param model the model
* @return the final map
* @since 4.1.0
*/
private Map<String, Object> prepareSamlAttributes(final Map<String, Object> model, final Service service) {
final Map<String, Object> authnAttributes = new HashMap<>(getAuthenticationAttributesAsMultiValuedAttributes(model));
if (isRememberMeAuthentication(model)) {
authnAttributes.remove(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME);
authnAttributes.put(this.rememberMeAttributeName, Boolean.TRUE.toString());
}
LOGGER.debug("Retrieved authentication attributes [{}] from the model", authnAttributes);
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
final Map<String, Object> attributesToReturn = new HashMap<>();
attributesToReturn.putAll(getPrincipalAttributesAsMultiValuedAttributes(model));
attributesToReturn.putAll(authnAttributes);
decideIfCredentialPasswordShouldBeReleasedAsAttribute(attributesToReturn, model, registeredService);
decideIfProxyGrantingTicketShouldBeReleasedAsAttribute(attributesToReturn, model, registeredService);
LOGGER.debug("Beginning to encode attributes [{}] for service [{}]", attributesToReturn, registeredService.getServiceId());
final Map<String, Object> finalAttributes = this.protocolAttributeEncoder.encodeAttributes(attributesToReturn, registeredService);
LOGGER.debug("Final collection of attributes are [{}]", finalAttributes);
return finalAttributes;
}
use of org.apereo.cas.services.RegisteredService in project cas by apereo.
the class RegisteredServiceSimpleFormControllerTests method verifyEditMockRegisteredService.
@Test
public void verifyEditMockRegisteredService() throws Exception {
this.registeredServiceFactory = new DefaultRegisteredServiceFactory(new DefaultAccessStrategyMapper(), policyMapper, new DefaultProxyPolicyMapper(), new MockRegisteredServiceMapper(), new DefaultUsernameAttributeProviderMapper(), Collections.singletonList(new AttributeFormDataPopulator(this.repository)));
this.controller = new RegisteredServiceSimpleFormController(this.manager, this.registeredServiceFactory);
final MockRegisteredService r = new MockRegisteredService();
r.setId(1000);
r.setName("Test Service");
r.setServiceId(TEST_ID);
r.setDescription(DESCRIPTION);
this.manager.save(r);
r.setServiceId("serviceId1");
final RegisteredServiceEditBean.ServiceData data = registeredServiceFactory.createServiceData(r);
this.controller.saveService(new MockHttpServletRequest(), new MockHttpServletResponse(), data, mock(BindingResult.class));
assertFalse(this.manager.getAllServices().isEmpty());
final RegisteredService r2 = this.manager.findServiceBy(1000);
assertEquals("serviceId1", r2.getServiceId());
assertTrue(r2 instanceof MockRegisteredService);
}
use of org.apereo.cas.services.RegisteredService in project cas by apereo.
the class RegisteredServiceSimpleFormControllerTests method verifyAddRegexRegisteredService.
@Test
public void verifyAddRegexRegisteredService() throws Exception {
final RegexRegisteredService svc = new RegexRegisteredService();
svc.setDescription(DESCRIPTION);
svc.setServiceId("^serviceId");
svc.setName(NAME);
svc.setId(1000);
svc.setEvaluationOrder(1000);
final RegisteredServiceEditBean.ServiceData data = registeredServiceFactory.createServiceData(svc);
this.controller.saveService(new MockHttpServletRequest(), new MockHttpServletResponse(), data, mock(BindingResult.class));
final Collection<RegisteredService> services = this.manager.getAllServices();
assertEquals(1, services.size());
this.manager.getAllServices().forEach(rs -> assertTrue(rs instanceof RegexRegisteredService));
}
use of org.apereo.cas.services.RegisteredService in project cas by apereo.
the class RegisteredServiceSimpleFormControllerTests method verifyAddMockRegisteredService.
@Test
public void verifyAddMockRegisteredService() throws Exception {
this.registeredServiceFactory = new DefaultRegisteredServiceFactory(new DefaultAccessStrategyMapper(), policyMapper, new DefaultProxyPolicyMapper(), new MockRegisteredServiceMapper(), new DefaultUsernameAttributeProviderMapper(), Collections.singletonList(new AttributeFormDataPopulator(this.repository)));
this.controller = new RegisteredServiceSimpleFormController(this.manager, this.registeredServiceFactory);
final MockRegisteredService svc = new MockRegisteredService();
svc.setDescription(DESCRIPTION);
svc.setServiceId("^serviceId");
svc.setName(NAME);
svc.setId(1000);
svc.setEvaluationOrder(1000);
final RegisteredServiceEditBean.ServiceData data = registeredServiceFactory.createServiceData(svc);
this.controller.saveService(new MockHttpServletRequest(), new MockHttpServletResponse(), data, mock(BindingResult.class));
final Collection<RegisteredService> services = this.manager.getAllServices();
assertEquals(1, services.size());
this.manager.getAllServices().forEach(rs -> assertTrue(rs instanceof MockRegisteredService));
}
Aggregations