Example 1 with AbstractTicketException
use of org.apereo.cas.ticket.AbstractTicketException in project cas by apereo.
the class ServiceTicketRequestWebflowEventResolver method grantServiceTicket.
/**
* Grant service ticket for the given credential based on the service and tgt
* that are found in the request context.
*
* @param context the context
* @return the resulting event. Warning, authentication failure or error.
* @since 4.1.0
*/
protected Event grantServiceTicket(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final Credential credential = getCredentialFromContext(context);
try {
final Service service = WebUtils.getService(context);
final AuthenticationResult authenticationResult = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(service, credential);
final ServiceTicket serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, authenticationResult);
WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
WebUtils.putWarnCookieIfRequestParameterPresent(this.warnCookieGenerator, context);
return newEvent(CasWebflowConstants.TRANSITION_ID_WARN);
} catch (final AuthenticationException | AbstractTicketException e) {
return newEvent(CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, e);
}
}
Also used :
Credential(org.apereo.cas.authentication.Credential)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService)
Service(org.apereo.cas.authentication.principal.Service)
ServiceTicket(org.apereo.cas.ticket.ServiceTicket)
AbstractTicketException(org.apereo.cas.ticket.AbstractTicketException)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
Example 2 with AbstractTicketException
use of org.apereo.cas.ticket.AbstractTicketException in project cas by apereo.
the class InitialAuthenticationAttemptWebflowEventResolver method returnAuthenticationExceptionEventIfNeeded.
private Event returnAuthenticationExceptionEventIfNeeded(final Exception e) {
final Exception ex;
if (e instanceof AuthenticationException || e instanceof AbstractTicketException) {
ex = e;
} else if (e.getCause() instanceof AuthenticationException || e.getCause() instanceof AbstractTicketException) {
ex = (Exception) e.getCause();
} else {
return null;
}
LOGGER.debug(ex.getMessage(), ex);
return newEvent(CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, ex);
}
Also used :
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
AbstractTicketException(org.apereo.cas.ticket.AbstractTicketException)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
AbstractTicketException(org.apereo.cas.ticket.AbstractTicketException)
Example 3 with AbstractTicketException
use of org.apereo.cas.ticket.AbstractTicketException in project cas by apereo.
the class TicketGrantingTicketCheckAction method doExecute.
/**
* Determines whether the TGT in the flow request context is valid.
*
* @param requestContext Flow request context.
*
* @throws Exception in case ticket cannot be retrieved from the service layer
* @return {@link #NOT_EXISTS}, {@link #INVALID}, or {@link #VALID}.
*/
@Override
protected Event doExecute(final RequestContext requestContext) throws Exception {
final String tgtId = WebUtils.getTicketGrantingTicketId(requestContext);
if (!StringUtils.hasText(tgtId)) {
return new Event(this, NOT_EXISTS);
}
String eventId = INVALID;
try {
final Ticket ticket = this.centralAuthenticationService.getTicket(tgtId, Ticket.class);
if (ticket != null && !ticket.isExpired()) {
eventId = VALID;
}
} catch (final AbstractTicketException e) {
LOGGER.trace("Could not retrieve ticket id [{}] from registry.", e.getMessage());
}
return new Event(this, eventId);
}
Also used :
Ticket(org.apereo.cas.ticket.Ticket)
Event(org.springframework.webflow.execution.Event)
AbstractTicketException(org.apereo.cas.ticket.AbstractTicketException)
Example 4 with AbstractTicketException
use of org.apereo.cas.ticket.AbstractTicketException in project cas by apereo.
the class CentralAuthenticationServiceImplTests method verifyGoodCredentialsOnTicketGrantingTicketCreation.
@Test
public void verifyGoodCredentialsOnTicketGrantingTicketCreation() throws Exception {
try {
final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport());
assertNotNull(getCentralAuthenticationService().createTicketGrantingTicket(ctx));
} catch (final AbstractTicketException e) {
fail("Exception expected");
}
}
Also used :
AbstractTicketException(org.apereo.cas.ticket.AbstractTicketException)
AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)
Test(org.junit.Test)
Example 5 with AbstractTicketException
use of org.apereo.cas.ticket.AbstractTicketException in project cas by apereo.
the class AbstractServiceValidateController method handleTicketValidation.
/**
* Handle ticket validation model and view.
*
* @param request the request
* @param service the service
* @param serviceTicketId the service ticket id
* @return the model and view
*/
protected ModelAndView handleTicketValidation(final HttpServletRequest request, final WebApplicationService service, final String serviceTicketId) {
TicketGrantingTicket proxyGrantingTicketId = null;
final Credential serviceCredential = getServiceCredentialsFromRequest(service, request);
if (serviceCredential != null) {
try {
proxyGrantingTicketId = handleProxyGrantingTicketDelivery(serviceTicketId, serviceCredential);
} catch (final AuthenticationException e) {
LOGGER.warn("Failed to authenticate service credential [{}]", serviceCredential);
return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
} catch (final InvalidTicketException e) {
LOGGER.error("Failed to create proxy granting ticket due to an invalid ticket for [{}]", serviceCredential, e);
return generateErrorView(e.getCode(), new Object[] { serviceTicketId }, request, service);
} catch (final AbstractTicketException e) {
LOGGER.error("Failed to create proxy granting ticket for [{}]", serviceCredential, e);
return generateErrorView(e.getCode(), new Object[] { serviceCredential.getId() }, request, service);
}
}
final Assertion assertion = this.centralAuthenticationService.validateServiceTicket(serviceTicketId, service);
if (!validateAssertion(request, serviceTicketId, assertion)) {
return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_TICKET, new Object[] { serviceTicketId }, request, service);
}
final Pair<Boolean, Optional<MultifactorAuthenticationProvider>> ctxResult = validateAuthenticationContext(assertion, request);
if (!ctxResult.getKey()) {
throw new UnsatisfiedAuthenticationContextTicketValidationException(assertion.getService());
}
String proxyIou = null;
if (serviceCredential != null && this.proxyHandler.canHandle(serviceCredential)) {
proxyIou = handleProxyIouDelivery(serviceCredential, proxyGrantingTicketId);
if (StringUtils.isEmpty(proxyIou)) {
return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
}
} else {
LOGGER.debug("No service credentials specified, and/or the proxy handler [{}] cannot handle credentials", this.proxyHandler.getClass().getSimpleName());
}
onSuccessfulValidation(serviceTicketId, assertion);
LOGGER.debug("Successfully validated service ticket [{}] for service [{}]", serviceTicketId, service.getId());
return generateSuccessView(assertion, proxyIou, service, request, ctxResult.getValue(), proxyGrantingTicketId);
}
Also used :
Credential(org.apereo.cas.authentication.Credential)
HttpBasedServiceCredential(org.apereo.cas.authentication.HttpBasedServiceCredential)
Optional(java.util.Optional)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket)
InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException)
Assertion(org.apereo.cas.validation.Assertion)
AbstractTicketException(org.apereo.cas.ticket.AbstractTicketException)
UnsatisfiedAuthenticationContextTicketValidationException(org.apereo.cas.ticket.UnsatisfiedAuthenticationContextTicketValidationException)
Aggregations
AbstractTicketException (org.apereo.cas.ticket.AbstractTicketException)10
CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)4
AuthenticationException (org.apereo.cas.authentication.AuthenticationException)4
AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)4
Service (org.apereo.cas.authentication.principal.Service)4
Credential (org.apereo.cas.authentication.Credential)3
WebApplicationService (org.apereo.cas.authentication.principal.WebApplicationService)2
RegisteredService (org.apereo.cas.services.RegisteredService)2
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)2
InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)2
ServiceTicket (org.apereo.cas.ticket.ServiceTicket)2
Assertion (org.apereo.cas.validation.Assertion)2
HashMap (java.util.HashMap)1
Optional (java.util.Optional)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpSession (javax.servlet.http.HttpSession)1
Authentication (org.apereo.cas.authentication.Authentication)1
AuthenticationResultBuilder (org.apereo.cas.authentication.AuthenticationResultBuilder)1
HttpBasedServiceCredential (org.apereo.cas.authentication.HttpBasedServiceCredential)1
UnauthorizedProxyingException (org.apereo.cas.services.UnauthorizedProxyingException)1
