Examples with Assertion org.apereo.cas.validation.Assertion used on opensource projects

Search in sources :

Example 6 with Assertion

use of org.apereo.cas.validation.Assertion in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyValidateServiceTicketNoAttributesReturned.

@Test
public void verifyValidateServiceTicketNoAttributesReturned() throws Exception {
    final Service service = getService();
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
    final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), service, ctx);
    final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), service);
    final Authentication auth = assertion.getPrimaryAuthentication();
    assertEquals(0, auth.getPrincipal().getAttributes().size());
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) Assertion(org.apereo.cas.validation.Assertion) AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 7 with Assertion

use of org.apereo.cas.validation.Assertion in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyValidateServiceTicketWithInvalidUsernameAttribute.

@Test
public void verifyValidateServiceTicketWithInvalidUsernameAttribute() throws Exception {
    final Service svc = getService("eduPersonTestInvalid");
    final UsernamePasswordCredential cred = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
    final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc, ctx);
    final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc);
    final Authentication auth = assertion.getPrimaryAuthentication();
    /*
         * The attribute specified for this service does not resolve.
         * Therefore, we expect the default to be returned.
         */
    assertEquals(auth.getPrincipal().getId(), cred.getUsername());
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) Assertion(org.apereo.cas.validation.Assertion) AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 8 with Assertion

use of org.apereo.cas.validation.Assertion in project cas by apereo.

the class AbstractServiceValidateController method handleTicketValidation.

/**
     * Handle ticket validation model and view.
     *
     * @param request         the request
     * @param service         the service
     * @param serviceTicketId the service ticket id
     * @return the model and view
     */
protected ModelAndView handleTicketValidation(final HttpServletRequest request, final WebApplicationService service, final String serviceTicketId) {
    TicketGrantingTicket proxyGrantingTicketId = null;
    final Credential serviceCredential = getServiceCredentialsFromRequest(service, request);
    if (serviceCredential != null) {
        try {
            proxyGrantingTicketId = handleProxyGrantingTicketDelivery(serviceTicketId, serviceCredential);
        } catch (final AuthenticationException e) {
            LOGGER.warn("Failed to authenticate service credential [{}]", serviceCredential);
            return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
        } catch (final InvalidTicketException e) {
            LOGGER.error("Failed to create proxy granting ticket due to an invalid ticket for [{}]", serviceCredential, e);
            return generateErrorView(e.getCode(), new Object[] { serviceTicketId }, request, service);
        } catch (final AbstractTicketException e) {
            LOGGER.error("Failed to create proxy granting ticket for [{}]", serviceCredential, e);
            return generateErrorView(e.getCode(), new Object[] { serviceCredential.getId() }, request, service);
        }
    }
    final Assertion assertion = this.centralAuthenticationService.validateServiceTicket(serviceTicketId, service);
    if (!validateAssertion(request, serviceTicketId, assertion)) {
        return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_TICKET, new Object[] { serviceTicketId }, request, service);
    }
    final Pair<Boolean, Optional<MultifactorAuthenticationProvider>> ctxResult = validateAuthenticationContext(assertion, request);
    if (!ctxResult.getKey()) {
        throw new UnsatisfiedAuthenticationContextTicketValidationException(assertion.getService());
    }
    String proxyIou = null;
    if (serviceCredential != null && this.proxyHandler.canHandle(serviceCredential)) {
        proxyIou = handleProxyIouDelivery(serviceCredential, proxyGrantingTicketId);
        if (StringUtils.isEmpty(proxyIou)) {
            return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
        }
    } else {
        LOGGER.debug("No service credentials specified, and/or the proxy handler [{}] cannot handle credentials", this.proxyHandler.getClass().getSimpleName());
    }
    onSuccessfulValidation(serviceTicketId, assertion);
    LOGGER.debug("Successfully validated service ticket [{}] for service [{}]", serviceTicketId, service.getId());
    return generateSuccessView(assertion, proxyIou, service, request, ctxResult.getValue(), proxyGrantingTicketId);
}
Also used : Credential(org.apereo.cas.authentication.Credential) HttpBasedServiceCredential(org.apereo.cas.authentication.HttpBasedServiceCredential) Optional(java.util.Optional) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException) Assertion(org.apereo.cas.validation.Assertion) AbstractTicketException(org.apereo.cas.ticket.AbstractTicketException) UnsatisfiedAuthenticationContextTicketValidationException(org.apereo.cas.ticket.UnsatisfiedAuthenticationContextTicketValidationException)

Example 9 with Assertion

use of org.apereo.cas.validation.Assertion in project cas by apereo.

the class Saml10SuccessResponseViewTests method verifyResponse.

@Test
public void verifyResponse() throws Exception {
    final Map<String, Object> model = new HashMap<>();
    final Map<String, Object> attributes = new HashMap<>();
    attributes.put(TEST_ATTRIBUTE, TEST_VALUE);
    attributes.put("testEmptyCollection", Collections.emptyList());
    attributes.put("testAttributeCollection", Arrays.asList("tac1", "tac2"));
    final Principal principal = new DefaultPrincipalFactory().createPrincipal(PRINCIPAL_ID, attributes);
    final Map<String, Object> authAttributes = new HashMap<>();
    authAttributes.put(SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD, SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT);
    authAttributes.put("testSamlAttribute", "value");
    final Authentication primary = CoreAuthenticationTestUtils.getAuthentication(principal, authAttributes);
    final Assertion assertion = new ImmutableAssertion(primary, Collections.singletonList(primary), CoreAuthenticationTestUtils.getService(), true);
    model.put("assertion", assertion);
    final MockHttpServletResponse servletResponse = new MockHttpServletResponse();
    this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse);
    final String written = servletResponse.getContentAsString();
    assertTrue(written.contains(PRINCIPAL_ID));
    assertTrue(written.contains(TEST_ATTRIBUTE));
    assertTrue(written.contains(TEST_VALUE));
    assertFalse(written.contains("testEmptyCollection"));
    assertTrue(written.contains("testAttributeCollection"));
    assertTrue(written.contains("tac1"));
    assertTrue(written.contains("tac2"));
    assertTrue(written.contains(SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT));
    assertTrue(written.contains("AuthenticationMethod"));
    assertTrue(written.contains("AssertionID"));
}
Also used : HashMap(java.util.HashMap) ImmutableAssertion(org.apereo.cas.validation.ImmutableAssertion) Authentication(org.apereo.cas.authentication.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Assertion(org.apereo.cas.validation.Assertion) ImmutableAssertion(org.apereo.cas.validation.ImmutableAssertion) DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 10 with Assertion

use of org.apereo.cas.validation.Assertion in project cas by apereo.

the class Saml10SuccessResponseViewTests method verifyResponseWithNoAttributes.

@Test
public void verifyResponseWithNoAttributes() throws Exception {
    final Map<String, Object> model = new HashMap<>();
    final Principal principal = new DefaultPrincipalFactory().createPrincipal(PRINCIPAL_ID);
    final Map<String, Object> authAttributes = new HashMap<>();
    authAttributes.put(SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD, SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT);
    authAttributes.put("testSamlAttribute", "value");
    final Authentication primary = CoreAuthenticationTestUtils.getAuthentication(principal, authAttributes);
    final Assertion assertion = new ImmutableAssertion(primary, Collections.singletonList(primary), CoreAuthenticationTestUtils.getService(), true);
    model.put("assertion", assertion);
    final MockHttpServletResponse servletResponse = new MockHttpServletResponse();
    this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse);
    final String written = servletResponse.getContentAsString();
    assertTrue(written.contains(PRINCIPAL_ID));
    assertTrue(written.contains(SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT));
    assertTrue(written.contains("AuthenticationMethod="));
}
Also used : HashMap(java.util.HashMap) ImmutableAssertion(org.apereo.cas.validation.ImmutableAssertion) Authentication(org.apereo.cas.authentication.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Assertion(org.apereo.cas.validation.Assertion) ImmutableAssertion(org.apereo.cas.validation.ImmutableAssertion) DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

Assertion (org.apereo.cas.validation.Assertion)18 Test (org.junit.Test)14 Authentication (org.apereo.cas.authentication.Authentication)12 ServiceTicket (org.apereo.cas.ticket.ServiceTicket)12 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)12 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)10 Service (org.apereo.cas.authentication.principal.Service)10 AbstractWebApplicationService (org.apereo.cas.authentication.principal.AbstractWebApplicationService)8 UsernamePasswordCredential (org.apereo.cas.authentication.UsernamePasswordCredential)5 HashMap (java.util.HashMap)4 Principal (org.apereo.cas.authentication.principal.Principal)4 ImmutableAssertion (org.apereo.cas.validation.ImmutableAssertion)4 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)4 DefaultPrincipalFactory (org.apereo.cas.authentication.principal.DefaultPrincipalFactory)3 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3 RegisteredService (org.apereo.cas.services.RegisteredService)2 AbstractTicketException (org.apereo.cas.ticket.AbstractTicketException)2 InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)2 Counted (com.codahale.metrics.annotation.Counted)1 Metered (com.codahale.metrics.annotation.Metered)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial