Examples with BasicUserProfile org.pac4j.core.profile.BasicUserProfile used on opensource projects

Search in sources :

Example 1 with BasicUserProfile

use of org.pac4j.core.profile.BasicUserProfile in project cas by apereo.

the class OAuth20DefaultCasAuthenticationBuilder method build.

@Override
public Authentication build(final UserProfile profile, final OAuthRegisteredService registeredService, final WebContext context, final Service service) {
    val attrs = new HashMap<>(profile.getAttributes());
    val profileAttributes = CoreAuthenticationUtils.convertAttributeValuesToMultiValuedObjects(attrs);
    val newPrincipal = principalFactory.createPrincipal(profile.getId(), profileAttributes);
    LOGGER.debug("Created final principal [{}] after filtering attributes based on [{}]", newPrincipal, registeredService);
    val authenticator = profile.getClass().getCanonicalName();
    val metadata = new BasicCredentialMetaData(new BasicIdentifiableCredential(profile.getId()));
    val handlerResult = new DefaultAuthenticationHandlerExecutionResult(authenticator, metadata, newPrincipal, new ArrayList<>(0));
    val scopes = OAuth20Utils.getRequestedScopes(context);
    val state = context.getRequestParameter(OAuth20Constants.STATE).map(String::valueOf).or(() -> OAuth20Utils.getRequestParameter(context, OAuth20Constants.STATE)).orElse(StringUtils.EMPTY);
    val nonce = context.getRequestParameter(OAuth20Constants.NONCE).map(String::valueOf).or(() -> OAuth20Utils.getRequestParameter(context, OAuth20Constants.NONCE)).orElse(StringUtils.EMPTY);
    LOGGER.debug("OAuth [{}] is [{}], and [{}] is [{}]", OAuth20Constants.STATE, state, OAuth20Constants.NONCE, nonce);
    val builder = DefaultAuthenticationBuilder.newInstance();
    if (profile instanceof BasicUserProfile) {
        val authenticationAttributes = ((BasicUserProfile) profile).getAuthenticationAttributes();
        builder.addAttributes(authenticationAttributes);
    }
    builder.addAttribute("permissions", new LinkedHashSet<>(profile.getPermissions())).addAttribute("roles", new LinkedHashSet<>(profile.getRoles())).addAttribute("scopes", scopes).addAttribute(OAuth20Constants.STATE, state).addAttribute(OAuth20Constants.NONCE, nonce).addAttribute(OAuth20Constants.CLIENT_ID, registeredService.getClientId()).addCredential(metadata).setPrincipal(newPrincipal).setAuthenticationDate(ZonedDateTime.now(ZoneOffset.UTC)).addSuccess(profile.getClass().getCanonicalName(), handlerResult);
    context.getRequestParameter(OAuth20Constants.ACR_VALUES).ifPresent(value -> builder.addAttribute(OAuth20Constants.ACR_VALUES, value));
    return builder.build();
}
Also used : lombok.val(lombok.val) LinkedHashSet(java.util.LinkedHashSet) HashMap(java.util.HashMap) BasicIdentifiableCredential(org.apereo.cas.authentication.credential.BasicIdentifiableCredential) BasicUserProfile(org.pac4j.core.profile.BasicUserProfile) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) BasicCredentialMetaData(org.apereo.cas.authentication.metadata.BasicCredentialMetaData)

Example 2 with BasicUserProfile

use of org.pac4j.core.profile.BasicUserProfile in project cas by apereo.

the class OidcAuthenticationAuthorizeSecurityLogicTests method verifyMaxAgeOperation.

@Test
public void verifyMaxAgeOperation() {
    val request = new MockHttpServletRequest();
    request.addParameter(OidcConstants.MAX_AGE, "5");
    val response = new MockHttpServletResponse();
    when(ticketGrantingTicketCookieGenerator.retrieveCookieValue(request)).thenReturn(ticketGrantingTicket.getId());
    val context = new JEEContext(request, response);
    val profileManager = new ProfileManager(context, JEESessionStore.INSTANCE);
    var profile = new BasicUserProfile();
    profile.addAuthenticationAttribute(CasProtocolConstants.VALIDATION_CAS_MODEL_ATTRIBUTE_NAME_AUTHENTICATION_DATE, ZonedDateTime.now(Clock.systemUTC()).minusSeconds(30));
    profileManager.save(true, profile, false);
    val logic = new OidcAuthenticationAuthorizeSecurityLogic(ticketGrantingTicketCookieGenerator, ticketRegistry, centralAuthenticationService);
    assertTrue(logic.loadProfiles(profileManager, context, JEESessionStore.INSTANCE, List.of()).isEmpty());
}
Also used : lombok.val(lombok.val) ProfileManager(org.pac4j.core.profile.ProfileManager) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) BasicUserProfile(org.pac4j.core.profile.BasicUserProfile) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 3 with BasicUserProfile

use of org.pac4j.core.profile.BasicUserProfile in project cas by apereo.

the class OidcAuthenticationAuthorizeSecurityLogicTests method verifyLoadNoProfileWhenNoTgtAvailable.

@Test
public void verifyLoadNoProfileWhenNoTgtAvailable() {
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val context = new JEEContext(request, response);
    val profileManager = new ProfileManager(context, JEESessionStore.INSTANCE);
    profileManager.save(true, new BasicUserProfile(), false);
    val logic = new OidcAuthenticationAuthorizeSecurityLogic(ticketGrantingTicketCookieGenerator, ticketRegistry, centralAuthenticationService);
    assertTrue(logic.loadProfiles(profileManager, context, JEESessionStore.INSTANCE, List.of()).isEmpty());
}
Also used : lombok.val(lombok.val) ProfileManager(org.pac4j.core.profile.ProfileManager) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) BasicUserProfile(org.pac4j.core.profile.BasicUserProfile) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 4 with BasicUserProfile

use of org.pac4j.core.profile.BasicUserProfile in project cas by apereo.

the class OAuth20TicketGrantingTicketAwareSecurityLogicTests method verifyLoadWithValidTicket.

@Test
public void verifyLoadWithValidTicket() {
    when(centralAuthenticationService.getTicket(anyString(), any())).thenReturn(new MockTicketGrantingTicket("casuser"));
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val context = new JEEContext(request, response);
    val profileManager = new ProfileManager(context, JEESessionStore.INSTANCE);
    profileManager.save(true, new BasicUserProfile(), false);
    JEESessionStore.INSTANCE.set(context, WebUtils.PARAMETER_TICKET_GRANTING_TICKET_ID, UUID.randomUUID().toString());
    val logic = new OAuth20TicketGrantingTicketAwareSecurityLogic(ticketGrantingTicketCookieGenerator, ticketRegistry, centralAuthenticationService);
    assertFalse(logic.loadProfiles(profileManager, context, JEESessionStore.INSTANCE, List.of()).isEmpty());
}
Also used : MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) lombok.val(lombok.val) ProfileManager(org.pac4j.core.profile.ProfileManager) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) BasicUserProfile(org.pac4j.core.profile.BasicUserProfile) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 5 with BasicUserProfile

use of org.pac4j.core.profile.BasicUserProfile in project cas by apereo.

the class OAuth20TicketGrantingTicketAwareSecurityLogicTests method verifyLoadNoProfileWhenNoTgtAvailable.

@Test
public void verifyLoadNoProfileWhenNoTgtAvailable() {
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val context = new JEEContext(request, response);
    val profileManager = new ProfileManager(context, JEESessionStore.INSTANCE);
    profileManager.save(true, new BasicUserProfile(), false);
    val logic = new OAuth20TicketGrantingTicketAwareSecurityLogic(ticketGrantingTicketCookieGenerator, ticketRegistry, centralAuthenticationService);
    assertTrue(logic.loadProfiles(profileManager, context, JEESessionStore.INSTANCE, List.of()).isEmpty());
}
Also used : lombok.val(lombok.val) ProfileManager(org.pac4j.core.profile.ProfileManager) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) BasicUserProfile(org.pac4j.core.profile.BasicUserProfile) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

lombok.val (lombok.val)7 BasicUserProfile (org.pac4j.core.profile.BasicUserProfile)7 Test (org.junit.jupiter.api.Test)6 JEEContext (org.pac4j.core.context.JEEContext)6 ProfileManager (org.pac4j.core.profile.ProfileManager)6 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)6 HashMap (java.util.HashMap)1 LinkedHashSet (java.util.LinkedHashSet)1 DefaultAuthenticationHandlerExecutionResult (org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult)1 BasicIdentifiableCredential (org.apereo.cas.authentication.credential.BasicIdentifiableCredential)1 BasicCredentialMetaData (org.apereo.cas.authentication.metadata.BasicCredentialMetaData)1 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)1 InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial