Search in sources :

Example 1 with AuditableExecution

use of org.apereo.cas.audit.AuditableExecution in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method verifyFinishAuthentication.

@Test
public void verifyFinishAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");
    mockRequest.addParameter(ThemeChangeInterceptor.DEFAULT_PARAM_NAME, MY_THEME);
    mockRequest.addParameter(LocaleChangeInterceptor.DEFAULT_PARAM_NAME, MY_LOCALE);
    mockRequest.addParameter(CasProtocolConstants.PARAMETER_METHOD, MY_METHOD);
    final Service service = CoreAuthenticationTestUtils.getService(MY_SERVICE);
    mockRequest.addParameter(CasProtocolConstants.PARAMETER_SERVICE, service.getId());
    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);
    when(servletExternalContext.getNativeResponse()).thenReturn(new MockHttpServletResponse());
    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    final FacebookClient facebookClient = new FacebookClient() {

        @Override
        protected OAuth20Credentials retrieveCredentials(final WebContext context) {
            return new OAuth20Credentials("fakeVerifier");
        }
    };
    facebookClient.setName(FacebookClient.class.getSimpleName());
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient);
    final TicketGrantingTicket tgt = new TicketGrantingTicketImpl(TGT_ID, mock(Authentication.class), mock(ExpirationPolicy.class));
    final CentralAuthenticationService casImpl = mock(CentralAuthenticationService.class);
    when(casImpl.createTicketGrantingTicket(any())).thenReturn(tgt);
    final AuthenticationTransactionManager transManager = mock(AuthenticationTransactionManager.class);
    final AuthenticationManager authNManager = mock(AuthenticationManager.class);
    when(authNManager.authenticate(any(AuthenticationTransaction.class))).thenReturn(CoreAuthenticationTestUtils.getAuthentication());
    when(transManager.getAuthenticationManager()).thenReturn(authNManager);
    when(transManager.handle(any(AuthenticationTransaction.class), any(AuthenticationResultBuilder.class))).thenReturn(transManager);
    final AuthenticationSystemSupport support = mock(AuthenticationSystemSupport.class);
    when(support.getAuthenticationTransactionManager()).thenReturn(transManager);
    final AuditableExecution enforcer = mock(AuditableExecution.class);
    when(enforcer.execute(any())).thenReturn(new AuditableExecutionResult());
    final DefaultTicketRegistry ticketRegistry = new DefaultTicketRegistry();
    final DelegatedClientWebflowManager manager = new DelegatedClientWebflowManager(ticketRegistry, new DefaultTransientSessionTicketFactory(new HardTimeoutExpirationPolicy(60)), ThemeChangeInterceptor.DEFAULT_PARAM_NAME, LocaleChangeInterceptor.DEFAULT_PARAM_NAME, new WebApplicationServiceFactory(), "https://cas.example.org", new DefaultAuthenticationServiceSelectionPlan(new DefaultAuthenticationServiceSelectionStrategy()));
    final Ticket ticket = manager.store(Pac4jUtils.getPac4jJ2EContext(mockRequest, new MockHttpServletResponse()), facebookClient);
    mockRequest.addParameter(DelegatedClientWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    final DelegatedClientAuthenticationAction action = new DelegatedClientAuthenticationAction(clients, support, casImpl, getServicesManagerWith(service, facebookClient), enforcer, manager, new DelegatedSessionCookieManager(mock(CookieRetrievingCookieGenerator.class)));
    final Event event = action.execute(mockRequestContext);
    assertEquals("success", event.getId());
    assertEquals(MY_THEME, mockRequest.getAttribute(ThemeChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(LocaleChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(MY_METHOD, mockRequest.getAttribute(CasProtocolConstants.PARAMETER_METHOD));
    assertEquals(MY_SERVICE, mockRequest.getAttribute(CasProtocolConstants.PARAMETER_SERVICE));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    final MutableAttributeMap requestScope = mockRequestContext.getRequestScope();
    assertEquals(service.getId(), ((Service) flowScope.get(CasProtocolConstants.PARAMETER_SERVICE)).getId());
    assertEquals(TGT_ID, flowScope.get(WebUtils.PARAMETER_TICKET_GRANTING_TICKET_ID));
    assertEquals(TGT_ID, requestScope.get(WebUtils.PARAMETER_TICKET_GRANTING_TICKET_ID));
}
Also used : WebContext(org.pac4j.core.context.WebContext) FacebookClient(org.pac4j.oauth.client.FacebookClient) DefaultAuthenticationServiceSelectionPlan(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan) AuthenticationResultBuilder(org.apereo.cas.authentication.AuthenticationResultBuilder) DefaultTransientSessionTicketFactory(org.apereo.cas.ticket.factory.DefaultTransientSessionTicketFactory) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.support.HardTimeoutExpirationPolicy) ExpirationPolicy(org.apereo.cas.ticket.ExpirationPolicy) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) DefaultTicketRegistry(org.apereo.cas.ticket.registry.DefaultTicketRegistry) WebApplicationServiceFactory(org.apereo.cas.authentication.principal.WebApplicationServiceFactory) MutableAttributeMap(org.springframework.webflow.core.collection.MutableAttributeMap) TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl) AuthenticationTransaction(org.apereo.cas.authentication.AuthenticationTransaction) AuditableExecutionResult(org.apereo.cas.audit.AuditableExecutionResult) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) DefaultAuthenticationServiceSelectionStrategy(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Ticket(org.apereo.cas.ticket.Ticket) AuthenticationSystemSupport(org.apereo.cas.authentication.AuthenticationSystemSupport) AuthenticationTransactionManager(org.apereo.cas.authentication.AuthenticationTransactionManager) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.support.HardTimeoutExpirationPolicy) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) Service(org.apereo.cas.authentication.principal.Service) MockRequestContext(org.springframework.webflow.test.MockRequestContext) Clients(org.pac4j.core.client.Clients) AuditableExecution(org.apereo.cas.audit.AuditableExecution) DelegatedClientWebflowManager(org.apereo.cas.web.DelegatedClientWebflowManager) AuthenticationManager(org.apereo.cas.authentication.AuthenticationManager) DelegatedSessionCookieManager(org.apereo.cas.web.pac4j.DelegatedSessionCookieManager) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) Authentication(org.apereo.cas.authentication.Authentication) OAuth20Credentials(org.pac4j.oauth.credentials.OAuth20Credentials) Event(org.springframework.webflow.execution.Event) Test(org.junit.Test)

Example 2 with AuditableExecution

use of org.apereo.cas.audit.AuditableExecution in project cas by apereo.

the class CentralAuthenticationServiceImplWithMockitoTests method prepareNewCAS.

@Before
public void prepareNewCAS() {
    this.authentication = mock(Authentication.class);
    when(this.authentication.getAuthenticationDate()).thenReturn(ZonedDateTime.now(ZoneOffset.UTC));
    final CredentialMetaData metadata = new BasicCredentialMetaData(RegisteredServiceTestUtils.getCredentialsWithSameUsernameAndPassword("principal"));
    final Map<String, AuthenticationHandlerExecutionResult> successes = new HashMap<>();
    successes.put("handler1", new DefaultAuthenticationHandlerExecutionResult(mock(AuthenticationHandler.class), metadata));
    when(this.authentication.getCredentials()).thenReturn(Arrays.asList(metadata));
    when(this.authentication.getSuccesses()).thenReturn(successes);
    when(this.authentication.getPrincipal()).thenReturn(new DefaultPrincipalFactory().createPrincipal(PRINCIPAL));
    final Service service1 = getService(SVC1_ID);
    final ServiceTicket stMock = createMockServiceTicket(ST_ID, service1);
    final TicketGrantingTicket tgtRootMock = createRootTicketGrantingTicket();
    final TicketGrantingTicket tgtMock = createMockTicketGrantingTicket(TGT_ID, stMock, false, tgtRootMock, new ArrayList<>());
    when(tgtMock.getProxiedBy()).thenReturn(getService("proxiedBy"));
    final List<Authentication> authnListMock = mock(List.class);
    // Size is required to be 2, so that we can simulate proxying capabilities
    when(authnListMock.size()).thenReturn(2);
    when(authnListMock.toArray()).thenReturn(new Object[] { this.authentication, this.authentication });
    when(authnListMock.get(anyInt())).thenReturn(this.authentication);
    when(tgtMock.getChainedAuthentications()).thenReturn(authnListMock);
    when(stMock.getTicketGrantingTicket()).thenReturn(tgtMock);
    final Service service2 = getService(SVC2_ID);
    final ServiceTicket stMock2 = createMockServiceTicket(ST2_ID, service2);
    final TicketGrantingTicket tgtMock2 = createMockTicketGrantingTicket(TGT2_ID, stMock2, false, tgtRootMock, authnListMock);
    mockTicketRegistry(stMock, tgtMock, stMock2, tgtMock2);
    final ServicesManager smMock = getServicesManager(service1, service2);
    final TicketFactory factory = getTicketFactory();
    final AuthenticationServiceSelectionPlan authenticationRequestServiceSelectionStrategies = new DefaultAuthenticationServiceSelectionPlan(new DefaultAuthenticationServiceSelectionStrategy());
    final AuditableExecution enforcer = mock(AuditableExecution.class);
    when(enforcer.execute(any())).thenReturn(new AuditableExecutionResult());
    this.cas = new DefaultCentralAuthenticationService(mock(ApplicationEventPublisher.class), ticketRegMock, smMock, mock(LogoutManager.class), factory, authenticationRequestServiceSelectionStrategies, new AcceptAnyAuthenticationPolicyFactory(), new DefaultPrincipalFactory(), null, enforcer);
    this.cas.setApplicationEventPublisher(mock(ApplicationEventPublisher.class));
}
Also used : AcceptAnyAuthenticationPolicyFactory(org.apereo.cas.authentication.policy.AcceptAnyAuthenticationPolicyFactory) DefaultAuthenticationServiceSelectionStrategy(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy) HashMap(java.util.HashMap) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) AuthenticationServiceSelectionPlan(org.apereo.cas.authentication.AuthenticationServiceSelectionPlan) DefaultAuthenticationServiceSelectionPlan(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan) DefaultAuthenticationServiceSelectionPlan(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) AuditableExecution(org.apereo.cas.audit.AuditableExecution) ServicesManager(org.apereo.cas.services.ServicesManager) DefaultTicketFactory(org.apereo.cas.ticket.factory.DefaultTicketFactory) TicketFactory(org.apereo.cas.ticket.TicketFactory) DefaultProxyGrantingTicketFactory(org.apereo.cas.ticket.factory.DefaultProxyGrantingTicketFactory) DefaultProxyTicketFactory(org.apereo.cas.ticket.factory.DefaultProxyTicketFactory) DefaultTransientSessionTicketFactory(org.apereo.cas.ticket.factory.DefaultTransientSessionTicketFactory) DefaultServiceTicketFactory(org.apereo.cas.ticket.factory.DefaultServiceTicketFactory) DefaultTicketGrantingTicketFactory(org.apereo.cas.ticket.factory.DefaultTicketGrantingTicketFactory) Authentication(org.apereo.cas.authentication.Authentication) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) CredentialMetaData(org.apereo.cas.authentication.CredentialMetaData) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData) AuditableExecutionResult(org.apereo.cas.audit.AuditableExecutionResult) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData) Before(org.junit.Before)

Example 3 with AuditableExecution

use of org.apereo.cas.audit.AuditableExecution in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method verifyStartAuthentication.

@Test
public void verifyStartAuthentication() throws Exception {
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(ThemeChangeInterceptor.DEFAULT_PARAM_NAME, MY_THEME);
    mockRequest.setParameter(LocaleChangeInterceptor.DEFAULT_PARAM_NAME, MY_LOCALE);
    mockRequest.setParameter(CasProtocolConstants.PARAMETER_METHOD, MY_METHOD);
    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);
    when(servletExternalContext.getNativeResponse()).thenReturn(mockResponse);
    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    final Service service = RegisteredServiceTestUtils.getService(MY_SERVICE);
    mockRequestContext.getFlowScope().put(CasProtocolConstants.PARAMETER_SERVICE, service);
    final FacebookClient facebookClient = new FacebookClient(MY_KEY, MY_SECRET);
    final TwitterClient twitterClient = new TwitterClient("3nJPbVTVRZWAyUgoUKQ8UA", "h6LZyZJmcW46Vu8R47MYfeXTSYGI30EqnWaSwVhFkbA");
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient, twitterClient);
    final AuditableExecution enforcer = mock(AuditableExecution.class);
    when(enforcer.execute(any())).thenReturn(new AuditableExecutionResult());
    final DefaultTicketRegistry ticketRegistry = new DefaultTicketRegistry();
    final DelegatedClientWebflowManager manager = new DelegatedClientWebflowManager(ticketRegistry, new DefaultTransientSessionTicketFactory(new HardTimeoutExpirationPolicy(60)), ThemeChangeInterceptor.DEFAULT_PARAM_NAME, LocaleChangeInterceptor.DEFAULT_PARAM_NAME, new WebApplicationServiceFactory(), "https://cas.example.org", new DefaultAuthenticationServiceSelectionPlan(new DefaultAuthenticationServiceSelectionStrategy()));
    final Ticket ticket = manager.store(Pac4jUtils.getPac4jJ2EContext(mockRequest, new MockHttpServletResponse()), facebookClient);
    mockRequest.addParameter(DelegatedClientWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    final DelegatedClientAuthenticationAction action = new DelegatedClientAuthenticationAction(clients, null, mock(CentralAuthenticationService.class), getServicesManagerWith(service, facebookClient), enforcer, manager, new DelegatedSessionCookieManager(mock(CookieRetrievingCookieGenerator.class)));
    final Event event = action.execute(mockRequestContext);
    assertEquals("error", event.getId());
    manager.retrieve(mockRequestContext, Pac4jUtils.getPac4jJ2EContext(mockRequest, new MockHttpServletResponse()), facebookClient);
    assertEquals(MY_THEME, mockRequest.getAttribute(ThemeChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(LocaleChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(MY_METHOD, mockRequest.getAttribute(CasProtocolConstants.PARAMETER_METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    final Set<DelegatedClientAuthenticationAction.ProviderLoginPageConfiguration> urls = (Set<DelegatedClientAuthenticationAction.ProviderLoginPageConfiguration>) flowScope.get(DelegatedClientAuthenticationAction.PAC4J_URLS);
    assertFalse(urls.isEmpty());
    assertSame(2, urls.size());
}
Also used : TwitterClient(org.pac4j.oauth.client.TwitterClient) Set(java.util.Set) FacebookClient(org.pac4j.oauth.client.FacebookClient) DefaultAuthenticationServiceSelectionPlan(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan) DefaultTransientSessionTicketFactory(org.apereo.cas.ticket.factory.DefaultTransientSessionTicketFactory) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) DefaultTicketRegistry(org.apereo.cas.ticket.registry.DefaultTicketRegistry) WebApplicationServiceFactory(org.apereo.cas.authentication.principal.WebApplicationServiceFactory) MutableAttributeMap(org.springframework.webflow.core.collection.MutableAttributeMap) AuditableExecutionResult(org.apereo.cas.audit.AuditableExecutionResult) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) DefaultAuthenticationServiceSelectionStrategy(org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Ticket(org.apereo.cas.ticket.Ticket) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.support.HardTimeoutExpirationPolicy) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) Service(org.apereo.cas.authentication.principal.Service) MockRequestContext(org.springframework.webflow.test.MockRequestContext) Clients(org.pac4j.core.client.Clients) AuditableExecution(org.apereo.cas.audit.AuditableExecution) DelegatedClientWebflowManager(org.apereo.cas.web.DelegatedClientWebflowManager) DelegatedSessionCookieManager(org.apereo.cas.web.pac4j.DelegatedSessionCookieManager) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) Event(org.springframework.webflow.execution.Event) Test(org.junit.Test)

Aggregations

AuditableExecution (org.apereo.cas.audit.AuditableExecution)3 AuditableExecutionResult (org.apereo.cas.audit.AuditableExecutionResult)3 DefaultAuthenticationServiceSelectionPlan (org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan)3 DefaultAuthenticationServiceSelectionStrategy (org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy)3 Service (org.apereo.cas.authentication.principal.Service)3 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)3 DefaultTransientSessionTicketFactory (org.apereo.cas.ticket.factory.DefaultTransientSessionTicketFactory)3 CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)2 Authentication (org.apereo.cas.authentication.Authentication)2 WebApplicationServiceFactory (org.apereo.cas.authentication.principal.WebApplicationServiceFactory)2 AbstractRegisteredService (org.apereo.cas.services.AbstractRegisteredService)2 Ticket (org.apereo.cas.ticket.Ticket)2 DefaultTicketRegistry (org.apereo.cas.ticket.registry.DefaultTicketRegistry)2 HardTimeoutExpirationPolicy (org.apereo.cas.ticket.support.HardTimeoutExpirationPolicy)2 DelegatedClientWebflowManager (org.apereo.cas.web.DelegatedClientWebflowManager)2 DelegatedSessionCookieManager (org.apereo.cas.web.pac4j.DelegatedSessionCookieManager)2 Test (org.junit.Test)2 Clients (org.pac4j.core.client.Clients)2 FacebookClient (org.pac4j.oauth.client.FacebookClient)2 HashMap (java.util.HashMap)1