Search in sources :

Example 41 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class AbstractOAuth20Tests method addCode.

protected OAuthCode addCode(final Principal principal, final RegisteredService registeredService) {
    final Authentication authentication = getAuthentication(principal);
    final WebApplicationServiceFactory factory = new WebApplicationServiceFactory();
    final Service service = factory.createService(registeredService.getServiceId());
    final OAuthCode code = oAuthCodeFactory.create(service, authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
    this.ticketRegistry.addTicket(code);
    return code;
}
Also used : MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) WebApplicationServiceFactory(org.apereo.cas.authentication.principal.WebApplicationServiceFactory) RegisteredService(org.apereo.cas.services.RegisteredService) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) Service(org.apereo.cas.authentication.principal.Service) OAuthCode(org.apereo.cas.ticket.code.OAuthCode)

Example 42 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientExpiredCode.

@Test
public void verifyClientExpiredCode() throws Exception {
    final RegisteredService registeredService = getRegisteredService(REDIRECT_URI, CLIENT_SECRET);
    servicesManager.save(registeredService);
    final Map<String, Object> map = new HashMap<>();
    map.put(NAME, VALUE);
    final List<String> list = Arrays.asList(VALUE, VALUE);
    map.put(NAME2, list);
    final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
    final Authentication authentication = getAuthentication(principal);
    final DefaultOAuthCodeFactory expiringOAuthCodeFactory = new DefaultOAuthCodeFactory(new AlwaysExpiresExpirationPolicy());
    final WebApplicationServiceFactory factory = new WebApplicationServiceFactory();
    final Service service = factory.createService(registeredService.getServiceId());
    final OAuthCode code = expiringOAuthCodeFactory.create(service, authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
    this.ticketRegistry.addTicket(code);
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(HttpMethod.GET.name(), CONTEXT + OAuth20Constants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuth20Constants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuth20Constants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuth20Constants.CLIENT_SECRET, CLIENT_SECRET);
    mockRequest.setParameter(OAuth20Constants.CODE, code.getId());
    mockRequest.setParameter(OAuth20Constants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
    servicesManager.save(getRegisteredService(REDIRECT_URI, CLIENT_SECRET));
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequest(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuth20Constants.INVALID_REQUEST, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) AlwaysExpiresExpirationPolicy(org.apereo.cas.ticket.support.AlwaysExpiresExpirationPolicy) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) WebApplicationServiceFactory(org.apereo.cas.authentication.principal.WebApplicationServiceFactory) DefaultOAuthCodeFactory(org.apereo.cas.ticket.code.DefaultOAuthCodeFactory) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 43 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class OAuth20ProfileControllerTests method verifyOK.

@Test
public void verifyOK() throws Exception {
    final Map<String, Object> map = new HashMap<>();
    map.put(NAME, VALUE);
    final List<String> list = Arrays.asList(VALUE, VALUE);
    map.put(NAME2, list);
    final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
    final Authentication authentication = getAuthentication(principal);
    final AccessToken accessToken = accessTokenFactory.create(RegisteredServiceTestUtils.getService(), authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
    this.ticketRegistry.addTicket(accessToken);
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuth20Constants.PROFILE_URL);
    mockRequest.setParameter(OAuth20Constants.ACCESS_TOKEN, accessToken.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final ResponseEntity<String> entity = oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
    assertEquals(HttpStatus.OK, entity.getStatusCode());
    assertEquals(CONTENT_TYPE, mockResponse.getContentType());
    final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}";
    final JsonNode expectedObj = MAPPER.readTree(expected);
    final JsonNode receivedObj = MAPPER.readTree(entity.getBody());
    assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText());
    final JsonNode expectedAttributes = expectedObj.get(ATTRIBUTES_PARAM);
    final JsonNode receivedAttributes = receivedObj.get(ATTRIBUTES_PARAM);
    assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText());
    assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2));
}
Also used : HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 44 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class OAuth20ProfileControllerTests method verifyOKWithExpiredTicketGrantingTicket.

@Test
public void verifyOKWithExpiredTicketGrantingTicket() throws Exception {
    final Map<String, Object> map = new HashMap<>();
    map.put(NAME, VALUE);
    final List<String> list = Arrays.asList(VALUE, VALUE);
    map.put(NAME2, list);
    final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
    final Authentication authentication = getAuthentication(principal);
    final AccessToken accessToken = accessTokenFactory.create(RegisteredServiceTestUtils.getService(), authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
    accessToken.getTicketGrantingTicket().markTicketExpired();
    this.ticketRegistry.addTicket(accessToken);
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuth20Constants.PROFILE_URL);
    mockRequest.setParameter(OAuth20Constants.ACCESS_TOKEN, accessToken.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final ResponseEntity<String> entity = oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
    assertEquals(HttpStatus.OK, entity.getStatusCode());
    assertEquals(CONTENT_TYPE, mockResponse.getContentType());
    final ObjectNode expectedObj = MAPPER.createObjectNode();
    final ObjectNode attrNode = MAPPER.createObjectNode();
    attrNode.put(NAME, VALUE);
    final ArrayNode values = MAPPER.createArrayNode();
    values.add(VALUE);
    values.add(VALUE);
    attrNode.put(NAME2, values);
    expectedObj.put("id", ID);
    expectedObj.put("attributes", attrNode);
    final JsonNode receivedObj = MAPPER.readTree(entity.getBody());
    assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText());
    final JsonNode expectedAttributes = expectedObj.get(ATTRIBUTES_PARAM);
    final JsonNode receivedAttributes = receivedObj.get(ATTRIBUTES_PARAM);
    assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText());
    assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2));
}
Also used : ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken) ArrayNode(com.fasterxml.jackson.databind.node.ArrayNode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 45 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class OAuth20ProfileControllerTests method verifyOKWithAuthorizationHeader.

@Test
public void verifyOKWithAuthorizationHeader() throws Exception {
    final Map<String, Object> map = new HashMap<>();
    map.put(NAME, VALUE);
    final List<String> list = Arrays.asList(VALUE, VALUE);
    map.put(NAME2, list);
    final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
    final Authentication authentication = getAuthentication(principal);
    final AccessToken accessToken = accessTokenFactory.create(RegisteredServiceTestUtils.getService(), authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
    this.ticketRegistry.addTicket(accessToken);
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuth20Constants.PROFILE_URL);
    mockRequest.addHeader("Authorization", OAuth20Constants.BEARER_TOKEN + ' ' + accessToken.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final ResponseEntity<String> entity = oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
    assertEquals(HttpStatus.OK, entity.getStatusCode());
    assertEquals(CONTENT_TYPE, mockResponse.getContentType());
    final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}";
    final JsonNode expectedObj = MAPPER.readTree(expected);
    final JsonNode receivedObj = MAPPER.readTree(entity.getBody());
    assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText());
    final JsonNode expectedAttributes = expectedObj.get(ATTRIBUTES_PARAM);
    final JsonNode receivedAttributes = receivedObj.get(ATTRIBUTES_PARAM);
    assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText());
    assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2));
}
Also used : HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

Authentication (org.apereo.cas.authentication.Authentication)125 RegisteredService (org.apereo.cas.services.RegisteredService)58 Service (org.apereo.cas.authentication.principal.Service)44 lombok.val (lombok.val)38 HttpServletRequest (javax.servlet.http.HttpServletRequest)32 Slf4j (lombok.extern.slf4j.Slf4j)32 Principal (org.apereo.cas.authentication.principal.Principal)26 Event (org.springframework.webflow.execution.Event)25 Optional (java.util.Optional)23 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)22 Test (org.junit.Test)21 MultifactorAuthenticationProvider (org.apereo.cas.services.MultifactorAuthenticationProvider)20 AuthenticationException (org.apereo.cas.authentication.AuthenticationException)19 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)17 Collection (java.util.Collection)16 StringUtils (org.apache.commons.lang3.StringUtils)16 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)15 ServiceTicket (org.apereo.cas.ticket.ServiceTicket)15 WebUtils (org.apereo.cas.web.support.WebUtils)14 RequestContext (org.springframework.webflow.execution.RequestContext)14