Search in sources :

Example 1 with AuthenticationHandlerExecutionResult

use of org.apereo.cas.authentication.AuthenticationHandlerExecutionResult in project cas by apereo.

the class OAuth20CasAuthenticationBuilder method build.

/**
 * Create an authentication from a user profile.
 *
 * @param profile           the given user profile
 * @param registeredService the registered service
 * @param context           the context
 * @param service           the service
 * @return the built authentication
 */
public Authentication build(final UserProfile profile, final OAuthRegisteredService registeredService, final J2EContext context, final Service service) {
    final Map<String, Object> profileAttributes = getPrincipalAttributesFromProfile(profile);
    final Principal newPrincipal = this.principalFactory.createPrincipal(profile.getId(), profileAttributes);
    LOGGER.debug("Created final principal [{}] after filtering attributes based on [{}]", newPrincipal, registeredService);
    final String authenticator = profile.getClass().getCanonicalName();
    final CredentialMetaData metadata = new BasicCredentialMetaData(new BasicIdentifiableCredential(profile.getId()));
    final AuthenticationHandlerExecutionResult handlerResult = new DefaultAuthenticationHandlerExecutionResult(authenticator, metadata, newPrincipal, new ArrayList<>());
    final Set<Object> scopes = CollectionUtils.toCollection(context.getRequest().getParameterValues(OAuth20Constants.SCOPE));
    final String state = StringUtils.defaultIfBlank(context.getRequestParameter(OAuth20Constants.STATE), StringUtils.EMPTY);
    final String nonce = StringUtils.defaultIfBlank(context.getRequestParameter(OAuth20Constants.NONCE), StringUtils.EMPTY);
    LOGGER.debug("OAuth [{}] is [{}], and [{}] is [{}]", OAuth20Constants.STATE, state, OAuth20Constants.NONCE, nonce);
    /*
         * pac4j UserProfile.getPermissions() and getRoles() returns UnmodifiableSet which Jackson Serializer
         * happily serializes to json but is unable to deserialize.
         * We have to of it to HashSet to avoid such problem
         */
    final AuthenticationBuilder bldr = DefaultAuthenticationBuilder.newInstance().addAttribute("permissions", new HashSet<>(profile.getPermissions())).addAttribute("roles", new HashSet<>(profile.getRoles())).addAttribute("scopes", scopes).addAttribute(OAuth20Constants.STATE, state).addAttribute(OAuth20Constants.NONCE, nonce).addCredential(metadata).setPrincipal(newPrincipal).setAuthenticationDate(ZonedDateTime.now()).addSuccess(profile.getClass().getCanonicalName(), handlerResult);
    collectionAuthenticationAttributesIfNecessary(profile, bldr);
    return bldr.build();
}
Also used : DefaultAuthenticationBuilder(org.apereo.cas.authentication.DefaultAuthenticationBuilder) AuthenticationBuilder(org.apereo.cas.authentication.AuthenticationBuilder) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) BasicIdentifiableCredential(org.apereo.cas.authentication.BasicIdentifiableCredential) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData) CredentialMetaData(org.apereo.cas.authentication.CredentialMetaData) Principal(org.apereo.cas.authentication.principal.Principal) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData) HashSet(java.util.HashSet)

Example 2 with AuthenticationHandlerExecutionResult

use of org.apereo.cas.authentication.AuthenticationHandlerExecutionResult in project cas by apereo.

the class AbstractOAuth20Tests method getAuthentication.

protected static Authentication getAuthentication(final Principal principal) {
    final CredentialMetaData metadata = new BasicCredentialMetaData(new BasicIdentifiableCredential(principal.getId()));
    final AuthenticationHandlerExecutionResult handlerResult = new DefaultAuthenticationHandlerExecutionResult(principal.getClass().getCanonicalName(), metadata, principal, new ArrayList<>());
    return DefaultAuthenticationBuilder.newInstance().setPrincipal(principal).setAuthenticationDate(ZonedDateTime.now()).addCredential(metadata).addSuccess(principal.getClass().getCanonicalName(), handlerResult).build();
}
Also used : BasicIdentifiableCredential(org.apereo.cas.authentication.BasicIdentifiableCredential) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData) CredentialMetaData(org.apereo.cas.authentication.CredentialMetaData) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData)

Example 3 with AuthenticationHandlerExecutionResult

use of org.apereo.cas.authentication.AuthenticationHandlerExecutionResult in project cas by apereo.

the class OAuth20ProfileControllerTests method getAuthentication.

protected static Authentication getAuthentication(final Principal principal) {
    final CredentialMetaData metadata = new BasicCredentialMetaData(new BasicIdentifiableCredential(principal.getId()));
    final AuthenticationHandlerExecutionResult handlerResult = new DefaultAuthenticationHandlerExecutionResult(principal.getClass().getCanonicalName(), metadata, principal, new ArrayList<>());
    return DefaultAuthenticationBuilder.newInstance().setPrincipal(principal).addCredential(metadata).setAuthenticationDate(ZonedDateTime.now()).addSuccess(principal.getClass().getCanonicalName(), handlerResult).build();
}
Also used : BasicIdentifiableCredential(org.apereo.cas.authentication.BasicIdentifiableCredential) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData) CredentialMetaData(org.apereo.cas.authentication.CredentialMetaData) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) BasicCredentialMetaData(org.apereo.cas.authentication.BasicCredentialMetaData)

Example 4 with AuthenticationHandlerExecutionResult

use of org.apereo.cas.authentication.AuthenticationHandlerExecutionResult in project cas by apereo.

the class ClientAuthenticationHandlerTests method verifyOkWithSimpleIdentifier.

@Test
public void verifyOkWithSimpleIdentifier() throws GeneralSecurityException, PreventedException {
    this.handler.setTypedIdUsed(false);
    final FacebookProfile facebookProfile = new FacebookProfile();
    facebookProfile.setId(ID);
    this.fbClient.setProfileCreator((oAuth20Credentials, webContext) -> facebookProfile);
    final AuthenticationHandlerExecutionResult result = this.handler.authenticate(this.clientCredential);
    final Principal principal = result.getPrincipal();
    assertEquals(ID, principal.getId());
}
Also used : AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) FacebookProfile(org.pac4j.oauth.profile.facebook.FacebookProfile) Principal(org.apereo.cas.authentication.principal.Principal) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 5 with AuthenticationHandlerExecutionResult

use of org.apereo.cas.authentication.AuthenticationHandlerExecutionResult in project cas by apereo.

the class ClientAuthenticationHandlerTests method verifyOk.

@Test
public void verifyOk() throws GeneralSecurityException, PreventedException {
    final FacebookProfile facebookProfile = new FacebookProfile();
    facebookProfile.setId(ID);
    this.fbClient.setProfileCreator((oAuth20Credentials, webContext) -> facebookProfile);
    final AuthenticationHandlerExecutionResult result = this.handler.authenticate(this.clientCredential);
    final Principal principal = result.getPrincipal();
    assertEquals(FacebookProfile.class.getName() + '#' + ID, principal.getId());
}
Also used : AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) FacebookProfile(org.pac4j.oauth.profile.facebook.FacebookProfile) Principal(org.apereo.cas.authentication.principal.Principal) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

AuthenticationHandlerExecutionResult (org.apereo.cas.authentication.AuthenticationHandlerExecutionResult)8 BasicCredentialMetaData (org.apereo.cas.authentication.BasicCredentialMetaData)4 CredentialMetaData (org.apereo.cas.authentication.CredentialMetaData)4 DefaultAuthenticationHandlerExecutionResult (org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult)4 BasicIdentifiableCredential (org.apereo.cas.authentication.BasicIdentifiableCredential)3 Principal (org.apereo.cas.authentication.principal.Principal)3 HashMap (java.util.HashMap)2 ServicesManager (org.apereo.cas.services.ServicesManager)2 Test (org.junit.Test)2 FacebookProfile (org.pac4j.oauth.profile.facebook.FacebookProfile)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 U2F (com.yubico.u2f.U2F)1 DeviceRegistration (com.yubico.u2f.data.DeviceRegistration)1 SignRequestData (com.yubico.u2f.data.messages.SignRequestData)1 SignResponse (com.yubico.u2f.data.messages.SignResponse)1 HashSet (java.util.HashSet)1 Map (java.util.Map)1 Objects (java.util.Objects)1 Collectors (java.util.stream.Collectors)1 lombok.val (lombok.val)1