Examples with Credential org.apereo.cas.authentication.Credential used on opensource projects

Example 16 with Credential

use of org.apereo.cas.authentication.Credential in project cas by apereo.

the class X509CredentialFactoryTests method createDefaultCredential.

@Test
public void createDefaultCredential() {
    final MultiValueMap<String, String> requestBody = new LinkedMultiValueMap<>();
    requestBody.add("username", "name");
    requestBody.add("password", "passwd");
    final Credential cred = factory.fromRequestBody(requestBody);
    assertTrue(cred instanceof UsernamePasswordCredential);
}

Example 17 with Credential

use of org.apereo.cas.authentication.Credential in project cas by apereo.

the class X509CredentialFactoryTests method createX509Credential.

@Test
public void createX509Credential() throws IOException {
    final MultiValueMap<String, String> requestBody = new LinkedMultiValueMap<>();
    final Scanner scan = new Scanner(new ClassPathResource("ldap-crl.crt").getFile());
    final String certStr = scan.useDelimiter("\\Z").next();
    scan.close();
    requestBody.add("cert", certStr);
    final Credential cred = factory.fromRequestBody(requestBody);
    assertTrue(cred instanceof X509CertificateCredential);
}

Example 18 with Credential

use of org.apereo.cas.authentication.Credential in project cas by apereo.

the class AbstractServiceValidateController method handleTicketValidation.

/**
     * Handle ticket validation model and view.
     *
     * @param request         the request
     * @param service         the service
     * @param serviceTicketId the service ticket id
     * @return the model and view
     */
protected ModelAndView handleTicketValidation(final HttpServletRequest request, final WebApplicationService service, final String serviceTicketId) {
    TicketGrantingTicket proxyGrantingTicketId = null;
    final Credential serviceCredential = getServiceCredentialsFromRequest(service, request);
    if (serviceCredential != null) {
        try {
            proxyGrantingTicketId = handleProxyGrantingTicketDelivery(serviceTicketId, serviceCredential);
        } catch (final AuthenticationException e) {
            LOGGER.warn("Failed to authenticate service credential [{}]", serviceCredential);
            return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
        } catch (final InvalidTicketException e) {
            LOGGER.error("Failed to create proxy granting ticket due to an invalid ticket for [{}]", serviceCredential, e);
            return generateErrorView(e.getCode(), new Object[] { serviceTicketId }, request, service);
        } catch (final AbstractTicketException e) {
            LOGGER.error("Failed to create proxy granting ticket for [{}]", serviceCredential, e);
            return generateErrorView(e.getCode(), new Object[] { serviceCredential.getId() }, request, service);
        }
    }
    final Assertion assertion = this.centralAuthenticationService.validateServiceTicket(serviceTicketId, service);
    if (!validateAssertion(request, serviceTicketId, assertion)) {
        return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_TICKET, new Object[] { serviceTicketId }, request, service);
    }
    final Pair<Boolean, Optional<MultifactorAuthenticationProvider>> ctxResult = validateAuthenticationContext(assertion, request);
    if (!ctxResult.getKey()) {
        throw new UnsatisfiedAuthenticationContextTicketValidationException(assertion.getService());
    }
    String proxyIou = null;
    if (serviceCredential != null && this.proxyHandler.canHandle(serviceCredential)) {
        proxyIou = handleProxyIouDelivery(serviceCredential, proxyGrantingTicketId);
        if (StringUtils.isEmpty(proxyIou)) {
            return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
        }
    } else {
        LOGGER.debug("No service credentials specified, and/or the proxy handler [{}] cannot handle credentials", this.proxyHandler.getClass().getSimpleName());
    }
    onSuccessfulValidation(serviceTicketId, assertion);
    LOGGER.debug("Successfully validated service ticket [{}] for service [{}]", serviceTicketId, service.getId());
    return generateSuccessView(assertion, proxyIou, service, request, ctxResult.getValue(), proxyGrantingTicketId);
}

Example 19 with Credential

use of org.apereo.cas.authentication.Credential in project cas by apereo.

the class AbstractServiceValidateControllerTests method verifyValidServiceTicketWithValidPgtAndProxyHandlerFailing.

@Test
public void verifyValidServiceTicketWithValidPgtAndProxyHandlerFailing() throws Exception {
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), SERVICE);
    final TicketGrantingTicket tId = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), SERVICE, ctx);
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.addParameter(SERVICE_PARAM, SERVICE.getId());
    request.addParameter(TICKET_PARAM, sId.getId());
    request.addParameter(PGT_URL_PARAM, GITHUB_URL);
    this.serviceValidateController.setProxyHandler(new ProxyHandler() {

        @Override
        public String handle(final Credential credential, final TicketGrantingTicket proxyGrantingTicketId) {
            return null;
        }

        @Override
        public boolean canHandle(final Credential credential) {
            return true;
        }
    });
    final ModelAndView modelAndView = this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse());
    assertFalse(modelAndView.getView().toString().contains(SUCCESS));
    assertNull(modelAndView.getModel().get(PGT_IOU_PARAM));
}

Example 20 with Credential

use of org.apereo.cas.authentication.Credential in project cas by apereo.

the class KryoTranscoderTests method verifyEncodeDecodeTGTImpl.

@Test
public void verifyEncodeDecodeTGTImpl() throws Exception {
    final Credential userPassCredential = new UsernamePasswordCredential(USERNAME, PASSWORD);
    final AuthenticationBuilder bldr = new DefaultAuthenticationBuilder(new DefaultPrincipalFactory().createPrincipal("user", new HashMap<>(this.principalAttributes)));
    bldr.setAttributes(new HashMap<>(this.principalAttributes));
    bldr.setAuthenticationDate(ZonedDateTime.now());
    bldr.addCredential(new BasicCredentialMetaData(userPassCredential));
    bldr.addFailure("error", AccountNotFoundException.class);
    bldr.addSuccess("authn", new DefaultHandlerResult(new AcceptUsersAuthenticationHandler(""), new BasicCredentialMetaData(userPassCredential)));
    final TicketGrantingTicket expectedTGT = new TicketGrantingTicketImpl(TGT_ID, RegisteredServiceTestUtils.getService(), null, bldr.build(), new NeverExpiresExpirationPolicy());
    final ServiceTicket ticket = expectedTGT.grantServiceTicket(ST_ID, RegisteredServiceTestUtils.getService(), new NeverExpiresExpirationPolicy(), false, true);
    CachedData result = transcoder.encode(expectedTGT);
    final TicketGrantingTicket resultTicket = (TicketGrantingTicket) transcoder.decode(result);
    assertEquals(expectedTGT, resultTicket);
    result = transcoder.encode(ticket);
    final ServiceTicket resultStTicket = (ServiceTicket) transcoder.decode(result);
    assertEquals(ticket, resultStTicket);
}