use of org.apereo.cas.authentication.Credential in project cas by apereo.
the class PersonDirectoryPrincipalResolverTests method verifyAttributesWithPrincipal.
@Test
public void verifyAttributesWithPrincipal() {
final PersonDirectoryPrincipalResolver resolver = new PersonDirectoryPrincipalResolver(CoreAuthenticationTestUtils.getAttributeRepository(), "cn");
final Credential c = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
final Principal p = resolver.resolve(c, null);
assertNotNull(p);
assertNotEquals(p.getId(), CoreAuthenticationTestUtils.CONST_USERNAME);
assertTrue(p.getAttributes().containsKey("memberOf"));
}
use of org.apereo.cas.authentication.Credential in project cas by apereo.
the class PersonDirectoryPrincipalResolverTests method verifyNoAttributesWithPrincipal.
@Test
public void verifyNoAttributesWithPrincipal() {
final PersonDirectoryPrincipalResolver resolver = new PersonDirectoryPrincipalResolver(CoreAuthenticationTestUtils.getAttributeRepository(), CoreAuthenticationTestUtils.CONST_USERNAME);
final Credential c = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
final Principal p = resolver.resolve(c, null);
assertNotNull(p);
}
use of org.apereo.cas.authentication.Credential in project cas by apereo.
the class AbstractServiceValidateController method handleTicketValidation.
/**
* Handle ticket validation model and view.
*
* @param request the request
* @param service the service
* @param serviceTicketId the service ticket id
* @return the model and view
*/
protected ModelAndView handleTicketValidation(final HttpServletRequest request, final WebApplicationService service, final String serviceTicketId) {
TicketGrantingTicket proxyGrantingTicketId = null;
final Credential serviceCredential = getServiceCredentialsFromRequest(service, request);
if (serviceCredential != null) {
try {
proxyGrantingTicketId = handleProxyGrantingTicketDelivery(serviceTicketId, serviceCredential);
} catch (final AuthenticationException e) {
LOGGER.warn("Failed to authenticate service credential [{}]", serviceCredential);
return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
} catch (final InvalidTicketException e) {
LOGGER.error("Failed to create proxy granting ticket due to an invalid ticket for [{}]", serviceCredential, e);
return generateErrorView(e.getCode(), new Object[] { serviceTicketId }, request, service);
} catch (final AbstractTicketException e) {
LOGGER.error("Failed to create proxy granting ticket for [{}]", serviceCredential, e);
return generateErrorView(e.getCode(), new Object[] { serviceCredential.getId() }, request, service);
}
}
final Assertion assertion = this.centralAuthenticationService.validateServiceTicket(serviceTicketId, service);
if (!validateAssertion(request, serviceTicketId, assertion, service)) {
return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_TICKET, new Object[] { serviceTicketId }, request, service);
}
final Pair<Boolean, Optional<MultifactorAuthenticationProvider>> ctxResult = validateAuthenticationContext(assertion, request);
if (!ctxResult.getKey()) {
throw new UnsatisfiedAuthenticationContextTicketValidationException(assertion.getService());
}
String proxyIou = null;
if (serviceCredential != null && this.proxyHandler != null && this.proxyHandler.canHandle(serviceCredential)) {
proxyIou = handleProxyIouDelivery(serviceCredential, proxyGrantingTicketId);
if (StringUtils.isEmpty(proxyIou)) {
return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
}
} else {
LOGGER.debug("No service credentials specified, and/or the proxy handler [{}] cannot handle credentials", this.proxyHandler);
}
onSuccessfulValidation(serviceTicketId, assertion);
LOGGER.debug("Successfully validated service ticket [{}] for service [{}]", serviceTicketId, service.getId());
return generateSuccessView(assertion, proxyIou, service, request, ctxResult.getValue(), proxyGrantingTicketId);
}
use of org.apereo.cas.authentication.Credential in project cas by apereo.
the class ECPProfileHandlerController method handleEcpRequest.
/**
* Handle ecp request.
*
* @param response the response
* @param request the request
* @throws Exception the exception
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_IDP_ECP_PROFILE_SSO, consumes = { MediaType.TEXT_XML_VALUE, "application/vnd.paos.xml" })
public void handleEcpRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
final MessageContext soapContext = decodeSoapRequest(request);
final Credential credential = extractBasicAuthenticationCredential(request, response);
if (credential == null) {
LOGGER.error("Credentials could not be extracted from the SAML ECP request");
return;
}
if (soapContext == null) {
LOGGER.error("SAML ECP request could not be determined from the authentication request");
return;
}
handleEcpRequest(response, request, soapContext, credential);
}
use of org.apereo.cas.authentication.Credential in project cas by apereo.
the class TicketOrCredentialPrincipalResolverTests method verifyResolverServiceTicket.
@Test
public void verifyResolverServiceTicket() throws Exception {
final Credential c = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), c);
final TicketGrantingTicket ticketId = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
final ServiceTicket st = getCentralAuthenticationService().grantServiceTicket(ticketId.getId(), CoreAuthenticationTestUtils.getService(), ctx);
final TicketOrCredentialPrincipalResolver res = new TicketOrCredentialPrincipalResolver(getCentralAuthenticationService());
final JoinPoint jp = mock(JoinPoint.class);
when(jp.getArgs()).thenReturn(new Object[] { st.getId() });
final String result = res.resolveFrom(jp, null);
assertNotNull(result);
assertEquals(result, c.getId());
}
Aggregations