Search in sources :

Example 26 with UsernamePasswordCredential

use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.

the class ECPSamlIdPProfileHandlerController method extractBasicAuthenticationCredential.

private Credential extractBasicAuthenticationCredential(final HttpServletRequest request, final HttpServletResponse response) {
    val extractor = new BasicAuthExtractor();
    val webContext = new JEEContext(request, response);
    val credentialsResult = extractor.extract(webContext, configurationContext.getSessionStore());
    if (credentialsResult.isPresent()) {
        val credentials = (UsernamePasswordCredentials) credentialsResult.get();
        LOGGER.debug("Received basic authentication ECP request from credentials [{}]", credentials);
        return new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
    }
    return null;
}
Also used : lombok.val(lombok.val) BasicAuthExtractor(org.pac4j.core.credentials.extractor.BasicAuthExtractor) JEEContext(org.pac4j.core.context.JEEContext) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)

Example 27 with UsernamePasswordCredential

use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.

the class AuthenticationPolicyAwareServiceTicketValidationAuthorizerTests method verifyAllCredentialsValidatedAuthenticationPolicy.

@Test
public void verifyAllCredentialsValidatedAuthenticationPolicy() {
    val handlers = List.of(getTestOtpAuthenticationHandler(), getAcceptUsersAuthenticationHandler(), getSimpleTestAuthenticationHandler());
    val service = CoreAuthenticationTestUtils.getService("https://example.com/high/");
    val authz = getAuthorizer(new AllCredentialsValidatedAuthenticationPolicy(), handlers);
    val map = (Map) Map.of(new UsernamePasswordCredential(), getAcceptUsersAuthenticationHandler(), getOtpCredential(), getTestOtpAuthenticationHandler());
    val assertion = getAssertion(map);
    assertDoesNotThrow(new Executable() {

        @Override
        public void execute() {
            authz.authorize(new MockHttpServletRequest(), service, assertion);
        }
    });
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AllCredentialsValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy) Executable(org.junit.jupiter.api.function.Executable) Map(java.util.Map) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 28 with UsernamePasswordCredential

use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.

the class AuthenticationPolicyAwareServiceTicketValidationAuthorizerTests method verifyRequiredHandlerAuthenticationPolicyTryAll.

@Test
public void verifyRequiredHandlerAuthenticationPolicyTryAll() {
    val handler = getAcceptUsersAuthenticationHandler();
    val handlers = List.of(getTestOtpAuthenticationHandler(), handler, getSimpleTestAuthenticationHandler());
    val service = CoreAuthenticationTestUtils.getService("https://example.com/high/");
    val authz = getAuthorizer(new RequiredAuthenticationHandlerAuthenticationPolicy(Set.of(handler.getName()), true), handlers);
    val map = (Map) Map.of(new UsernamePasswordCredential(), handler, getOtpCredential(), getTestOtpAuthenticationHandler());
    val assertion = getAssertion(map);
    assertDoesNotThrow(new Executable() {

        @Override
        public void execute() {
            authz.authorize(new MockHttpServletRequest(), service, assertion);
        }
    });
}
Also used : lombok.val(lombok.val) RequiredAuthenticationHandlerAuthenticationPolicy(org.apereo.cas.authentication.policy.RequiredAuthenticationHandlerAuthenticationPolicy) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Executable(org.junit.jupiter.api.function.Executable) Map(java.util.Map) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 29 with UsernamePasswordCredential

use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.

the class AuthenticationPolicyAwareServiceTicketValidationAuthorizerTests method verifyOperationWithHandlersAndAtLeastOneCredentialMustTryAll.

@Test
public void verifyOperationWithHandlersAndAtLeastOneCredentialMustTryAll() {
    val handlers = List.of(getTestOtpAuthenticationHandler(), getAcceptUsersAuthenticationHandler(), getSimpleTestAuthenticationHandler());
    val service = CoreAuthenticationTestUtils.getService("https://example.com/high/");
    val authz = getAuthorizer(new AtLeastOneCredentialValidatedAuthenticationPolicy(true), handlers);
    val map = (Map) Map.of(new UsernamePasswordCredential(), getAcceptUsersAuthenticationHandler(), getOtpCredential(), getTestOtpAuthenticationHandler());
    val assertion = getAssertion(map);
    assertDoesNotThrow(new Executable() {

        @Override
        public void execute() {
            authz.authorize(new MockHttpServletRequest(), service, assertion);
        }
    });
}
Also used : lombok.val(lombok.val) AtLeastOneCredentialValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Executable(org.junit.jupiter.api.function.Executable) Map(java.util.Map) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 30 with UsernamePasswordCredential

use of org.apereo.cas.authentication.credential.UsernamePasswordCredential in project cas by apereo.

the class AuthenticationPolicyAwareServiceTicketValidationAuthorizerTests method verifyOperationWithExcludedHandlers.

@Test
public void verifyOperationWithExcludedHandlers() {
    val h1 = getTestOtpAuthenticationHandler();
    val h2 = getSimpleTestAuthenticationHandler();
    val handlers = List.of(h1, getAcceptUsersAuthenticationHandler(), h2);
    val service = CoreAuthenticationTestUtils.getService("https://example.com/high/");
    val authz = getAuthorizer(new ExcludedAuthenticationHandlerAuthenticationPolicy(Set.of(h1.getName(), h2.getName()), false), handlers);
    val map = (Map) Map.of(new UsernamePasswordCredential(), getAcceptUsersAuthenticationHandler(), getOtpCredential(), h1);
    val assertion = getAssertion(map);
    assertThrows(UnauthorizedServiceException.class, () -> authz.authorize(new MockHttpServletRequest(), service, assertion));
}
Also used : lombok.val(lombok.val) ExcludedAuthenticationHandlerAuthenticationPolicy(org.apereo.cas.authentication.policy.ExcludedAuthenticationHandlerAuthenticationPolicy) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Map(java.util.Map) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

lombok.val (lombok.val)111 UsernamePasswordCredential (org.apereo.cas.authentication.credential.UsernamePasswordCredential)111 Test (org.junit.jupiter.api.Test)74 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)30 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)14 SimpleTestUsernamePasswordAuthenticationHandler (org.apereo.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler)12 HashMap (java.util.HashMap)8 Map (java.util.Map)8 BasicCredentialMetaData (org.apereo.cas.authentication.metadata.BasicCredentialMetaData)8 LinkedHashMap (java.util.LinkedHashMap)7 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)7 Executable (org.junit.jupiter.api.function.Executable)7 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)6 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)6 MockRequestContext (org.springframework.webflow.test.MockRequestContext)6 ArrayList (java.util.ArrayList)5 ClassPathResource (org.springframework.core.io.ClassPathResource)5 MockServletContext (org.springframework.mock.web.MockServletContext)5 FailedLoginException (javax.security.auth.login.FailedLoginException)4 SurrogateUsernamePasswordCredential (org.apereo.cas.authentication.SurrogateUsernamePasswordCredential)4