use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OAuth20AuthorizeControllerTests method verifyCodeRedirectToClientApproved.
@Test
public void verifyCodeRedirectToClientApproved() throws Exception {
clearAllServices();
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(HttpMethod.GET.name(), CONTEXT + OAuth20Constants.AUTHORIZE_URL);
mockRequest.setParameter(OAuth20Constants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuth20Constants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuth20Constants.RESPONSE_TYPE, OAuth20ResponseTypes.CODE.name().toLowerCase());
mockRequest.setServerName(CAS_SERVER);
mockRequest.setServerPort(CAS_PORT);
mockRequest.setScheme(CAS_SCHEME);
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
final OAuthRegisteredService service = getRegisteredService(REDIRECT_URI, SERVICE_NAME);
service.setBypassApprovalPrompt(false);
this.servicesManager.save(service);
final CasProfile profile = new CasProfile();
profile.setId(ID);
final Map<String, Object> attributes = new HashMap<>();
attributes.put(FIRST_NAME_ATTRIBUTE, FIRST_NAME);
attributes.put(LAST_NAME_ATTRIBUTE, LAST_NAME);
profile.addAttributes(attributes);
final MockHttpSession session = new MockHttpSession();
mockRequest.setSession(session);
session.putValue(OAuth20Constants.BYPASS_APPROVAL_PROMPT, "true");
session.putValue(Pac4jConstants.USER_PROFILES, profile);
final ModelAndView modelAndView = oAuth20AuthorizeEndpointController.handleRequest(mockRequest, mockResponse);
final View view = modelAndView.getView();
assertTrue(view instanceof RedirectView);
final RedirectView redirectView = (RedirectView) view;
final String redirectUrl = redirectView.getUrl();
assertTrue(redirectUrl.startsWith(REDIRECT_URI + "?code=OC-"));
final String code = StringUtils.substringAfter(redirectUrl, "?code=");
final OAuthCode oAuthCode = (OAuthCode) this.ticketRegistry.getTicket(code);
assertNotNull(oAuthCode);
final Principal principal = oAuthCode.getAuthentication().getPrincipal();
assertEquals(ID, principal.getId());
final Map<String, Object> principalAttributes = principal.getAttributes();
assertEquals(attributes.size(), principalAttributes.size());
assertEquals(FIRST_NAME, principalAttributes.get(FIRST_NAME_ATTRIBUTE));
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OAuth20AuthorizeControllerTests method verifyCodeRedirectToClientWithState.
@Test
public void verifyCodeRedirectToClientWithState() throws Exception {
clearAllServices();
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(HttpMethod.GET.name(), CONTEXT + OAuth20Constants.AUTHORIZE_URL);
mockRequest.setParameter(OAuth20Constants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuth20Constants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuth20Constants.RESPONSE_TYPE, OAuth20ResponseTypes.CODE.name().toLowerCase());
mockRequest.setServerName(CAS_SERVER);
mockRequest.setServerPort(CAS_PORT);
mockRequest.setScheme(CAS_SCHEME);
mockRequest.setParameter(OAuth20Constants.STATE, STATE);
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
final OAuthRegisteredService service = getRegisteredService(REDIRECT_URI, SERVICE_NAME);
service.setBypassApprovalPrompt(true);
this.servicesManager.save(service);
final CasProfile profile = new CasProfile();
profile.setId(ID);
final Map<String, Object> attributes = new HashMap<>();
attributes.put(FIRST_NAME_ATTRIBUTE, FIRST_NAME);
attributes.put(LAST_NAME_ATTRIBUTE, LAST_NAME);
profile.addAttributes(attributes);
final MockHttpSession session = new MockHttpSession();
mockRequest.setSession(session);
session.putValue(Pac4jConstants.USER_PROFILES, profile);
final ModelAndView modelAndView = oAuth20AuthorizeEndpointController.handleRequest(mockRequest, mockResponse);
final View view = modelAndView.getView();
assertTrue(view instanceof RedirectView);
final RedirectView redirectView = (RedirectView) view;
final String redirectUrl = redirectView.getUrl();
assertTrue(redirectUrl.startsWith(REDIRECT_URI + "?code=OC-"));
final String code = StringUtils.substringBefore(StringUtils.substringAfter(redirectUrl, "?code="), "&state=");
final OAuthCode oAuthCode = (OAuthCode) this.ticketRegistry.getTicket(code);
assertNotNull(oAuthCode);
final Principal principal = oAuthCode.getAuthentication().getPrincipal();
assertEquals(ID, principal.getId());
final Map<String, Object> principalAttributes = principal.getAttributes();
assertEquals(attributes.size(), principalAttributes.size());
assertEquals(FIRST_NAME, principalAttributes.get(FIRST_NAME_ATTRIBUTE));
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OAuth20ProfileControllerTests method verifyOK.
@Test
public void verifyOK() throws Exception {
final Map<String, Object> map = new HashMap<>();
map.put(NAME, VALUE);
final List<String> list = Arrays.asList(VALUE, VALUE);
map.put(NAME2, list);
final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
final Authentication authentication = getAuthentication(principal);
final AccessToken accessToken = accessTokenFactory.create(RegisteredServiceTestUtils.getService(), authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
this.ticketRegistry.addTicket(accessToken);
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuth20Constants.PROFILE_URL);
mockRequest.setParameter(OAuth20Constants.ACCESS_TOKEN, accessToken.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
final ResponseEntity<String> entity = oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
assertEquals(HttpStatus.OK, entity.getStatusCode());
assertEquals(CONTENT_TYPE, mockResponse.getContentType());
final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}";
final JsonNode expectedObj = MAPPER.readTree(expected);
final JsonNode receivedObj = MAPPER.readTree(entity.getBody());
assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText());
final JsonNode expectedAttributes = expectedObj.get(ATTRIBUTES_PARAM);
final JsonNode receivedAttributes = receivedObj.get(ATTRIBUTES_PARAM);
assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText());
assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2));
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OAuth20ProfileControllerTests method verifyOKWithExpiredTicketGrantingTicket.
@Test
public void verifyOKWithExpiredTicketGrantingTicket() throws Exception {
final Map<String, Object> map = new HashMap<>();
map.put(NAME, VALUE);
final List<String> list = Arrays.asList(VALUE, VALUE);
map.put(NAME2, list);
final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
final Authentication authentication = getAuthentication(principal);
final AccessToken accessToken = accessTokenFactory.create(RegisteredServiceTestUtils.getService(), authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
accessToken.getTicketGrantingTicket().markTicketExpired();
this.ticketRegistry.addTicket(accessToken);
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuth20Constants.PROFILE_URL);
mockRequest.setParameter(OAuth20Constants.ACCESS_TOKEN, accessToken.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
final ResponseEntity<String> entity = oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
assertEquals(HttpStatus.OK, entity.getStatusCode());
assertEquals(CONTENT_TYPE, mockResponse.getContentType());
final ObjectNode expectedObj = MAPPER.createObjectNode();
final ObjectNode attrNode = MAPPER.createObjectNode();
attrNode.put(NAME, VALUE);
final ArrayNode values = MAPPER.createArrayNode();
values.add(VALUE);
values.add(VALUE);
attrNode.put(NAME2, values);
expectedObj.put("id", ID);
expectedObj.put("attributes", attrNode);
final JsonNode receivedObj = MAPPER.readTree(entity.getBody());
assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText());
final JsonNode expectedAttributes = expectedObj.get(ATTRIBUTES_PARAM);
final JsonNode receivedAttributes = receivedObj.get(ATTRIBUTES_PARAM);
assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText());
assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2));
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OAuth20ProfileControllerTests method verifyOKWithAuthorizationHeader.
@Test
public void verifyOKWithAuthorizationHeader() throws Exception {
final Map<String, Object> map = new HashMap<>();
map.put(NAME, VALUE);
final List<String> list = Arrays.asList(VALUE, VALUE);
map.put(NAME2, list);
final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
final Authentication authentication = getAuthentication(principal);
final AccessToken accessToken = accessTokenFactory.create(RegisteredServiceTestUtils.getService(), authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>());
this.ticketRegistry.addTicket(accessToken);
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuth20Constants.PROFILE_URL);
mockRequest.addHeader("Authorization", OAuth20Constants.BEARER_TOKEN + ' ' + accessToken.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
final ResponseEntity<String> entity = oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
assertEquals(HttpStatus.OK, entity.getStatusCode());
assertEquals(CONTENT_TYPE, mockResponse.getContentType());
final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}";
final JsonNode expectedObj = MAPPER.readTree(expected);
final JsonNode receivedObj = MAPPER.readTree(entity.getBody());
assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText());
final JsonNode expectedAttributes = expectedObj.get(ATTRIBUTES_PARAM);
final JsonNode receivedAttributes = receivedObj.get(ATTRIBUTES_PARAM);
assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText());
assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2));
}
Aggregations