Example 91 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class PolicyBasedAuthenticationManagerTests method newMockHandler.
/**
* Creates a new named mock authentication handler that either successfully validates all credentials or fails to
* validate all credentials.
*
* @param name Authentication handler name.
* @param success True to authenticate all credentials, false to fail all credentials.
* @return New mock authentication handler instance.
* @throws Exception On errors.
*/
private static AuthenticationHandler newMockHandler(final String name, final boolean success) throws Exception {
final AuthenticationHandler mock = mock(AuthenticationHandler.class);
when(mock.getName()).thenReturn(name);
when(mock.supports(any(Credential.class))).thenReturn(true);
if (success) {
final Principal p = new DefaultPrincipalFactory().createPrincipal("nobody");
final AuthenticationHandlerExecutionResult result = new DefaultAuthenticationHandlerExecutionResult(mock, mock(CredentialMetaData.class), p);
when(mock.authenticate(any(Credential.class))).thenReturn(result);
} else {
when(mock.authenticate(any(Credential.class))).thenThrow(new FailedLoginException());
}
return mock;
}
Also used :
FailedLoginException(javax.security.auth.login.FailedLoginException)
DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory)
Principal(org.apereo.cas.authentication.principal.Principal)
Example 92 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class DefaultMultifactorTriggerSelectionStrategy method resolve.
@Override
public Optional<String> resolve(final Collection<MultifactorAuthenticationProvider> providers, final HttpServletRequest request, final RegisteredService service, final Authentication authentication) {
// short-circuit if we don't have any available MFA providers
if (providers == null || providers.isEmpty()) {
return Optional.empty();
}
final Set<String> validProviderIds = providers.stream().map(MultifactorAuthenticationProvider::getId).collect(Collectors.toSet());
final Principal principal = authentication != null ? authentication.getPrincipal() : null;
Optional<String> provider = resolveRequestParameterTrigger(request, validProviderIds);
if (!provider.isPresent()) {
provider = resolveRegisteredServiceTrigger(service, principal, validProviderIds);
}
if (!provider.isPresent()) {
provider = resolvePrincipalAttributeTrigger(principal, validProviderIds);
}
if (!provider.isPresent()) {
provider = resolveAuthenticationAttributeTrigger(authentication, validProviderIds);
}
return provider;
}
Also used :
Principal(org.apereo.cas.authentication.principal.Principal)
Example 93 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class AbstractRegisteredServiceTests method verifyServiceAttributeFilterAllAttributes.
@Test
public void verifyServiceAttributeFilterAllAttributes() {
prepareService();
this.r.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
final Principal p = mock(Principal.class);
final Map<String, Object> map = new HashMap<>();
map.put(ATTR_1, "value1");
map.put(ATTR_2, "value2");
map.put(ATTR_3, Arrays.asList("v3", "v4"));
when(p.getAttributes()).thenReturn(map);
when(p.getId()).thenReturn("principalId");
final Map<String, Object> attr = this.r.getAttributeReleasePolicy().getAttributes(p, RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getRegisteredService(SERVICE_ID));
assertEquals(attr.size(), map.size());
}Example 94 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class AbstractRegisteredServiceTests method verifyServiceAttributeFilterMappedAttributes.
@Test
public void verifyServiceAttributeFilterMappedAttributes() {
prepareService();
final ReturnMappedAttributeReleasePolicy policy = new ReturnMappedAttributeReleasePolicy();
final Multimap<String, Object> mappedAttr = ArrayListMultimap.create();
mappedAttr.put(ATTR_1, "newAttr1");
policy.setAllowedAttributes(CollectionUtils.wrap(mappedAttr));
this.r.setAttributeReleasePolicy(policy);
final Principal p = mock(Principal.class);
final Map<String, Object> map = new HashMap<>();
map.put(ATTR_1, "value1");
map.put(ATTR_2, "value2");
map.put(ATTR_3, Arrays.asList("v3", "v4"));
when(p.getAttributes()).thenReturn(map);
when(p.getId()).thenReturn("principalId");
final Map<String, Object> attr = this.r.getAttributeReleasePolicy().getAttributes(p, RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getRegisteredService(SERVICE_ID));
assertEquals(1, attr.size());
assertTrue(attr.containsKey("newAttr1"));
}Example 95 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OidcProfileScopeToAttributesFilter method filter.
@Override
public Principal filter(final Service service, final Principal profile, final RegisteredService registeredService, final J2EContext context, final AccessToken accessToken) {
final Principal principal = super.filter(service, profile, registeredService, context, accessToken);
if (registeredService instanceof OidcRegisteredService) {
final Collection<String> scopes = new HashSet<>(accessToken.getScopes());
if (!scopes.contains(OidcConstants.StandardScopes.OPENID.getScope())) {
LOGGER.warn("Request does not indicate a scope [{}] that can identify an OpenID Connect request. " + "This is a REQUIRED scope that MUST be present in the request. Given its absence, " + "CAS will not process any attribute claims and will return the authenticated principal as is.", scopes);
return principal;
}
final OidcRegisteredService oidcService = (OidcRegisteredService) registeredService;
scopes.retainAll(oidcService.getScopes());
final Map<String, Object> attributes = filterAttributesByScope(scopes, principal, service, oidcService, accessToken);
LOGGER.debug("Final collection of attributes filtered by scopes [{}] are [{}]", scopes, attributes);
return this.principalFactory.createPrincipal(profile.getId(), attributes);
}
return principal;
}
Also used :
OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService)
Principal(org.apereo.cas.authentication.principal.Principal)
HashSet(java.util.HashSet)
Aggregations
Principal (org.apereo.cas.authentication.principal.Principal)114
HashMap (java.util.HashMap)33
RegisteredService (org.apereo.cas.services.RegisteredService)31
Test (org.junit.Test)29
Authentication (org.apereo.cas.authentication.Authentication)26
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26
OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)25
Map (java.util.Map)23
Slf4j (lombok.extern.slf4j.Slf4j)23
lombok.val (lombok.val)19
List (java.util.List)15
StringUtils (org.apache.commons.lang3.StringUtils)15
OAuthCode (org.apereo.cas.ticket.code.OAuthCode)15
CollectionUtils (org.apereo.cas.util.CollectionUtils)15
ArrayList (java.util.ArrayList)14
Optional (java.util.Optional)14
Service (org.apereo.cas.authentication.principal.Service)14
Collection (java.util.Collection)11
Collectors (java.util.stream.Collectors)10
