use of org.apereo.cas.services.DefaultRegisteredServiceProperty in project cas by apereo.
the class LdapServiceRegistryDaoTests method getRegexRegisteredService.
private static RegisteredService getRegexRegisteredService() {
final AbstractRegisteredService rs = new RegexRegisteredService();
rs.setName("Service Name Regex");
rs.setProxyPolicy(new RefuseRegisteredServiceProxyPolicy());
rs.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider(new ShibbolethCompatiblePersistentIdGenerator("hello")));
rs.setDescription("Service description");
rs.setServiceId("^http?://.+");
rs.setTheme("the theme name");
rs.setEvaluationOrder(123);
rs.setDescription("Here is another description");
rs.setRequiredHandlers(Stream.of("handler1", "handler2").collect(Collectors.toSet()));
final Map<String, RegisteredServiceProperty> propertyMap = new HashMap<>();
final DefaultRegisteredServiceProperty property = new DefaultRegisteredServiceProperty();
final Set<String> values = new HashSet<>();
values.add("value1");
values.add("value2");
property.setValues(values);
propertyMap.put("field1", property);
rs.setProperties(propertyMap);
return rs;
}
use of org.apereo.cas.services.DefaultRegisteredServiceProperty in project cas by apereo.
the class DefaultRegisteredServiceMapper method toRegisteredService.
@Override
public RegisteredService toRegisteredService(final RegisteredServiceEditBean.ServiceData data) {
try {
final AbstractRegisteredService regSvc;
// create base RegisteredService object
final String type = data.getType();
if (StringUtils.equalsIgnoreCase(type, RegisteredServiceTypeEditBean.OAUTH.toString()) || StringUtils.equalsIgnoreCase(type, RegisteredServiceTypeEditBean.OIDC.toString())) {
if (StringUtils.equalsIgnoreCase(type, RegisteredServiceTypeEditBean.OAUTH.toString())) {
regSvc = new OAuthRegisteredService();
} else {
regSvc = new OidcRegisteredService();
}
final RegisteredServiceOAuthTypeEditBean oauthBean = data.getOauth();
((OAuthRegisteredService) regSvc).setClientId(oauthBean.getClientId());
((OAuthRegisteredService) regSvc).setClientSecret(oauthBean.getClientSecret());
((OAuthRegisteredService) regSvc).setBypassApprovalPrompt(oauthBean.isBypass());
((OAuthRegisteredService) regSvc).setGenerateRefreshToken(oauthBean.isRefreshToken());
((OAuthRegisteredService) regSvc).setJsonFormat(oauthBean.isJsonFormat());
if (StringUtils.equalsIgnoreCase(type, RegisteredServiceTypeEditBean.OIDC.toString())) {
((OidcRegisteredService) regSvc).setJwks(data.getOidc().getJwks());
((OidcRegisteredService) regSvc).setSignIdToken(data.getOidc().isSignToken());
((OidcRegisteredService) regSvc).setImplicit(data.getOidc().isImplicit());
((OidcRegisteredService) regSvc).setEncryptIdToken(data.getOidc().isEncrypt());
((OidcRegisteredService) regSvc).setIdTokenEncryptionAlg(data.getOidc().getEncryptAlg());
((OidcRegisteredService) regSvc).setIdTokenEncryptionEncoding(data.getOidc().getEncryptEnc());
((OidcRegisteredService) regSvc).setScopes(org.springframework.util.StringUtils.commaDelimitedListToSet(data.getOidc().getScopes()));
}
} else if (StringUtils.equalsIgnoreCase(type, RegisteredServiceTypeEditBean.SAML.toString())) {
regSvc = new SamlRegisteredService();
final RegisteredServiceSamlTypeEditBean samlBean = data.getSaml();
((SamlRegisteredService) regSvc).setEncryptAssertions(samlBean.isEncAssert());
((SamlRegisteredService) regSvc).setSignAssertions(samlBean.isSignAssert());
((SamlRegisteredService) regSvc).setSignResponses(samlBean.isSignResp());
((SamlRegisteredService) regSvc).setMetadataLocation(samlBean.getMdLoc());
((SamlRegisteredService) regSvc).setMetadataSignatureLocation(samlBean.getMdSigLoc());
((SamlRegisteredService) regSvc).setMetadataMaxValidity(samlBean.getMdMaxVal());
((SamlRegisteredService) regSvc).setRequiredAuthenticationContextClass(samlBean.getAuthCtxCls());
((SamlRegisteredService) regSvc).setMetadataCriteriaRemoveEmptyEntitiesDescriptors(samlBean.isRemoveEmptyEntities());
((SamlRegisteredService) regSvc).setMetadataCriteriaRemoveRolelessEntityDescriptors(samlBean.isRemoveRoleless());
if (StringUtils.isNotBlank(samlBean.getDir())) {
((SamlRegisteredService) regSvc).setMetadataCriteriaDirection(samlBean.getDir().toUpperCase());
}
if (StringUtils.isNotBlank(samlBean.getMdPattern()) && RegexUtils.isValidRegex(samlBean.getMdPattern())) {
((SamlRegisteredService) regSvc).setMetadataCriteriaPattern(samlBean.getMdPattern());
}
if (samlBean.getRoles() != null && !samlBean.getRoles().isEmpty()) {
((SamlRegisteredService) regSvc).setMetadataCriteriaRoles(org.springframework.util.StringUtils.collectionToCommaDelimitedString(samlBean.getRoles()));
}
} else {
if (RegexUtils.isValidRegex(data.getServiceId())) {
regSvc = new RegexRegisteredService();
} else {
throw new RuntimeException("Invalid service type.");
}
}
// set the assigned Id
final long assignedId = Long.parseLong(data.getAssignedId());
if (assignedId <= 0) {
regSvc.setId(RegisteredService.INITIAL_IDENTIFIER_VALUE);
} else {
regSvc.setId(assignedId);
}
// set simple RegisteredService properties
regSvc.setServiceId(data.getServiceId());
regSvc.setName(data.getName());
regSvc.setDescription(data.getDescription());
if (StringUtils.isNotBlank(data.getLogoUrl())) {
regSvc.setLogo(new URL(data.getLogoUrl()));
}
regSvc.setTheme(data.getTheme());
regSvc.setEvaluationOrder(data.getEvalOrder());
regSvc.setRequiredHandlers(data.getRequiredHandlers());
regSvc.setPrivacyUrl(data.getPrivacyUrl());
regSvc.setInformationUrl(data.getInformationUrl());
// process logout settings
regSvc.setLogoutType(parseLogoutType(data.getLogoutType()));
if (StringUtils.isNotBlank(data.getLogoutUrl())) {
regSvc.setLogoutUrl(new URL(data.getLogoutUrl()));
}
// process the Public Key
final RegisteredServicePublicKeyEditBean publicKey = data.getPublicKey();
if (publicKey != null && publicKey.isValid()) {
regSvc.setPublicKey(new RegisteredServicePublicKeyImpl(publicKey.getLocation(), publicKey.getAlgorithm()));
}
final Set<RegisteredServiceEditBean.ServiceData.PropertyBean> props = data.getProperties();
props.forEach(str -> {
final DefaultRegisteredServiceProperty value = new DefaultRegisteredServiceProperty();
value.setValues(org.springframework.util.StringUtils.commaDelimitedListToSet(str.getValue()));
regSvc.getProperties().put(str.getName(), value);
});
return regSvc;
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
use of org.apereo.cas.services.DefaultRegisteredServiceProperty in project cas by apereo.
the class CasRegisteredServicesTestConfiguration method inMemoryRegisteredServices.
@Bean
public List inMemoryRegisteredServices() {
final List l = new ArrayList();
AbstractRegisteredService svc = RegisteredServiceTestUtils.getRegisteredService("testencryption$");
final ReturnAllowedAttributeReleasePolicy policy = new ReturnAllowedAttributeReleasePolicy();
policy.setAuthorizedToReleaseCredentialPassword(true);
policy.setAuthorizedToReleaseProxyGrantingTicket(true);
final RegisteredServicePublicKeyImpl publicKey = new RegisteredServicePublicKeyImpl();
publicKey.setLocation("classpath:keys/RSA1024Public.key");
svc.setPublicKey(publicKey);
svc.setAttributeReleasePolicy(policy);
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("testDefault");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("https://example\\.com/normal/.*");
svc.setEvaluationOrder(10);
svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("https://example\\.com/high/.*");
svc.setEvaluationOrder(20);
svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
final HashSet handlers = CollectionUtils.wrapHashSet(AcceptUsersAuthenticationHandler.class.getSimpleName(), TestOneTimePasswordAuthenticationHandler.class.getSimpleName());
svc.setRequiredHandlers(handlers);
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("(https://)*google.com$");
svc.setEvaluationOrder(1);
svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+"));
svc.setPublicKey(new RegisteredServicePublicKeyImpl("classpath:keys/RSA4096Public.key", "RSA"));
final ReturnAllowedAttributeReleasePolicy policy1 = new ReturnAllowedAttributeReleasePolicy();
policy1.setAuthorizedToReleaseCredentialPassword(true);
policy1.setAuthorizedToReleaseProxyGrantingTicket(true);
svc.setAttributeReleasePolicy(policy1);
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("eduPersonTest");
svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("eduPersonAffiliation"));
svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("testencryption$");
final ReturnAllowedAttributeReleasePolicy policy2 = new ReturnAllowedAttributeReleasePolicy();
policy2.setAuthorizedToReleaseCredentialPassword(true);
policy2.setAuthorizedToReleaseProxyGrantingTicket(true);
svc.setAttributeReleasePolicy(policy2);
svc.setPublicKey(new RegisteredServicePublicKeyImpl("classpath:keys/RSA1024Public.key", "RSA"));
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("^TestServiceAttributeForAuthzFails");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(CollectionUtils.wrap("cn", CollectionUtils.wrapSet("cnValue"), "givenName", CollectionUtils.wrapSet("gnameValue"))));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("^TestSsoFalse");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(true, false));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("TestServiceAttributeForAuthzPasses");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(CollectionUtils.wrap("groupMembership", CollectionUtils.wrapSet("adopters"))));
svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("eduPersonTestInvalid");
svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("nonExistentAttributeName"));
svc.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(CollectionUtils.wrap("groupMembership")));
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("testAnonymous");
svc.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider());
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("^http://www.jasig.org.+");
svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+"));
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("usernameAttributeProviderService");
svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("cn"));
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("proxyService");
svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy("^https://.+"));
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("^test.*");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
svc.setEvaluationOrder(1000);
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("https://localhost.*");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
svc.setEvaluationOrder(100);
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("https://carmenwiki.osu.edu.*");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
svc.setEvaluationOrder(99);
l.add(svc);
svc = RegisteredServiceTestUtils.getRegisteredService("jwtservice");
svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
final DefaultRegisteredServiceProperty prop = new DefaultRegisteredServiceProperty();
prop.setValues(CollectionUtils.wrapSet(Boolean.TRUE.toString()));
svc.getProperties().put(RegisteredServiceProperty.RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET.getPropertyName(), prop);
svc.setEvaluationOrder(2000);
l.add(svc);
return l;
}
use of org.apereo.cas.services.DefaultRegisteredServiceProperty in project cas by apereo.
the class DefaultCaptchaActivationStrategyTests method verifyByService.
@Test
public void verifyByService() {
val servicesManager = mock(ServicesManager.class);
val strategy = new DefaultCaptchaActivationStrategy(servicesManager);
val context = getRequestContext(new MockHttpServletRequest());
val service = RegisteredServiceTestUtils.getService(UUID.randomUUID().toString());
val registeredService = RegisteredServiceTestUtils.getRegisteredService(service.getId());
registeredService.getProperties().put(RegisteredServiceProperty.RegisteredServiceProperties.CAPTCHA_ENABLED.getPropertyName(), new DefaultRegisteredServiceProperty("true"));
when(servicesManager.findServiceBy(any(Service.class))).thenReturn(registeredService);
WebUtils.putServiceIntoFlowScope(context, service);
val properties = new GoogleRecaptchaProperties().setEnabled(false);
assertTrue(strategy.shouldActivate(context, properties).isPresent());
}
use of org.apereo.cas.services.DefaultRegisteredServiceProperty in project cas by apereo.
the class OAuth20JwtAccessTokenEncoderTests method getRegisteredServiceForJwtAccessTokenWithKeys.
private OAuthRegisteredService getRegisteredServiceForJwtAccessTokenWithKeys(final OAuth20AccessToken accessToken) {
val registeredService = getRegisteredService(accessToken.getService().getId(), "secret", new LinkedHashSet<>());
registeredService.setProperties(Map.of(RegisteredServiceProperty.RegisteredServiceProperties.ACCESS_TOKEN_AS_JWT_ENCRYPTION_ENABLED.getPropertyName(), new DefaultRegisteredServiceProperty("true"), RegisteredServiceProperty.RegisteredServiceProperties.ACCESS_TOKEN_AS_JWT_SIGNING_ENABLED.getPropertyName(), new DefaultRegisteredServiceProperty("true"), RegisteredServiceProperty.RegisteredServiceProperties.ACCESS_TOKEN_AS_JWT_ENCRYPTION_KEY.getPropertyName(), new DefaultRegisteredServiceProperty("1PbwSbnHeinpkZOSZjuSJ8yYpUrInm5aaV18J2Ar4rM"), RegisteredServiceProperty.RegisteredServiceProperties.ACCESS_TOKEN_AS_JWT_SIGNING_KEY.getPropertyName(), new DefaultRegisteredServiceProperty("szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dWxsOVGutZWgvmY3l5oVPO3w")));
registeredService.setJwtAccessToken(true);
servicesManager.save(registeredService);
return registeredService;
}
Aggregations