Examples with PrincipalAttributeRegisteredServiceUsernameProvider org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider used on opensource projects

Search in sources :

Example 1 with PrincipalAttributeRegisteredServiceUsernameProvider

use of org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider in project cas by apereo.

the class CasRegisteredServicesTestConfiguration method inMemoryRegisteredServices.

@Bean
public List inMemoryRegisteredServices() {
    final List l = new ArrayList();
    AbstractRegisteredService svc = RegisteredServiceTestUtils.getRegisteredService("testencryption$");
    final ReturnAllowedAttributeReleasePolicy policy = new ReturnAllowedAttributeReleasePolicy();
    policy.setAuthorizedToReleaseCredentialPassword(true);
    policy.setAuthorizedToReleaseProxyGrantingTicket(true);
    final RegisteredServicePublicKeyImpl publicKey = new RegisteredServicePublicKeyImpl();
    publicKey.setLocation("classpath:keys/RSA1024Public.key");
    svc.setPublicKey(publicKey);
    svc.setAttributeReleasePolicy(policy);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("testDefault");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://example\\.com/normal/.*");
    svc.setEvaluationOrder(10);
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://example\\.com/high/.*");
    svc.setEvaluationOrder(20);
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    final HashSet handlers = CollectionUtils.wrapHashSet(AcceptUsersAuthenticationHandler.class.getSimpleName(), TestOneTimePasswordAuthenticationHandler.class.getSimpleName());
    svc.setRequiredHandlers(handlers);
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("(https://)*google.com$");
    svc.setEvaluationOrder(1);
    svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+"));
    svc.setPublicKey(new RegisteredServicePublicKeyImpl("classpath:keys/RSA4096Public.key", "RSA"));
    final ReturnAllowedAttributeReleasePolicy policy1 = new ReturnAllowedAttributeReleasePolicy();
    policy1.setAuthorizedToReleaseCredentialPassword(true);
    policy1.setAuthorizedToReleaseProxyGrantingTicket(true);
    svc.setAttributeReleasePolicy(policy1);
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("eduPersonTest");
    svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("eduPersonAffiliation"));
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("testencryption$");
    final ReturnAllowedAttributeReleasePolicy policy2 = new ReturnAllowedAttributeReleasePolicy();
    policy2.setAuthorizedToReleaseCredentialPassword(true);
    policy2.setAuthorizedToReleaseProxyGrantingTicket(true);
    svc.setAttributeReleasePolicy(policy2);
    svc.setPublicKey(new RegisteredServicePublicKeyImpl("classpath:keys/RSA1024Public.key", "RSA"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^TestServiceAttributeForAuthzFails");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(CollectionUtils.wrap("cn", CollectionUtils.wrapSet("cnValue"), "givenName", CollectionUtils.wrapSet("gnameValue"))));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^TestSsoFalse");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(true, false));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("TestServiceAttributeForAuthzPasses");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(CollectionUtils.wrap("groupMembership", CollectionUtils.wrapSet("adopters"))));
    svc.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("eduPersonTestInvalid");
    svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("nonExistentAttributeName"));
    svc.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(CollectionUtils.wrap("groupMembership")));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("testAnonymous");
    svc.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider());
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^http://www.jasig.org.+");
    svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("usernameAttributeProviderService");
    svc.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider("cn"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("proxyService");
    svc.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy("^https://.+"));
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("^test.*");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setEvaluationOrder(1000);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://localhost.*");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setEvaluationOrder(100);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("https://carmenwiki.osu.edu.*");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    svc.setEvaluationOrder(99);
    l.add(svc);
    svc = RegisteredServiceTestUtils.getRegisteredService("jwtservice");
    svc.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(new HashMap<>()));
    svc.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider());
    final DefaultRegisteredServiceProperty prop = new DefaultRegisteredServiceProperty();
    prop.setValues(CollectionUtils.wrapSet(Boolean.TRUE.toString()));
    svc.getProperties().put(RegisteredServiceProperty.RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET.getPropertyName(), prop);
    svc.setEvaluationOrder(2000);
    l.add(svc);
    return l;
}
Also used : AnonymousRegisteredServiceUsernameAttributeProvider(org.apereo.cas.services.AnonymousRegisteredServiceUsernameAttributeProvider) ReturnAllAttributeReleasePolicy(org.apereo.cas.services.ReturnAllAttributeReleasePolicy) HashMap(java.util.HashMap) RegexMatchingRegisteredServiceProxyPolicy(org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy) ArrayList(java.util.ArrayList) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy) DefaultRegisteredServiceProperty(org.apereo.cas.services.DefaultRegisteredServiceProperty) RegisteredServicePublicKeyImpl(org.apereo.cas.services.RegisteredServicePublicKeyImpl) PrincipalAttributeRegisteredServiceUsernameProvider(org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) DefaultRegisteredServiceUsernameProvider(org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider) ArrayList(java.util.ArrayList) List(java.util.List) TestOneTimePasswordAuthenticationHandler(org.apereo.cas.TestOneTimePasswordAuthenticationHandler) AcceptUsersAuthenticationHandler(org.apereo.cas.authentication.AcceptUsersAuthenticationHandler) HashSet(java.util.HashSet) Bean(org.springframework.context.annotation.Bean)

Example 2 with PrincipalAttributeRegisteredServiceUsernameProvider

use of org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider in project cas by apereo.

the class SamlSPUtils method newSamlServiceProviderService.

/**
 * New saml service provider registration.
 * Precedence of services is lowest so generated service can be overridden by non-generated version.
 * @param sp       the properties
 * @param resolver the resolver
 * @return the saml registered service
 */
@SneakyThrows
public static SamlRegisteredService newSamlServiceProviderService(final AbstractSamlSPProperties sp, final SamlRegisteredServiceCachingMetadataResolver resolver) {
    if (StringUtils.isBlank(sp.getMetadata())) {
        LOGGER.debug("Skipped registration of [{}] since no metadata location is defined", sp.getName());
        return null;
    }
    val service = new SamlRegisteredService();
    service.setName(sp.getName());
    service.setDescription(sp.getDescription());
    service.setEvaluationOrder(Ordered.LOWEST_PRECEDENCE);
    service.setMetadataLocation(sp.getMetadata());
    val attributesToRelease = new ArrayList<>(sp.getAttributes());
    if (StringUtils.isNotBlank(sp.getNameIdAttribute())) {
        attributesToRelease.add(sp.getNameIdAttribute());
        service.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider(sp.getNameIdAttribute()));
    }
    if (StringUtils.isNotBlank(sp.getNameIdFormat())) {
        service.setRequiredNameIdFormat(sp.getNameIdFormat());
    }
    val attributes = CoreAuthenticationUtils.transformPrincipalAttributesListIntoMultiMap(attributesToRelease);
    val policy = new ChainingAttributeReleasePolicy();
    policy.addPolicy(new ReturnMappedAttributeReleasePolicy(CollectionUtils.wrap(attributes)));
    service.setAttributeReleasePolicy(policy);
    service.setMetadataCriteriaRoles(SPSSODescriptor.DEFAULT_ELEMENT_NAME.getLocalPart());
    service.setMetadataCriteriaRemoveEmptyEntitiesDescriptors(true);
    service.setMetadataCriteriaRemoveRolelessEntityDescriptors(true);
    if (StringUtils.isNotBlank(sp.getSignatureLocation())) {
        service.setMetadataSignatureLocation(sp.getSignatureLocation());
    }
    val entityIDList = determineEntityIdList(sp, resolver, service);
    if (entityIDList.isEmpty()) {
        LOGGER.warn("Skipped registration of [{}] since no metadata entity ids could be found", sp.getName());
        return null;
    }
    val entityIds = org.springframework.util.StringUtils.collectionToDelimitedString(entityIDList, "|");
    service.setMetadataCriteriaDirection(PredicateFilter.Direction.INCLUDE.name());
    service.setMetadataCriteriaPattern(entityIds);
    LOGGER.debug("Registering saml service [{}] by entity id [{}]", sp.getName(), entityIds);
    service.setServiceId(entityIds);
    service.setSignAssertions(sp.getSignAssertions());
    service.setSignResponses(sp.isSignResponses());
    return service;
}
Also used : lombok.val(lombok.val) PrincipalAttributeRegisteredServiceUsernameProvider(org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) ArrayList(java.util.ArrayList) ChainingAttributeReleasePolicy(org.apereo.cas.services.ChainingAttributeReleasePolicy) ReturnMappedAttributeReleasePolicy(org.apereo.cas.services.ReturnMappedAttributeReleasePolicy) SneakyThrows(lombok.SneakyThrows)

Example 3 with PrincipalAttributeRegisteredServiceUsernameProvider

use of org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider in project cas by apereo.

the class DefaultUsernameAttributeProviderMapper method toUsernameAttributeProvider.

@Override
public RegisteredServiceUsernameAttributeProvider toUsernameAttributeProvider(final ServiceData data) {
    final RegisteredServiceUsernameAttributeProviderEditBean userAttrProvider = data.getUserAttrProvider();
    final String uidType = userAttrProvider.getType();
    if (StringUtils.equalsIgnoreCase(uidType, RegisteredServiceUsernameAttributeProviderEditBean.Types.DEFAULT.toString())) {
        return new DefaultRegisteredServiceUsernameProvider();
    } else if (StringUtils.equalsIgnoreCase(uidType, RegisteredServiceUsernameAttributeProviderEditBean.Types.ANONYMOUS.toString())) {
        final String salt = userAttrProvider.getValue();
        if (StringUtils.isNotBlank(salt)) {
            final ShibbolethCompatiblePersistentIdGenerator generator = new ShibbolethCompatiblePersistentIdGenerator(salt);
            return new AnonymousRegisteredServiceUsernameAttributeProvider(generator);
        } else {
            throw new IllegalArgumentException("Invalid sale value for anonymous ids " + salt);
        }
    } else if (StringUtils.equalsIgnoreCase(uidType, RegisteredServiceUsernameAttributeProviderEditBean.Types.ATTRIBUTE.toString())) {
        final String attr = userAttrProvider.getValue();
        if (StringUtils.isNotBlank(attr)) {
            return new PrincipalAttributeRegisteredServiceUsernameProvider(attr);
        } else {
            throw new IllegalArgumentException("Invalid attribute specified for username");
        }
    }
    return null;
}
Also used : AnonymousRegisteredServiceUsernameAttributeProvider(org.apereo.cas.services.AnonymousRegisteredServiceUsernameAttributeProvider) RegisteredServiceUsernameAttributeProviderEditBean(org.apereo.cas.mgmt.services.web.beans.RegisteredServiceUsernameAttributeProviderEditBean) PrincipalAttributeRegisteredServiceUsernameProvider(org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider) DefaultRegisteredServiceUsernameProvider(org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider) ShibbolethCompatiblePersistentIdGenerator(org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator)

Example 4 with PrincipalAttributeRegisteredServiceUsernameProvider

use of org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider in project cas by apereo.

the class DefaultUsernameAttributeProviderMapper method mapUsernameAttributeProvider.

@Override
public void mapUsernameAttributeProvider(final RegisteredServiceUsernameAttributeProvider provider, final ServiceData bean) {
    final RegisteredServiceUsernameAttributeProviderEditBean uBean = bean.getUserAttrProvider();
    if (provider instanceof DefaultRegisteredServiceUsernameProvider) {
        uBean.setType(RegisteredServiceUsernameAttributeProviderEditBean.Types.DEFAULT.toString());
    } else if (provider instanceof AnonymousRegisteredServiceUsernameAttributeProvider) {
        final AnonymousRegisteredServiceUsernameAttributeProvider anonymous = (AnonymousRegisteredServiceUsernameAttributeProvider) provider;
        uBean.setType(RegisteredServiceUsernameAttributeProviderEditBean.Types.ANONYMOUS.toString());
        final PersistentIdGenerator generator = anonymous.getPersistentIdGenerator();
        if (generator instanceof ShibbolethCompatiblePersistentIdGenerator) {
            final ShibbolethCompatiblePersistentIdGenerator sh = (ShibbolethCompatiblePersistentIdGenerator) generator;
            if (sh.getSalt() != null) {
                final String salt = new String(sh.getSalt(), Charset.defaultCharset());
                uBean.setValue(salt);
            } else {
                throw new IllegalArgumentException("Salt cannot be null");
            }
        }
    } else if (provider instanceof PrincipalAttributeRegisteredServiceUsernameProvider) {
        final PrincipalAttributeRegisteredServiceUsernameProvider p = (PrincipalAttributeRegisteredServiceUsernameProvider) provider;
        uBean.setType(RegisteredServiceUsernameAttributeProviderEditBean.Types.ATTRIBUTE.toString());
        uBean.setValue(p.getUsernameAttribute());
    }
}
Also used : AnonymousRegisteredServiceUsernameAttributeProvider(org.apereo.cas.services.AnonymousRegisteredServiceUsernameAttributeProvider) RegisteredServiceUsernameAttributeProviderEditBean(org.apereo.cas.mgmt.services.web.beans.RegisteredServiceUsernameAttributeProviderEditBean) PrincipalAttributeRegisteredServiceUsernameProvider(org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider) DefaultRegisteredServiceUsernameProvider(org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider) ShibbolethCompatiblePersistentIdGenerator(org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator) ShibbolethCompatiblePersistentIdGenerator(org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator) PersistentIdGenerator(org.apereo.cas.authentication.principal.PersistentIdGenerator)

Aggregations

PrincipalAttributeRegisteredServiceUsernameProvider (org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider)4 AnonymousRegisteredServiceUsernameAttributeProvider (org.apereo.cas.services.AnonymousRegisteredServiceUsernameAttributeProvider)3 DefaultRegisteredServiceUsernameProvider (org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider)3 ArrayList (java.util.ArrayList)2 ShibbolethCompatiblePersistentIdGenerator (org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator)2 RegisteredServiceUsernameAttributeProviderEditBean (org.apereo.cas.mgmt.services.web.beans.RegisteredServiceUsernameAttributeProviderEditBean)2 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 List (java.util.List)1 SneakyThrows (lombok.SneakyThrows)1 lombok.val (lombok.val)1 TestOneTimePasswordAuthenticationHandler (org.apereo.cas.TestOneTimePasswordAuthenticationHandler)1 AcceptUsersAuthenticationHandler (org.apereo.cas.authentication.AcceptUsersAuthenticationHandler)1 PersistentIdGenerator (org.apereo.cas.authentication.principal.PersistentIdGenerator)1 AbstractRegisteredService (org.apereo.cas.services.AbstractRegisteredService)1 ChainingAttributeReleasePolicy (org.apereo.cas.services.ChainingAttributeReleasePolicy)1 DefaultRegisteredServiceAccessStrategy (org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)1 DefaultRegisteredServiceProperty (org.apereo.cas.services.DefaultRegisteredServiceProperty)1 RegexMatchingRegisteredServiceProxyPolicy (org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy)1 RegisteredServicePublicKeyImpl (org.apereo.cas.services.RegisteredServicePublicKeyImpl)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial