Examples with RegisteredService org.apereo.cas.services.RegisteredService used on opensource projects

Example 86 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class PersonDirectoryAttributeResolutionController method releasePrincipalAttributes.

/**
 * Release principal attributes map.
 *
 * @param username the username
 * @param password the password
 * @param service  the service
 * @param request  the request
 * @param response the response
 * @return the map
 * @throws Exception the exception
 */
@PostMapping(value = "/releaseattrs")
@ResponseBody
public Map<String, Object> releasePrincipalAttributes(@RequestParam final String username, @RequestParam final String password, @RequestParam final String service, final HttpServletRequest request, final HttpServletResponse response) throws Exception {
    ensureEndpointAccessIsAuthorized(request, response);
    final Map<String, Object> resValidation = new HashMap<>();
    final Service selectedService = this.serviceFactory.createService(service);
    final RegisteredService registeredService = this.servicesManager.findServiceBy(selectedService);
    final UsernamePasswordCredential credential = new UsernamePasswordCredential(username, password);
    final AuthenticationResult result = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(selectedService, credential);
    final Authentication authentication = result.getAuthentication();
    final Principal principal = authentication.getPrincipal();
    final Map<String, Object> attributesToRelease = registeredService.getAttributeReleasePolicy().getAttributes(principal, selectedService, registeredService);
    final String principalId = registeredService.getUsernameAttributeProvider().resolveUsername(principal, selectedService, registeredService);
    final Principal modifiedPrincipal = this.principalFactory.createPrincipal(principalId, attributesToRelease);
    final AuthenticationBuilder builder = DefaultAuthenticationBuilder.newInstance(authentication);
    builder.setPrincipal(modifiedPrincipal);
    final Authentication finalAuthentication = builder.build();
    final Assertion assertion = new DefaultAssertionBuilder(finalAuthentication).with(selectedService).with(CollectionUtils.wrap(finalAuthentication)).build();
    final Map<String, Object> model = new LinkedHashMap<>();
    model.put(CasViewConstants.MODEL_ATTRIBUTE_NAME_ASSERTION, assertion);
    model.put(CasViewConstants.MODEL_ATTRIBUTE_NAME_SERVICE, selectedService);
    resValidation.put("registeredService", registeredService);
    String copy = renderViewAndGetResult(this.cas1ServiceSuccessView, model, request, response).getKey().getCopy();
    resValidation.put("cas1Response", StringEscapeUtils.escapeXml11(copy));
    if (casProperties.getView().getCas2().isV3ForwardCompatible()) {
        copy = renderViewAndGetResult(this.cas3ServiceSuccessView, model, request, response).getKey().getCopy();
    } else {
        copy = renderViewAndGetResult(this.cas2ServiceSuccessView, model, request, response).getKey().getCopy();
    }
    resValidation.put("cas2Response", StringEscapeUtils.escapeXml11(copy));
    copy = renderViewAndGetResult(this.cas3ServiceSuccessView, model, request, response).getKey().getCopy();
    resValidation.put("cas3XmlResponse", StringEscapeUtils.escapeXml11(copy));
    copy = renderViewAndGetResult(this.cas3ServiceJsonView, model, request, response).getValue().getStringCopy();
    resValidation.put("cas3JsonResponse", copy);
    response.reset();
    return resValidation;
}

Example 87 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class JWTServiceTicketResourceEntityResponseFactory method grantServiceTicket.

@Override
protected String grantServiceTicket(final String ticketGrantingTicket, final Service service, final AuthenticationResult authenticationResult) {
    final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
    LOGGER.debug("Located registered service [{}] for [{}]", registeredService, service);
    RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService);
    final boolean tokenAsResponse = RegisteredServiceProperty.RegisteredServiceProperties.TOKEN_AS_RESPONSE.isAssignedTo(registeredService) || RegisteredServiceProperty.RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET.isAssignedTo(registeredService);
    if (!tokenAsResponse) {
        LOGGER.debug("Service [{}] does not require JWTs as tickets", service);
        return super.grantServiceTicket(ticketGrantingTicket, service, authenticationResult);
    }
    final String serviceTicket = super.grantServiceTicket(ticketGrantingTicket, service, authenticationResult);
    final String jwt = this.tokenTicketBuilder.build(serviceTicket, service);
    LOGGER.debug("Generated JWT [{}] for service [{}]", jwt, service);
    return jwt;
}

Example 88 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class CoreAuthenticationTestUtils method getRegisteredService.

public static RegisteredService getRegisteredService(final String url) {
    final RegisteredService service = mock(RegisteredService.class);
    when(service.getServiceId()).thenReturn(url);
    when(service.getName()).thenReturn("service name");
    when(service.getId()).thenReturn(Long.MAX_VALUE);
    when(service.getDescription()).thenReturn("service description");
    final RegisteredServiceAccessStrategy access = mock(RegisteredServiceAccessStrategy.class);
    when(access.isServiceAccessAllowed()).thenReturn(true);
    when(service.getAccessStrategy()).thenReturn(access);
    return service;
}

Example 89 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class CoreAttributesTestUtils method getRegisteredService.

public static RegisteredService getRegisteredService() {
    final RegisteredService service = mock(RegisteredService.class);
    when(service.getServiceId()).thenReturn(CONST_TEST_URL);
    when(service.getName()).thenReturn("service");
    when(service.getId()).thenReturn(Long.MAX_VALUE);
    when(service.getDescription()).thenReturn("description");
    final RegisteredServiceAccessStrategy access = mock(RegisteredServiceAccessStrategy.class);
    when(access.isServiceAccessAllowed()).thenReturn(true);
    when(service.getAccessStrategy()).thenReturn(access);
    return service;
}

Example 90 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class AbstractServiceValidateController method validateAuthenticationContext.

/**
 * Validate authentication context pair.
 *
 * @param assertion the assertion
 * @param request   the request
 * @return the pair
 */
protected Pair<Boolean, Optional<MultifactorAuthenticationProvider>> validateAuthenticationContext(final Assertion assertion, final HttpServletRequest request) {
    LOGGER.debug("Locating the primary authentication associated with this service request [{}]", assertion.getService());
    final RegisteredService service = this.servicesManager.findServiceBy(assertion.getService());
    RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(assertion.getService(), service);
    final Map<String, MultifactorAuthenticationProvider> providers = this.applicationContext.getBeansOfType(MultifactorAuthenticationProvider.class, false, true);
    final Authentication authentication = assertion.getPrimaryAuthentication();
    final Optional<String> requestedContext = this.multifactorTriggerSelectionStrategy.resolve(providers.values(), request, service, authentication);
    if (!requestedContext.isPresent()) {
        LOGGER.debug("No particular authentication context is required for this request");
        return Pair.of(Boolean.TRUE, Optional.empty());
    }
    return this.authenticationContextValidator.validate(authentication, requestedContext.get(), service);
}