Example 1 with RegisteredServiceProperty
use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class LdapServiceRegistryDaoTests method getRegexRegisteredService.
private static RegisteredService getRegexRegisteredService() {
final AbstractRegisteredService rs = new RegexRegisteredService();
rs.setName("Service Name Regex");
rs.setProxyPolicy(new RefuseRegisteredServiceProxyPolicy());
rs.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider(new ShibbolethCompatiblePersistentIdGenerator("hello")));
rs.setDescription("Service description");
rs.setServiceId("^http?://.+");
rs.setTheme("the theme name");
rs.setEvaluationOrder(123);
rs.setDescription("Here is another description");
rs.setRequiredHandlers(Stream.of("handler1", "handler2").collect(Collectors.toSet()));
final Map<String, RegisteredServiceProperty> propertyMap = new HashMap<>();
final DefaultRegisteredServiceProperty property = new DefaultRegisteredServiceProperty();
final Set<String> values = new HashSet<>();
values.add("value1");
values.add("value2");
property.setValues(values);
propertyMap.put("field1", property);
rs.setProperties(propertyMap);
return rs;
}
Also used :
AnonymousRegisteredServiceUsernameAttributeProvider(org.apereo.cas.services.AnonymousRegisteredServiceUsernameAttributeProvider)
RegisteredServiceProperty(org.apereo.cas.services.RegisteredServiceProperty)
DefaultRegisteredServiceProperty(org.apereo.cas.services.DefaultRegisteredServiceProperty)
HashMap(java.util.HashMap)
ShibbolethCompatiblePersistentIdGenerator(org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator)
AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService)
RegexRegisteredService(org.apereo.cas.services.RegexRegisteredService)
RefuseRegisteredServiceProxyPolicy(org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy)
DefaultRegisteredServiceProperty(org.apereo.cas.services.DefaultRegisteredServiceProperty)
HashSet(java.util.HashSet)
Example 2 with RegisteredServiceProperty
use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class DefaultRegisteredServiceMapper method mapRegisteredService.
@Override
public void mapRegisteredService(final RegisteredService svc, final RegisteredServiceEditBean.ServiceData bean) {
bean.setAssignedId(Long.toString(svc.getId()));
bean.setServiceId(svc.getServiceId());
bean.setName(svc.getName());
bean.setDescription(svc.getDescription());
if (svc.getLogo() != null) {
bean.setLogoUrl(svc.getLogo().toExternalForm());
}
bean.setRequiredHandlers(svc.getRequiredHandlers());
if (StringUtils.isNotBlank(svc.getInformationUrl())) {
bean.setInformationUrl(svc.getInformationUrl());
}
if (StringUtils.isNotBlank(svc.getPrivacyUrl())) {
bean.setPrivacyUrl(svc.getPrivacyUrl());
}
if (svc instanceof OAuthRegisteredService) {
bean.setType(RegisteredServiceTypeEditBean.OAUTH.toString());
final OAuthRegisteredService oauth = (OAuthRegisteredService) svc;
final RegisteredServiceOAuthTypeEditBean oauthBean = bean.getOauth();
oauthBean.setBypass(oauth.isBypassApprovalPrompt());
oauthBean.setClientId(oauth.getClientId());
oauthBean.setClientSecret(oauth.getClientSecret());
oauthBean.setRefreshToken(oauth.isGenerateRefreshToken());
oauthBean.setJsonFormat(oauth.isJsonFormat());
if (svc instanceof OidcRegisteredService) {
bean.setType(RegisteredServiceTypeEditBean.OIDC.toString());
final OidcRegisteredService oidc = (OidcRegisteredService) svc;
final RegisteredServiceOidcTypeEditBean oidcBean = bean.getOidc();
oidcBean.setJwks(oidc.getJwks());
oidcBean.setSignToken(oidc.isSignIdToken());
oidcBean.setImplicit(oidc.isImplicit());
oidcBean.setEncrypt(oidc.isEncryptIdToken());
oidcBean.setEncryptAlg(oidc.getIdTokenEncryptionAlg());
oidcBean.setEncryptEnc(oidc.getIdTokenEncryptionEncoding());
oidcBean.setDynamic(oidc.isDynamicallyRegistered());
if (oidc.isDynamicallyRegistered()) {
oidcBean.setDynamicDate(oidc.getDynamicRegistrationDateTime().toString());
}
oidcBean.setScopes(oidc.getScopes().stream().collect(Collectors.joining(",")));
}
}
if (svc instanceof SamlRegisteredService) {
bean.setType(RegisteredServiceTypeEditBean.SAML.toString());
final SamlRegisteredService saml = (SamlRegisteredService) svc;
final RegisteredServiceSamlTypeEditBean samlbean = bean.getSaml();
samlbean.setMdLoc(saml.getMetadataLocation());
samlbean.setMdMaxVal(saml.getMetadataMaxValidity());
samlbean.setMdSigLoc(saml.getMetadataSignatureLocation());
samlbean.setAuthCtxCls(saml.getRequiredAuthenticationContextClass());
samlbean.setEncAssert(saml.isEncryptAssertions());
samlbean.setSignResp(saml.isSignResponses());
samlbean.setSignAssert(saml.isSignAssertions());
samlbean.setRemoveEmptyEntities(saml.isMetadataCriteriaRemoveEmptyEntitiesDescriptors());
samlbean.setRemoveRoleless(saml.isMetadataCriteriaRemoveRolelessEntityDescriptors());
if (StringUtils.isNotBlank(saml.getMetadataCriteriaDirection())) {
samlbean.setDir(saml.getMetadataCriteriaDirection().toUpperCase());
}
if (StringUtils.isNotBlank(saml.getMetadataCriteriaPattern())) {
samlbean.setMdPattern(saml.getMetadataCriteriaPattern());
}
if (StringUtils.isNotBlank(saml.getMetadataCriteriaRoles())) {
samlbean.setRoles(org.springframework.util.StringUtils.commaDelimitedListToSet(saml.getMetadataCriteriaRoles()));
}
}
bean.setTheme(svc.getTheme());
bean.setEvalOrder(svc.getEvaluationOrder());
final LogoutType logoutType = svc.getLogoutType();
switch(logoutType) {
case BACK_CHANNEL:
bean.setLogoutType(RegisteredServiceLogoutTypeEditBean.BACK.toString());
break;
case FRONT_CHANNEL:
bean.setLogoutType(RegisteredServiceLogoutTypeEditBean.FRONT.toString());
break;
default:
bean.setLogoutType(RegisteredServiceLogoutTypeEditBean.NONE.toString());
break;
}
final URL url = svc.getLogoutUrl();
if (url != null) {
bean.setLogoutUrl(url.toExternalForm());
}
final RegisteredServicePublicKey key = svc.getPublicKey();
final RegisteredServicePublicKeyEditBean pBean = bean.getPublicKey();
if (key != null) {
pBean.setAlgorithm(key.getAlgorithm());
pBean.setLocation(key.getLocation());
}
final Map<String, RegisteredServiceProperty> props = svc.getProperties();
final Set<RegisteredServiceEditBean.ServiceData.PropertyBean> beanProps = bean.getProperties();
props.entrySet().forEach(p -> {
final String set = org.springframework.util.StringUtils.collectionToCommaDelimitedString(p.getValue().getValues());
beanProps.add(new RegisteredServiceEditBean.ServiceData.PropertyBean(p.getKey(), set));
});
}
Also used :
RegisteredServicePublicKey(org.apereo.cas.services.RegisteredServicePublicKey)
RegisteredServiceOAuthTypeEditBean(org.apereo.cas.mgmt.services.web.beans.RegisteredServiceOAuthTypeEditBean)
OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService)
OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService)
RegisteredServiceOidcTypeEditBean(org.apereo.cas.mgmt.services.web.beans.RegisteredServiceOidcTypeEditBean)
RegisteredServicePublicKeyEditBean(org.apereo.cas.mgmt.services.web.beans.RegisteredServicePublicKeyEditBean)
RegisteredServiceEditBean(org.apereo.cas.mgmt.services.web.beans.RegisteredServiceEditBean)
URL(java.net.URL)
RegisteredServiceSamlTypeEditBean(org.apereo.cas.mgmt.services.web.beans.RegisteredServiceSamlTypeEditBean)
RegisteredServiceProperty(org.apereo.cas.services.RegisteredServiceProperty)
DefaultRegisteredServiceProperty(org.apereo.cas.services.DefaultRegisteredServiceProperty)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
LogoutType(org.apereo.cas.services.LogoutType)
Example 3 with RegisteredServiceProperty
use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class TokenWebApplicationServiceResponseBuilder method buildInternal.
@Override
protected WebApplicationService buildInternal(final WebApplicationService service, final Map<String, String> parameters) {
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService);
final Map.Entry<String, RegisteredServiceProperty> property = registeredService.getProperties().entrySet().stream().filter(entry -> entry.getKey().equalsIgnoreCase(TokenConstants.PROPERTY_NAME_TOKEN_AS_RESPONSE) && BooleanUtils.toBoolean(entry.getValue().getValue())).distinct().findFirst().orElse(null);
if (property == null) {
return super.buildInternal(service, parameters);
}
final String jwt = generateToken(service, parameters);
final TokenWebApplicationService jwtService = new TokenWebApplicationService(service.getId(), service.getOriginalUrl(), service.getArtifactId());
jwtService.setFormat(service.getFormat());
jwtService.setLoggedOutAlready(service.isLoggedOutAlready());
parameters.put(CasProtocolConstants.PARAMETER_TICKET, jwt);
return jwtService;
}
Also used :
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
CasProtocolConstants(org.apereo.cas.CasProtocolConstants)
DateTimeUtils(org.apereo.cas.util.DateTimeUtils)
Cas30ServiceTicketValidator(org.jasig.cas.client.validation.Cas30ServiceTicketValidator)
ZonedDateTime(java.time.ZonedDateTime)
RegisteredServiceProperty(org.apereo.cas.services.RegisteredServiceProperty)
Throwables(com.google.common.base.Throwables)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
Autowired(org.springframework.beans.factory.annotation.Autowired)
BooleanUtils(org.apache.commons.lang3.BooleanUtils)
RegisteredServiceAccessStrategyUtils(org.apereo.cas.services.RegisteredServiceAccessStrategyUtils)
CipherExecutor(org.apereo.cas.CipherExecutor)
Assertion(org.jasig.cas.client.validation.Assertion)
RegisteredService(org.apereo.cas.services.RegisteredService)
AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService)
WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService)
JSONObject(net.minidev.json.JSONObject)
Service(org.apereo.cas.authentication.principal.Service)
Map(java.util.Map)
ExpirationPolicy(org.apereo.cas.ticket.ExpirationPolicy)
WebApplicationServiceResponseBuilder(org.apereo.cas.authentication.principal.WebApplicationServiceResponseBuilder)
TokenConstants(org.apereo.cas.token.TokenConstants)
ServicesManager(org.apereo.cas.services.ServicesManager)
RegisteredServiceProperty(org.apereo.cas.services.RegisteredServiceProperty)
RegisteredService(org.apereo.cas.services.RegisteredService)
Map(java.util.Map)
Example 4 with RegisteredServiceProperty
use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class TokenAuthenticationHandler method getRegisteredServiceJwtSecret.
/**
* Gets registered service jwt secret.
*
* @param service the service
* @param propName the prop name
* @return the registered service jwt secret
*/
protected String getRegisteredServiceJwtSecret(final RegisteredService service, final String propName) {
if (service == null || !service.getAccessStrategy().isServiceAccessAllowed()) {
LOGGER.debug("Service is not defined/found or its access is disabled in the registry");
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
}
if (service.getProperties().containsKey(propName)) {
final RegisteredServiceProperty propSigning = service.getProperties().get(propName);
final String tokenSigningSecret = propSigning.getValue();
if (StringUtils.isNotBlank(tokenSigningSecret)) {
LOGGER.debug("Found the secret value [{}] for service [{}]", propName, service.getServiceId());
return tokenSigningSecret;
}
}
LOGGER.warn("Service [{}] does not define a property [{}] in the registry", service.getServiceId(), propName);
return null;
}
Also used :
RegisteredServiceProperty(org.apereo.cas.services.RegisteredServiceProperty)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
Aggregations
RegisteredServiceProperty (org.apereo.cas.services.RegisteredServiceProperty)4
DefaultRegisteredServiceProperty (org.apereo.cas.services.DefaultRegisteredServiceProperty)2
Throwables (com.google.common.base.Throwables)1
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1
URL (java.net.URL)1
ZonedDateTime (java.time.ZonedDateTime)1
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
Map (java.util.Map)1
JSONObject (net.minidev.json.JSONObject)1
BooleanUtils (org.apache.commons.lang3.BooleanUtils)1
CasProtocolConstants (org.apereo.cas.CasProtocolConstants)1
CipherExecutor (org.apereo.cas.CipherExecutor)1
AbstractWebApplicationService (org.apereo.cas.authentication.principal.AbstractWebApplicationService)1
Service (org.apereo.cas.authentication.principal.Service)1
ShibbolethCompatiblePersistentIdGenerator (org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator)1
WebApplicationService (org.apereo.cas.authentication.principal.WebApplicationService)1
WebApplicationServiceResponseBuilder (org.apereo.cas.authentication.principal.WebApplicationServiceResponseBuilder)1
CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)1
RegisteredServiceEditBean (org.apereo.cas.mgmt.services.web.beans.RegisteredServiceEditBean)1
