use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class LdapServiceRegistryDaoTests method getRegexRegisteredService.
private static RegisteredService getRegexRegisteredService() {
final AbstractRegisteredService rs = new RegexRegisteredService();
rs.setName("Service Name Regex");
rs.setProxyPolicy(new RefuseRegisteredServiceProxyPolicy());
rs.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider(new ShibbolethCompatiblePersistentIdGenerator("hello")));
rs.setDescription("Service description");
rs.setServiceId("^http?://.+");
rs.setTheme("the theme name");
rs.setEvaluationOrder(123);
rs.setDescription("Here is another description");
rs.setRequiredHandlers(Stream.of("handler1", "handler2").collect(Collectors.toSet()));
final Map<String, RegisteredServiceProperty> propertyMap = new HashMap<>();
final DefaultRegisteredServiceProperty property = new DefaultRegisteredServiceProperty();
final Set<String> values = new HashSet<>();
values.add("value1");
values.add("value2");
property.setValues(values);
propertyMap.put("field1", property);
rs.setProperties(propertyMap);
return rs;
}
use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class DefaultRegisteredServiceMapper method mapRegisteredService.
@Override
public void mapRegisteredService(final RegisteredService svc, final RegisteredServiceEditBean.ServiceData bean) {
bean.setAssignedId(Long.toString(svc.getId()));
bean.setServiceId(svc.getServiceId());
bean.setName(svc.getName());
bean.setDescription(svc.getDescription());
if (svc.getLogo() != null) {
bean.setLogoUrl(svc.getLogo().toExternalForm());
}
bean.setRequiredHandlers(svc.getRequiredHandlers());
if (StringUtils.isNotBlank(svc.getInformationUrl())) {
bean.setInformationUrl(svc.getInformationUrl());
}
if (StringUtils.isNotBlank(svc.getPrivacyUrl())) {
bean.setPrivacyUrl(svc.getPrivacyUrl());
}
if (svc instanceof OAuthRegisteredService) {
bean.setType(RegisteredServiceTypeEditBean.OAUTH.toString());
final OAuthRegisteredService oauth = (OAuthRegisteredService) svc;
final RegisteredServiceOAuthTypeEditBean oauthBean = bean.getOauth();
oauthBean.setBypass(oauth.isBypassApprovalPrompt());
oauthBean.setClientId(oauth.getClientId());
oauthBean.setClientSecret(oauth.getClientSecret());
oauthBean.setRefreshToken(oauth.isGenerateRefreshToken());
oauthBean.setJsonFormat(oauth.isJsonFormat());
if (svc instanceof OidcRegisteredService) {
bean.setType(RegisteredServiceTypeEditBean.OIDC.toString());
final OidcRegisteredService oidc = (OidcRegisteredService) svc;
final RegisteredServiceOidcTypeEditBean oidcBean = bean.getOidc();
oidcBean.setJwks(oidc.getJwks());
oidcBean.setSignToken(oidc.isSignIdToken());
oidcBean.setImplicit(oidc.isImplicit());
oidcBean.setEncrypt(oidc.isEncryptIdToken());
oidcBean.setEncryptAlg(oidc.getIdTokenEncryptionAlg());
oidcBean.setEncryptEnc(oidc.getIdTokenEncryptionEncoding());
oidcBean.setDynamic(oidc.isDynamicallyRegistered());
if (oidc.isDynamicallyRegistered()) {
oidcBean.setDynamicDate(oidc.getDynamicRegistrationDateTime().toString());
}
oidcBean.setScopes(oidc.getScopes().stream().collect(Collectors.joining(",")));
}
}
if (svc instanceof SamlRegisteredService) {
bean.setType(RegisteredServiceTypeEditBean.SAML.toString());
final SamlRegisteredService saml = (SamlRegisteredService) svc;
final RegisteredServiceSamlTypeEditBean samlbean = bean.getSaml();
samlbean.setMdLoc(saml.getMetadataLocation());
samlbean.setMdMaxVal(saml.getMetadataMaxValidity());
samlbean.setMdSigLoc(saml.getMetadataSignatureLocation());
samlbean.setAuthCtxCls(saml.getRequiredAuthenticationContextClass());
samlbean.setEncAssert(saml.isEncryptAssertions());
samlbean.setSignResp(saml.isSignResponses());
samlbean.setSignAssert(saml.isSignAssertions());
samlbean.setRemoveEmptyEntities(saml.isMetadataCriteriaRemoveEmptyEntitiesDescriptors());
samlbean.setRemoveRoleless(saml.isMetadataCriteriaRemoveRolelessEntityDescriptors());
if (StringUtils.isNotBlank(saml.getMetadataCriteriaDirection())) {
samlbean.setDir(saml.getMetadataCriteriaDirection().toUpperCase());
}
if (StringUtils.isNotBlank(saml.getMetadataCriteriaPattern())) {
samlbean.setMdPattern(saml.getMetadataCriteriaPattern());
}
if (StringUtils.isNotBlank(saml.getMetadataCriteriaRoles())) {
samlbean.setRoles(org.springframework.util.StringUtils.commaDelimitedListToSet(saml.getMetadataCriteriaRoles()));
}
}
bean.setTheme(svc.getTheme());
bean.setEvalOrder(svc.getEvaluationOrder());
final LogoutType logoutType = svc.getLogoutType();
switch(logoutType) {
case BACK_CHANNEL:
bean.setLogoutType(RegisteredServiceLogoutTypeEditBean.BACK.toString());
break;
case FRONT_CHANNEL:
bean.setLogoutType(RegisteredServiceLogoutTypeEditBean.FRONT.toString());
break;
default:
bean.setLogoutType(RegisteredServiceLogoutTypeEditBean.NONE.toString());
break;
}
final URL url = svc.getLogoutUrl();
if (url != null) {
bean.setLogoutUrl(url.toExternalForm());
}
final RegisteredServicePublicKey key = svc.getPublicKey();
final RegisteredServicePublicKeyEditBean pBean = bean.getPublicKey();
if (key != null) {
pBean.setAlgorithm(key.getAlgorithm());
pBean.setLocation(key.getLocation());
}
final Map<String, RegisteredServiceProperty> props = svc.getProperties();
final Set<RegisteredServiceEditBean.ServiceData.PropertyBean> beanProps = bean.getProperties();
props.entrySet().forEach(p -> {
final String set = org.springframework.util.StringUtils.collectionToCommaDelimitedString(p.getValue().getValues());
beanProps.add(new RegisteredServiceEditBean.ServiceData.PropertyBean(p.getKey(), set));
});
}
use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class TokenWebApplicationServiceResponseBuilder method buildInternal.
@Override
protected WebApplicationService buildInternal(final WebApplicationService service, final Map<String, String> parameters) {
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService);
final Map.Entry<String, RegisteredServiceProperty> property = registeredService.getProperties().entrySet().stream().filter(entry -> entry.getKey().equalsIgnoreCase(TokenConstants.PROPERTY_NAME_TOKEN_AS_RESPONSE) && BooleanUtils.toBoolean(entry.getValue().getValue())).distinct().findFirst().orElse(null);
if (property == null) {
return super.buildInternal(service, parameters);
}
final String jwt = generateToken(service, parameters);
final TokenWebApplicationService jwtService = new TokenWebApplicationService(service.getId(), service.getOriginalUrl(), service.getArtifactId());
jwtService.setFormat(service.getFormat());
jwtService.setLoggedOutAlready(service.isLoggedOutAlready());
parameters.put(CasProtocolConstants.PARAMETER_TICKET, jwt);
return jwtService;
}
use of org.apereo.cas.services.RegisteredServiceProperty in project cas by apereo.
the class TokenAuthenticationHandler method getRegisteredServiceJwtSecret.
/**
* Gets registered service jwt secret.
*
* @param service the service
* @param propName the prop name
* @return the registered service jwt secret
*/
protected String getRegisteredServiceJwtSecret(final RegisteredService service, final String propName) {
if (service == null || !service.getAccessStrategy().isServiceAccessAllowed()) {
LOGGER.debug("Service is not defined/found or its access is disabled in the registry");
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE);
}
if (service.getProperties().containsKey(propName)) {
final RegisteredServiceProperty propSigning = service.getProperties().get(propName);
final String tokenSigningSecret = propSigning.getValue();
if (StringUtils.isNotBlank(tokenSigningSecret)) {
LOGGER.debug("Found the secret value [{}] for service [{}]", propName, service.getServiceId());
return tokenSigningSecret;
}
}
LOGGER.warn("Service [{}] does not define a property [{}] in the registry", service.getServiceId(), propName);
return null;
}
Aggregations