Search in sources :

Example 11 with ReturnAllowedAttributeReleasePolicy

use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.

the class OidcServiceRegistryListenerTests method verifyOperationReconAsChain.

@Test
public void verifyOperationReconAsChain() {
    var service = getOidcRegisteredService();
    service.getScopes().clear();
    service.getScopes().add(OidcConstants.StandardScopes.OPENID.getScope());
    service.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(CollectionUtils.wrapList("cn")));
    service = (OidcRegisteredService) oidcServiceRegistryListener.postLoad(service);
    val policy = service.getAttributeReleasePolicy();
    assertFalse(policy instanceof ChainingAttributeReleasePolicy);
    assertTrue(policy instanceof ReturnAllowedAttributeReleasePolicy);
}
Also used : lombok.val(lombok.val) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) ChainingAttributeReleasePolicy(org.apereo.cas.services.ChainingAttributeReleasePolicy) Test(org.junit.jupiter.api.Test)

Example 12 with ReturnAllowedAttributeReleasePolicy

use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.

the class DefaultAuthenticationAttributeReleasePolicyTests method verifyOnlyRelease.

@Test
public void verifyOnlyRelease() {
    val policy = new DefaultAuthenticationAttributeReleasePolicy(Set.of("cn", "authnContext"), Set.of(), "authnContext");
    val service = CoreAuthenticationTestUtils.getRegisteredService();
    val attrPolicy = new ReturnAllowedAttributeReleasePolicy();
    when(service.getAttributeReleasePolicy()).thenReturn(attrPolicy);
    val results = policy.getAuthenticationAttributesForRelease(CoreAuthenticationTestUtils.getAuthentication(CoreAuthenticationTestUtils.getPrincipal(), Map.of("cn", List.of("common-name"), "givenName", List.of("given-name"))), mock(Assertion.class), Map.of("authnContext", List.of("mfa-something")), service);
    assertEquals(2, results.size());
    assertTrue(results.containsKey("cn"));
    assertTrue(results.containsKey("authnContext"));
}
Also used : lombok.val(lombok.val) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) Assertion(org.apereo.cas.validation.Assertion) Test(org.junit.jupiter.api.Test)

Example 13 with ReturnAllowedAttributeReleasePolicy

use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.

the class SamlIdPConsentSingleSignOnParticipationStrategyTests method verifyIdPNeedsConsentOperation.

@Test
public void verifyIdPNeedsConsentOperation() {
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    RequestContextHolder.setRequestContext(context);
    ExternalContextHolder.setExternalContext(context.getExternalContext());
    val principal = RegisteredServiceTestUtils.getPrincipal("casuser", CollectionUtils.wrap("uid", "CAS-System"));
    val authn = RegisteredServiceTestUtils.getAuthentication(principal);
    val cookie = new MockTicketGrantingTicket(authn);
    val issuer = UUID.randomUUID().toString();
    val registeredService = SamlIdPTestUtils.getSamlRegisteredService(issuer);
    registeredService.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(List.of("uid")));
    val service = RegisteredServiceTestUtils.getService(issuer);
    val authnRequest = getAuthnRequestFor(issuer);
    val ssoRequest = SingleSignOnParticipationRequest.builder().httpServletRequest(request).requestContext(context).build().attribute(AuthnRequest.class.getName(), authnRequest).attribute(Issuer.class.getName(), issuer).attribute(Service.class.getName(), service).attribute(RegisteredService.class.getName(), registeredService).attribute(Authentication.class.getName(), authn).attribute(TicketGrantingTicket.class.getName(), cookie);
    assertFalse(singleSignOnParticipationStrategy.isParticipating(ssoRequest));
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) RegisteredService(org.apereo.cas.services.RegisteredService) Issuer(org.opensaml.saml.saml2.core.Issuer) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) Test(org.junit.jupiter.api.Test)

Example 14 with ReturnAllowedAttributeReleasePolicy

use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.

the class BaseOAuth20AuthenticatorTests method initialize.

@BeforeEach
public void initialize() {
    service = new OAuthRegisteredService();
    service.setName("OAuth");
    service.setId(1);
    service.setServiceId("https://www.example.org");
    service.setClientSecret("secret");
    service.setClientId("client");
    serviceWithoutSecret = new OAuthRegisteredService();
    serviceWithoutSecret.setName("OAuth2");
    serviceWithoutSecret.setId(2);
    serviceWithoutSecret.setServiceId("https://www.example2.org");
    serviceWithoutSecret.setClientId("clientWithoutSecret");
    serviceWithoutSecret2 = new OAuthRegisteredService();
    serviceWithoutSecret2.setName("OAuth3");
    serviceWithoutSecret2.setId(3);
    serviceWithoutSecret2.setServiceId("https://www.example3org");
    serviceWithoutSecret2.setClientId("clientWithoutSecret2");
    serviceJwtAccessToken = new OAuthRegisteredService();
    serviceJwtAccessToken.setName("The registered service name");
    serviceJwtAccessToken.setServiceId("https://oauth.jwt.service");
    serviceJwtAccessToken.setClientId("clientid");
    serviceJwtAccessToken.setClientSecret("clientsecret");
    serviceJwtAccessToken.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
    serviceJwtAccessToken.setJwtAccessToken(true);
    serviceWithAttributesMapping = new OAuthRegisteredService();
    serviceWithAttributesMapping.setName("OAuth5");
    serviceWithAttributesMapping.setId(5);
    serviceWithAttributesMapping.setServiceId("https://www.example5.org");
    serviceWithAttributesMapping.setClientSecret("secret");
    serviceWithAttributesMapping.setClientId("serviceWithAttributesMapping");
    serviceWithAttributesMapping.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider(CaseCanonicalizationMode.LOWER.name()));
    serviceWithAttributesMapping.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(Arrays.asList(new String[] { "eduPersonAffiliation" })));
    servicesManager.save(service, serviceWithoutSecret, serviceWithoutSecret2, serviceJwtAccessToken, serviceWithAttributesMapping);
}
Also used : ReturnAllAttributeReleasePolicy(org.apereo.cas.services.ReturnAllAttributeReleasePolicy) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) DefaultRegisteredServiceUsernameProvider(org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 15 with ReturnAllowedAttributeReleasePolicy

use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.

the class RegisteredServiceRegexAttributeFilterTests method verifyServiceAttributeFilterAllowedAttributesWithARegexFilter.

@Test
public void verifyServiceAttributeFilterAllowedAttributesWithARegexFilter() {
    val policy = new ReturnAllowedAttributeReleasePolicy();
    policy.setAllowedAttributes(Arrays.asList("attr1", "attr3", "another"));
    policy.setAttributeFilter(new RegisteredServiceRegexAttributeFilter("v3"));
    val p = mock(Principal.class);
    val map = new HashMap<String, List<Object>>();
    map.put("attr1", List.of("value1"));
    map.put("attr2", List.of("value2"));
    map.put("attr3", Arrays.asList("v3", "v4"));
    when(p.getAttributes()).thenReturn(map);
    when(p.getId()).thenReturn("principalId");
    val context = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(RegisteredServiceTestUtils.getRegisteredService("test")).service(RegisteredServiceTestUtils.getService()).principal(p).build();
    val attr = policy.getAttributes(context);
    assertEquals(1, attr.size());
    assertTrue(attr.containsKey("attr3"));
    val data = SerializationUtils.serialize(policy);
    val p2 = SerializationUtils.deserializeAndCheckObject(data, ReturnAllowedAttributeReleasePolicy.class);
    assertNotNull(p2);
    assertEquals(p2.getAllowedAttributes(), policy.getAllowedAttributes());
    assertEquals(p2.getAttributeFilter(), policy.getAttributeFilter());
}
Also used : lombok.val(lombok.val) HashMap(java.util.HashMap) ReturnAllowedAttributeReleasePolicy(org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy) Test(org.junit.jupiter.api.Test)

Aggregations

ReturnAllowedAttributeReleasePolicy (org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy)20 lombok.val (lombok.val)9 Test (org.junit.jupiter.api.Test)8 DefaultRegisteredServiceUsernameProvider (org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider)5 ReturnAllAttributeReleasePolicy (org.apereo.cas.services.ReturnAllAttributeReleasePolicy)5 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)5 RegexMatchingRegisteredServiceProxyPolicy (org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy)4 RegexRegisteredService (org.apereo.cas.services.RegexRegisteredService)4 AbstractRegisteredService (org.apereo.cas.services.AbstractRegisteredService)3 AbstractRegisteredServiceAttributeReleasePolicy (org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy)3 DefaultRegisteredServiceAccessStrategy (org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)3 DenyAllAttributeReleasePolicy (org.apereo.cas.services.DenyAllAttributeReleasePolicy)3 GroovyScriptAttributeReleasePolicy (org.apereo.cas.services.GroovyScriptAttributeReleasePolicy)3 RegisteredService (org.apereo.cas.services.RegisteredService)3 ReturnMappedAttributeReleasePolicy (org.apereo.cas.services.ReturnMappedAttributeReleasePolicy)3 ScriptedRegisteredServiceAttributeReleasePolicy (org.apereo.cas.services.ScriptedRegisteredServiceAttributeReleasePolicy)3 Assertion (org.apereo.cas.validation.Assertion)3 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 List (java.util.List)2