use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.
the class OidcServiceRegistryListenerTests method verifyOperationReconAsChain.
@Test
public void verifyOperationReconAsChain() {
var service = getOidcRegisteredService();
service.getScopes().clear();
service.getScopes().add(OidcConstants.StandardScopes.OPENID.getScope());
service.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(CollectionUtils.wrapList("cn")));
service = (OidcRegisteredService) oidcServiceRegistryListener.postLoad(service);
val policy = service.getAttributeReleasePolicy();
assertFalse(policy instanceof ChainingAttributeReleasePolicy);
assertTrue(policy instanceof ReturnAllowedAttributeReleasePolicy);
}
use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.
the class DefaultAuthenticationAttributeReleasePolicyTests method verifyOnlyRelease.
@Test
public void verifyOnlyRelease() {
val policy = new DefaultAuthenticationAttributeReleasePolicy(Set.of("cn", "authnContext"), Set.of(), "authnContext");
val service = CoreAuthenticationTestUtils.getRegisteredService();
val attrPolicy = new ReturnAllowedAttributeReleasePolicy();
when(service.getAttributeReleasePolicy()).thenReturn(attrPolicy);
val results = policy.getAuthenticationAttributesForRelease(CoreAuthenticationTestUtils.getAuthentication(CoreAuthenticationTestUtils.getPrincipal(), Map.of("cn", List.of("common-name"), "givenName", List.of("given-name"))), mock(Assertion.class), Map.of("authnContext", List.of("mfa-something")), service);
assertEquals(2, results.size());
assertTrue(results.containsKey("cn"));
assertTrue(results.containsKey("authnContext"));
}
use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.
the class SamlIdPConsentSingleSignOnParticipationStrategyTests method verifyIdPNeedsConsentOperation.
@Test
public void verifyIdPNeedsConsentOperation() {
val context = new MockRequestContext();
val request = new MockHttpServletRequest();
val response = new MockHttpServletResponse();
context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
RequestContextHolder.setRequestContext(context);
ExternalContextHolder.setExternalContext(context.getExternalContext());
val principal = RegisteredServiceTestUtils.getPrincipal("casuser", CollectionUtils.wrap("uid", "CAS-System"));
val authn = RegisteredServiceTestUtils.getAuthentication(principal);
val cookie = new MockTicketGrantingTicket(authn);
val issuer = UUID.randomUUID().toString();
val registeredService = SamlIdPTestUtils.getSamlRegisteredService(issuer);
registeredService.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(List.of("uid")));
val service = RegisteredServiceTestUtils.getService(issuer);
val authnRequest = getAuthnRequestFor(issuer);
val ssoRequest = SingleSignOnParticipationRequest.builder().httpServletRequest(request).requestContext(context).build().attribute(AuthnRequest.class.getName(), authnRequest).attribute(Issuer.class.getName(), issuer).attribute(Service.class.getName(), service).attribute(RegisteredService.class.getName(), registeredService).attribute(Authentication.class.getName(), authn).attribute(TicketGrantingTicket.class.getName(), cookie);
assertFalse(singleSignOnParticipationStrategy.isParticipating(ssoRequest));
}
use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.
the class BaseOAuth20AuthenticatorTests method initialize.
@BeforeEach
public void initialize() {
service = new OAuthRegisteredService();
service.setName("OAuth");
service.setId(1);
service.setServiceId("https://www.example.org");
service.setClientSecret("secret");
service.setClientId("client");
serviceWithoutSecret = new OAuthRegisteredService();
serviceWithoutSecret.setName("OAuth2");
serviceWithoutSecret.setId(2);
serviceWithoutSecret.setServiceId("https://www.example2.org");
serviceWithoutSecret.setClientId("clientWithoutSecret");
serviceWithoutSecret2 = new OAuthRegisteredService();
serviceWithoutSecret2.setName("OAuth3");
serviceWithoutSecret2.setId(3);
serviceWithoutSecret2.setServiceId("https://www.example3org");
serviceWithoutSecret2.setClientId("clientWithoutSecret2");
serviceJwtAccessToken = new OAuthRegisteredService();
serviceJwtAccessToken.setName("The registered service name");
serviceJwtAccessToken.setServiceId("https://oauth.jwt.service");
serviceJwtAccessToken.setClientId("clientid");
serviceJwtAccessToken.setClientSecret("clientsecret");
serviceJwtAccessToken.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
serviceJwtAccessToken.setJwtAccessToken(true);
serviceWithAttributesMapping = new OAuthRegisteredService();
serviceWithAttributesMapping.setName("OAuth5");
serviceWithAttributesMapping.setId(5);
serviceWithAttributesMapping.setServiceId("https://www.example5.org");
serviceWithAttributesMapping.setClientSecret("secret");
serviceWithAttributesMapping.setClientId("serviceWithAttributesMapping");
serviceWithAttributesMapping.setUsernameAttributeProvider(new DefaultRegisteredServiceUsernameProvider(CaseCanonicalizationMode.LOWER.name()));
serviceWithAttributesMapping.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(Arrays.asList(new String[] { "eduPersonAffiliation" })));
servicesManager.save(service, serviceWithoutSecret, serviceWithoutSecret2, serviceJwtAccessToken, serviceWithAttributesMapping);
}
use of org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy in project cas by apereo.
the class RegisteredServiceRegexAttributeFilterTests method verifyServiceAttributeFilterAllowedAttributesWithARegexFilter.
@Test
public void verifyServiceAttributeFilterAllowedAttributesWithARegexFilter() {
val policy = new ReturnAllowedAttributeReleasePolicy();
policy.setAllowedAttributes(Arrays.asList("attr1", "attr3", "another"));
policy.setAttributeFilter(new RegisteredServiceRegexAttributeFilter("v3"));
val p = mock(Principal.class);
val map = new HashMap<String, List<Object>>();
map.put("attr1", List.of("value1"));
map.put("attr2", List.of("value2"));
map.put("attr3", Arrays.asList("v3", "v4"));
when(p.getAttributes()).thenReturn(map);
when(p.getId()).thenReturn("principalId");
val context = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(RegisteredServiceTestUtils.getRegisteredService("test")).service(RegisteredServiceTestUtils.getService()).principal(p).build();
val attr = policy.getAttributes(context);
assertEquals(1, attr.size());
assertTrue(attr.containsKey("attr3"));
val data = SerializationUtils.serialize(policy);
val p2 = SerializationUtils.deserializeAndCheckObject(data, ReturnAllowedAttributeReleasePolicy.class);
assertNotNull(p2);
assertEquals(p2.getAllowedAttributes(), policy.getAllowedAttributes());
assertEquals(p2.getAttributeFilter(), policy.getAttributeFilter());
}
Aggregations