Search in sources :

Example 6 with ServiceTicket

use of org.apereo.cas.ticket.ServiceTicket in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyValidateServiceTicketWithDefaultUsernameAttribute.

@Test
public void verifyValidateServiceTicketWithDefaultUsernameAttribute() throws Exception {
    final Service svc = getService("testDefault");
    final UsernamePasswordCredential cred = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
    final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc, ctx);
    final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc);
    final Authentication auth = assertion.getPrimaryAuthentication();
    assertEquals(auth.getPrincipal().getId(), cred.getUsername());
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) Assertion(org.apereo.cas.validation.Assertion) AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 7 with ServiceTicket

use of org.apereo.cas.ticket.ServiceTicket in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyDelegateTicketGrantingTicketWithBadServiceTicket.

@Test
public void verifyDelegateTicketGrantingTicketWithBadServiceTicket() throws Exception {
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService());
    final TicketGrantingTicket ticketId = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket serviceTicketId = getCentralAuthenticationService().grantServiceTicket(ticketId.getId(), getService(), ctx);
    getCentralAuthenticationService().destroyTicketGrantingTicket(ticketId.getId());
    final AuthenticationResult ctx2 = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), RegisteredServiceTestUtils.getHttpBasedServiceCredentials());
    this.thrown.expect(AbstractTicketException.class);
    getCentralAuthenticationService().createProxyGrantingTicket(serviceTicketId.getId(), ctx2);
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 8 with ServiceTicket

use of org.apereo.cas.ticket.ServiceTicket in project cas by apereo.

the class CentralAuthenticationServiceImplTests method authenticateTwiceWithRenew.

/**
     * This test simulates :
     * - a first authentication for a default service
     * - a second authentication with the renew parameter and the same service (and same credentials)
     * - a validation of the second ticket.
     * When supplemental authentications were returned with the chained authentications, the validation specification
     * failed as it only expects one authentication. Thus supplemental authentications should not be returned in the
     * chained authentications. Both concepts are orthogonal.
     */
@Test
public void authenticateTwiceWithRenew() throws AbstractTicketException, AuthenticationException {
    final CentralAuthenticationService cas = getCentralAuthenticationService();
    final Service svc = getService("testDefault");
    final UsernamePasswordCredential goodCredential = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
    final TicketGrantingTicket tgtId = cas.createTicketGrantingTicket(ctx);
    cas.grantServiceTicket(tgtId.getId(), svc, ctx);
    // simulate renew with new good same credentials
    final ServiceTicket st2Id = cas.grantServiceTicket(tgtId.getId(), svc, ctx);
    final Assertion assertion = cas.validateServiceTicket(st2Id.getId(), svc);
    final ValidationSpecification validationSpecification = new Cas20WithoutProxyingValidationSpecification();
    assertTrue(validationSpecification.isSatisfiedBy(assertion, new MockHttpServletRequest()));
}
Also used : Cas20WithoutProxyingValidationSpecification(org.apereo.cas.validation.Cas20WithoutProxyingValidationSpecification) ValidationSpecification(org.apereo.cas.validation.ValidationSpecification) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Assertion(org.apereo.cas.validation.Assertion) AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) Cas20WithoutProxyingValidationSpecification(org.apereo.cas.validation.Cas20WithoutProxyingValidationSpecification) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 9 with ServiceTicket

use of org.apereo.cas.ticket.ServiceTicket in project cas by apereo.

the class ServiceWarningAction method doExecute.

@Override
protected Event doExecute(final RequestContext context) throws Exception {
    final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
    final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
    final Service service = WebUtils.getService(context);
    final String ticketGrantingTicket = WebUtils.getTicketGrantingTicketId(context);
    final Authentication authentication = this.ticketRegistrySupport.getAuthenticationFrom(ticketGrantingTicket);
    if (authentication == null) {
        throw new InvalidTicketException(new AuthenticationException("No authentication found for ticket " + ticketGrantingTicket), ticketGrantingTicket);
    }
    final Credential credential = WebUtils.getCredential(context);
    final AuthenticationResultBuilder authenticationResultBuilder = authenticationSystemSupport.establishAuthenticationContextFromInitial(authentication, credential);
    final AuthenticationResult authenticationResult = authenticationResultBuilder.build(service);
    final ServiceTicket serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicket, service, authenticationResult);
    WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
    if (request.getParameterMap().containsKey("ignorewarn")) {
        if (Boolean.valueOf(request.getParameter("ignorewarn").toString())) {
            this.warnCookieGenerator.removeCookie(response);
        }
    }
    return new Event(this, CasWebflowConstants.STATE_ID_REDIRECT);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Credential(org.apereo.cas.authentication.Credential) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) Authentication(org.apereo.cas.authentication.Authentication) InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException) HttpServletResponse(javax.servlet.http.HttpServletResponse) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) Service(org.apereo.cas.authentication.principal.Service) Event(org.springframework.webflow.execution.Event) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) AuthenticationResultBuilder(org.apereo.cas.authentication.AuthenticationResultBuilder) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult)

Example 10 with ServiceTicket

use of org.apereo.cas.ticket.ServiceTicket in project cas by apereo.

the class CentralAuthenticationServiceImplWithMockitoTests method createMockServiceTicket.

private static ServiceTicket createMockServiceTicket(final String id, final Service svc) {
    final ServiceTicket stMock = mock(ServiceTicket.class);
    when(stMock.getService()).thenReturn(svc);
    when(stMock.getId()).thenReturn(id);
    when(stMock.isValidFor(svc)).thenReturn(true);
    return stMock;
}
Also used : ServiceTicket(org.apereo.cas.ticket.ServiceTicket)

Aggregations

ServiceTicket (org.apereo.cas.ticket.ServiceTicket)70 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)59 Test (org.junit.Test)53 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)45 Service (org.apereo.cas.authentication.principal.Service)32 Authentication (org.apereo.cas.authentication.Authentication)17 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)14 AbstractWebApplicationService (org.apereo.cas.authentication.principal.AbstractWebApplicationService)12 Assertion (org.apereo.cas.validation.Assertion)12 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)12 TicketGrantingTicketImpl (org.apereo.cas.ticket.TicketGrantingTicketImpl)10 NeverExpiresExpirationPolicy (org.apereo.cas.ticket.support.NeverExpiresExpirationPolicy)10 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)10 Credential (org.apereo.cas.authentication.Credential)9 MockServiceTicket (org.apereo.cas.mock.MockServiceTicket)8 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)8 UsernamePasswordCredential (org.apereo.cas.authentication.UsernamePasswordCredential)7 ModelAndView (org.springframework.web.servlet.ModelAndView)7 RegisteredService (org.apereo.cas.services.RegisteredService)6 InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)6