Examples with TicketGrantingTicket org.apereo.cas.ticket.TicketGrantingTicket used on opensource projects

Example 61 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class JWTTicketGrantingTicketResourceEntityResponseFactoryTests method verifyTicketGrantingTicketAsJwtWithHeader.

@Test
public void verifyTicketGrantingTicketAsJwtWithHeader() throws Exception {
    final AuthenticationResult result = CoreAuthenticationTestUtils.getAuthenticationResult(authenticationSystemSupport, CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword("casuser"));
    final TicketGrantingTicket tgt = centralAuthenticationService.createTicketGrantingTicket(result);
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.addHeader(TokenConstants.PARAMETER_NAME_TOKEN, Boolean.TRUE.toString());
    final ResponseEntity<String> response = ticketGrantingTicketResourceEntityResponseFactory.build(tgt, request);
    assertNotNull(response);
    assertEquals(HttpStatus.CREATED, response.getStatusCode());
    final Object jwt = this.tokenCipherExecutor.decode(response.getBody());
    final JWTClaimsSet claims = JWTClaimsSet.parse(jwt.toString());
    assertEquals(claims.getSubject(), tgt.getAuthentication().getPrincipal().getId());
}

Example 62 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class AbstractServiceValidateController method handleTicketValidation.

/**
 * Handle ticket validation model and view.
 *
 * @param request         the request
 * @param service         the service
 * @param serviceTicketId the service ticket id
 * @return the model and view
 */
protected ModelAndView handleTicketValidation(final HttpServletRequest request, final WebApplicationService service, final String serviceTicketId) {
    TicketGrantingTicket proxyGrantingTicketId = null;
    final Credential serviceCredential = getServiceCredentialsFromRequest(service, request);
    if (serviceCredential != null) {
        try {
            proxyGrantingTicketId = handleProxyGrantingTicketDelivery(serviceTicketId, serviceCredential);
        } catch (final AuthenticationException e) {
            LOGGER.warn("Failed to authenticate service credential [{}]", serviceCredential);
            return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
        } catch (final InvalidTicketException e) {
            LOGGER.error("Failed to create proxy granting ticket due to an invalid ticket for [{}]", serviceCredential, e);
            return generateErrorView(e.getCode(), new Object[] { serviceTicketId }, request, service);
        } catch (final AbstractTicketException e) {
            LOGGER.error("Failed to create proxy granting ticket for [{}]", serviceCredential, e);
            return generateErrorView(e.getCode(), new Object[] { serviceCredential.getId() }, request, service);
        }
    }
    final Assertion assertion = this.centralAuthenticationService.validateServiceTicket(serviceTicketId, service);
    if (!validateAssertion(request, serviceTicketId, assertion, service)) {
        return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_TICKET, new Object[] { serviceTicketId }, request, service);
    }
    final Pair<Boolean, Optional<MultifactorAuthenticationProvider>> ctxResult = validateAuthenticationContext(assertion, request);
    if (!ctxResult.getKey()) {
        throw new UnsatisfiedAuthenticationContextTicketValidationException(assertion.getService());
    }
    String proxyIou = null;
    if (serviceCredential != null && this.proxyHandler != null && this.proxyHandler.canHandle(serviceCredential)) {
        proxyIou = handleProxyIouDelivery(serviceCredential, proxyGrantingTicketId);
        if (StringUtils.isEmpty(proxyIou)) {
            return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_PROXY_CALLBACK, new Object[] { serviceCredential.getId() }, request, service);
        }
    } else {
        LOGGER.debug("No service credentials specified, and/or the proxy handler [{}] cannot handle credentials", this.proxyHandler);
    }
    onSuccessfulValidation(serviceTicketId, assertion);
    LOGGER.debug("Successfully validated service ticket [{}] for service [{}]", serviceTicketId, service.getId());
    return generateSuccessView(assertion, proxyIou, service, request, ctxResult.getValue(), proxyGrantingTicketId);
}

Example 63 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class AbstractServiceValidateController method handleProxyGrantingTicketDelivery.

/**
 * Handle proxy granting ticket delivery.
 *
 * @param serviceTicketId the service ticket id
 * @param credential      the service credential
 * @return the ticket granting ticket
 */
private TicketGrantingTicket handleProxyGrantingTicketDelivery(final String serviceTicketId, final Credential credential) throws AuthenticationException, AbstractTicketException {
    final ServiceTicket serviceTicket = this.centralAuthenticationService.getTicket(serviceTicketId, ServiceTicket.class);
    final AuthenticationResult authenticationResult = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(serviceTicket.getService(), credential);
    final TicketGrantingTicket proxyGrantingTicketId = this.centralAuthenticationService.createProxyGrantingTicket(serviceTicketId, authenticationResult);
    LOGGER.debug("Generated proxy-granting ticket [{}] off of service ticket [{}] and credential [{}]", proxyGrantingTicketId.getId(), serviceTicketId, credential);
    return proxyGrantingTicketId;
}

Example 64 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class AbstractServiceValidateControllerTests method getModelAndViewUponServiceValidationWithSecurePgtUrl.

/*
    Helper methods.
     */
protected ModelAndView getModelAndViewUponServiceValidationWithSecurePgtUrl() throws Exception {
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), SERVICE);
    final TicketGrantingTicket tId = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), SERVICE, ctx);
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, SERVICE.getId());
    request.addParameter(CasProtocolConstants.PARAMETER_TICKET, sId.getId());
    request.addParameter(CasProtocolConstants.PARAMETER_PROXY_GRANTING_TICKET_URL, GITHUB_URL);
    return this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse());
}

Example 65 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class AbstractServiceValidateControllerTests method verifyValidServiceTicketAndBadFormat.

@Test
public void verifyValidServiceTicketAndBadFormat() throws Exception {
    final Service svc = RegisteredServiceTestUtils.getService("proxyService");
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
    final TicketGrantingTicket tId = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), svc, ctx);
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, svc.getId());
    request.addParameter(CasProtocolConstants.PARAMETER_TICKET, sId.getId());
    request.addParameter(CasProtocolConstants.PARAMETER_FORMAT, "NOTHING");
    final ModelAndView modelAndView = this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse());
    assertTrue(modelAndView.getView().toString().contains("Success"));
}