Examples with TicketGrantingTicket org.apereo.cas.ticket.TicketGrantingTicket used on opensource projects

Search in sources :

Example 71 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class AbstractServiceValidateControllerTests method verifyValidServiceTicketWithValidPgtAndProxyHandlerFailing.

@Test
public void verifyValidServiceTicketWithValidPgtAndProxyHandlerFailing() throws Exception {
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), SERVICE);
    final TicketGrantingTicket tId = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), SERVICE, ctx);
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, SERVICE.getId());
    request.addParameter(CasProtocolConstants.PARAMETER_TICKET, sId.getId());
    request.addParameter(CasProtocolConstants.PARAMETER_PROXY_GRANTING_TICKET_URL, SERVICE.getId());
    this.serviceValidateController.setProxyHandler((credential, proxyGrantingTicketId) -> null);
    final ModelAndView modelAndView = this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse());
    assertFalse(modelAndView.getView().toString().contains(SUCCESS));
    assertNull(modelAndView.getModel().get(CasProtocolConstants.PARAMETER_PROXY_GRANTING_TICKET_IOU));
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ModelAndView(org.springframework.web.servlet.ModelAndView) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 72 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class DelegatedClientAuthenticationAction method doExecute.

@Override
protected Event doExecute(final RequestContext context) throws Exception {
    final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
    final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
    final HttpSession session = request.getSession();
    // web context
    final WebContext webContext = WebUtils.getPac4jJ2EContext(request, response);
    // get client
    final String clientName = request.getParameter(this.clients.getClientNameParameter());
    LOGGER.debug("clientName: [{}]", clientName);
    if (hasDelegationRequestFailed(request, response.getStatus()).isPresent()) {
        return stopWebflow();
    }
    // it's an authentication
    if (StringUtils.isNotBlank(clientName)) {
        // get client
        final BaseClient<Credentials, CommonProfile> client = (BaseClient<Credentials, CommonProfile>) this.clients.findClient(clientName);
        LOGGER.debug("Client: [{}]", client);
        // get credentials
        final Credentials credentials;
        try {
            credentials = client.getCredentials(webContext);
            LOGGER.debug("Retrieved credentials: [{}]", credentials);
        } catch (final Exception e) {
            LOGGER.debug("The request requires http action", e);
            return stopWebflow();
        }
        // retrieve parameters from web session
        final Service service = (Service) session.getAttribute(CasProtocolConstants.PARAMETER_SERVICE);
        context.getFlowScope().put(CasProtocolConstants.PARAMETER_SERVICE, service);
        LOGGER.debug("Retrieve service: [{}]", service);
        if (service != null) {
            request.setAttribute(CasProtocolConstants.PARAMETER_SERVICE, service.getId());
        }
        restoreRequestAttribute(request, session, this.themeParamName);
        restoreRequestAttribute(request, session, this.localParamName);
        restoreRequestAttribute(request, session, CasProtocolConstants.PARAMETER_METHOD);
        // credentials not null -> try to authenticate
        if (credentials != null) {
            final AuthenticationResult authenticationResult = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(service, new ClientCredential(credentials));
            final TicketGrantingTicket tgt = this.centralAuthenticationService.createTicketGrantingTicket(authenticationResult);
            WebUtils.putTicketGrantingTicketInScopes(context, tgt);
            return success();
        }
    }
    // no or aborted authentication : go to login page
    prepareForLoginPage(context);
    if (response.getStatus() == HttpStatus.UNAUTHORIZED.value()) {
        return stopWebflow();
    }
    if (this.autoRedirect) {
        final Set<ProviderLoginPageConfiguration> urls = context.getFlowScope().get(PAC4J_URLS, Set.class);
        if (urls != null && urls.size() == 1) {
            final ProviderLoginPageConfiguration cfg = urls.stream().findFirst().get();
            LOGGER.debug("Auto-redirecting to client url [{}]", cfg.getRedirectUrl());
            response.sendRedirect(cfg.getRedirectUrl());
            final ExternalContext externalContext = context.getExternalContext();
            externalContext.recordResponseComplete();
            return stopWebflow();
        }
    }
    return error();
}
Also used : WebContext(org.pac4j.core.context.WebContext) HttpSession(javax.servlet.http.HttpSession) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) HttpServletResponse(javax.servlet.http.HttpServletResponse) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) Service(org.apereo.cas.authentication.principal.Service) BaseClient(org.pac4j.core.client.BaseClient) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) HttpServletRequest(javax.servlet.http.HttpServletRequest) ClientCredential(org.apereo.cas.authentication.principal.ClientCredential) CommonProfile(org.pac4j.core.profile.CommonProfile) ExternalContext(org.springframework.webflow.context.ExternalContext) Credentials(org.pac4j.core.credentials.Credentials)

Example 73 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method verifyFinishAuthentication.

@Test
public void verifyFinishAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");
    final MockHttpSession mockSession = new MockHttpSession();
    mockSession.setAttribute(ThemeChangeInterceptor.DEFAULT_PARAM_NAME, MY_THEME);
    mockSession.setAttribute(LocaleChangeInterceptor.DEFAULT_PARAM_NAME, MY_LOCALE);
    mockSession.setAttribute(CasProtocolConstants.PARAMETER_METHOD, MY_METHOD);
    final Service service = CoreAuthenticationTestUtils.getService(MY_SERVICE);
    mockSession.setAttribute(CasProtocolConstants.PARAMETER_SERVICE, service);
    mockRequest.setSession(mockSession);
    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);
    when(servletExternalContext.getNativeResponse()).thenReturn(new MockHttpServletResponse());
    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    final FacebookClient facebookClient = new FacebookClient() {

        @Override
        protected OAuth20Credentials retrieveCredentials(final WebContext context) throws HttpAction {
            return new OAuth20Credentials("fakeVerifier", FacebookClient.class.getSimpleName());
        }
    };
    facebookClient.setName(FacebookClient.class.getSimpleName());
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient);
    final TicketGrantingTicket tgt = new TicketGrantingTicketImpl(TGT_ID, mock(Authentication.class), mock(ExpirationPolicy.class));
    final CentralAuthenticationService casImpl = mock(CentralAuthenticationService.class);
    when(casImpl.createTicketGrantingTicket(any(AuthenticationResult.class))).thenReturn(tgt);
    final AuthenticationTransactionManager transManager = mock(AuthenticationTransactionManager.class);
    final AuthenticationManager authNManager = mock(AuthenticationManager.class);
    when(authNManager.authenticate(any(AuthenticationTransaction.class))).thenReturn(CoreAuthenticationTestUtils.getAuthentication());
    when(transManager.getAuthenticationManager()).thenReturn(authNManager);
    when(transManager.handle(any(AuthenticationTransaction.class), any(AuthenticationResultBuilder.class))).thenReturn(transManager);
    final AuthenticationSystemSupport support = mock(AuthenticationSystemSupport.class);
    when(support.getAuthenticationTransactionManager()).thenReturn(transManager);
    final DelegatedClientAuthenticationAction action = new DelegatedClientAuthenticationAction(clients, support, casImpl, "theme", "locale", false);
    final Event event = action.execute(mockRequestContext);
    assertEquals("success", event.getId());
    assertEquals(MY_THEME, mockRequest.getAttribute(ThemeChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(LocaleChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(MY_METHOD, mockRequest.getAttribute(CasProtocolConstants.PARAMETER_METHOD));
    assertEquals(MY_SERVICE, mockRequest.getAttribute(CasProtocolConstants.PARAMETER_SERVICE));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    final MutableAttributeMap requestScope = mockRequestContext.getRequestScope();
    assertEquals(service, flowScope.get(CasProtocolConstants.PARAMETER_SERVICE));
    assertEquals(TGT_ID, flowScope.get(TGT_NAME));
    assertEquals(TGT_ID, requestScope.get(TGT_NAME));
}
Also used : WebContext(org.pac4j.core.context.WebContext) AuthenticationSystemSupport(org.apereo.cas.authentication.AuthenticationSystemSupport) AuthenticationTransactionManager(org.apereo.cas.authentication.AuthenticationTransactionManager) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) FacebookClient(org.pac4j.oauth.client.FacebookClient) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) Service(org.apereo.cas.authentication.principal.Service) MockRequestContext(org.springframework.webflow.test.MockRequestContext) Clients(org.pac4j.core.client.Clients) AuthenticationResultBuilder(org.apereo.cas.authentication.AuthenticationResultBuilder) ExpirationPolicy(org.apereo.cas.ticket.ExpirationPolicy) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) AuthenticationManager(org.apereo.cas.authentication.AuthenticationManager) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) Authentication(org.apereo.cas.authentication.Authentication) OAuth20Credentials(org.pac4j.oauth.credentials.OAuth20Credentials) MutableAttributeMap(org.springframework.webflow.core.collection.MutableAttributeMap) MockHttpSession(org.springframework.mock.web.MockHttpSession) Event(org.springframework.webflow.execution.Event) TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl) AuthenticationTransaction(org.apereo.cas.authentication.AuthenticationTransaction) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 74 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class OpenIdCredentialsAuthenticationHandlerTests method verifyTGTWithSameId.

@Test
public void verifyTGTWithSameId() throws Exception {
    final OpenIdCredential c = new OpenIdCredential(TGT_ID, USERNAME);
    final TicketGrantingTicket t = getTicketGrantingTicket();
    this.ticketRegistry.addTicket(t);
    assertEquals(TGT_ID, this.openIdCredentialsAuthenticationHandler.authenticate(c).getPrincipal().getId());
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) OpenIdCredential(org.apereo.cas.support.openid.authentication.principal.OpenIdCredential) Test(org.junit.Test)

Example 75 with TicketGrantingTicket

use of org.apereo.cas.ticket.TicketGrantingTicket in project cas by apereo.

the class DefaultTicketRegistryCleaner method cleanInternal.

/**
     * Clean tickets.
     */
protected void cleanInternal() {
    final Collection<Ticket> ticketsToRemove = ticketRegistry.getTickets().stream().filter(Ticket::isExpired).collect(Collectors.toSet());
    LOGGER.debug("[{}] expired tickets found.", ticketsToRemove.size());
    int count = 0;
    for (final Ticket ticket : ticketsToRemove) {
        if (ticket instanceof TicketGrantingTicket) {
            LOGGER.debug("Cleaning up expired ticket-granting ticket [{}]", ticket.getId());
            logoutManager.performLogout((TicketGrantingTicket) ticket);
            count += ticketRegistry.deleteTicket(ticket.getId());
        } else if (ticket instanceof ServiceTicket) {
            LOGGER.debug("Cleaning up expired service ticket [{}]", ticket.getId());
            count += ticketRegistry.deleteTicket(ticket.getId());
        } else {
            LOGGER.warn("Unknown ticket type [{}] found to clean", ticket.getClass().getSimpleName());
        }
    }
    LOGGER.info("[{}] expired tickets removed.", count);
}
Also used : ServiceTicket(org.apereo.cas.ticket.ServiceTicket) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Ticket(org.apereo.cas.ticket.Ticket) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) ServiceTicket(org.apereo.cas.ticket.ServiceTicket)

Aggregations

TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)155 Test (org.junit.Test)119 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)69 ServiceTicket (org.apereo.cas.ticket.ServiceTicket)67 Service (org.apereo.cas.authentication.principal.Service)43 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)35 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)32 Credential (org.apereo.cas.authentication.Credential)26 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26 Authentication (org.apereo.cas.authentication.Authentication)24 UsernamePasswordCredential (org.apereo.cas.authentication.UsernamePasswordCredential)23 TicketGrantingTicketImpl (org.apereo.cas.ticket.TicketGrantingTicketImpl)21 NeverExpiresExpirationPolicy (org.apereo.cas.ticket.support.NeverExpiresExpirationPolicy)20 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)18 AbstractWebApplicationService (org.apereo.cas.authentication.principal.AbstractWebApplicationService)16 MockServiceTicket (org.apereo.cas.mock.MockServiceTicket)16 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)14 Assertion (org.apereo.cas.validation.Assertion)13 CachedData (net.spy.memcached.CachedData)12 MockServletContext (org.springframework.mock.web.MockServletContext)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial