Example 1 with OAuth20DefaultCode
use of org.apereo.cas.ticket.code.OAuth20DefaultCode in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationPlainWithSecretTransmittedByBasicAuthn.
@Test
public void verifyAuthenticationPlainWithSecretTransmittedByBasicAuthn() throws Exception {
val credentials = new UsernamePasswordCredentials("client", "secret");
val request = new MockHttpServletRequest();
ticketRegistry.addTicket(new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), "ABCD123", "plain", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE));
request.addHeader("Authorization", "Basic " + EncodingUtils.encodeBase64("client:secret"));
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CODE, "CODE-1234567890");
val ctx = new JEEContext(request, new MockHttpServletResponse());
authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
assertNotNull(credentials.getUserProfile());
assertEquals("client", credentials.getUserProfile().getId());
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
ArrayList(java.util.ArrayList)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 2 with OAuth20DefaultCode
use of org.apereo.cas.ticket.code.OAuth20DefaultCode in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationHashedWithoutSecret.
@Test
public void verifyAuthenticationHashedWithoutSecret() throws Exception {
val hash = EncodingUtils.encodeUrlSafeBase64(DigestUtils.rawDigestSha256("ABCD123"));
val credentials = new UsernamePasswordCredentials("clientWithoutSecret", "ABCD123");
val request = new MockHttpServletRequest();
val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), hash, "s256", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
ticketRegistry.addTicket(ticket);
request.addParameter(OAuth20Constants.CLIENT_ID, "clientWithoutSecret");
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CODE, ticket.getId());
val ctx = new JEEContext(request, new MockHttpServletResponse());
authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
assertNotNull(credentials.getUserProfile());
assertEquals("clientWithoutSecret", credentials.getUserProfile().getId());
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 3 with OAuth20DefaultCode
use of org.apereo.cas.ticket.code.OAuth20DefaultCode in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationNotHashedCorrectly.
@Test
public void verifyAuthenticationNotHashedCorrectly() throws Exception {
val credentials = new UsernamePasswordCredentials("client", "ABCD123");
val request = new MockHttpServletRequest();
val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), "something-else", "s256", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
ticketRegistry.addTicket(ticket);
request.addParameter(OAuth20Constants.CLIENT_ID, "client");
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CLIENT_SECRET, "secret");
request.addParameter(OAuth20Constants.CODE, ticket.getId());
val ctx = new JEEContext(request, new MockHttpServletResponse());
assertThrows(CredentialsException.class, () -> authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE));
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 4 with OAuth20DefaultCode
use of org.apereo.cas.ticket.code.OAuth20DefaultCode in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationPlainWithoutSecret.
@Test
public void verifyAuthenticationPlainWithoutSecret() throws Exception {
val credentials = new UsernamePasswordCredentials("clientWithoutSecret", "ABCD123");
val request = new MockHttpServletRequest();
ticketRegistry.addTicket(new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), "ABCD123", "plain", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE));
request.addParameter(OAuth20Constants.CLIENT_ID, "clientWithoutSecret");
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CODE, "CODE-1234567890");
val ctx = new JEEContext(request, new MockHttpServletResponse());
authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
assertNotNull(credentials.getUserProfile());
assertEquals("clientWithoutSecret", credentials.getUserProfile().getId());
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
ArrayList(java.util.ArrayList)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 5 with OAuth20DefaultCode
use of org.apereo.cas.ticket.code.OAuth20DefaultCode in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyUnknownDigest.
@Test
public void verifyUnknownDigest() throws Exception {
val hash = EncodingUtils.encodeUrlSafeBase64(DigestUtils.rawDigestSha256("ABCD123"));
val credentials = new UsernamePasswordCredentials("clientWithoutSecret", "ABCD123");
val request = new MockHttpServletRequest();
val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), hash, "unknown", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
ticketRegistry.addTicket(ticket);
request.addParameter(OAuth20Constants.CLIENT_ID, "clientWithoutSecret");
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CODE, ticket.getId());
val ctx = new JEEContext(request, new MockHttpServletResponse());
assertThrows(CredentialsException.class, () -> authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE));
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Aggregations
lombok.val (lombok.val)8
MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)8
OAuth20DefaultCode (org.apereo.cas.ticket.code.OAuth20DefaultCode)8
HardTimeoutExpirationPolicy (org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)8
Test (org.junit.jupiter.api.Test)8
JEEContext (org.pac4j.core.context.JEEContext)8
UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)8
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)8
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8
ArrayList (java.util.ArrayList)3
HashMap (java.util.HashMap)3
