Example 6 with HardTimeoutExpirationPolicy
use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationPlainWithSecretTransmittedByBasicAuthn.
@Test
public void verifyAuthenticationPlainWithSecretTransmittedByBasicAuthn() throws Exception {
val credentials = new UsernamePasswordCredentials("client", "secret");
val request = new MockHttpServletRequest();
ticketRegistry.addTicket(new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), "ABCD123", "plain", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE));
request.addHeader("Authorization", "Basic " + EncodingUtils.encodeBase64("client:secret"));
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CODE, "CODE-1234567890");
val ctx = new JEEContext(request, new MockHttpServletResponse());
authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
assertNotNull(credentials.getUserProfile());
assertEquals("client", credentials.getUserProfile().getId());
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
ArrayList(java.util.ArrayList)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 7 with HardTimeoutExpirationPolicy
use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationHashedWithoutSecret.
@Test
public void verifyAuthenticationHashedWithoutSecret() throws Exception {
val hash = EncodingUtils.encodeUrlSafeBase64(DigestUtils.rawDigestSha256("ABCD123"));
val credentials = new UsernamePasswordCredentials("clientWithoutSecret", "ABCD123");
val request = new MockHttpServletRequest();
val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), hash, "s256", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
ticketRegistry.addTicket(ticket);
request.addParameter(OAuth20Constants.CLIENT_ID, "clientWithoutSecret");
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CODE, ticket.getId());
val ctx = new JEEContext(request, new MockHttpServletResponse());
authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
assertNotNull(credentials.getUserProfile());
assertEquals("clientWithoutSecret", credentials.getUserProfile().getId());
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 8 with HardTimeoutExpirationPolicy
use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationNotHashedCorrectly.
@Test
public void verifyAuthenticationNotHashedCorrectly() throws Exception {
val credentials = new UsernamePasswordCredentials("client", "ABCD123");
val request = new MockHttpServletRequest();
val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), "something-else", "s256", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
ticketRegistry.addTicket(ticket);
request.addParameter(OAuth20Constants.CLIENT_ID, "client");
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CLIENT_SECRET, "secret");
request.addParameter(OAuth20Constants.CODE, ticket.getId());
val ctx = new JEEContext(request, new MockHttpServletResponse());
assertThrows(CredentialsException.class, () -> authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE));
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 9 with HardTimeoutExpirationPolicy
use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.
the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationPlainWithoutSecret.
@Test
public void verifyAuthenticationPlainWithoutSecret() throws Exception {
val credentials = new UsernamePasswordCredentials("clientWithoutSecret", "ABCD123");
val request = new MockHttpServletRequest();
ticketRegistry.addTicket(new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), "ABCD123", "plain", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE));
request.addParameter(OAuth20Constants.CLIENT_ID, "clientWithoutSecret");
request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
request.addParameter(OAuth20Constants.CODE, "CODE-1234567890");
val ctx = new JEEContext(request, new MockHttpServletResponse());
authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
assertNotNull(credentials.getUserProfile());
assertEquals("clientWithoutSecret", credentials.getUserProfile().getId());
}
Also used :
lombok.val(lombok.val)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
ArrayList(java.util.ArrayList)
JEEContext(org.pac4j.core.context.JEEContext)
OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.jupiter.api.Test)
Example 10 with HardTimeoutExpirationPolicy
use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.
the class SurrogateAuthenticationExpirationPolicyBuilder method toTicketExpirationPolicy.
/**
* To ticket expiration policy.
*
* @return the expiration policy
*/
public ExpirationPolicy toTicketExpirationPolicy() {
val su = casProperties.getAuthn().getSurrogate();
val surrogatePolicy = new HardTimeoutExpirationPolicy(su.getTgt().getTimeToKillInSeconds());
val policy = new SurrogateSessionExpirationPolicy();
policy.addPolicy(SurrogateSessionExpirationPolicy.POLICY_NAME_SURROGATE, surrogatePolicy);
policy.addPolicy(SurrogateSessionExpirationPolicy.POLICY_NAME_DEFAULT, ticketGrantingTicketExpirationPolicyBuilder.buildTicketExpirationPolicy());
return policy;
}
Also used :
lombok.val(lombok.val)
HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)
SurrogateSessionExpirationPolicy(org.apereo.cas.ticket.expiration.SurrogateSessionExpirationPolicy)
Aggregations
lombok.val (lombok.val)17
HardTimeoutExpirationPolicy (org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)17
Test (org.junit.jupiter.api.Test)12
MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)10
OAuth20DefaultCode (org.apereo.cas.ticket.code.OAuth20DefaultCode)8
JEEContext (org.pac4j.core.context.JEEContext)8
UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)8
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)8
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8
HashMap (java.util.HashMap)4
ArrayList (java.util.ArrayList)3
TicketGrantingTicketImpl (org.apereo.cas.ticket.TicketGrantingTicketImpl)3
RepeatedTest (org.junit.jupiter.api.RepeatedTest)3
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3
LinkedHashMap (java.util.LinkedHashMap)1
Timer (java.util.Timer)1
TimerTask (java.util.TimerTask)1
AccountNotFoundException (javax.security.auth.login.AccountNotFoundException)1
AcceptUsersAuthenticationHandler (org.apereo.cas.authentication.AcceptUsersAuthenticationHandler)1
DefaultAuthenticationBuilder (org.apereo.cas.authentication.DefaultAuthenticationBuilder)1
