Examples with HardTimeoutExpirationPolicy org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy used on opensource projects

Search in sources :

Example 11 with HardTimeoutExpirationPolicy

use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.

the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyUnknownDigest.

@Test
public void verifyUnknownDigest() throws Exception {
    val hash = EncodingUtils.encodeUrlSafeBase64(DigestUtils.rawDigestSha256("ABCD123"));
    val credentials = new UsernamePasswordCredentials("clientWithoutSecret", "ABCD123");
    val request = new MockHttpServletRequest();
    val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), hash, "unknown", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
    ticketRegistry.addTicket(ticket);
    request.addParameter(OAuth20Constants.CLIENT_ID, "clientWithoutSecret");
    request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
    request.addParameter(OAuth20Constants.CODE, ticket.getId());
    val ctx = new JEEContext(request, new MockHttpServletResponse());
    assertThrows(CredentialsException.class, () -> authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE));
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy) JEEContext(org.pac4j.core.context.JEEContext) OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) Test(org.junit.jupiter.api.Test)

Example 12 with HardTimeoutExpirationPolicy

use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.

the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationPlainWithSecretTransmittedByFormAuthn.

@Test
public void verifyAuthenticationPlainWithSecretTransmittedByFormAuthn() throws Exception {
    val credentials = new UsernamePasswordCredentials("client", "ABCD123");
    val request = new MockHttpServletRequest();
    ticketRegistry.addTicket(new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), "ABCD123", "plain", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE));
    request.addParameter(OAuth20Constants.CLIENT_ID, "client");
    request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
    request.addParameter(OAuth20Constants.CLIENT_SECRET, "secret");
    request.addParameter(OAuth20Constants.CODE, "CODE-1234567890");
    val ctx = new JEEContext(request, new MockHttpServletResponse());
    authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
    assertNotNull(credentials.getUserProfile());
    assertEquals("client", credentials.getUserProfile().getId());
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy) ArrayList(java.util.ArrayList) JEEContext(org.pac4j.core.context.JEEContext) OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) Test(org.junit.jupiter.api.Test)

Example 13 with HardTimeoutExpirationPolicy

use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.

the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationHashedWithSecretTransmittedByFormAuthn.

@Test
public void verifyAuthenticationHashedWithSecretTransmittedByFormAuthn() throws Exception {
    val hash = EncodingUtils.encodeUrlSafeBase64(DigestUtils.rawDigestSha256("ABCD123"));
    val credentials = new UsernamePasswordCredentials("client", "ABCD123");
    val request = new MockHttpServletRequest();
    val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), hash, "s256", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
    ticketRegistry.addTicket(ticket);
    request.addParameter(OAuth20Constants.CLIENT_ID, "client");
    request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
    request.addParameter(OAuth20Constants.CLIENT_SECRET, "secret");
    request.addParameter(OAuth20Constants.CODE, ticket.getId());
    val ctx = new JEEContext(request, new MockHttpServletResponse());
    authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
    assertNotNull(credentials.getUserProfile());
    assertEquals("client", credentials.getUserProfile().getId());
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy) JEEContext(org.pac4j.core.context.JEEContext) OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) Test(org.junit.jupiter.api.Test)

Example 14 with HardTimeoutExpirationPolicy

use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.

the class OAuth20ProofKeyCodeExchangeAuthenticatorTests method verifyAuthenticationHashedWithSecretTransmittedByBasicFormAuthn.

@Test
public void verifyAuthenticationHashedWithSecretTransmittedByBasicFormAuthn() throws Exception {
    val hash = EncodingUtils.encodeUrlSafeBase64(DigestUtils.rawDigestSha256("ABCD123"));
    val credentials = new UsernamePasswordCredentials("client", "ABCD123");
    val request = new MockHttpServletRequest();
    val ticket = new OAuth20DefaultCode("CODE-1234567890", RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new HardTimeoutExpirationPolicy(10), new MockTicketGrantingTicket("casuser"), new ArrayList<>(), hash, "s256", "clientid12345", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
    ticketRegistry.addTicket(ticket);
    request.addHeader("Authorization", "Basic " + EncodingUtils.encodeBase64("client:secret"));
    request.addHeader("Authorization", "Basic " + EncodingUtils.encodeBase64("client:secret"));
    request.addParameter(OAuth20Constants.CODE_VERIFIER, "ABCD123");
    request.addParameter(OAuth20Constants.CODE, ticket.getId());
    val ctx = new JEEContext(request, new MockHttpServletResponse());
    authenticator.validate(credentials, ctx, JEESessionStore.INSTANCE);
    assertNotNull(credentials.getUserProfile());
    assertEquals("client", credentials.getUserProfile().getId());
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy) JEEContext(org.pac4j.core.context.JEEContext) OAuth20DefaultCode(org.apereo.cas.ticket.code.OAuth20DefaultCode) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) Test(org.junit.jupiter.api.Test)

Example 15 with HardTimeoutExpirationPolicy

use of org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy in project cas by apereo.

the class DefaultTicketRegistryCleanerTests method verifyAction.

@Test
public void verifyAction() throws Exception {
    val logoutManager = mock(LogoutManager.class);
    val ticketRegistry = new DefaultTicketRegistry();
    val tgt = new MockTicketGrantingTicket("casuser");
    tgt.setExpirationPolicy(new HardTimeoutExpirationPolicy(1));
    ticketRegistry.addTicket(tgt);
    assertEquals(ticketRegistry.getTickets().size(), 1);
    val c = new DefaultTicketRegistryCleaner(LockRepository.noOp(), logoutManager, ticketRegistry);
    tgt.markTicketExpired();
    c.clean();
    assertEquals(ticketRegistry.sessionCount(), 0);
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) HardTimeoutExpirationPolicy(org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

lombok.val (lombok.val)17 HardTimeoutExpirationPolicy (org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)17 Test (org.junit.jupiter.api.Test)12 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)10 OAuth20DefaultCode (org.apereo.cas.ticket.code.OAuth20DefaultCode)8 JEEContext (org.pac4j.core.context.JEEContext)8 UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)8 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)8 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8 HashMap (java.util.HashMap)4 ArrayList (java.util.ArrayList)3 TicketGrantingTicketImpl (org.apereo.cas.ticket.TicketGrantingTicketImpl)3 RepeatedTest (org.junit.jupiter.api.RepeatedTest)3 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3 LinkedHashMap (java.util.LinkedHashMap)1 Timer (java.util.Timer)1 TimerTask (java.util.TimerTask)1 AccountNotFoundException (javax.security.auth.login.AccountNotFoundException)1 AcceptUsersAuthenticationHandler (org.apereo.cas.authentication.AcceptUsersAuthenticationHandler)1 DefaultAuthenticationBuilder (org.apereo.cas.authentication.DefaultAuthenticationBuilder)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial