Examples with ResourceSet org.apereo.cas.uma.ticket.resource.ResourceSet used on opensource projects

Search in sources :

Example 1 with ResourceSet

use of org.apereo.cas.uma.ticket.resource.ResourceSet in project cas by apereo.

the class DefaultUmaResourceSetClaimPermissionExaminerTests method verifyUnmatchedOperation.

@Test
public void verifyUnmatchedOperation() {
    val ticketId = UUID.randomUUID().toString();
    val permissionTicket = mock(UmaPermissionTicket.class);
    when(permissionTicket.getId()).thenReturn(ticketId);
    when(permissionTicket.isExpired()).thenReturn(Boolean.FALSE);
    when(permissionTicket.getClaims()).thenReturn(Map.of("c1", "v1", "c2", "v2"));
    when(permissionTicket.getScopes()).thenReturn(Set.of("s1", "s2", "s3"));
    val id = UUID.randomUUID().toString();
    val resourceSet = new ResourceSet();
    resourceSet.setClientId(id);
    resourceSet.setScopes(CollectionUtils.wrapHashSet("s2"));
    val policy = new ResourceSetPolicy();
    val permission = new ResourceSetPolicyPermission();
    permission.setId(1000);
    permission.setSubject("casuser");
    permission.setClaims(new LinkedHashMap<>(Map.of("c10", "v10")));
    permission.setScopes(CollectionUtils.wrapHashSet("s1", "s2"));
    policy.setPermissions(CollectionUtils.wrapHashSet(permission));
    resourceSet.setPolicies(CollectionUtils.wrapHashSet(policy));
    val result = umaResourceSetClaimPermissionExaminer.examine(resourceSet, permissionTicket);
    assertNotNull(result);
    assertTrue(result.getDetails().containsKey(permission.getId()));
}
Also used : lombok.val(lombok.val) ResourceSetPolicy(org.apereo.cas.uma.ticket.resource.ResourceSetPolicy) ResourceSetPolicyPermission(org.apereo.cas.uma.ticket.resource.ResourceSetPolicyPermission) ResourceSet(org.apereo.cas.uma.ticket.resource.ResourceSet) Test(org.junit.jupiter.api.Test)

Example 2 with ResourceSet

use of org.apereo.cas.uma.ticket.resource.ResourceSet in project cas by apereo.

the class DefaultUmaResourceSetClaimPermissionExaminerTests method verifyMatchedOperation.

@Test
public void verifyMatchedOperation() {
    val ticketId = UUID.randomUUID().toString();
    val permissionTicket = mock(UmaPermissionTicket.class);
    when(permissionTicket.getId()).thenReturn(ticketId);
    when(permissionTicket.isExpired()).thenReturn(Boolean.FALSE);
    when(permissionTicket.getClaims()).thenReturn(Map.of("c1", "v1"));
    when(permissionTicket.getScopes()).thenReturn(Set.of("s1", "s2"));
    val id = UUID.randomUUID().toString();
    val resourceSet = new ResourceSet();
    resourceSet.setClientId(id);
    val policy = new ResourceSetPolicy();
    val permission = new ResourceSetPolicyPermission();
    permission.setId(1000);
    permission.setSubject("casuser");
    permission.setClaims(new LinkedHashMap<>(Map.of("c1", "v1")));
    permission.setScopes(CollectionUtils.wrapHashSet("s1", "s2"));
    policy.setPermissions(CollectionUtils.wrapHashSet(permission));
    resourceSet.setPolicies(CollectionUtils.wrapHashSet(policy));
    val result = umaResourceSetClaimPermissionExaminer.examine(resourceSet, permissionTicket);
    assertNotNull(result);
    assertFalse(result.getDetails().containsKey(permission.getId()));
}
Also used : lombok.val(lombok.val) ResourceSetPolicy(org.apereo.cas.uma.ticket.resource.ResourceSetPolicy) ResourceSetPolicyPermission(org.apereo.cas.uma.ticket.resource.ResourceSetPolicyPermission) ResourceSet(org.apereo.cas.uma.ticket.resource.ResourceSet) Test(org.junit.jupiter.api.Test)

Example 3 with ResourceSet

use of org.apereo.cas.uma.ticket.resource.ResourceSet in project cas by apereo.

the class UmaResourceRegistrationRequest method asResourceSet.

/**
 * As resource set.
 *
 * @param profileResult the profile result
 * @return the resource set
 */
@JsonIgnore
public ResourceSet asResourceSet(final UserProfile profileResult) {
    val resourceSet = new ResourceSet();
    resourceSet.setIconUri(getIconUri());
    resourceSet.setId(getId());
    resourceSet.setName(getName());
    resourceSet.setScopes(new HashSet<>(getScopes()));
    resourceSet.setUri(getUri());
    resourceSet.setType(getType());
    resourceSet.setOwner(profileResult.getId());
    resourceSet.setClientId(OAuth20Utils.getClientIdFromAuthenticatedProfile(profileResult));
    return resourceSet;
}
Also used : lombok.val(lombok.val) ResourceSet(org.apereo.cas.uma.ticket.resource.ResourceSet) JsonIgnore(com.fasterxml.jackson.annotation.JsonIgnore)

Example 4 with ResourceSet

use of org.apereo.cas.uma.ticket.resource.ResourceSet in project cas by apereo.

the class UmaAuthorizationRequestEndpointController method generateRequestingPartyToken.

/**
 * Generate requesting party token response entity.
 *
 * @param request          the request
 * @param response         the response
 * @param profileResult    the profile result
 * @param umaRequest       the uma request
 * @param permissionTicket the permission ticket
 * @param resourceSet      the resource set
 * @return the response entity
 * @throws Exception the exception
 */
protected ResponseEntity generateRequestingPartyToken(final HttpServletRequest request, final HttpServletResponse response, final UserProfile profileResult, final UmaAuthorizationRequest umaRequest, final UmaPermissionTicket permissionTicket, final ResourceSet resourceSet) throws Exception {
    val currentAat = (OAuth20AccessToken) profileResult.getAttribute(OAuth20AccessToken.class.getName());
    val registeredService = OAuth20Utils.getRegisteredOAuthServiceByClientId(getUmaConfigurationContext().getServicesManager(), OAuth20Utils.getClientIdFromAuthenticatedProfile(profileResult));
    val scopes = new LinkedHashSet<>(permissionTicket.getScopes());
    scopes.add(OAuth20Constants.UMA_AUTHORIZATION_SCOPE);
    scopes.addAll(resourceSet.getScopes());
    val holder = AccessTokenRequestContext.builder().authentication(currentAat.getAuthentication()).ticketGrantingTicket(currentAat.getTicketGrantingTicket()).grantType(OAuth20GrantTypes.UMA_TICKET).responseType(OAuth20ResponseTypes.NONE).registeredService(registeredService).generateRefreshToken(false).scopes(scopes).service(currentAat.getService()).build();
    val result = getUmaConfigurationContext().getAccessTokenGenerator().generate(holder);
    val accessToken = result.getAccessToken().get();
    val encodedAccessToken = OAuth20JwtAccessTokenEncoder.builder().accessToken(accessToken).registeredService(holder.getRegisteredService()).service(holder.getService()).accessTokenJwtBuilder(getUmaConfigurationContext().getAccessTokenJwtBuilder()).casProperties(getUmaConfigurationContext().getCasProperties()).build().encode();
    val timeout = Beans.newDuration(getUmaConfigurationContext().getCasProperties().getAuthn().getOauth().getUma().getRequestingPartyToken().getMaxTimeToLiveInSeconds()).getSeconds();
    val userProfile = OAuth20Utils.getAuthenticatedUserProfile(new JEEContext(request, response), getUmaConfigurationContext().getSessionStore());
    userProfile.addAttribute(UmaPermissionTicket.class.getName(), permissionTicket);
    userProfile.addAttribute(ResourceSet.class.getName(), resourceSet);
    val idToken = getUmaConfigurationContext().getRequestingPartyTokenGenerator().generate(accessToken, timeout, userProfile, OAuth20ResponseTypes.CODE, OAuth20GrantTypes.UMA_TICKET, registeredService);
    accessToken.setIdToken(idToken);
    getUmaConfigurationContext().getCentralAuthenticationService().updateTicket(accessToken);
    if (StringUtils.isNotBlank(umaRequest.getRpt())) {
        getUmaConfigurationContext().getCentralAuthenticationService().deleteTicket(umaRequest.getRpt());
    }
    val model = CollectionUtils.wrap("rpt", encodedAccessToken, "code", HttpStatus.CREATED);
    return new ResponseEntity<>(model, HttpStatus.OK);
}
Also used : lombok.val(lombok.val) OAuth20AccessToken(org.apereo.cas.ticket.accesstoken.OAuth20AccessToken) LinkedHashSet(java.util.LinkedHashSet) UmaPermissionTicket(org.apereo.cas.uma.ticket.permission.UmaPermissionTicket) ResponseEntity(org.springframework.http.ResponseEntity) JEEContext(org.pac4j.core.context.JEEContext) ResourceSet(org.apereo.cas.uma.ticket.resource.ResourceSet)

Example 5 with ResourceSet

use of org.apereo.cas.uma.ticket.resource.ResourceSet in project cas by apereo.

the class JpaResourceSetRepositoryTests method buildTestResource.

private static ResourceSet buildTestResource() {
    val r = new ResourceSet();
    r.setClientId("clientid");
    r.setIconUri("https://www.example.com/icon");
    r.setName("resource");
    r.setOwner("cas");
    r.setScopes(CollectionUtils.wrapHashSet("read", "write"));
    r.setType("CAS-UMA");
    r.setUri("https://www.example.com/cas");
    return r;
}
Also used : lombok.val(lombok.val) ResourceSet(org.apereo.cas.uma.ticket.resource.ResourceSet)

Aggregations

lombok.val (lombok.val)6 ResourceSet (org.apereo.cas.uma.ticket.resource.ResourceSet)6 ResourceSetPolicy (org.apereo.cas.uma.ticket.resource.ResourceSetPolicy)2 ResourceSetPolicyPermission (org.apereo.cas.uma.ticket.resource.ResourceSetPolicyPermission)2 Test (org.junit.jupiter.api.Test)2 JsonIgnore (com.fasterxml.jackson.annotation.JsonIgnore)1 LinkedHashSet (java.util.LinkedHashSet)1 OAuth20AccessToken (org.apereo.cas.ticket.accesstoken.OAuth20AccessToken)1 UmaPermissionTicket (org.apereo.cas.uma.ticket.permission.UmaPermissionTicket)1 JEEContext (org.pac4j.core.context.JEEContext)1 ResponseEntity (org.springframework.http.ResponseEntity)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial