Search in sources :

Example 31 with MockServletContext

use of org.apereo.cas.util.MockServletContext in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method verifyFinishAuthenticationAuthzFailure.

@Test
public void verifyFinishAuthenticationAuthzFailure() throws Exception {
    val request = new MockHttpServletRequest();
    request.setParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");
    val service = RegisteredServiceTestUtils.getService(UUID.randomUUID().toString());
    request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, service.getId());
    val client = builtClients.findClient("FacebookClient").get();
    val webContext = new JEEContext(request, new MockHttpServletResponse());
    val ticket = delegatedClientAuthenticationWebflowManager.store(webContext, client);
    request.addParameter(DefaultDelegatedClientAuthenticationWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    val context = new MockRequestContext();
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    setRequestContext(context);
    setExternalContext(context.getExternalContext());
    assertThrows(UnauthorizedServiceException.class, () -> delegatedAuthenticationAction.execute(context));
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) JEEContext(org.pac4j.core.context.JEEContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.apereo.cas.util.MockServletContext) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 32 with MockServletContext

use of org.apereo.cas.util.MockServletContext in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method verifySsoAuthenticationWithUnauthorizedSso.

@Test
public void verifySsoAuthenticationWithUnauthorizedSso() throws Exception {
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val client = builtClients.findClient("FacebookClient").get();
    val webContext = new JEEContext(request, new MockHttpServletResponse());
    request.setParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");
    val service = CoreAuthenticationTestUtils.getService("https://delegated2-authn-policy.example.org");
    val registeredService = RegisteredServiceTestUtils.getRegisteredService(service.getId(), Map.of());
    val authenticationPolicy = new DefaultRegisteredServiceAuthenticationPolicy();
    authenticationPolicy.setRequiredAuthenticationHandlers(Set.of("DelegatedClientAuthenticationHandler"));
    authenticationPolicy.setCriteria(new AllAuthenticationHandlersRegisteredServiceAuthenticationPolicyCriteria());
    registeredService.setAuthenticationPolicy(authenticationPolicy);
    servicesManager.save(registeredService);
    request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, service.getId());
    val ticket = delegatedClientAuthenticationWebflowManager.store(webContext, client);
    request.addParameter(DefaultDelegatedClientAuthenticationWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    setRequestContext(context);
    setExternalContext(context.getExternalContext());
    val tgt = new MockTicketGrantingTicket("casuser");
    centralAuthenticationService.addTicket(tgt);
    WebUtils.putTicketGrantingTicketInScopes(context, tgt);
    assertEquals(CasWebflowConstants.TRANSITION_ID_SUCCESS, delegatedAuthenticationAction.execute(context).getId());
    assertThrows(InvalidTicketException.class, () -> centralAuthenticationService.getTicket(tgt.getId()));
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) AllAuthenticationHandlersRegisteredServiceAuthenticationPolicyCriteria(org.apereo.cas.services.AllAuthenticationHandlersRegisteredServiceAuthenticationPolicyCriteria) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) JEEContext(org.pac4j.core.context.JEEContext) DefaultRegisteredServiceAuthenticationPolicy(org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.apereo.cas.util.MockServletContext) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 33 with MockServletContext

use of org.apereo.cas.util.MockServletContext in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method assertStartAuthentication.

@SneakyThrows
private void assertStartAuthentication(final Service service) {
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val flow = new Flow("mockFlow");
    flow.addVariable(new FlowVariable("credential", new BeanFactoryVariableValueFactory(UsernamePasswordCredential.class, applicationContext.getAutowireCapableBeanFactory())));
    val locale = Locale.ENGLISH.getLanguage();
    request.setParameter(ThemeChangeInterceptor.DEFAULT_PARAM_NAME, "theme");
    LOGGER.debug("Setting locale [{}] for request parameter as [{}]", locale, request.getParameterMap());
    request.setParameter(LocaleChangeInterceptor.DEFAULT_PARAM_NAME, locale);
    request.setParameter(CasProtocolConstants.PARAMETER_METHOD, HttpMethod.POST.name());
    LOGGER.debug("Set request parameters as [{}]", request.getParameterMap());
    val requestContext = new MockRequestContext();
    requestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    RequestContextHolder.setRequestContext(requestContext);
    ExternalContextHolder.setExternalContext(requestContext.getExternalContext());
    val mockExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
    requestContext.setFlowExecutionContext(mockExecutionContext);
    if (service != null) {
        WebUtils.putServiceIntoFlowScope(requestContext, service);
    }
    val client = builtClients.findClient("SAML2Client").get();
    val webContext = new JEEContext(request, response);
    val ticket = delegatedClientAuthenticationWebflowManager.store(webContext, client);
    request.addParameter(DefaultDelegatedClientAuthenticationWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    LOGGER.debug("Initializing action with request parameters [{}]", webContext.getRequestParameters());
    val event = delegatedAuthenticationAction.execute(requestContext);
    assertEquals(CasWebflowConstants.TRANSITION_ID_ERROR, event.getId());
    delegatedClientAuthenticationWebflowManager.retrieve(requestContext, webContext, client);
    assertEquals("theme", request.getAttribute(ThemeChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(locale, request.getAttribute(LocaleChangeInterceptor.DEFAULT_PARAM_NAME));
    assertEquals(HttpMethod.POST.name(), request.getAttribute(CasProtocolConstants.PARAMETER_METHOD));
    val urls = (Set<DelegatedClientIdentityProviderConfiguration>) WebUtils.getDelegatedAuthenticationProviderConfigurations(requestContext);
    assertFalse(urls.isEmpty());
    assertSame(4, urls.size());
    urls.stream().map(url -> {
        LOGGER.debug("Redirect URL [{}]", url.getRedirectUrl());
        return UriComponentsBuilder.fromUriString(url.getRedirectUrl()).build();
    }).forEach(uriComponents -> {
        assertEquals(DelegatedClientIdentityProviderConfigurationFactory.ENDPOINT_URL_REDIRECT, uriComponents.getPath());
        val clientName = uriComponents.getQueryParams().get(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER);
        assertEquals(1, clientName.size());
        val serviceName = uriComponents.getQueryParams().get(CasProtocolConstants.PARAMETER_SERVICE);
        if (service != null) {
            assertEquals(1, serviceName.size());
            assertTrue(serviceName.contains(EncodingUtils.urlEncode(RegisteredServiceTestUtils.CONST_TEST_URL)));
        } else {
            assertNull(serviceName);
        }
        val method = uriComponents.getQueryParams().get(CasProtocolConstants.PARAMETER_METHOD);
        assertEquals(1, method.size());
        assertTrue(method.contains(HttpMethod.POST.toString()));
        val theme = uriComponents.getQueryParams().get(ThemeChangeInterceptor.DEFAULT_PARAM_NAME);
        assertEquals(1, theme.size());
        assertTrue(theme.contains("theme"));
        val testLocale = uriComponents.getQueryParams().get(LocaleChangeInterceptor.DEFAULT_PARAM_NAME);
        assertEquals(1, testLocale.size());
        assertTrue(testLocale.contains(locale));
    });
}
Also used : lombok.val(lombok.val) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) SneakyThrows(lombok.SneakyThrows) ZonedDateTime(java.time.ZonedDateTime) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) DelegatedClientIdentityProviderConfiguration(org.apereo.cas.web.DelegatedClientIdentityProviderConfiguration) Autowired(org.springframework.beans.factory.annotation.Autowired) Pac4jConstants(org.pac4j.core.util.Pac4jConstants) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) Clients(org.pac4j.core.client.Clients) Locale(java.util.Locale) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Map(java.util.Map) RegisteredServiceTestUtils(org.apereo.cas.services.RegisteredServiceTestUtils) MockFlowSession(org.springframework.webflow.test.MockFlowSession) ClientCredential(org.apereo.cas.authentication.principal.ClientCredential) Tag(org.junit.jupiter.api.Tag) ZoneOffset(java.time.ZoneOffset) DelegatedClientIdentityProviderConfigurationFactory(org.apereo.cas.web.DelegatedClientIdentityProviderConfigurationFactory) CasProtocolConstants(org.apereo.cas.CasProtocolConstants) FlowVariable(org.springframework.webflow.engine.FlowVariable) DefaultDelegatedClientAuthenticationWebflowManager(org.apereo.cas.web.DefaultDelegatedClientAuthenticationWebflowManager) DefaultRegisteredServiceAccessStrategy(org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy) AllAuthenticationHandlersRegisteredServiceAuthenticationPolicyCriteria(org.apereo.cas.services.AllAuthenticationHandlersRegisteredServiceAuthenticationPolicyCriteria) Set(java.util.Set) BeanFactoryVariableValueFactory(org.springframework.webflow.engine.support.BeanFactoryVariableValueFactory) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UUID(java.util.UUID) Action(org.springframework.webflow.execution.Action) StandardCharsets(java.nio.charset.StandardCharsets) Test(org.junit.jupiter.api.Test) BaseDelegatedAuthenticationTests(org.apereo.cas.web.BaseDelegatedAuthenticationTests) Slf4j(lombok.extern.slf4j.Slf4j) LocaleChangeInterceptor(org.springframework.web.servlet.i18n.LocaleChangeInterceptor) List(java.util.List) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) EncodingUtils(org.apereo.cas.util.EncodingUtils) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) WebUtils(org.apereo.cas.web.support.WebUtils) MockServletContext(org.apereo.cas.util.MockServletContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) DefaultRegisteredServiceAuthenticationPolicy(org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockFlowExecutionContext(org.springframework.webflow.test.MockFlowExecutionContext) Qualifier(org.springframework.beans.factory.annotation.Qualifier) JEEContext(org.pac4j.core.context.JEEContext) ServicesManager(org.apereo.cas.services.ServicesManager) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException) ExternalContextHolder(org.springframework.webflow.context.ExternalContextHolder) lombok.val(lombok.val) HttpMethod(org.springframework.http.HttpMethod) Flow(org.springframework.webflow.engine.Flow) HttpStatus(org.springframework.http.HttpStatus) Mockito(org.mockito.Mockito) ThemeChangeInterceptor(org.springframework.web.servlet.theme.ThemeChangeInterceptor) Service(org.apereo.cas.authentication.principal.Service) RequestContextHolder(org.springframework.webflow.execution.RequestContextHolder) Assertions(org.junit.jupiter.api.Assertions) CoreAuthenticationTestUtils(org.apereo.cas.authentication.CoreAuthenticationTestUtils) Set(java.util.Set) MockFlowSession(org.springframework.webflow.test.MockFlowSession) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) BeanFactoryVariableValueFactory(org.springframework.webflow.engine.support.BeanFactoryVariableValueFactory) MockServletContext(org.apereo.cas.util.MockServletContext) Flow(org.springframework.webflow.engine.Flow) MockFlowExecutionContext(org.springframework.webflow.test.MockFlowExecutionContext) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) FlowVariable(org.springframework.webflow.engine.FlowVariable) SneakyThrows(lombok.SneakyThrows)

Example 34 with MockServletContext

use of org.apereo.cas.util.MockServletContext in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method verifyExecutionFailureWithUnauthzResponse.

@Test
public void verifyExecutionFailureWithUnauthzResponse() throws Exception {
    val request = new MockHttpServletRequest();
    val service = RegisteredServiceTestUtils.getService(UUID.randomUUID().toString());
    servicesManager.save(RegisteredServiceTestUtils.getRegisteredService(service.getId()));
    request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, service.getId());
    val client = builtClients.findClient("FacebookClient").get();
    var response = new MockHttpServletResponse();
    response.setStatus(HttpStatus.UNAUTHORIZED.value());
    val webContext = new JEEContext(request, response);
    val ticket = delegatedClientAuthenticationWebflowManager.store(webContext, client);
    request.addParameter(DefaultDelegatedClientAuthenticationWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    val context = new MockRequestContext();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    setRequestContext(context);
    setExternalContext(context.getExternalContext());
    val event = delegatedAuthenticationAction.execute(context);
    assertEquals(CasWebflowConstants.TRANSITION_ID_STOP, event.getId());
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) JEEContext(org.pac4j.core.context.JEEContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.apereo.cas.util.MockServletContext) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 35 with MockServletContext

use of org.apereo.cas.util.MockServletContext in project cas by apereo.

the class DelegatedClientAuthenticationActionTests method verifySsoAuthentication.

@Test
public void verifySsoAuthentication() throws Exception {
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val client = builtClients.findClient("FacebookClient").get();
    val webContext = new JEEContext(request, new MockHttpServletResponse());
    val ticket = delegatedClientAuthenticationWebflowManager.store(webContext, client);
    request.addParameter(DefaultDelegatedClientAuthenticationWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    request.setParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");
    val service = CoreAuthenticationTestUtils.getService("https://delegated2.example.org");
    servicesManager.save(RegisteredServiceTestUtils.getRegisteredService(service.getId(), Map.of()));
    request.addParameter(CasProtocolConstants.PARAMETER_SERVICE, service.getId());
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    setRequestContext(context);
    setExternalContext(context.getExternalContext());
    val tgt = new MockTicketGrantingTicket("casuser");
    centralAuthenticationService.addTicket(tgt);
    WebUtils.putTicketGrantingTicketInScopes(context, tgt);
    assertEquals(CasWebflowConstants.TRANSITION_ID_SUCCESS, delegatedAuthenticationAction.execute(context).getId());
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) JEEContext(org.pac4j.core.context.JEEContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.apereo.cas.util.MockServletContext) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

lombok.val (lombok.val)50 MockServletContext (org.apereo.cas.util.MockServletContext)50 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)46 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)46 MockRequestContext (org.springframework.webflow.test.MockRequestContext)46 Test (org.junit.jupiter.api.Test)45 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)44 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)30 JEEContext (org.pac4j.core.context.JEEContext)10 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)7 Executable (org.junit.jupiter.api.function.Executable)5 DefaultRegisteredServiceAccessStrategy (org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy)4 SAML2Client (org.pac4j.saml.client.SAML2Client)4 StaticApplicationContext (org.springframework.context.support.StaticApplicationContext)4 Flow (org.springframework.webflow.engine.Flow)3 Cookie (javax.servlet.http.Cookie)2 SneakyThrows (lombok.SneakyThrows)2 AuthenticationServiceSelectionPlan (org.apereo.cas.authentication.AuthenticationServiceSelectionPlan)2 UsernamePasswordCredential (org.apereo.cas.authentication.credential.UsernamePasswordCredential)2 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)2