Examples with IPerson org.apereo.portal.security.IPerson used on opensource projects

Example 96 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class MaxInactiveFilterTest method notAuthenticatedWorkflow.

@Test
public void notAuthenticatedWorkflow() throws IOException, ServletException {
    final HttpSession session = mock(HttpSession.class);
    final HttpServletRequest req = mock(HttpServletRequest.class);
    when(req.getSession(false)).thenReturn(session);
    // no calls, used in doFilter()
    final ServletResponse resp = mock(ServletResponse.class);
    final FilterChain chain = mock(FilterChain.class);
    final ISecurityContext securityContext = mock(ISecurityContext.class);
    when(securityContext.isAuthenticated()).thenReturn(false);
    final IPerson person = mock(IPerson.class);
    when(person.getSecurityContext()).thenReturn(securityContext);
    when(person.getAttribute(IPerson.USERNAME)).thenReturn("jsmith");
    final IPersonManager personManager = mock(IPersonManager.class);
    when(personManager.getPerson(req)).thenReturn(person);
    final IMaxInactiveStrategy maxInactiveStrategy = mock(IMaxInactiveStrategy.class);
    final MaxInactiveFilter filter = new MaxInactiveFilter();
    ReflectionTestUtils.setField(filter, "personManager", personManager);
    ReflectionTestUtils.setField(filter, "maxInactiveStrategy", maxInactiveStrategy);
    filter.doFilter(req, resp, chain);
    verify(securityContext, times(1)).isAuthenticated();
    verify(person, times(1)).getSecurityContext();
    verify(person, times(1)).getAttribute(IPerson.USERNAME);
    verify(personManager, times(1)).getPerson(req);
    verifyNoMoreInteractions(maxInactiveStrategy);
    verifyNoMoreInteractions(resp);
    verifyNoMoreInteractions(session);
    verify(chain, only()).doFilter(req, resp);
}

Example 97 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class PortalPermissionEvaluator method getAuthorizationPrincipal.

/*
     * Implementation
     */
/**
 * Prepare a uPortal IAuthorizationPrincipal based in the Spring principal
 */
private IAuthorizationPrincipal getAuthorizationPrincipal(Authentication authentication) {
    final Object authPrincipal = authentication.getPrincipal();
    logger.trace("getAuthorizationPrincipal -- authPrincipal=[{}]", authPrincipal);
    String username;
    if (authPrincipal instanceof UserDetails) {
        // User is authenticated
        UserDetails userDetails = (UserDetails) authPrincipal;
        logger.trace("getAuthorizationPrincipal -- AUTHENTICATED, userDetails=[{}]", userDetails);
        username = userDetails.getUsername();
    } else {
        // Which guest user are we?
        final HttpServletRequest req = portalRequestUtils.getCurrentPortalRequest();
        final IPerson person = personManager.getPerson(req);
        logger.trace("getAuthorizationPrincipal -- UNAUTHENTICATED, person=[{}]", person);
        username = person.getUserName();
    }
    return authorizationServiceFacade.newPrincipal(username, IPerson.class);
}

Example 98 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class PortalPreAuthenticatedProcessingFilter method getPreAuthenticatedCredentials.

@Override
protected Object getPreAuthenticatedCredentials(HttpServletRequest request) {
    /*
         * First consult the Authorization header
         */
    final String bearerToken = idTokenFactory.getBearerToken(request);
    if (StringUtils.isNotBlank(bearerToken)) {
        return bearerToken;
    }
    // if there's no session, the user hasn't yet visited the login servlet and we should just
    // give up
    HttpSession session = request.getSession(false);
    if (session == null) {
        return null;
    }
    // otherwise, use the person's current SecurityContext as the credentials
    final IPerson person = personManager.getPerson(request);
    logger.debug("getPreAuthenticatedCredentials -- person=[{}]", person);
    return person.getSecurityContext();
}

Example 99 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class PortalPreAuthenticatedProcessingFilter method doPortalAuthentication.

private void doPortalAuthentication(final HttpServletRequest request, final org.springframework.security.core.Authentication originalAuthentication) {
    IdentitySwapHelper identitySwapHelper = null;
    final String requestedSessionId = request.getRequestedSessionId();
    if (request.isRequestedSessionIdValid()) {
        logger.debug("doPortalAuthentication for valid requested session id='{}'", requestedSessionId);
        identitySwapHelper = getIdentitySwapDataAndInvalidateSession(request, originalAuthentication);
    } else {
        logger.trace("Requested session id='{}' was not valid, so no attempt to apply " + "swapping rules.", requestedSessionId);
    }
    HttpSession s = request.getSession(true);
    IPerson person = null;
    try {
        final HashMap<String, String> principals;
        final HashMap<String, String> credentials;
        person = personManager.getPerson(request);
        if (identitySwapHelper != null && identitySwapHelper.isSwapOrUnswapRequest()) {
            handleIdentitySwap(person, s, identitySwapHelper);
            principals = new HashMap<>();
            credentials = new HashMap<>();
        } else // Norm authN path
        {
            // WE grab all of the principals and credentials from the request and load
            // them into their respective HashMaps.
            principals = getPropertyFromRequest(principalTokens, request);
            credentials = getPropertyFromRequest(credentialTokens, request);
        }
        // Attempt to authenticate using the incoming request
        authenticationService.authenticate(request, principals, credentials, person);
    } catch (Exception e) {
        // Log the exception
        logger.error("Exception authenticating the request", e);
        // Reset everything
        request.getSession(false).invalidate();
        // Add the authentication failure
        request.getSession(true).setAttribute(LoginController.AUTH_ERROR_KEY, Boolean.TRUE);
    }
    publishProfileSelectionEvent(person, request, identitySwapHelper);
}

Example 100 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class PortalWebFlowUtilsImpl method getCurrentPrincipal.

/* (non-Javadoc)
     * @see org.apereo.portal.spring.web.flow.IPortalWebFlowUtils#getCurrentPrincipal(org.springframework.webflow.context.ExternalContext)
     */
@Override
public IAuthorizationPrincipal getCurrentPrincipal(final ExternalContext externalContext) {
    final IPerson person = getCurrentPerson(externalContext);
    final EntityIdentifier ei = person.getEntityIdentifier();
    return AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
}