Examples with AttributePrincipal org.jasig.cas.client.authentication.AttributePrincipal used on opensource projects

Example 6 with AttributePrincipal

use of org.jasig.cas.client.authentication.AttributePrincipal in project pac4j by pac4j.

the class CasAuthenticator method validate.

@Override
public void validate(final TokenCredentials credentials, final WebContext context) {
    init();
    final String ticket = credentials.getToken();
    try {
        final String finalCallbackUrl = callbackUrlResolver.compute(urlResolver, callbackUrl, clientName, context);
        final Assertion assertion = configuration.retrieveTicketValidator(context).validate(ticket, finalCallbackUrl);
        final AttributePrincipal principal = assertion.getPrincipal();
        logger.debug("principal: {}", principal);
        final String id = principal.getName();
        final Map<String, Object> newPrincipalAttributes = new HashMap<>();
        final Map<String, Object> newAuthenticationAttributes = new HashMap<>();
        // restore both sets of attributes
        final Map<String, Object> oldPrincipalAttributes = principal.getAttributes();
        final Map<String, Object> oldAuthenticationAttributes = assertion.getAttributes();
        final InternalAttributeHandler attrHandler = ProfileHelper.getInternalAttributeHandler();
        if (oldPrincipalAttributes != null) {
            oldPrincipalAttributes.entrySet().stream().forEach(e -> newPrincipalAttributes.put(e.getKey(), attrHandler.restore(e.getValue())));
        }
        if (oldAuthenticationAttributes != null) {
            oldAuthenticationAttributes.entrySet().stream().forEach(e -> newAuthenticationAttributes.put(e.getKey(), attrHandler.restore(e.getValue())));
        }
        final CommonProfile profile;
        // in case of CAS proxy, don't restore the profile, just build a CAS one
        if (configuration.getProxyReceptor() != null) {
            profile = getProfileDefinition().newProfile(principal, configuration.getProxyReceptor());
            profile.setId(ProfileHelper.sanitizeIdentifier(profile, id));
            getProfileDefinition().convertAndAdd(profile, newPrincipalAttributes, newAuthenticationAttributes);
        } else {
            profile = ProfileHelper.restoreOrBuildProfile(getProfileDefinition(), id, newPrincipalAttributes, newAuthenticationAttributes, principal, configuration.getProxyReceptor());
        }
        logger.debug("profile returned by CAS: {}", profile);
        credentials.setUserProfile(profile);
    } catch (final TicketValidationException e) {
        String message = "cannot validate CAS ticket: " + ticket;
        throw new TechnicalException(message, e);
    }
}

Example 7 with AttributePrincipal

use of org.jasig.cas.client.authentication.AttributePrincipal in project cas by apereo.

the class ECPProfileHandlerController method buildEcpCasAssertion.

/**
     * Build ecp cas assertion assertion.
     *
     * @param authentication    the authentication
     * @param registeredService the registered service
     * @return the assertion
     */
protected Assertion buildEcpCasAssertion(final Authentication authentication, final RegisteredService registeredService) {
    final Map attributes = registeredService.getAttributeReleasePolicy().getAttributes(authentication.getPrincipal(), registeredService);
    final AttributePrincipal principal = new AttributePrincipalImpl(authentication.getPrincipal().getId(), attributes);
    return new AssertionImpl(principal, DateTimeUtils.dateOf(authentication.getAuthenticationDate()), null, DateTimeUtils.dateOf(authentication.getAuthenticationDate()), authentication.getAttributes());
}

Example 8 with AttributePrincipal

use of org.jasig.cas.client.authentication.AttributePrincipal in project spatial-portal by AtlasOfLivingAustralia.

the class Util method getUserEmail.

public static String getUserEmail() {
    String useremail = null;
    try {
        if (Executions.getCurrent().getUserPrincipal() != null) {
            Principal principal = Executions.getCurrent().getUserPrincipal();
            if (principal instanceof AttributePrincipal) {
                AttributePrincipal ap = (AttributePrincipal) principal;
                useremail = (String) ap.getAttributes().get("email");
            } else {
                useremail = principal.getName();
            }
        }
    } catch (Exception e) {
        LOGGER.error("no user available", e);
    }
    if (useremail == null) {
        return "guest@ala.org.au";
    }
    return useremail;
}

Example 9 with AttributePrincipal

use of org.jasig.cas.client.authentication.AttributePrincipal in project spring-security by spring-projects.

the class GrantedAuthorityFromAssertionAttributesUserDetailsServiceTests method correctlyExtractsNamedAttributesFromAssertionAndConvertsThemToAuthorities.

@Test
public void correctlyExtractsNamedAttributesFromAssertionAndConvertsThemToAuthorities() {
    GrantedAuthorityFromAssertionAttributesUserDetailsService uds = new GrantedAuthorityFromAssertionAttributesUserDetailsService(new String[] { "a", "b", "c", "d" });
    uds.setConvertToUpperCase(false);
    Assertion assertion = mock(Assertion.class);
    AttributePrincipal principal = mock(AttributePrincipal.class);
    Map<String, Object> attributes = new HashMap<String, Object>();
    attributes.put("a", Arrays.asList("role_a1", "role_a2"));
    attributes.put("b", "role_b");
    attributes.put("c", "role_c");
    attributes.put("d", null);
    attributes.put("someother", "unused");
    when(assertion.getPrincipal()).thenReturn(principal);
    when(principal.getAttributes()).thenReturn(attributes);
    when(principal.getName()).thenReturn("somebody");
    CasAssertionAuthenticationToken token = new CasAssertionAuthenticationToken(assertion, "ticket");
    UserDetails user = uds.loadUserDetails(token);
    Set<String> roles = AuthorityUtils.authorityListToSet(user.getAuthorities());
    assertThat(roles.size()).isEqualTo(4);
    assertThat(roles).contains("role_a1");
    assertThat(roles).contains("role_a2");
    assertThat(roles).contains("role_b");
    assertThat(roles).contains("role_c");
}

Example 10 with AttributePrincipal

use of org.jasig.cas.client.authentication.AttributePrincipal in project ddf by codice.

the class CasHandler method getAuthenticationToken.

/**
     * Gets the CAS proxy ticket that will be used by the STS to get a SAML assertion.
     *
     * @param assertion The CAS assertion object.
     * @return Returns the CAS proxy ticket that will be used by the STS to get a SAML assertion.
     */
private CASAuthenticationToken getAuthenticationToken(Assertion assertion) {
    CASAuthenticationToken token = null;
    AttributePrincipal attributePrincipal = assertion.getPrincipal();
    LOGGER.debug("Got the following attributePrincipal: {}", attributePrincipal);
    if (attributePrincipal != null) {
        LOGGER.debug("Getting proxy ticket for {}", clientConfiguration.getAddress());
        String proxyTicket = attributePrincipal.getProxyTicketFor(clientConfiguration.getAddress());
        if (proxyTicket == null || proxyTicket.equals("null")) {
            LOGGER.debug("Couldn't get proxy ticket for CAS authentication.");
        } else {
            LOGGER.debug("proxy ticket: {}", proxyTicket);
            LOGGER.debug("Creating AuthenticationToken with {}|{} as the credentials.", proxyTicket, clientConfiguration.getAddress());
            token = new CASAuthenticationToken(attributePrincipal, proxyTicket, clientConfiguration.getAddress(), realm);
        }
    } else {
        LOGGER.debug("Couldn't get attribute principle for CAS authentication.");
    }
    return token;
}