Example 1 with Assertion
use of org.jasig.cas.client.validation.Assertion in project cas by apereo.
the class SSOPostProfileCallbackHandlerController method validateRequestAndBuildCasAssertion.
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response, final HttpServletRequest request, final Pair<AuthnRequest, MessageContext> pair) throws Exception {
final AuthnRequest authnRequest = pair.getKey();
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);
validator.setRenew(authnRequest.isForceAuthn());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = validator.validate(ticket, serviceUrl);
logCasValidationAssertion(assertion);
return assertion;
}
Also used :
Cas30ServiceTicketValidator(org.jasig.cas.client.validation.Cas30ServiceTicketValidator)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Assertion(org.jasig.cas.client.validation.Assertion)
Example 2 with Assertion
use of org.jasig.cas.client.validation.Assertion in project cas by apereo.
the class TokenWebApplicationServiceResponseBuilder method generateToken.
/**
* Generate token string.
*
* @param service the service
* @param parameters the parameters
* @return the jwt
*/
protected String generateToken(final Service service, final Map<String, String> parameters) {
try {
final String ticketId = parameters.get(CasProtocolConstants.PARAMETER_TICKET);
final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(casProperties.getServer().getPrefix());
final Assertion assertion = validator.validate(ticketId, service.getId());
final JWTClaimsSet.Builder claims = new JWTClaimsSet.Builder().audience(service.getId()).issuer(casProperties.getServer().getPrefix()).jwtID(ticketId).issueTime(assertion.getAuthenticationDate()).subject(assertion.getPrincipal().getName());
assertion.getAttributes().forEach(claims::claim);
assertion.getPrincipal().getAttributes().forEach(claims::claim);
if (assertion.getValidUntilDate() != null) {
claims.expirationTime(assertion.getValidUntilDate());
} else {
final ZonedDateTime dt = ZonedDateTime.now().plusSeconds(ticketGrantingTicketExpirationPolicy.getTimeToLive());
claims.expirationTime(DateTimeUtils.dateOf(dt));
}
final JWTClaimsSet claimsSet = claims.build();
final JSONObject object = claimsSet.toJSONObject();
return tokenCipherExecutor.encode(object.toJSONString());
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
Also used :
Cas30ServiceTicketValidator(org.jasig.cas.client.validation.Cas30ServiceTicketValidator)
JSONObject(net.minidev.json.JSONObject)
ZonedDateTime(java.time.ZonedDateTime)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
Assertion(org.jasig.cas.client.validation.Assertion)
Example 3 with Assertion
use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.
the class CasAuthenticationTokenMixinTests method createCasAuthenticationToken.
private CasAuthenticationToken createCasAuthenticationToken() {
User principal = new User("admin", "1234", Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")));
Collection<? extends GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));
Assertion assertion = new AssertionImpl(new AttributePrincipalImpl("assertName"), START_DATE, END_DATE, START_DATE, Collections.<String, Object>emptyMap());
return new CasAuthenticationToken(KEY, principal, principal.getPassword(), authorities, new User("admin", "1234", authorities), assertion);
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
User(org.springframework.security.core.userdetails.User)
CasAuthenticationToken(org.springframework.security.cas.authentication.CasAuthenticationToken)
Assertion(org.jasig.cas.client.validation.Assertion)
AttributePrincipalImpl(org.jasig.cas.client.authentication.AttributePrincipalImpl)
Example 4 with Assertion
use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.
the class CasAuthenticationTokenTests method testNotEqualsDueToDifferentAuthenticationClass.
@Test
public void testNotEqualsDueToDifferentAuthenticationClass() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
UsernamePasswordAuthenticationToken token2 = new UsernamePasswordAuthenticationToken("Test", "Password", ROLES);
assertThat(!token1.equals(token2)).isTrue();
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
Assertion(org.jasig.cas.client.validation.Assertion)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Test(org.junit.Test)
Example 5 with Assertion
use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.
the class CasAuthenticationTokenTests method testNotEqualsDueToAssertion.
@Test
public void testNotEqualsDueToAssertion() {
final Assertion assertion = new AssertionImpl("test");
final Assertion assertion2 = new AssertionImpl("test");
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion2);
assertThat(!token1.equals(token2)).isTrue();
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
Assertion(org.jasig.cas.client.validation.Assertion)
Test(org.junit.Test)
Aggregations
Assertion (org.jasig.cas.client.validation.Assertion)41
AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)14
Test (org.junit.Test)13
AttributePrincipal (org.jasig.cas.client.authentication.AttributePrincipal)10
HashMap (java.util.HashMap)5
TicketValidationException (org.jasig.cas.client.validation.TicketValidationException)5
MessageContext (org.opensaml.messaging.context.MessageContext)5
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)5
ZonedDateTime (java.time.ZonedDateTime)4
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)3
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)3
LinkedHashMap (java.util.LinkedHashMap)2
HttpSession (javax.servlet.http.HttpSession)2
SneakyThrows (lombok.SneakyThrows)2
Authentication (org.apereo.cas.authentication.Authentication)2
AttributePrincipalImpl (org.jasig.cas.client.authentication.AttributePrincipalImpl)2
Cas30ServiceTicketValidator (org.jasig.cas.client.validation.Cas30ServiceTicketValidator)2
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2
GetMapping (org.springframework.web.bind.annotation.GetMapping)2
