Example 11 with Assertion
use of org.jasig.cas.client.validation.Assertion in project cas by apereo.
the class WSFederationValidateRequestCallbackController method handleFederationRequest.
/**
* Handle federation request.
*
* @param response the response
* @param request the request
* @return the model and view
* @throws Exception the exception
*/
@GetMapping(path = WSFederationConstants.ENDPOINT_FEDERATION_REQUEST_CALLBACK)
protected ModelAndView handleFederationRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
final WSFederationRequest fedRequest = WSFederationRequest.of(request);
LOGGER.debug("Received callback profile request [{}]", request.getRequestURI());
final WSFederationRegisteredService service = findAndValidateFederationRequestForRegisteredService(response, request, fedRequest);
LOGGER.debug("Located matching service [{}]", service);
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
if (StringUtils.isBlank(ticket)) {
LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
return new ModelAndView(CasWebflowConstants.VIEW_ID_ERROR, new HashMap<>(), HttpStatus.FORBIDDEN);
}
final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, fedRequest);
SecurityToken securityToken = getSecurityTokenFromRequest(request);
if (securityToken == null) {
LOGGER.debug("No security token is yet available. Invoking security token service to issue token");
securityToken = validateSecurityTokenInAssertion(assertion, request, response);
}
addSecurityTokenTicketToRegistry(request, securityToken);
final String rpToken = produceRelyingPartyToken(response, request, fedRequest, securityToken, assertion);
return postResponseBackToRelyingParty(rpToken, fedRequest);
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
WSFederationRegisteredService(org.apereo.cas.ws.idp.services.WSFederationRegisteredService)
ModelAndView(org.springframework.web.servlet.ModelAndView)
Assertion(org.jasig.cas.client.validation.Assertion)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Example 12 with Assertion
use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.
the class AbstractStatelessTicketCacheTests method getToken.
protected CasAuthenticationToken getToken() {
List<String> proxyList = new ArrayList<String>();
proxyList.add("https://localhost/newPortal/login/cas");
User user = new User("rod", "password", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
final Assertion assertion = new AssertionImpl("rod");
return new CasAuthenticationToken("key", user, "ST-0-ER94xMJmn6pha35CQRoZ", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), user, assertion);
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
User(org.springframework.security.core.userdetails.User)
CasAuthenticationToken(org.springframework.security.cas.authentication.CasAuthenticationToken)
ArrayList(java.util.ArrayList)
Assertion(org.jasig.cas.client.validation.Assertion)
Example 13 with Assertion
use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.
the class CasAuthenticationTokenTests method testConstructorRejectsNulls.
@Test
public void testConstructorRejectsNulls() {
final Assertion assertion = new AssertionImpl("test");
try {
new CasAuthenticationToken(null, makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", null, "Password", ROLES, makeUserDetails(), assertion);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", makeUserDetails(), null, ROLES, makeUserDetails(), assertion);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), null);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, null, assertion);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", makeUserDetails(), "Password", AuthorityUtils.createAuthorityList("ROLE_1", null), makeUserDetails(), assertion);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
}
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
Assertion(org.jasig.cas.client.validation.Assertion)
Test(org.junit.Test)
Example 14 with Assertion
use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.
the class CasAuthenticationTokenTests method testToString.
@Test
public void testToString() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
String result = token.toString();
assertThat(result.lastIndexOf("Credentials (Service/Proxy Ticket):") != -1).isTrue();
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
Assertion(org.jasig.cas.client.validation.Assertion)
Test(org.junit.Test)
Example 15 with Assertion
use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.
the class CasAuthenticationTokenTests method testGetters.
@Test
public void testGetters() {
// Build the proxy list returned in the ticket from CAS
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
assertThat(token.getKeyHash()).isEqualTo("key".hashCode());
assertThat(token.getPrincipal()).isEqualTo(makeUserDetails());
assertThat(token.getCredentials()).isEqualTo("Password");
assertThat(token.getAuthorities()).contains(new SimpleGrantedAuthority("ROLE_ONE"));
assertThat(token.getAuthorities()).contains(new SimpleGrantedAuthority("ROLE_TWO"));
assertThat(token.getAssertion()).isEqualTo(assertion);
assertThat(token.getUserDetails().getUsername()).isEqualTo(makeUserDetails().getUsername());
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
Assertion(org.jasig.cas.client.validation.Assertion)
Test(org.junit.Test)
Aggregations
Assertion (org.jasig.cas.client.validation.Assertion)22
AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)12
Test (org.junit.Test)10
AttributePrincipal (org.jasig.cas.client.authentication.AttributePrincipal)3
Cas30ServiceTicketValidator (org.jasig.cas.client.validation.Cas30ServiceTicketValidator)3
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
TicketValidationException (org.jasig.cas.client.validation.TicketValidationException)2
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)2
CasAuthenticationToken (org.springframework.security.cas.authentication.CasAuthenticationToken)2
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)2
User (org.springframework.security.core.userdetails.User)2
GetMapping (org.springframework.web.bind.annotation.GetMapping)2
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1
IOException (java.io.IOException)1
ZonedDateTime (java.time.ZonedDateTime)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
CallbackHandler (javax.security.auth.callback.CallbackHandler)1
ServletException (javax.servlet.ServletException)1
HttpSession (javax.servlet.http.HttpSession)1
