Examples with Assertion org.jasig.cas.client.validation.Assertion used on opensource projects

Example 26 with Assertion

use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.

the class CasAuthenticationTokenTests method testEqualsWhenEqual.

@Test
public void testEqualsWhenEqual() {
    final Assertion assertion = new AssertionImpl("test");
    CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
    CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
    assertThat(token2).isEqualTo(token1);
}

Example 27 with Assertion

use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.

the class CasAuthenticationTokenTests method testNotEqualsDueToAbstractParentEqualsCheck.

@Test
public void testNotEqualsDueToAbstractParentEqualsCheck() {
    final Assertion assertion = new AssertionImpl("test");
    CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
    CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails("OTHER_NAME"), "Password", ROLES, makeUserDetails(), assertion);
    assertThat(!token1.equals(token2)).isTrue();
}

Example 28 with Assertion

use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.

the class CasAuthenticationProvider method authenticateNow.

private CasAuthenticationToken authenticateNow(final Authentication authentication) throws AuthenticationException {
    try {
        final Assertion assertion = this.ticketValidator.validate(authentication.getCredentials().toString(), getServiceUrl(authentication));
        final UserDetails userDetails = loadUserByAssertion(assertion);
        userDetailsChecker.check(userDetails);
        return new CasAuthenticationToken(this.key, userDetails, authentication.getCredentials(), authoritiesMapper.mapAuthorities(userDetails.getAuthorities()), userDetails, assertion);
    } catch (final TicketValidationException e) {
        throw new BadCredentialsException(e.getMessage(), e);
    }
}

Example 29 with Assertion

use of org.jasig.cas.client.validation.Assertion in project spring-security by spring-projects.

the class GrantedAuthorityFromAssertionAttributesUserDetailsServiceTests method correctlyExtractsNamedAttributesFromAssertionAndConvertsThemToAuthorities.

@Test
public void correctlyExtractsNamedAttributesFromAssertionAndConvertsThemToAuthorities() {
    GrantedAuthorityFromAssertionAttributesUserDetailsService uds = new GrantedAuthorityFromAssertionAttributesUserDetailsService(new String[] { "a", "b", "c", "d" });
    uds.setConvertToUpperCase(false);
    Assertion assertion = mock(Assertion.class);
    AttributePrincipal principal = mock(AttributePrincipal.class);
    Map<String, Object> attributes = new HashMap<String, Object>();
    attributes.put("a", Arrays.asList("role_a1", "role_a2"));
    attributes.put("b", "role_b");
    attributes.put("c", "role_c");
    attributes.put("d", null);
    attributes.put("someother", "unused");
    when(assertion.getPrincipal()).thenReturn(principal);
    when(principal.getAttributes()).thenReturn(attributes);
    when(principal.getName()).thenReturn("somebody");
    CasAssertionAuthenticationToken token = new CasAssertionAuthenticationToken(assertion, "ticket");
    UserDetails user = uds.loadUserDetails(token);
    Set<String> roles = AuthorityUtils.authorityListToSet(user.getAuthorities());
    assertThat(roles.size()).isEqualTo(4);
    assertThat(roles).contains("role_a1");
    assertThat(roles).contains("role_a2");
    assertThat(roles).contains("role_b");
    assertThat(roles).contains("role_c");
}

Example 30 with Assertion

use of org.jasig.cas.client.validation.Assertion in project ddf by codice.

the class CasHandler method getNormalizedToken.

@Override
public HandlerResult getNormalizedToken(ServletRequest request, ServletResponse response, FilterChain chain, boolean resolve) throws ServletException {
    // Default to NO_ACTION and set the source as this handler
    HandlerResult handlerResult = new HandlerResult(HandlerResult.Status.NO_ACTION, null);
    handlerResult.setSource(realm + "-" + SOURCE);
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    String path = httpRequest.getServletPath();
    LOGGER.debug("Doing CAS authentication and authorization for path {}", path);
    // if the request contains the principal, return it
    Assertion assertion = getAssertion(httpRequest);
    try {
        if (resolve && assertion == null) {
            proxyFilter.doFilter(request, response, new ProxyFilterChain(null));
        }
    } catch (IOException e) {
        throw new ServletException(e);
    }
    if (assertion != null) {
        LOGGER.debug("Found previous CAS attribute, using that same session.");
        CASAuthenticationToken token = getAuthenticationToken(assertion);
        if (token != null) {
            handlerResult.setToken(token);
            handlerResult.setStatus(HandlerResult.Status.COMPLETED);
            //update cache with new information
            LOGGER.debug("Adding new CAS assertion for session {}", httpRequest.getSession(false).getId());
            httpRequest.getSession(false).setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
            LOGGER.debug("Successfully set authentication token, returning result with token.");
        } else {
            LOGGER.debug("Could not create authentication token, returning NO_ACTION result.");
        }
    } else {
        if (resolve) {
            LOGGER.debug("Calling cas authentication and validation filters to perform redirects.");
            handlerResult.setStatus(HandlerResult.Status.REDIRECTED);
        } else {
            LOGGER.debug("No cas authentication information found and resolve is not enabled, returning NO_ACTION.");
        }
    }
    return handlerResult;
}