Example 36 with Assertion
use of org.jasig.cas.client.validation.Assertion in project cas by apereo.
the class JWTTokenTicketBuilder method build.
@Override
@SneakyThrows
public String build(final String serviceTicketId, final Service service) {
final Assertion assertion = this.ticketValidator.validate(serviceTicketId, service.getId());
final Map<String, Object> attributes = new LinkedHashMap<>(assertion.getAttributes());
attributes.putAll(assertion.getPrincipal().getAttributes());
final Date validUntilDate;
if (assertion.getValidUntilDate() != null) {
validUntilDate = assertion.getValidUntilDate();
} else {
final ZonedDateTime dt = ZonedDateTime.now().plusSeconds(expirationPolicy.getTimeToLive());
validUntilDate = DateTimeUtils.dateOf(dt);
}
return buildJwt(serviceTicketId, service.getId(), assertion.getAuthenticationDate(), assertion.getPrincipal().getName(), validUntilDate, attributes);
}
Also used :
ZonedDateTime(java.time.ZonedDateTime)
Assertion(org.jasig.cas.client.validation.Assertion)
JSONObject(net.minidev.json.JSONObject)
Date(java.util.Date)
LinkedHashMap(java.util.LinkedHashMap)
SneakyThrows(lombok.SneakyThrows)
Example 37 with Assertion
use of org.jasig.cas.client.validation.Assertion in project cas by apereo.
the class SSOSamlProfileCallbackHandlerController method handleCallbackProfileRequest.
/**
* Handle callback profile request.
*
* @param response the response
* @param request the request
* @throws Exception the exception
*/
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
if (authnRequest == null) {
LOGGER.error("Can not validate the request because the original Authn request can not be found.");
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
if (StringUtils.isBlank(ticket)) {
LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
final String binding = determineProfileBinding(authenticationContext, assertion);
buildSamlResponse(response, request, authenticationContext, assertion, binding);
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Assertion(org.jasig.cas.client.validation.Assertion)
MessageContext(org.opensaml.messaging.context.MessageContext)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Example 38 with Assertion
use of org.jasig.cas.client.validation.Assertion in project pac4j by pac4j.
the class AbstractCasRestClient method validateServiceTicket.
public CasProfile validateServiceTicket(final String serviceURL, final TokenCredentials ticket, final WebContext context) {
try {
final Assertion assertion = configuration.retrieveTicketValidator(context).validate(ticket.getToken(), serviceURL);
final AttributePrincipal principal = assertion.getPrincipal();
final CasProfile casProfile = new CasProfile();
casProfile.setId(ProfileHelper.sanitizeIdentifier(casProfile, principal.getName()));
casProfile.addAttributes(principal.getAttributes());
return casProfile;
} catch (final TicketValidationException e) {
throw new TechnicalException(e);
}
}
Also used :
CasProfile(org.pac4j.cas.profile.CasProfile)
TechnicalException(org.pac4j.core.exception.TechnicalException)
Assertion(org.jasig.cas.client.validation.Assertion)
AttributePrincipal(org.jasig.cas.client.authentication.AttributePrincipal)
TicketValidationException(org.jasig.cas.client.validation.TicketValidationException)
Example 39 with Assertion
use of org.jasig.cas.client.validation.Assertion in project mycore by MyCoRe-Org.
the class MCRCASServlet method doGetPost.
public void doGetPost(MCRServletJob job) throws Exception {
HttpServletRequest req = job.getRequest();
HttpServletResponse res = job.getResponse();
String ticket = req.getParameter("ticket");
if ((ticket == null) || (ticket.trim().length() == 0)) {
res.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// Validate ticket at CAS server
Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(serverURL);
sv.setAcceptAnyProxy(true);
Assertion a = sv.validate(ticket, clientURL);
AttributePrincipal principal = a.getPrincipal();
// Get user name logged in
String userName = principal.getName();
LOGGER.info("Login {}", userName);
MCRUser user;
boolean userExists = MCRUserManager.exists(userName, realmID);
if (userExists)
user = MCRUserManager.getUser(userName, realmID);
else
user = new MCRUser(userName, realmID);
// Get user properties from LDAP server
boolean userChanged = MCRLDAPClient.instance().updateUserProperties(user);
if (userChanged && userExists) {
MCRUserManager.updateUser(user);
}
// Store login user in session and redirect browser to target url
MCRSessionMgr.getCurrentSession().setUserInformation(user);
// MCR-1154
req.changeSessionId();
MCRLoginServlet.redirect(res);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MCRUser(org.mycore.user2.MCRUser)
Assertion(org.jasig.cas.client.validation.Assertion)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Cas20ProxyTicketValidator(org.jasig.cas.client.validation.Cas20ProxyTicketValidator)
AttributePrincipal(org.jasig.cas.client.authentication.AttributePrincipal)
Example 40 with Assertion
use of org.jasig.cas.client.validation.Assertion in project uhgroupings by uhawaii-system-its-ti-iam.
the class UserDetailsServiceTest method loadUserDetailsExceptionOne.
@Test
public void loadUserDetailsExceptionOne() {
Assertion assertion = new AssertionDummy();
CasUserDetailsServiceImplj userDetailsService = new CasUserDetailsServiceImplj(userBuilder);
try {
userDetailsService.loadUserDetails(assertion);
fail("Should not have reached here.");
} catch (Exception e) {
assertThat(UsernameNotFoundException.class, equalTo(e.getClass()));
assertThat(e.getMessage(), containsString("principal is null"));
}
}
Also used :
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
Assertion(org.jasig.cas.client.validation.Assertion)
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Aggregations
Assertion (org.jasig.cas.client.validation.Assertion)41
AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)14
Test (org.junit.Test)13
AttributePrincipal (org.jasig.cas.client.authentication.AttributePrincipal)10
HashMap (java.util.HashMap)5
TicketValidationException (org.jasig.cas.client.validation.TicketValidationException)5
MessageContext (org.opensaml.messaging.context.MessageContext)5
AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)5
ZonedDateTime (java.time.ZonedDateTime)4
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)3
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)3
LinkedHashMap (java.util.LinkedHashMap)2
HttpSession (javax.servlet.http.HttpSession)2
SneakyThrows (lombok.SneakyThrows)2
Authentication (org.apereo.cas.authentication.Authentication)2
AttributePrincipalImpl (org.jasig.cas.client.authentication.AttributePrincipalImpl)2
Cas30ServiceTicketValidator (org.jasig.cas.client.validation.Cas30ServiceTicketValidator)2
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2
GetMapping (org.springframework.web.bind.annotation.GetMapping)2
