use of org.pac4j.cas.client.CasClient in project cas by apereo.
the class DelegatedClientWebflowManager method store.
/**
* Store.
*
* @param webContext the web context
* @param client the client
* @return the ticket
*/
public Ticket store(final WebContext webContext, final BaseClient client) {
final Map<String, Serializable> properties = new LinkedHashMap<>();
final Service service = determineService(webContext);
properties.put(CasProtocolConstants.PARAMETER_SERVICE, service);
properties.put(this.themeParamName, StringUtils.defaultString(webContext.getRequestParameter(this.themeParamName)));
properties.put(this.localParamName, StringUtils.defaultString(webContext.getRequestParameter(this.localParamName)));
properties.put(CasProtocolConstants.PARAMETER_METHOD, StringUtils.defaultString(webContext.getRequestParameter(CasProtocolConstants.PARAMETER_METHOD)));
final TransientSessionTicketFactory transientFactory = (TransientSessionTicketFactory) this.ticketFactory.get(TransientSessionTicket.class);
final TransientSessionTicket ticket = transientFactory.create(service, properties);
LOGGER.debug("Storing delegated authentication request ticket [{}] for service [{}] with properties [{}]", ticket.getId(), ticket.getService(), ticket.getProperties());
this.ticketRegistry.addTicket(ticket);
webContext.setRequestAttribute(PARAMETER_CLIENT_ID, ticket.getId());
if (client instanceof SAML2Client) {
webContext.getSessionStore().set(webContext, SAML2Client.SAML_RELAY_STATE_ATTRIBUTE, ticket.getId());
}
if (client instanceof OAuth20Client) {
final OAuth20Client oauthClient = (OAuth20Client) client;
oauthClient.getConfiguration().setWithState(true);
oauthClient.getConfiguration().setStateData(ticket.getId());
}
if (client instanceof OidcClient) {
final OidcClient oidcClient = (OidcClient) client;
oidcClient.getConfiguration().setCustomParams(CollectionUtils.wrap(PARAMETER_CLIENT_ID, ticket.getId()));
oidcClient.getConfiguration().setWithState(true);
oidcClient.getConfiguration().setStateData(ticket.getId());
}
if (client instanceof CasClient) {
final CasClient casClient = (CasClient) client;
casClient.getConfiguration().addCustomParam(DelegatedClientWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
}
return ticket;
}
use of org.pac4j.cas.client.CasClient in project pac4j by pac4j.
the class PropertiesConfigFactoryTests method test.
@Test
public void test() {
final Map<String, String> properties = new HashMap<>();
properties.put(FACEBOOK_ID, ID);
properties.put(FACEBOOK_SECRET, SECRET);
properties.put(TWITTER_ID, ID);
properties.put(TWITTER_SECRET, SECRET);
properties.put(CAS_LOGIN_URL, CALLBACK_URL);
properties.put(CAS_PROTOCOL, CasProtocol.CAS20.toString());
properties.put(SAML_KEYSTORE_PASSWORD, PASSWORD);
properties.put(SAML_PRIVATE_KEY_PASSWORD, PASSWORD);
properties.put(SAML_KEYSTORE_PATH, PATH);
properties.put(SAML_IDENTITY_PROVIDER_METADATA_PATH, PATH);
properties.put(SAML_DESTINATION_BINDING_TYPE, SAMLConstants.SAML2_REDIRECT_BINDING_URI);
properties.put(SAML_KEYSTORE_ALIAS, VALUE);
properties.put(OIDC_ID, ID);
properties.put(OIDC_SECRET, SECRET);
properties.put(OIDC_DISCOVERY_URI, CALLBACK_URL);
properties.put(OIDC_USE_NONCE, "true");
properties.put(OIDC_PREFERRED_JWS_ALGORITHM, "RS384");
properties.put(OIDC_MAX_CLOCK_SKEW, "60");
properties.put(OIDC_CLIENT_AUTHENTICATION_METHOD, "CLIENT_SECRET_POST");
properties.put(OIDC_CUSTOM_PARAM_KEY + "1", KEY);
properties.put(OIDC_CUSTOM_PARAM_VALUE + "1", VALUE);
properties.put(CAS_LOGIN_URL.concat(".1"), LOGIN_URL);
properties.put(CAS_PROTOCOL.concat(".1"), CasProtocol.CAS30.toString());
properties.put(OIDC_TYPE.concat(".1"), "google");
properties.put(OIDC_ID.concat(".1"), ID);
properties.put(OIDC_SECRET.concat(".1"), SECRET);
properties.put(ANONYMOUS, "whatever the value");
properties.put(FORMCLIENT_LOGIN_URL, LOGIN_URL);
properties.put(FORMCLIENT_AUTHENTICATOR, "testUsernamePassword");
properties.put(INDIRECTBASICAUTH_AUTHENTICATOR.concat(".2"), "testUsernamePassword");
properties.put(LDAP_TYPE, "direct");
properties.put(LDAP_URL, "ldap://localhost:" + PORT);
properties.put(LDAP_USE_SSL, "false");
properties.put(LDAP_USE_START_TLS, "false");
properties.put(LDAP_DN_FORMAT, CN + "=%s," + BASE_PEOPLE_DN);
properties.put(LDAP_USERS_DN, BASE_PEOPLE_DN);
properties.put(LDAP_PRINCIPAL_ATTRIBUTE_ID, CN);
properties.put(LDAP_ATTRIBUTES, SN + "," + ROLE);
properties.put(FORMCLIENT_LOGIN_URL.concat(".2"), PAC4J_BASE_URL);
properties.put(FORMCLIENT_AUTHENTICATOR.concat(".2"), "ldap");
properties.put(SPRING_ENCODER_TYPE.concat(".4"), "standard");
properties.put(SPRING_ENCODER_STANDARD_SECRET.concat(".4"), SALT);
properties.put(DB_JDBC_URL, "jdbc:h2:mem:test");
properties.put(DB_USERNAME, Pac4jConstants.USERNAME);
properties.put(DB_PASSWORD, Pac4jConstants.PASSWORD);
properties.put(DB_USERNAME_ATTRIBUTE, Pac4jConstants.USERNAME);
properties.put(DB_USER_PASSWORD_ATTRIBUTE, Pac4jConstants.PASSWORD);
properties.put(DB_ATTRIBUTES, FIRSTNAME);
properties.put(DB_PASSWORD_ENCODER, "encoder.spring.4");
properties.put(INDIRECTBASICAUTH_AUTHENTICATOR.concat(".5"), "db");
properties.put(REST_URL.concat(".3"), PAC4J_BASE_URL);
properties.put(DIRECTBASICAUTH_AUTHENTICATOR.concat(".7"), "rest.3");
LdapServer ldapServer = null;
try {
ldapServer = new LdapServer();
ldapServer.start();
new DbServer();
final PropertiesConfigFactory factory = new PropertiesConfigFactory(CALLBACK_URL, properties);
final Config config = factory.build();
final Clients clients = config.getClients();
assertEquals(13, clients.getClients().size());
final FacebookClient fbClient = (FacebookClient) clients.findClient("FacebookClient");
assertEquals(ID, fbClient.getKey());
assertEquals(SECRET, fbClient.getSecret());
assertNotNull(clients.findClient("AnonymousClient"));
final TwitterClient twClient = (TwitterClient) clients.findClient("TwitterClient");
assertEquals(ID, twClient.getKey());
assertEquals(SECRET, twClient.getSecret());
final CasClient casClient = (CasClient) clients.findClient("CasClient");
assertEquals(CALLBACK_URL, casClient.getConfiguration().getLoginUrl());
assertEquals(CasProtocol.CAS20, casClient.getConfiguration().getProtocol());
final SAML2Client saml2client = (SAML2Client) clients.findClient("SAML2Client");
assertNotNull(saml2client);
final SAML2ClientConfiguration saml2Config = saml2client.getConfiguration();
assertEquals(SAMLConstants.SAML2_REDIRECT_BINDING_URI, saml2Config.getDestinationBindingType());
assertEquals(VALUE, saml2Config.getKeyStoreAlias());
final OidcClient oidcClient = (OidcClient) clients.findClient("OidcClient");
assertNotNull(oidcClient);
assertEquals(ClientAuthenticationMethod.CLIENT_SECRET_POST.toString(), oidcClient.getConfiguration().getClientAuthenticationMethod().toString().toLowerCase());
final CasClient casClient1 = (CasClient) clients.findClient("CasClient.1");
assertEquals(CasProtocol.CAS30, casClient1.getConfiguration().getProtocol());
final GoogleOidcClient googleOidcClient = (GoogleOidcClient) clients.findClient("GoogleOidcClient.1");
googleOidcClient.init();
assertEquals(ID, googleOidcClient.getConfiguration().getClientId());
assertEquals(SECRET, googleOidcClient.getConfiguration().getSecret());
assertEquals("https://accounts.google.com/.well-known/openid-configuration", googleOidcClient.getConfiguration().getDiscoveryURI());
assertEquals(CALLBACK_URL + "?client_name=GoogleOidcClient.1", googleOidcClient.getCallbackUrlResolver().compute(googleOidcClient.getUrlResolver(), googleOidcClient.getCallbackUrl(), googleOidcClient.getName(), MockWebContext.create()));
final FormClient formClient = (FormClient) clients.findClient("FormClient");
assertEquals(LOGIN_URL, formClient.getLoginUrl());
assertTrue(formClient.getAuthenticator() instanceof SimpleTestUsernamePasswordAuthenticator);
final FormClient formClient2 = (FormClient) clients.findClient("FormClient.2");
assertEquals(PAC4J_BASE_URL, formClient2.getLoginUrl());
assertTrue(formClient2.getAuthenticator() instanceof LdapProfileService);
final LdapProfileService ldapAuthenticator = (LdapProfileService) formClient2.getAuthenticator();
final UsernamePasswordCredentials ldapCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
ldapAuthenticator.validate(ldapCredentials, MockWebContext.create());
assertNotNull(ldapCredentials.getUserProfile());
final IndirectBasicAuthClient indirectBasicAuthClient = (IndirectBasicAuthClient) clients.findClient("IndirectBasicAuthClient.2");
assertEquals("authentication required", indirectBasicAuthClient.getRealmName());
assertTrue(indirectBasicAuthClient.getAuthenticator() instanceof SimpleTestUsernamePasswordAuthenticator);
final IndirectBasicAuthClient indirectBasicAuthClient2 = (IndirectBasicAuthClient) clients.findClient("IndirectBasicAuthClient.5");
assertTrue(indirectBasicAuthClient2.getAuthenticator() instanceof DbProfileService);
final DbProfileService dbAuthenticator = (DbProfileService) indirectBasicAuthClient2.getAuthenticator();
assertNotNull(dbAuthenticator);
final UsernamePasswordCredentials dbCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
dbAuthenticator.validate(dbCredentials, MockWebContext.create());
assertNotNull(dbCredentials.getUserProfile());
final DirectBasicAuthClient directBasicAuthClient = (DirectBasicAuthClient) clients.findClient("DirectBasicAuthClient.7");
assertNotNull(directBasicAuthClient);
final RestAuthenticator restAuthenticator = (RestAuthenticator) directBasicAuthClient.getAuthenticator();
assertEquals(PAC4J_BASE_URL, restAuthenticator.getUrl());
} finally {
if (ldapServer != null) {
ldapServer.stop();
}
}
}
use of org.pac4j.cas.client.CasClient in project cas by apereo.
the class Pac4jAuthenticationEventExecutionPlanConfiguration method configureCasClient.
private void configureCasClient(final Collection<BaseClient> properties) {
final AtomicInteger index = new AtomicInteger();
casProperties.getAuthn().getPac4j().getCas().stream().filter(cas -> StringUtils.isNotBlank(cas.getLoginUrl())).forEach(cas -> {
final CasConfiguration cfg = new CasConfiguration(cas.getLoginUrl(), cas.getProtocol());
final CasClient client = new CasClient(cfg);
client.setName(client.getClass().getSimpleName() + index.incrementAndGet());
properties.add(client);
});
}
use of org.pac4j.cas.client.CasClient in project cas by apereo.
the class CasConsentReviewConfiguration method casConsentPac4jConfig.
@Bean
@RefreshScope
public Config casConsentPac4jConfig() {
final CasConfiguration conf = new CasConfiguration(casProperties.getServer().getLoginUrl());
final CasClient client = new CasClient(conf);
client.setName(CAS_CONSENT_CLIENT);
client.setCallbackUrl(casProperties.getServer().getPrefix().concat("/consentReview/callback"));
client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
final Clients clients = new Clients(client);
final Config config = new Config(clients);
config.setAuthorizer(new IsAuthenticatedAuthorizer());
config.setCallbackLogic(new DefaultCallbackLogic());
config.setLogoutLogic(new DefaultLogoutLogic());
// get role authorizer from admin pages for smooth integration
final Map<String, Authorizer> adminAuthorizers = casAdminPagesPac4jConfig.getAuthorizers();
final String auth = RequireAnyRoleAuthorizer.class.getSimpleName();
if (adminAuthorizers.containsKey(auth)) {
config.addAuthorizer(auth, adminAuthorizers.get(auth));
final BaseClient adminClient = casAdminPagesPac4jConfig.getClients().findClient(DirectCasClient.class);
client.addAuthorizationGenerators(adminClient.getAuthorizationGenerators());
}
return config;
}
use of org.pac4j.cas.client.CasClient in project cas by apereo.
the class DelegatedClientFactory method configureCasClient.
/**
* Configure cas client.
*
* @param properties the properties
*/
protected void configureCasClient(final Collection<BaseClient> properties) {
final AtomicInteger index = new AtomicInteger();
pac4jProperties.getCas().stream().filter(cas -> StringUtils.isNotBlank(cas.getLoginUrl())).forEach(cas -> {
final CasConfiguration cfg = new CasConfiguration(cas.getLoginUrl(), CasProtocol.valueOf(cas.getProtocol()));
final CasClient client = new CasClient(cfg);
final int count = index.intValue();
if (StringUtils.isBlank(cas.getClientName())) {
client.setName(client.getClass().getSimpleName() + count);
}
configureClient(client, cas);
index.incrementAndGet();
LOGGER.debug("Created client [{}]", client);
properties.add(client);
});
}
Aggregations