Examples with Config org.pac4j.core.config.Config used on opensource projects

Search in sources :

Example 6 with Config

use of org.pac4j.core.config.Config in project pac4j by pac4j.

the class PropertiesConfigFactoryTests method test.

@Test
public void test() {
    final Map<String, String> properties = new HashMap<>();
    properties.put(FACEBOOK_ID, ID);
    properties.put(FACEBOOK_SECRET, SECRET);
    properties.put(TWITTER_ID, ID);
    properties.put(TWITTER_SECRET, SECRET);
    properties.put(CAS_LOGIN_URL, CALLBACK_URL);
    properties.put(CAS_PROTOCOL, CasProtocol.CAS20.toString());
    properties.put(SAML_KEYSTORE_PASSWORD, PASSWORD);
    properties.put(SAML_PRIVATE_KEY_PASSWORD, PASSWORD);
    properties.put(SAML_KEYSTORE_PATH, PATH);
    properties.put(SAML_IDENTITY_PROVIDER_METADATA_PATH, PATH);
    properties.put(SAML_DESTINATION_BINDING_TYPE, SAMLConstants.SAML2_REDIRECT_BINDING_URI);
    properties.put(SAML_KEYSTORE_ALIAS, VALUE);
    properties.put(OIDC_ID, ID);
    properties.put(OIDC_SECRET, SECRET);
    properties.put(OIDC_DISCOVERY_URI, CALLBACK_URL);
    properties.put(OIDC_USE_NONCE, "true");
    properties.put(OIDC_PREFERRED_JWS_ALGORITHM, "RS384");
    properties.put(OIDC_MAX_CLOCK_SKEW, "60");
    properties.put(OIDC_CLIENT_AUTHENTICATION_METHOD, "CLIENT_SECRET_POST");
    properties.put(OIDC_CUSTOM_PARAM_KEY + "1", KEY);
    properties.put(OIDC_CUSTOM_PARAM_VALUE + "1", VALUE);
    properties.put(CAS_LOGIN_URL.concat(".1"), LOGIN_URL);
    properties.put(CAS_PROTOCOL.concat(".1"), CasProtocol.CAS30.toString());
    properties.put(OIDC_TYPE.concat(".1"), "google");
    properties.put(OIDC_ID.concat(".1"), ID);
    properties.put(OIDC_SECRET.concat(".1"), SECRET);
    properties.put(ANONYMOUS, "whatever the value");
    properties.put(FORMCLIENT_LOGIN_URL, LOGIN_URL);
    properties.put(FORMCLIENT_AUTHENTICATOR, "testUsernamePassword");
    properties.put(INDIRECTBASICAUTH_AUTHENTICATOR.concat(".2"), "testUsernamePassword");
    properties.put(LDAP_TYPE, "direct");
    properties.put(LDAP_URL, "ldap://localhost:" + PORT);
    properties.put(LDAP_USE_SSL, "false");
    properties.put(LDAP_USE_START_TLS, "false");
    properties.put(LDAP_DN_FORMAT, CN + "=%s," + BASE_PEOPLE_DN);
    properties.put(LDAP_USERS_DN, BASE_PEOPLE_DN);
    properties.put(LDAP_PRINCIPAL_ATTRIBUTE_ID, CN);
    properties.put(LDAP_ATTRIBUTES, SN + "," + ROLE);
    properties.put(FORMCLIENT_LOGIN_URL.concat(".2"), PAC4J_BASE_URL);
    properties.put(FORMCLIENT_AUTHENTICATOR.concat(".2"), "ldap");
    properties.put(SPRING_ENCODER_TYPE.concat(".4"), "standard");
    properties.put(SPRING_ENCODER_STANDARD_SECRET.concat(".4"), SALT);
    properties.put(DB_JDBC_URL, "jdbc:h2:mem:test");
    properties.put(DB_USERNAME, Pac4jConstants.USERNAME);
    properties.put(DB_PASSWORD, Pac4jConstants.PASSWORD);
    properties.put(DB_USERNAME_ATTRIBUTE, Pac4jConstants.USERNAME);
    properties.put(DB_USER_PASSWORD_ATTRIBUTE, Pac4jConstants.PASSWORD);
    properties.put(DB_ATTRIBUTES, FIRSTNAME);
    properties.put(DB_PASSWORD_ENCODER, "encoder.spring.4");
    properties.put(INDIRECTBASICAUTH_AUTHENTICATOR.concat(".5"), "db");
    properties.put(REST_URL.concat(".3"), PAC4J_BASE_URL);
    properties.put(DIRECTBASICAUTH_AUTHENTICATOR.concat(".7"), "rest.3");
    LdapServer ldapServer = null;
    try {
        ldapServer = new LdapServer();
        ldapServer.start();
        new DbServer();
        final PropertiesConfigFactory factory = new PropertiesConfigFactory(CALLBACK_URL, properties);
        final Config config = factory.build();
        final Clients clients = config.getClients();
        assertEquals(13, clients.getClients().size());
        final FacebookClient fbClient = (FacebookClient) clients.findClient("FacebookClient");
        assertEquals(ID, fbClient.getKey());
        assertEquals(SECRET, fbClient.getSecret());
        assertNotNull(clients.findClient("AnonymousClient"));
        final TwitterClient twClient = (TwitterClient) clients.findClient("TwitterClient");
        assertEquals(ID, twClient.getKey());
        assertEquals(SECRET, twClient.getSecret());
        final CasClient casClient = (CasClient) clients.findClient("CasClient");
        assertEquals(CALLBACK_URL, casClient.getConfiguration().getLoginUrl());
        assertEquals(CasProtocol.CAS20, casClient.getConfiguration().getProtocol());
        final SAML2Client saml2client = (SAML2Client) clients.findClient("SAML2Client");
        assertNotNull(saml2client);
        final SAML2ClientConfiguration saml2Config = saml2client.getConfiguration();
        assertEquals(SAMLConstants.SAML2_REDIRECT_BINDING_URI, saml2Config.getDestinationBindingType());
        assertEquals(VALUE, saml2Config.getKeyStoreAlias());
        final OidcClient oidcClient = (OidcClient) clients.findClient("OidcClient");
        assertNotNull(oidcClient);
        assertEquals(ClientAuthenticationMethod.CLIENT_SECRET_POST.toString(), oidcClient.getConfiguration().getClientAuthenticationMethod().toString().toLowerCase());
        final CasClient casClient1 = (CasClient) clients.findClient("CasClient.1");
        assertEquals(CasProtocol.CAS30, casClient1.getConfiguration().getProtocol());
        final GoogleOidcClient googleOidcClient = (GoogleOidcClient) clients.findClient("GoogleOidcClient.1");
        googleOidcClient.init();
        assertEquals(ID, googleOidcClient.getConfiguration().getClientId());
        assertEquals(SECRET, googleOidcClient.getConfiguration().getSecret());
        assertEquals("https://accounts.google.com/.well-known/openid-configuration", googleOidcClient.getConfiguration().getDiscoveryURI());
        assertEquals(CALLBACK_URL + "?client_name=GoogleOidcClient.1", googleOidcClient.getCallbackUrlResolver().compute(googleOidcClient.getUrlResolver(), googleOidcClient.getCallbackUrl(), googleOidcClient.getName(), MockWebContext.create()));
        final FormClient formClient = (FormClient) clients.findClient("FormClient");
        assertEquals(LOGIN_URL, formClient.getLoginUrl());
        assertTrue(formClient.getAuthenticator() instanceof SimpleTestUsernamePasswordAuthenticator);
        final FormClient formClient2 = (FormClient) clients.findClient("FormClient.2");
        assertEquals(PAC4J_BASE_URL, formClient2.getLoginUrl());
        assertTrue(formClient2.getAuthenticator() instanceof LdapProfileService);
        final LdapProfileService ldapAuthenticator = (LdapProfileService) formClient2.getAuthenticator();
        final UsernamePasswordCredentials ldapCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
        ldapAuthenticator.validate(ldapCredentials, MockWebContext.create());
        assertNotNull(ldapCredentials.getUserProfile());
        final IndirectBasicAuthClient indirectBasicAuthClient = (IndirectBasicAuthClient) clients.findClient("IndirectBasicAuthClient.2");
        assertEquals("authentication required", indirectBasicAuthClient.getRealmName());
        assertTrue(indirectBasicAuthClient.getAuthenticator() instanceof SimpleTestUsernamePasswordAuthenticator);
        final IndirectBasicAuthClient indirectBasicAuthClient2 = (IndirectBasicAuthClient) clients.findClient("IndirectBasicAuthClient.5");
        assertTrue(indirectBasicAuthClient2.getAuthenticator() instanceof DbProfileService);
        final DbProfileService dbAuthenticator = (DbProfileService) indirectBasicAuthClient2.getAuthenticator();
        assertNotNull(dbAuthenticator);
        final UsernamePasswordCredentials dbCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
        dbAuthenticator.validate(dbCredentials, MockWebContext.create());
        assertNotNull(dbCredentials.getUserProfile());
        final DirectBasicAuthClient directBasicAuthClient = (DirectBasicAuthClient) clients.findClient("DirectBasicAuthClient.7");
        assertNotNull(directBasicAuthClient);
        final RestAuthenticator restAuthenticator = (RestAuthenticator) directBasicAuthClient.getAuthenticator();
        assertEquals(PAC4J_BASE_URL, restAuthenticator.getUrl());
    } finally {
        if (ldapServer != null) {
            ldapServer.stop();
        }
    }
}
Also used : TwitterClient(org.pac4j.oauth.client.TwitterClient) HashMap(java.util.HashMap) Config(org.pac4j.core.config.Config) FacebookClient(org.pac4j.oauth.client.FacebookClient) FormClient(org.pac4j.http.client.indirect.FormClient) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) DirectBasicAuthClient(org.pac4j.http.client.direct.DirectBasicAuthClient) Clients(org.pac4j.core.client.Clients) RestAuthenticator(org.pac4j.http.credentials.authenticator.RestAuthenticator) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) LdapServer(org.pac4j.ldap.test.tools.LdapServer) OidcClient(org.pac4j.oidc.client.OidcClient) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) DbProfileService(org.pac4j.sql.profile.service.DbProfileService) DbServer(org.pac4j.sql.test.tools.DbServer) SAML2Client(org.pac4j.saml.client.SAML2Client) CasClient(org.pac4j.cas.client.CasClient) SimpleTestUsernamePasswordAuthenticator(org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator) LdapProfileService(org.pac4j.ldap.profile.service.LdapProfileService) IndirectBasicAuthClient(org.pac4j.http.client.indirect.IndirectBasicAuthClient) Test(org.junit.Test)

Example 7 with Config

use of org.pac4j.core.config.Config in project cas by apereo.

the class OAuth20AccessTokenSecurityLogicTests method verifyOperation.

@Test
public void verifyOperation() throws Exception {
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    request.addParameter(OAuth20Constants.CLIENT_ID, CLIENT_ID);
    val logic = new DefaultSecurityLogic();
    logic.setLoadProfilesFromSession(false);
    val mockClient = mock(DirectClient.class);
    when(mockClient.getName()).thenReturn("MockIndirectClient");
    when(mockClient.isInitialized()).thenReturn(true);
    when(mockClient.getCredentials(any(), any())).thenReturn(Optional.of(new UsernamePasswordCredentials("casuser", "Mellon")));
    val profile = new CommonProfile();
    profile.setId(UUID.randomUUID().toString());
    when(mockClient.getUserProfile(any(), any(), any())).thenReturn(Optional.of(profile));
    val context = new JEEContext(request, response);
    val profileManager = new ProfileManager(context, JEESessionStore.INSTANCE);
    profileManager.save(true, profile, false);
    val result = (UserProfile) logic.perform(context, JEESessionStore.INSTANCE, new Config(mockClient), (webContext, sessionStore, collection, objects) -> collection.iterator().next(), JEEHttpActionAdapter.INSTANCE, "MockIndirectClient", DefaultAuthorizers.IS_FULLY_AUTHENTICATED, DefaultMatchers.SECURITYHEADERS);
    assertNotNull(result);
    assertEquals(1, profileManager.getProfiles().size());
}
Also used : lombok.val(lombok.val) ProfileManager(org.pac4j.core.profile.ProfileManager) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) DefaultAuthorizers(org.pac4j.core.authorization.authorizer.DefaultAuthorizers) OAuth20Constants(org.apereo.cas.support.oauth.OAuth20Constants) CommonProfile(org.pac4j.core.profile.CommonProfile) DirectClient(org.pac4j.core.client.DirectClient) lombok.val(lombok.val) DefaultSecurityLogic(org.pac4j.core.engine.DefaultSecurityLogic) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UUID(java.util.UUID) ProfileManager(org.pac4j.core.profile.ProfileManager) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test) Mockito(org.mockito.Mockito) JEEHttpActionAdapter(org.pac4j.core.http.adapter.JEEHttpActionAdapter) Assertions(org.junit.jupiter.api.Assertions) Config(org.pac4j.core.config.Config) Optional(java.util.Optional) Tag(org.junit.jupiter.api.Tag) DefaultMatchers(org.pac4j.core.matching.matcher.DefaultMatchers) UserProfile(org.pac4j.core.profile.UserProfile) AbstractOAuth20Tests(org.apereo.cas.AbstractOAuth20Tests) JEEContext(org.pac4j.core.context.JEEContext) JEESessionStore(org.pac4j.core.context.session.JEESessionStore) UserProfile(org.pac4j.core.profile.UserProfile) CommonProfile(org.pac4j.core.profile.CommonProfile) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Config(org.pac4j.core.config.Config) DefaultSecurityLogic(org.pac4j.core.engine.DefaultSecurityLogic) JEEContext(org.pac4j.core.context.JEEContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) Test(org.junit.jupiter.api.Test)

Example 8 with Config

use of org.pac4j.core.config.Config in project cas by apereo.

the class CasManagementWebAppConfiguration method config.

@Bean
public Config config() {
    final Config cfg = new Config(getDefaultServiceUrl(), casClient());
    cfg.setAuthorizer(requireAnyRoleAuthorizer());
    return cfg;
}
Also used : Config(org.pac4j.core.config.Config) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Example 9 with Config

use of org.pac4j.core.config.Config in project cas by apereo.

the class CasConsentReviewConfiguration method casConsentPac4jConfig.

@Bean
@RefreshScope
public Config casConsentPac4jConfig() {
    final CasConfiguration conf = new CasConfiguration(casProperties.getServer().getLoginUrl());
    final CasClient client = new CasClient(conf);
    client.setName(CAS_CONSENT_CLIENT);
    client.setCallbackUrl(casProperties.getServer().getPrefix().concat("/consentReview/callback"));
    client.setAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
    final Clients clients = new Clients(client);
    final Config config = new Config(clients);
    config.setAuthorizer(new IsAuthenticatedAuthorizer());
    config.setCallbackLogic(new DefaultCallbackLogic());
    config.setLogoutLogic(new DefaultLogoutLogic());
    // get role authorizer from admin pages for smooth integration
    final Map<String, Authorizer> adminAuthorizers = casAdminPagesPac4jConfig.getAuthorizers();
    final String auth = RequireAnyRoleAuthorizer.class.getSimpleName();
    if (adminAuthorizers.containsKey(auth)) {
        config.addAuthorizer(auth, adminAuthorizers.get(auth));
        final BaseClient adminClient = casAdminPagesPac4jConfig.getClients().findClient(DirectCasClient.class);
        client.addAuthorizationGenerators(adminClient.getAuthorizationGenerators());
    }
    return config;
}
Also used : IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer) CasConfiguration(org.pac4j.cas.config.CasConfiguration) Config(org.pac4j.core.config.Config) RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer) IsAuthenticatedAuthorizer(org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer) Authorizer(org.pac4j.core.authorization.authorizer.Authorizer) Clients(org.pac4j.core.client.Clients) DefaultLogoutLogic(org.pac4j.core.engine.DefaultLogoutLogic) DefaultCallbackLogic(org.pac4j.core.engine.DefaultCallbackLogic) BaseClient(org.pac4j.core.client.BaseClient) CasClient(org.pac4j.cas.client.CasClient) DirectCasClient(org.pac4j.cas.client.direct.DirectCasClient) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnBean(org.springframework.boot.autoconfigure.condition.ConditionalOnBean) Bean(org.springframework.context.annotation.Bean)

Example 10 with Config

use of org.pac4j.core.config.Config in project cas by apereo.

the class CasOAuthConfiguration method oauthSecConfig.

@Bean
public Config oauthSecConfig() {
    final CasConfiguration cfg = new CasConfiguration(casProperties.getServer().getLoginUrl());
    final CasClient oauthCasClient = new CasClient(cfg);
    oauthCasClient.setRedirectActionBuilder(webContext -> oauthCasClientRedirectActionBuilder().build(oauthCasClient, webContext));
    oauthCasClient.setName(Authenticators.CAS_OAUTH_CLIENT);
    oauthCasClient.setUrlResolver(casCallbackUrlResolver());
    final Authenticator authenticator = oAuthClientAuthenticator();
    final DirectBasicAuthClient basicAuthClient = new DirectBasicAuthClient(authenticator);
    basicAuthClient.setName(Authenticators.CAS_OAUTH_CLIENT_BASIC_AUTHN);
    final DirectFormClient directFormClient = new DirectFormClient(authenticator);
    directFormClient.setName(Authenticators.CAS_OAUTH_CLIENT_DIRECT_FORM);
    directFormClient.setUsernameParameter(CLIENT_ID);
    directFormClient.setPasswordParameter(CLIENT_SECRET);
    final DirectFormClient userFormClient = new DirectFormClient(oAuthUserAuthenticator());
    userFormClient.setName(Authenticators.CAS_OAUTH_CLIENT_USER_FORM);
    final Config config = new Config(OAuth20Utils.casOAuthCallbackUrl(casProperties.getServer().getPrefix()), oauthCasClient, basicAuthClient, directFormClient, userFormClient);
    config.setSessionStore(new J2ESessionStore());
    return config;
}
Also used : J2ESessionStore(org.pac4j.core.context.session.J2ESessionStore) DirectFormClient(org.pac4j.http.client.direct.DirectFormClient) CasConfiguration(org.pac4j.cas.config.CasConfiguration) Config(org.pac4j.core.config.Config) DirectBasicAuthClient(org.pac4j.http.client.direct.DirectBasicAuthClient) OAuth20ClientAuthenticator(org.apereo.cas.support.oauth.authenticator.OAuth20ClientAuthenticator) Authenticator(org.pac4j.core.credentials.authenticator.Authenticator) OAuth20UserAuthenticator(org.apereo.cas.support.oauth.authenticator.OAuth20UserAuthenticator) CasClient(org.pac4j.cas.client.CasClient) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

Config (org.pac4j.core.config.Config)14 Bean (org.springframework.context.annotation.Bean)7 RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)5 CasConfiguration (org.pac4j.cas.config.CasConfiguration)4 AdminPagesSecurityProperties (org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties)3 Before (org.junit.Before)3 CasClient (org.pac4j.cas.client.CasClient)3 DirectCasClient (org.pac4j.cas.client.direct.DirectCasClient)3 IsAuthenticatedAuthorizer (org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer)3 RequireAnyRoleAuthorizer (org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)3 Clients (org.pac4j.core.client.Clients)3 HashMap (java.util.HashMap)2 Properties (java.util.Properties)2 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)2 CasSecurityInterceptor (org.apereo.cas.web.pac4j.CasSecurityInterceptor)2 SpringSecurityPropertiesAuthorizationGenerator (org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator)2 J2ESessionStore (org.pac4j.core.context.session.J2ESessionStore)2 UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)2 IndirectBasicAuthClient (org.pac4j.http.client.indirect.IndirectBasicAuthClient)2 SimpleTestUsernamePasswordAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial