Search in sources :

Example 46 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class OAuth20DefaultCasAuthenticationBuilderTests method verifyOperationByService.

@Test
public void verifyOperationByService() {
    val request = new MockHttpServletRequest();
    request.addHeader("X-".concat(CasProtocolConstants.PARAMETER_SERVICE), service.getServiceId());
    val ctx = new JEEContext(request, new MockHttpServletResponse());
    val result = authenticationBuilder.buildService(service, ctx, true);
    assertNotNull(result);
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 47 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class OAuth20ClientIdAwareProfileManagerTests method init.

@BeforeEach
public void init() {
    val request = new MockHttpServletRequest();
    request.addParameter(OAuth20Constants.CLIENT_ID, CLIENT_ID);
    val response = new MockHttpServletResponse();
    context = new JEEContext(request, response);
    profileManager = new OAuth20ClientIdAwareProfileManager(context, oauthDistributedSessionStore, servicesManager);
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) OAuth20ClientIdAwareProfileManager(org.apereo.cas.support.oauth.OAuth20ClientIdAwareProfileManager) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 48 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class DefaultDelegatedAuthenticationNavigationController method redirectToProvider.

/**
 * Redirect to provider. Receive the client name from the request and then try to determine and build the endpoint url
 * for the redirection. The redirection data/url must contain a delegated client ticket id so that the request be can
 * restored on the trip back. SAML clients use the relay-state session attribute while others use request parameters.
 *
 * @param request  the request
 * @param response the response
 * @return the view
 */
@GetMapping(DelegatedClientIdentityProviderConfigurationFactory.ENDPOINT_URL_REDIRECT)
public View redirectToProvider(final HttpServletRequest request, final HttpServletResponse response) {
    var clientName = request.getParameter(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER);
    if (StringUtils.isBlank(clientName)) {
        clientName = (String) request.getAttribute(Pac4jConstants.DEFAULT_CLIENT_NAME_PARAMETER);
    }
    try {
        if (StringUtils.isBlank(clientName)) {
            throw new UnauthorizedServiceException("No client name parameter is provided in the incoming request");
        }
        val clientResult = getConfigurationContext().getClients().findClient(clientName);
        if (clientResult.isEmpty()) {
            throw new UnauthorizedServiceException("Unable to locate client " + clientName);
        }
        val client = IndirectClient.class.cast(clientResult.get());
        client.init();
        val webContext = new JEEContext(request, response);
        val ticket = delegatedClientAuthenticationWebflowManager.store(webContext, client);
        return getResultingView(client, webContext, ticket);
    } catch (final Exception e) {
        val message = String.format("Authentication request was denied from the provider %s", clientName);
        LoggingUtils.warn(LOGGER, message, e);
        throw new UnauthorizedServiceException(e.getMessage(), e);
    }
}
Also used : lombok.val(lombok.val) JEEContext(org.pac4j.core.context.JEEContext) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 49 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class DefaultDelegatedClientIdentityProviderConfigurationProducer method produce.

@Override
public Optional<DelegatedClientIdentityProviderConfiguration> produce(final RequestContext requestContext, final IndirectClient client) {
    val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
    val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
    val webContext = new JEEContext(request, response);
    val currentService = WebUtils.getService(requestContext);
    LOGGER.debug("Initializing client [{}] with request parameters [{}] and service [{}]", client, requestContext.getRequestParameters(), currentService);
    client.init();
    if (delegatedClientAuthenticationRequestCustomizers.isEmpty() || delegatedClientAuthenticationRequestCustomizers.stream().anyMatch(c -> c.isAuthorized(webContext, client, currentService))) {
        return DelegatedClientIdentityProviderConfigurationFactory.builder().client(client).webContext(webContext).service(currentService).casProperties(casProperties).build().resolve();
    }
    return Optional.empty();
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) DelegatedClientIdentityProviderRedirectionStrategy(org.apereo.cas.pac4j.client.DelegatedClientIdentityProviderRedirectionStrategy) RequiredArgsConstructor(lombok.RequiredArgsConstructor) DelegatedClientIdentityProviderConfiguration(org.apereo.cas.web.DelegatedClientIdentityProviderConfiguration) RequestContext(org.springframework.webflow.execution.RequestContext) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) HashSet(java.util.HashSet) LoggingUtils(org.apereo.cas.util.LoggingUtils) HttpServletRequest(javax.servlet.http.HttpServletRequest) Clients(org.pac4j.core.client.Clients) Client(org.pac4j.core.client.Client) IndirectClient(org.pac4j.core.client.IndirectClient) JEEContext(org.pac4j.core.context.JEEContext) DelegatedClientIdentityProviderConfigurationFactory(org.apereo.cas.web.DelegatedClientIdentityProviderConfigurationFactory) LinkedHashSet(java.util.LinkedHashSet) DelegatedClientAuthenticationRequestCustomizer(org.apereo.cas.pac4j.client.DelegatedClientAuthenticationRequestCustomizer) lombok.val(lombok.val) AuthenticationServiceSelectionPlan(org.apereo.cas.authentication.AuthenticationServiceSelectionPlan) Set(java.util.Set) HttpStatus(org.springframework.http.HttpStatus) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) DelegatedAuthenticationAccessStrategyHelper(org.apereo.cas.validation.DelegatedAuthenticationAccessStrategyHelper) Service(org.apereo.cas.authentication.principal.Service) Optional(java.util.Optional) WebUtils(org.apereo.cas.web.support.WebUtils) JEEContext(org.pac4j.core.context.JEEContext)

Example 50 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class DelegatedAuthenticationClientLogoutAction method doPreExecute.

@Override
protected Event doPreExecute(final RequestContext requestContext) {
    val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
    val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
    val context = new JEEContext(request, response);
    val currentProfile = findCurrentProfile(context);
    val clientResult = currentProfile == null ? Optional.<Client>empty() : clients.findClient(currentProfile.getClientName());
    if (clientResult.isPresent()) {
        val client = clientResult.get();
        LOGGER.debug("Handling logout for delegated authentication client [{}]", client);
        WebUtils.putDelegatedAuthenticationClientName(requestContext, client.getName());
        sessionStore.set(context, SAML2StateGenerator.SAML_RELAY_STATE_ATTRIBUTE, client.getName());
    }
    return null;
}
Also used : lombok.val(lombok.val) JEEContext(org.pac4j.core.context.JEEContext)

Aggregations

JEEContext (org.pac4j.core.context.JEEContext)222 lombok.val (lombok.val)215 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)158 Test (org.junit.jupiter.api.Test)157 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)155 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)34 ProfileManager (org.pac4j.core.profile.ProfileManager)27 UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)24 CommonProfile (org.pac4j.core.profile.CommonProfile)21 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)16 HashMap (java.util.HashMap)15 RedirectView (org.springframework.web.servlet.view.RedirectView)14 HttpServletRequest (javax.servlet.http.HttpServletRequest)13 HttpServletResponse (javax.servlet.http.HttpServletResponse)13 CasProfile (org.pac4j.cas.profile.CasProfile)13 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)13 MockRequestContext (org.springframework.webflow.test.MockRequestContext)13 GetMapping (org.springframework.web.bind.annotation.GetMapping)11 Map (java.util.Map)10 Slf4j (lombok.extern.slf4j.Slf4j)10