Examples with JEEContext - org.pac4j.core.context.JEEContext

Example 56 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class AuthnRequestRequestedAttributesAttributeReleasePolicyTests method verifyAuthnRequestWithExtensionsAllowed.

@Test
public void verifyAuthnRequestWithExtensionsAllowed() throws IOException {
    val filter = new AuthnRequestRequestedAttributesAttributeReleasePolicy();
    filter.setAllowedAttributes(List.of("eduPersonPrincipalName"));
    filter.setUseFriendlyName(false);
    val registeredService = SamlIdPTestUtils.getSamlRegisteredService();
    registeredService.setAttributeReleasePolicy(filter);
    val builder = new SAML2AuthnRequestBuilder();
    val authnRequest = builder.build(saml2MessageContext);
    val extensions = ((SAMLObjectBuilder<Extensions>) openSamlConfigBean.getBuilderFactory().getBuilder(Extensions.DEFAULT_ELEMENT_NAME)).buildObject();
    val attrBuilder = (SAMLObjectBuilder<RequestedAttribute>) openSamlConfigBean.getBuilderFactory().getBuilder(RequestedAttribute.DEFAULT_ELEMENT_NAME);
    val requestAttribute = attrBuilder.buildObject(RequestedAttribute.DEFAULT_ELEMENT_NAME);
    requestAttribute.setIsRequired(false);
    requestAttribute.setName("eduPersonPrincipalName");
    extensions.getUnknownXMLObjects().add(requestAttribute);
    authnRequest.setExtensions(extensions);
    try (val writer = SamlUtils.transformSamlObject(openSamlConfigBean, authnRequest)) {
        val samlRequest = EncodingUtils.encodeBase64(writer.toString().getBytes(StandardCharsets.UTF_8));
        val request = HttpRequestUtils.getHttpServletRequestFromRequestAttributes();
        val response = HttpRequestUtils.getHttpServletResponseFromRequestAttributes();
        val context = new JEEContext(request, response);
        samlIdPDistributedSessionStore.set(context, SamlProtocolConstants.PARAMETER_SAML_REQUEST, samlRequest);
        val messageContext = new MessageContext();
        messageContext.setMessage(authnRequest);
        samlIdPDistributedSessionStore.set(context, MessageContext.class.getName(), SamlIdPAuthenticationContext.from(messageContext).encode());
        val releasePolicyContext = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(getPrincipal("casuser", CollectionUtils.wrap("eduPersonPrincipalName", "casuser", "givenName", "CAS"))).build();
        val attributes = filter.getAttributes(releasePolicyContext);
        assertTrue(attributes.containsKey("eduPersonPrincipalName"));
        val definitions = filter.determineRequestedAttributeDefinitions(releasePolicyContext);
        assertTrue(definitions.contains("eduPersonPrincipalName"));
    }
}

Also used : lombok.val(lombok.val) SAMLObjectBuilder(org.opensaml.saml.common.SAMLObjectBuilder) JEEContext(org.pac4j.core.context.JEEContext) MessageContext(org.opensaml.messaging.context.MessageContext) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) SAML2AuthnRequestBuilder(org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder) Test(org.junit.jupiter.api.Test)

Example 57 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class AuthnRequestRequestedAttributesAttributeReleasePolicyTests method verifyAuthnRequestWithoutExtensions.

@Test
public void verifyAuthnRequestWithoutExtensions() throws IOException {
    val filter = new AuthnRequestRequestedAttributesAttributeReleasePolicy();
    filter.setAllowedAttributes(List.of("eduPersonPrincipalAttribute"));
    filter.setUseFriendlyName(true);
    val registeredService = SamlIdPTestUtils.getSamlRegisteredService();
    registeredService.setAttributeReleasePolicy(filter);
    val builder = new SAML2AuthnRequestBuilder();
    val authnRequest = builder.build(saml2MessageContext);
    try (val writer = SamlUtils.transformSamlObject(openSamlConfigBean, authnRequest)) {
        val samlRequest = EncodingUtils.encodeBase64(writer.toString().getBytes(StandardCharsets.UTF_8));
        val request = HttpRequestUtils.getHttpServletRequestFromRequestAttributes();
        val response = HttpRequestUtils.getHttpServletResponseFromRequestAttributes();
        val context = new JEEContext(request, response);
        samlIdPDistributedSessionStore.set(context, SamlProtocolConstants.PARAMETER_SAML_REQUEST, samlRequest);
        val messageContext = new MessageContext();
        messageContext.setMessage(authnRequest);
        samlIdPDistributedSessionStore.set(context, MessageContext.class.getName(), SamlIdPAuthenticationContext.from(messageContext).encode());
        val releasePolicyContext = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(getPrincipal("casuser", CollectionUtils.wrap("eduPersonPrincipalName", "casuser"))).build();
        val attributes = filter.getAttributes(releasePolicyContext);
        assertTrue(attributes.isEmpty());
    }
}

Also used : lombok.val(lombok.val) JEEContext(org.pac4j.core.context.JEEContext) MessageContext(org.opensaml.messaging.context.MessageContext) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) SAML2AuthnRequestBuilder(org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder) Test(org.junit.jupiter.api.Test)

Example 58 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class AuthnRequestRequestedAttributesAttributeReleasePolicyTests method verifyAuthnRequestWithExtensionsNotAllowed.

@Test
public void verifyAuthnRequestWithExtensionsNotAllowed() throws IOException {
    val filter = new AuthnRequestRequestedAttributesAttributeReleasePolicy();
    filter.setAllowedAttributes(List.of("eduPersonPrincipalAttribute"));
    filter.setUseFriendlyName(false);
    val registeredService = SamlIdPTestUtils.getSamlRegisteredService();
    registeredService.setAttributeReleasePolicy(filter);
    val builder = new SAML2AuthnRequestBuilder();
    val authnRequest = builder.build(saml2MessageContext);
    val extensions = ((SAMLObjectBuilder<Extensions>) openSamlConfigBean.getBuilderFactory().getBuilder(Extensions.DEFAULT_ELEMENT_NAME)).buildObject();
    val attrBuilder = (SAMLObjectBuilder<RequestedAttribute>) openSamlConfigBean.getBuilderFactory().getBuilder(RequestedAttribute.DEFAULT_ELEMENT_NAME);
    val requestAttribute = attrBuilder.buildObject(RequestedAttribute.DEFAULT_ELEMENT_NAME);
    requestAttribute.setIsRequired(false);
    requestAttribute.setName("givenName");
    extensions.getUnknownXMLObjects().add(requestAttribute);
    authnRequest.setExtensions(extensions);
    try (val writer = SamlUtils.transformSamlObject(openSamlConfigBean, authnRequest)) {
        val samlRequest = EncodingUtils.encodeBase64(writer.toString().getBytes(StandardCharsets.UTF_8));
        val request = HttpRequestUtils.getHttpServletRequestFromRequestAttributes();
        val response = HttpRequestUtils.getHttpServletResponseFromRequestAttributes();
        val context = new JEEContext(request, response);
        samlIdPDistributedSessionStore.set(context, SamlProtocolConstants.PARAMETER_SAML_REQUEST, samlRequest);
        val messageContext = new MessageContext();
        messageContext.setMessage(authnRequest);
        samlIdPDistributedSessionStore.set(context, MessageContext.class.getName(), SamlIdPAuthenticationContext.from(messageContext).encode());
        val releasePolicyContext = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(getPrincipal("casuser", CollectionUtils.wrap("eduPersonPrincipalName", "casuser", "givenName", "CAS"))).build();
        val attributes = filter.getAttributes(releasePolicyContext);
        assertTrue(attributes.isEmpty());
    }
}

Example 59 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class AuthnRequestRequestedAttributesAttributeReleasePolicyTests method initialize.

@BeforeEach
public void initialize() throws Exception {
    val idpMetadata = new File("src/test/resources/metadata/idp-metadata.xml").getCanonicalPath();
    val keystorePath = new File(FileUtils.getTempDirectory(), "keystore").getCanonicalPath();
    val spMetadataPath = new File(FileUtils.getTempDirectory(), "sp-metadata.xml").getCanonicalPath();
    saml2Configuration = new SAML2Configuration(keystorePath, "changeit", "changeit", idpMetadata);
    saml2Configuration.setServiceProviderEntityId("cas:example:sp");
    saml2Configuration.setServiceProviderMetadataPath(spMetadataPath);
    saml2Configuration.init();
    val saml2Client = new SAML2Client(saml2Configuration);
    saml2Client.setCallbackUrl("http://callback.example.org");
    saml2Client.init();
    saml2MessageContext = new SAML2MessageContext();
    saml2MessageContext.setSaml2Configuration(saml2Configuration);
    saml2MessageContext.setWebContext(new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse()));
    val peer = saml2MessageContext.getMessageContext().getSubcontext(SAMLPeerEntityContext.class, true);
    assertNotNull(peer);
    peer.setEntityId("https://cas.example.org/idp");
    val md = peer.getSubcontext(SAMLMetadataContext.class, true);
    assertNotNull(md);
    val idpResolver = SamlIdPUtils.getRoleDescriptorResolver(casSamlIdPMetadataResolver, true);
    md.setRoleDescriptor(idpResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(peer.getEntityId())), new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME))));
    val self = saml2MessageContext.getMessageContext().getSubcontext(SAMLSelfEntityContext.class, true);
    assertNotNull(self);
    self.setEntityId(saml2Configuration.getServiceProviderEntityId());
    val sp = self.getSubcontext(SAMLMetadataContext.class, true);
    assertNotNull(sp);
    val spRes = new InMemoryResourceMetadataResolver(new File(spMetadataPath), openSamlConfigBean);
    spRes.setId(getClass().getSimpleName());
    spRes.initialize();
    val spResolver = SamlIdPUtils.getRoleDescriptorResolver(spRes, true);
    sp.setRoleDescriptor(spResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(self.getEntityId())), new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME))));
}

Also used : lombok.val(lombok.val) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) SAML2Configuration(org.pac4j.saml.config.SAML2Configuration) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion) SAML2Client(org.pac4j.saml.client.SAML2Client) File(java.io.File) InMemoryResourceMetadataResolver(org.apereo.cas.support.saml.InMemoryResourceMetadataResolver) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 60 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class SamlProfileSaml2ResponseBuilderTests method verifySamlResponseWithAttributeQuery.

@Test
public void verifySamlResponseWithAttributeQuery() throws Exception {
    val request = buildHttpRequest();
    val response = new MockHttpServletResponse();
    val tgt = new MockTicketGrantingTicket("casuser");
    ticketRegistry.addTicket(tgt);
    val webContext = new JEEContext(request, response);
    samlIdPDistributedSessionStore.set(webContext, WebUtils.PARAMETER_TICKET_GRANTING_TICKET_ID, tgt.getId());
    val service = getSamlRegisteredServiceForTestShib(true, true);
    service.setIssuerEntityId("https://issuer.example.org");
    service.getAttributeValueTypes().put("permissions", XSObject.class.getSimpleName());
    val adaptor = SamlRegisteredServiceServiceProviderMetadataFacade.get(samlRegisteredServiceCachingMetadataResolver, service, service.getServiceId()).get();
    val authnRequest = getAuthnRequestFor(service);
    val assertion = getAssertion();
    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(request, response));
    val samlResponse = buildResponse(request, response, service, adaptor, authnRequest, assertion, SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
    assertNotNull(samlResponse);
}

Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) ServletRequestAttributes(org.springframework.web.context.request.ServletRequestAttributes) JEEContext(org.pac4j.core.context.JEEContext) XSObject(org.apache.xerces.xs.XSObject) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

JEEContext (org.pac4j.core.context.JEEContext)222 lombok.val (lombok.val)215 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)158 Test (org.junit.jupiter.api.Test)157 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)155 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)34 ProfileManager (org.pac4j.core.profile.ProfileManager)27 UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)24 CommonProfile (org.pac4j.core.profile.CommonProfile)21 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)16 HashMap (java.util.HashMap)15 RedirectView (org.springframework.web.servlet.view.RedirectView)14 HttpServletRequest (javax.servlet.http.HttpServletRequest)13 HttpServletResponse (javax.servlet.http.HttpServletResponse)13 CasProfile (org.pac4j.cas.profile.CasProfile)13 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)13 MockRequestContext (org.springframework.webflow.test.MockRequestContext)13 GetMapping (org.springframework.web.bind.annotation.GetMapping)11 Map (java.util.Map)10 Slf4j (lombok.extern.slf4j.Slf4j)10