Search in sources :

Example 71 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class OidcPrivateKeyJwtAuthenticatorTests method verifyBadUser.

@Test
public void verifyBadUser() throws Exception {
    val auth = new OidcPrivateKeyJwtAuthenticator(servicesManager, registeredServiceAccessStrategyEnforcer, ticketRegistry, webApplicationServiceFactory, casProperties, applicationContext);
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val context = new JEEContext(request, response);
    val registeredService = getOidcRegisteredService();
    val credentials = getCredential(request, "unknown", "unknown", registeredService.getClientId());
    auth.validate(credentials, context, JEESessionStore.INSTANCE);
    assertNull(credentials.getUserProfile());
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 72 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class OidcAccessTokenAuthenticatorTests method verifyFailsOperation.

@Test
public void verifyFailsOperation() throws Exception {
    val request = new MockHttpServletRequest();
    val ctx = new JEEContext(request, new MockHttpServletResponse());
    val auth = new OidcAccessTokenAuthenticator(ticketRegistry, oidcTokenSigningAndEncryptionService, servicesManager, oidcAccessTokenJwtBuilder);
    val at = getAccessToken("helloworld", "clientid");
    ticketRegistry.addTicket(at);
    val credentials = new TokenCredentials(at.getId());
    auth.validate(credentials, ctx, JEESessionStore.INSTANCE);
    assertNull(credentials.getUserProfile());
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) TokenCredentials(org.pac4j.core.credentials.TokenCredentials) Test(org.junit.jupiter.api.Test)

Example 73 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class OidcClientSecretJwtAuthenticatorTests method verifyNoUserAction.

@Test
public void verifyNoUserAction() throws Exception {
    val auth = new OidcClientSecretJwtAuthenticator(servicesManager, registeredServiceAccessStrategyEnforcer, ticketRegistry, webApplicationServiceFactory, casProperties, applicationContext);
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val context = new JEEContext(request, response);
    val registeredService = getOidcRegisteredService();
    val credentials = getCredentials(request, "unknown", "----", registeredService.getClientId());
    auth.validate(credentials, context, JEESessionStore.INSTANCE);
    assertNull(credentials.getUserProfile());
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 74 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class SSOSamlIdPProfileCallbackHandlerController method handleCallbackProfileRequestPost.

/**
 * Handle callback profile request post.
 *
 * @param response the response
 * @param request  the request
 * @return the model and view
 * @throws Exception the exception
 */
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_CALLBACK)
protected ModelAndView handleCallbackProfileRequestPost(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
    autoConfigureCookiePath(request);
    val properties = configurationContext.getCasProperties();
    val type = properties.getAuthn().getSamlIdp().getCore().getSessionStorageType();
    if (type == SamlIdPCoreProperties.SessionStorageTypes.BROWSER_SESSION_STORAGE) {
        val storage = request.getParameter(BrowserSessionStorage.KEY_SESSION_STORAGE);
        val context = new JEEContext(request, response);
        configurationContext.getSessionStore().buildFromTrackableSession(context, storage);
        return handleProfileRequest(response, request);
    }
    return WebUtils.produceErrorView(new IllegalArgumentException("Unable to build SAML response"));
}
Also used : lombok.val(lombok.val) JEEContext(org.pac4j.core.context.JEEContext) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 75 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class ECPSamlIdPProfileHandlerController method extractBasicAuthenticationCredential.

private Credential extractBasicAuthenticationCredential(final HttpServletRequest request, final HttpServletResponse response) {
    val extractor = new BasicAuthExtractor();
    val webContext = new JEEContext(request, response);
    val credentialsResult = extractor.extract(webContext, configurationContext.getSessionStore());
    if (credentialsResult.isPresent()) {
        val credentials = (UsernamePasswordCredentials) credentialsResult.get();
        LOGGER.debug("Received basic authentication ECP request from credentials [{}]", credentials);
        return new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
    }
    return null;
}
Also used : lombok.val(lombok.val) BasicAuthExtractor(org.pac4j.core.credentials.extractor.BasicAuthExtractor) JEEContext(org.pac4j.core.context.JEEContext) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)

Aggregations

JEEContext (org.pac4j.core.context.JEEContext)222 lombok.val (lombok.val)215 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)158 Test (org.junit.jupiter.api.Test)157 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)155 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)34 ProfileManager (org.pac4j.core.profile.ProfileManager)27 UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)24 CommonProfile (org.pac4j.core.profile.CommonProfile)21 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)16 HashMap (java.util.HashMap)15 RedirectView (org.springframework.web.servlet.view.RedirectView)14 HttpServletRequest (javax.servlet.http.HttpServletRequest)13 HttpServletResponse (javax.servlet.http.HttpServletResponse)13 CasProfile (org.pac4j.cas.profile.CasProfile)13 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)13 MockRequestContext (org.springframework.webflow.test.MockRequestContext)13 GetMapping (org.springframework.web.bind.annotation.GetMapping)11 Map (java.util.Map)10 Slf4j (lombok.extern.slf4j.Slf4j)10