use of org.pac4j.core.context.JEEContext in project cas by apereo.
the class OidcPrivateKeyJwtAuthenticatorTests method verifyBadUser.
@Test
public void verifyBadUser() throws Exception {
val auth = new OidcPrivateKeyJwtAuthenticator(servicesManager, registeredServiceAccessStrategyEnforcer, ticketRegistry, webApplicationServiceFactory, casProperties, applicationContext);
val request = new MockHttpServletRequest();
val response = new MockHttpServletResponse();
val context = new JEEContext(request, response);
val registeredService = getOidcRegisteredService();
val credentials = getCredential(request, "unknown", "unknown", registeredService.getClientId());
auth.validate(credentials, context, JEESessionStore.INSTANCE);
assertNull(credentials.getUserProfile());
}
use of org.pac4j.core.context.JEEContext in project cas by apereo.
the class OidcAccessTokenAuthenticatorTests method verifyFailsOperation.
@Test
public void verifyFailsOperation() throws Exception {
val request = new MockHttpServletRequest();
val ctx = new JEEContext(request, new MockHttpServletResponse());
val auth = new OidcAccessTokenAuthenticator(ticketRegistry, oidcTokenSigningAndEncryptionService, servicesManager, oidcAccessTokenJwtBuilder);
val at = getAccessToken("helloworld", "clientid");
ticketRegistry.addTicket(at);
val credentials = new TokenCredentials(at.getId());
auth.validate(credentials, ctx, JEESessionStore.INSTANCE);
assertNull(credentials.getUserProfile());
}
use of org.pac4j.core.context.JEEContext in project cas by apereo.
the class OidcClientSecretJwtAuthenticatorTests method verifyNoUserAction.
@Test
public void verifyNoUserAction() throws Exception {
val auth = new OidcClientSecretJwtAuthenticator(servicesManager, registeredServiceAccessStrategyEnforcer, ticketRegistry, webApplicationServiceFactory, casProperties, applicationContext);
val request = new MockHttpServletRequest();
val response = new MockHttpServletResponse();
val context = new JEEContext(request, response);
val registeredService = getOidcRegisteredService();
val credentials = getCredentials(request, "unknown", "----", registeredService.getClientId());
auth.validate(credentials, context, JEESessionStore.INSTANCE);
assertNull(credentials.getUserProfile());
}
use of org.pac4j.core.context.JEEContext in project cas by apereo.
the class SSOSamlIdPProfileCallbackHandlerController method handleCallbackProfileRequestPost.
/**
* Handle callback profile request post.
*
* @param response the response
* @param request the request
* @return the model and view
* @throws Exception the exception
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_CALLBACK)
protected ModelAndView handleCallbackProfileRequestPost(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
autoConfigureCookiePath(request);
val properties = configurationContext.getCasProperties();
val type = properties.getAuthn().getSamlIdp().getCore().getSessionStorageType();
if (type == SamlIdPCoreProperties.SessionStorageTypes.BROWSER_SESSION_STORAGE) {
val storage = request.getParameter(BrowserSessionStorage.KEY_SESSION_STORAGE);
val context = new JEEContext(request, response);
configurationContext.getSessionStore().buildFromTrackableSession(context, storage);
return handleProfileRequest(response, request);
}
return WebUtils.produceErrorView(new IllegalArgumentException("Unable to build SAML response"));
}
use of org.pac4j.core.context.JEEContext in project cas by apereo.
the class ECPSamlIdPProfileHandlerController method extractBasicAuthenticationCredential.
private Credential extractBasicAuthenticationCredential(final HttpServletRequest request, final HttpServletResponse response) {
val extractor = new BasicAuthExtractor();
val webContext = new JEEContext(request, response);
val credentialsResult = extractor.extract(webContext, configurationContext.getSessionStore());
if (credentialsResult.isPresent()) {
val credentials = (UsernamePasswordCredentials) credentialsResult.get();
LOGGER.debug("Received basic authentication ECP request from credentials [{}]", credentials);
return new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
}
return null;
}
Aggregations