Examples with JEEContext org.pac4j.core.context.JEEContext used on opensource projects

Example 11 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class AccessTokenAuthorizationCodeGrantRequestExtractorTests method verifyNoClientIdOrRedirectUri.

@Test
public void verifyNoClientIdOrRedirectUri() throws Exception {
    val request = new MockHttpServletRequest();
    request.addParameter(OAuth20Constants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.getType());
    val service = getRegisteredService(REDIRECT_URI, CLIENT_ID, CLIENT_SECRET);
    val principal = RegisteredServiceTestUtils.getPrincipal();
    val code = addCode(principal, service);
    ticketRegistry.addTicket(code.getTicketGrantingTicket());
    request.addParameter(OAuth20Constants.CODE, code.getId());
    val response = new MockHttpServletResponse();
    val extractor = new AccessTokenAuthorizationCodeGrantRequestExtractor(oauth20ConfigurationContext);
    val context = new JEEContext(request, response);
    assertThrows(UnauthorizedServiceException.class, () -> extractor.extract(context));
}

Example 12 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class AccepttoMultifactorValidateChannelActionTests method verifyOperation.

@Test
public void verifyOperation() throws Exception {
    val httpRequest = new MockHttpServletRequest();
    httpRequest.setRemoteAddr("185.86.151.11");
    httpRequest.setLocalAddr("185.88.151.11");
    ClientInfoHolder.setClientInfo(new ClientInfo(httpRequest));
    val data = MAPPER.writeValueAsString(CollectionUtils.wrap("channel", "test-channel", "status", "approved", "device_id", "deviceid-123456"));
    try (val webServer = new MockWebServer(5001, new ByteArrayResource(data.getBytes(StandardCharsets.UTF_8), "Output"), HttpStatus.OK)) {
        webServer.start();
        val action = new AccepttoMultifactorValidateChannelAction(mfaAccepttoDistributedSessionStore, authenticationSystemSupport);
        val context = new MockRequestContext();
        val request = new MockHttpServletRequest();
        val response = new MockHttpServletResponse();
        val webContext = new JEEContext(request, response);
        context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
        val authn = CoreAuthenticationTestUtils.getAuthentication("casuser");
        WebUtils.putAuthentication(authn, context);
        AccepttoWebflowUtils.storeChannelInSessionStore("test-channel", webContext, mfaAccepttoDistributedSessionStore);
        AccepttoWebflowUtils.storeAuthenticationInSessionStore(authn, webContext, mfaAccepttoDistributedSessionStore);
        RequestContextHolder.setRequestContext(context);
        val result = action.doExecute(context);
        assertEquals(CasWebflowConstants.TRANSITION_ID_FINALIZE, result.getId());
    }
}

Example 13 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class AccepttoMultifactorValidateChannelAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    val eventAttributes = new LocalAttributeMap<>();
    try {
        val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
        val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
        val webContext = new JEEContext(request, response);
        val channel = AccepttoWebflowUtils.getChannel(webContext, sessionStore);
        if (channel.isEmpty()) {
            LOGGER.debug("Unable to determine channel from session store; not a validation attempt");
            return null;
        }
        val authentication = AccepttoWebflowUtils.getAuthentication(webContext, sessionStore);
        if (authentication == null) {
            LOGGER.debug("Unable to determine the original authentication attempt the session store");
            throw new AuthenticationException("Unable to determine authentication from session store");
        }
        WebUtils.putAuthentication(authentication, requestContext);
        val credential = new AccepttoMultifactorTokenCredential(channel.toString());
        val service = WebUtils.getService(requestContext);
        LOGGER.debug("Cleaning up session store to remove [{}]", credential);
        AccepttoWebflowUtils.resetChannelAndAuthentication(webContext, sessionStore);
        AccepttoWebflowUtils.setChannel(requestContext, null);
        LOGGER.debug("Attempting to authenticate channel [{}] with authentication [{}] and service [{}]", credential, authentication, service);
        var resultBuilder = authenticationSystemSupport.establishAuthenticationContextFromInitial(authentication);
        resultBuilder = authenticationSystemSupport.handleAuthenticationTransaction(service, resultBuilder, credential);
        WebUtils.putAuthenticationResultBuilder(resultBuilder, requestContext);
        return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_FINALIZE);
    } catch (final Exception e) {
        eventAttributes.put("error", e);
        LoggingUtils.error(LOGGER, e);
    }
    return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, eventAttributes);
}

Example 14 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class OidcAccessTokenResponseGeneratorTests method verifyAccessTokenResponseForDeviceCode.

@Test
public void verifyAccessTokenResponseForDeviceCode() {
    val devCode = deviceTokenFactory.createDeviceCode(RegisteredServiceTestUtils.getService());
    val token = OAuth20TokenGeneratedResult.builder().registeredService(getOidcRegisteredService()).responseType(OAuth20ResponseTypes.DEVICE_CODE).deviceCode(devCode.getId()).userCode(deviceUserCodeFactory.createDeviceUserCode(devCode).getId()).build();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    val context = new JEEContext(request, response);
    val manager = new ProfileManager(context, JEESessionStore.INSTANCE);
    val profile = new CommonProfile();
    profile.setClientName(Authenticators.CAS_OAUTH_CLIENT_BASIC_AUTHN);
    profile.setId("casuser");
    manager.save(true, profile, false);
    val result = OAuth20AccessTokenResponseResult.builder().service(RegisteredServiceTestUtils.getService()).registeredService(getOidcRegisteredService()).casProperties(casProperties).generatedToken(token).responseType(OAuth20ResponseTypes.DEVICE_CODE).userProfile(profile).build();
    val mv = oidcAccessTokenResponseGenerator.generate(result);
    assertNotNull(mv);
    val modelMap = mv.getModelMap();
    assertTrue(modelMap.containsKey(OAuth20Constants.DEVICE_VERIFICATION_URI));
    assertTrue(modelMap.containsKey(OAuth20Constants.DEVICE_USER_CODE));
    assertTrue(modelMap.containsKey(OAuth20Constants.DEVICE_CODE));
    assertTrue(modelMap.containsKey(OAuth20Constants.DEVICE_INTERVAL));
}

Example 15 with JEEContext

use of org.pac4j.core.context.JEEContext in project cas by apereo.

the class OidcAuthenticationAuthorizeSecurityLogicTests method verifyMaxAgeOperation.

@Test
public void verifyMaxAgeOperation() {
    val request = new MockHttpServletRequest();
    request.addParameter(OidcConstants.MAX_AGE, "5");
    val response = new MockHttpServletResponse();
    when(ticketGrantingTicketCookieGenerator.retrieveCookieValue(request)).thenReturn(ticketGrantingTicket.getId());
    val context = new JEEContext(request, response);
    val profileManager = new ProfileManager(context, JEESessionStore.INSTANCE);
    var profile = new BasicUserProfile();
    profile.addAuthenticationAttribute(CasProtocolConstants.VALIDATION_CAS_MODEL_ATTRIBUTE_NAME_AUTHENTICATION_DATE, ZonedDateTime.now(Clock.systemUTC()).minusSeconds(30));
    profileManager.save(true, profile, false);
    val logic = new OidcAuthenticationAuthorizeSecurityLogic(ticketGrantingTicketCookieGenerator, ticketRegistry, centralAuthenticationService);
    assertTrue(logic.loadProfiles(profileManager, context, JEESessionStore.INSTANCE, List.of()).isEmpty());
}