Example 31 with WebContext
use of org.pac4j.core.context.WebContext in project cas by apereo.
the class OidcAuthorizationRequestSupport method getOidcMaxAgeFromAuthorizationRequest.
/**
* Gets oidc max age from authorization request.
*
* @param context the context
* @return the oidc max age from authorization request
*/
public static Optional<Long> getOidcMaxAgeFromAuthorizationRequest(final WebContext context) {
final URIBuilder builderContext = new URIBuilder(context.getFullRequestURL());
final Optional<URIBuilder.BasicNameValuePair> parameter = builderContext.getQueryParams().stream().filter(p -> OidcConstants.MAX_AGE.equals(p.getName())).findFirst();
if (parameter.isPresent()) {
final long maxAge = NumberUtils.toLong(parameter.get().getValue(), -1);
return Optional.of(maxAge);
}
return Optional.empty();
}
Also used :
CasProtocolConstants(org.apereo.cas.CasProtocolConstants)
Arrays(java.util.Arrays)
CasClient(org.pac4j.cas.client.CasClient)
NonNull(lombok.NonNull)
OidcConstants(org.apereo.cas.oidc.OidcConstants)
ZonedDateTime(java.time.ZonedDateTime)
TicketRegistrySupport(org.apereo.cas.ticket.registry.TicketRegistrySupport)
Set(java.util.Set)
URIBuilder(org.jasig.cas.client.util.URIBuilder)
StringUtils(org.apache.commons.lang3.StringUtils)
ProfileManager(org.pac4j.core.profile.ProfileManager)
Collectors(java.util.stream.Collectors)
Pac4jUtils(org.apereo.cas.util.Pac4jUtils)
WebContext(org.pac4j.core.context.WebContext)
Slf4j(lombok.extern.slf4j.Slf4j)
Authentication(org.apereo.cas.authentication.Authentication)
NumberUtils(org.apache.commons.lang3.math.NumberUtils)
CookieRetrievingCookieGenerator(org.apereo.cas.web.support.CookieRetrievingCookieGenerator)
J2EContext(org.pac4j.core.context.J2EContext)
Optional(java.util.Optional)
UserProfile(org.pac4j.core.profile.UserProfile)
AllArgsConstructor(lombok.AllArgsConstructor)
URIBuilder(org.jasig.cas.client.util.URIBuilder)
Example 32 with WebContext
use of org.pac4j.core.context.WebContext in project cas by apereo.
the class DelegatedClientAuthenticationAction method prepareForLoginPage.
/**
* Prepare the data for the login page.
*
* @param context The current webflow context
*/
protected void prepareForLoginPage(final RequestContext context) {
final Service service = WebUtils.getService(context);
final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
final HttpServletResponse response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context);
final WebContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
final Set<ProviderLoginPageConfiguration> urls = new LinkedHashSet<>();
this.clients.findAllClients().stream().filter(client -> client instanceof IndirectClient && isDelegatedClientAuthorizedForService(client, service)).map(IndirectClient.class::cast).forEach(client -> {
try {
final Optional<ProviderLoginPageConfiguration> provider = buildProviderConfiguration(client, webContext);
provider.ifPresent(urls::add);
} catch (final Exception e) {
LOGGER.error("Cannot process client [{}]", client, e);
}
});
if (!urls.isEmpty()) {
context.getFlowScope().put(PAC4J_URLS, urls);
} else if (response.getStatus() != HttpStatus.UNAUTHORIZED.value()) {
LOGGER.warn("No delegated authentication providers could be determined based on the provided configuration. " + "Either no clients are configured, or the current access strategy rules prohibit CAS from using authentication providers for this request.");
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
LinkedHashSet(java.util.LinkedHashSet)
WebContext(org.pac4j.core.context.WebContext)
CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService)
RegisteredService(org.apereo.cas.services.RegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IndirectClient(org.pac4j.core.client.IndirectClient)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
Example 33 with WebContext
use of org.pac4j.core.context.WebContext in project pac4j by pac4j.
the class PostSAML2ClientTests method testSetComparisonTypeWithPostBinding.
@Test
public void testSetComparisonTypeWithPostBinding() {
final SAML2Client client = getClient();
client.getConfiguration().setComparisonType(AuthnContextComparisonTypeEnumeration.EXACT.toString());
final WebContext context = new J2EContext(new MockHttpServletRequest(), new MockHttpServletResponse());
final RedirectAction action = client.getRedirectAction(context);
assertTrue(getDecodedAuthnRequest(action.getContent()).contains("Comparison=\"exact\""));
}
Also used :
WebContext(org.pac4j.core.context.WebContext)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
J2EContext(org.pac4j.core.context.J2EContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RedirectAction(org.pac4j.core.redirect.RedirectAction)
Test(org.junit.Test)
Example 34 with WebContext
use of org.pac4j.core.context.WebContext in project pac4j by pac4j.
the class RedirectSAML2ClientTests method testForceAuthIsSetForRedirectBinding.
@Test
public void testForceAuthIsSetForRedirectBinding() {
final SAML2Client client = getClient();
client.getConfiguration().setForceAuth(true);
final WebContext context = new J2EContext(new MockHttpServletRequest(), new MockHttpServletResponse());
final RedirectAction action = client.getRedirectAction(context);
assertTrue(getInflatedAuthnRequest(action.getLocation()).contains("ForceAuthn=\"true\""));
}
Also used :
WebContext(org.pac4j.core.context.WebContext)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
J2EContext(org.pac4j.core.context.J2EContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RedirectAction(org.pac4j.core.redirect.RedirectAction)
Test(org.junit.Test)
Example 35 with WebContext
use of org.pac4j.core.context.WebContext in project pac4j by pac4j.
the class RedirectSAML2ClientTests method testRelayState.
@Test
public void testRelayState() {
final SAML2Client client = getClient();
final WebContext context = new J2EContext(new MockHttpServletRequest(), new MockHttpServletResponse());
context.getSessionStore().set(context, SAML2Client.SAML_RELAY_STATE_ATTRIBUTE, "relayState");
final RedirectAction action = client.getRedirectAction(context);
assertTrue(action.getLocation().contains("RelayState=relayState"));
}
Also used :
WebContext(org.pac4j.core.context.WebContext)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
J2EContext(org.pac4j.core.context.J2EContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RedirectAction(org.pac4j.core.redirect.RedirectAction)
Test(org.junit.Test)
Aggregations
WebContext (org.pac4j.core.context.WebContext)58
Test (org.junit.Test)31
MockWebContext (org.pac4j.core.context.MockWebContext)15
Slf4j (lombok.extern.slf4j.Slf4j)11
J2EContext (org.pac4j.core.context.J2EContext)11
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)11
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)11
lombok.val (lombok.val)10
CommonProfile (org.pac4j.core.profile.CommonProfile)10
RedirectAction (org.pac4j.core.redirect.RedirectAction)10
Optional (java.util.Optional)9
Clients (org.pac4j.core.client.Clients)9
SessionStore (org.pac4j.core.context.session.SessionStore)8
JWT (com.nimbusds.jwt.JWT)7
HttpServletRequest (javax.servlet.http.HttpServletRequest)7
Client (org.pac4j.core.client.Client)7
MockIndirectClient (org.pac4j.core.client.MockIndirectClient)7
UserProfile (org.pac4j.core.profile.UserProfile)7
SignedJWT (com.nimbusds.jwt.SignedJWT)6
StringUtils (org.apache.commons.lang3.StringUtils)6
