Example 16 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class BaseClientTests method testDirectClient.
@Test
public void testDirectClient() {
final var client = new MockIndirectClient(TYPE, new FoundAction(LOGIN_URL), Optional.empty(), new CommonProfile());
client.setCallbackUrl(CALLBACK_URL);
final var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
final var action = (FoundAction) client.getRedirectionAction(context, sessionStore).get();
final var redirectionUrl = action.getLocation();
assertEquals(LOGIN_URL, redirectionUrl);
final var credentials = client.getCredentials(context, sessionStore);
assertFalse(credentials.isPresent());
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
FoundAction(org.pac4j.core.exception.http.FoundAction)
CommonProfile(org.pac4j.core.profile.CommonProfile)
Test(org.junit.Test)
Example 17 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class BaseClientTests method testAlreadyTried.
@Test
public void testAlreadyTried() {
final var client = new MockIndirectClient(TYPE, new FoundAction(LOGIN_URL), Optional.empty(), new CommonProfile());
client.setCallbackUrl(CALLBACK_URL);
final var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, client.getName() + IndirectClient.ATTEMPTED_AUTHENTICATION_SUFFIX, "true");
final var e = (HttpAction) TestsHelper.expectException(() -> client.getRedirectionAction(context, sessionStore));
assertEquals(401, e.getCode());
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
FoundAction(org.pac4j.core.exception.http.FoundAction)
CommonProfile(org.pac4j.core.profile.CommonProfile)
HttpAction(org.pac4j.core.exception.http.HttpAction)
Test(org.junit.Test)
Example 18 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class PostSAML2ClientTests method testRelayState.
@Test
public void testRelayState() {
final var client = getClient();
final WebContext context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, SAML2StateGenerator.SAML_RELAY_STATE_ATTRIBUTE, "relayState");
final var action = (OkAction) client.getRedirectionAction(context, sessionStore).get();
assertTrue(action.getContent().contains("<input type=\"hidden\" name=\"RelayState\" value=\"relayState\"/>"));
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
WebContext(org.pac4j.core.context.WebContext)
MockWebContext(org.pac4j.core.context.MockWebContext)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
OkAction(org.pac4j.core.exception.http.OkAction)
Test(org.junit.Test)
Example 19 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class OidcRedirectTests method testAjaxRequestAfterStandardRequestShouldNotOverrideState.
@Test
public void testAjaxRequestAfterStandardRequestShouldNotOverrideState() throws MalformedURLException, URISyntaxException {
var client = getClient();
client.setCallbackUrl(CALLBACK_URL);
client.setAjaxRequestResolver(new AjaxRequestResolver() {
boolean first = true;
@Override
public boolean isAjax(final WebContext context, final SessionStore sessionStore) {
/*
* Considers that the first request is not ajax, all the subsequent ones are
*/
if (first) {
first = false;
return false;
} else {
return true;
}
}
@Override
public HttpAction buildAjaxResponse(final WebContext context, final SessionStore sessionStore, final RedirectionActionBuilder redirectionActionBuilder) {
return new StatusAction(401);
}
});
var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
final var firstRequestAction = (FoundAction) client.getRedirectionAction(context, sessionStore).orElse(null);
var state = TestsHelper.splitQuery(new URL(firstRequestAction.getLocation())).get("state");
try {
// noinspection ThrowableNotThrown
client.getRedirectionAction(context, sessionStore);
fail("Ajax request should throw exception");
} catch (Exception e) {
var stateAfterAjax = (State) sessionStore.get(context, client.getStateSessionAttributeName()).orElse(null);
assertEquals("subsequent ajax request should not override the state in the session store", state, stateAfterAjax.toString());
}
}
Also used :
WebContext(org.pac4j.core.context.WebContext)
MockWebContext(org.pac4j.core.context.MockWebContext)
RedirectionActionBuilder(org.pac4j.core.redirect.RedirectionActionBuilder)
AjaxRequestResolver(org.pac4j.core.http.ajax.AjaxRequestResolver)
URL(java.net.URL)
MalformedURLException(java.net.MalformedURLException)
URISyntaxException(java.net.URISyntaxException)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
StatusAction(org.pac4j.core.exception.http.StatusAction)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
FoundAction(org.pac4j.core.exception.http.FoundAction)
HttpAction(org.pac4j.core.exception.http.HttpAction)
Test(org.junit.Test)
Example 20 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class DefaultCasLogoutHandler method destroySessionBack.
@Override
public void destroySessionBack(final C context, final String ticket) {
final Object trackableSession = store.get(ticket);
logger.debug("ticket: {} -> trackableSession: {}", ticket, trackableSession);
if (trackableSession == null) {
logger.error("No trackable session found for back channel logout. Either the session store does not support to track session " + "or it has expired from the store and the store settings must be updated (expired data)");
} else {
store.remove(ticket);
// renew context with the original session store
final SessionStore sessionStore = context.getSessionStore();
if (sessionStore == null) {
logger.error("No session store available for this web context");
} else {
final SessionStore<C> newSessionStore = sessionStore.buildFromTrackableSession(context, trackableSession);
if (newSessionStore != null) {
logger.debug("newSesionStore: {}", newSessionStore);
final String sessionId = newSessionStore.getOrCreateSessionId(context);
logger.debug("remove sessionId: {}", sessionId);
store.remove(sessionId);
destroy(context, newSessionStore, "back");
} else {
logger.error("The session store should be able to build a new session store from the tracked session");
}
}
}
}
Also used :
SessionStore(org.pac4j.core.context.session.SessionStore)
Aggregations
SessionStore (org.pac4j.core.context.session.SessionStore)32
MockSessionStore (org.pac4j.core.context.session.MockSessionStore)22
Test (org.junit.Test)20
WebContext (org.pac4j.core.context.WebContext)18
MockWebContext (org.pac4j.core.context.MockWebContext)13
FoundAction (org.pac4j.core.exception.http.FoundAction)6
CommonProfile (org.pac4j.core.profile.CommonProfile)5
Slf4j (lombok.extern.slf4j.Slf4j)3
lombok.val (lombok.val)3
Client (org.pac4j.core.client.Client)3
Date (java.util.Date)2
Optional (java.util.Optional)2
SneakyThrows (lombok.SneakyThrows)2
ServicesManager (org.apereo.cas.services.ServicesManager)2
Unchecked (org.jooq.lambda.Unchecked)2
HttpAction (org.pac4j.core.exception.http.HttpAction)2
Algorithm (com.nimbusds.jose.Algorithm)1
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
MalformedURLException (java.net.MalformedURLException)1
