Example 1 with UsernamePasswordCredentials
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project cas by apereo.
the class ECPProfileHandlerController method extractBasicAuthenticationCredential.
private Credential extractBasicAuthenticationCredential(final HttpServletRequest request, final HttpServletResponse response) {
try {
final BasicAuthExtractor extractor = new BasicAuthExtractor();
final WebContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
final UsernamePasswordCredentials credentials = extractor.extract(webContext);
if (credentials != null) {
LOGGER.debug("Received basic authentication ECP request from credentials [{}]", credentials);
return new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
}
} catch (final Exception e) {
LOGGER.warn(e.getMessage(), e);
}
return null;
}
Also used :
BasicAuthExtractor(org.pac4j.core.credentials.extractor.BasicAuthExtractor)
WebContext(org.pac4j.core.context.WebContext)
UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Example 2 with UsernamePasswordCredentials
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project cas by apereo.
the class OidcRevocationEndpointController method handleRequestInternal.
/**
* Handle request for revocation.
*
* @param request the request
* @param response the response
* @return the jwk set
*/
@GetMapping(value = '/' + OidcConstants.BASE_OIDC_URL + '/' + OidcConstants.REVOCATION_URL)
public ResponseEntity<String> handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response) {
try {
final CredentialsExtractor<UsernamePasswordCredentials> authExtractor = new BasicAuthExtractor();
final UsernamePasswordCredentials credentials = authExtractor.extract(Pac4jUtils.getPac4jJ2EContext(request, response));
if (credentials == null) {
throw new IllegalArgumentException("No credentials are provided to verify introspection on the access token");
}
final OAuthRegisteredService service = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, credentials.getUsername());
if (this.validator.checkServiceValid(service) && this.validator.checkParameterExist(request, OAuth20Constants.ACCESS_TOKEN) && this.validator.checkClientSecret(service, credentials.getPassword())) {
final String token = request.getParameter(OidcConstants.TOKEN);
if (StringUtils.isNotBlank(token)) {
this.ticketRegistry.deleteTicket(token);
}
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return new ResponseEntity<>(HttpStatus.OK);
}
Also used :
BasicAuthExtractor(org.pac4j.core.credentials.extractor.BasicAuthExtractor)
ResponseEntity(org.springframework.http.ResponseEntity)
OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Example 3 with UsernamePasswordCredentials
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project pac4j by pac4j.
the class LdapProfileServiceTests method authentSuccessSingleAttribute.
@Test
public void authentSuccessSingleAttribute() {
final LdapProfileService ldapProfileService = new LdapProfileService(connectionFactory, authenticator, LdapServer.SN, LdapServer.BASE_PEOPLE_DN);
ldapProfileService.setUsernameAttribute(LdapServer.CN);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
ldapProfileService.validate(credentials, null);
final CommonProfile profile = credentials.getUserProfile();
assertNotNull(profile);
assertTrue(profile instanceof LdapProfile);
final LdapProfile ldapProfile = (LdapProfile) profile;
assertEquals(GOOD_USERNAME, ldapProfile.getId());
assertEquals(1, ldapProfile.getAttributes().size());
assertEquals(FIRSTNAME_VALUE, ldapProfile.getAttribute(LdapServer.SN));
}
Also used :
CommonProfile(org.pac4j.core.profile.CommonProfile)
LdapProfile(org.pac4j.ldap.profile.LdapProfile)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.Test)
Example 4 with UsernamePasswordCredentials
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project pac4j by pac4j.
the class LdapProfileServiceTests method authentSuccessMultiAttribute.
@Test
public void authentSuccessMultiAttribute() {
final LdapProfileService ldapProfileService = new LdapProfileService(connectionFactory, authenticator, LdapServer.SN + "," + LdapServer.ROLE, LdapServer.BASE_PEOPLE_DN);
ldapProfileService.setUsernameAttribute(LdapServer.CN);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(GOOD_USERNAME2, PASSWORD);
ldapProfileService.validate(credentials, null);
final CommonProfile profile = credentials.getUserProfile();
assertNotNull(profile);
assertTrue(profile instanceof LdapProfile);
final LdapProfile ldapProfile = (LdapProfile) profile;
assertEquals(GOOD_USERNAME2, ldapProfile.getId());
assertEquals(1, ldapProfile.getAttributes().size());
assertNull(ldapProfile.getAttribute(LdapServer.SN));
final Collection<String> attributes = (Collection<String>) ldapProfile.getAttribute(LdapServer.ROLE);
assertEquals(2, attributes.size());
assertTrue(attributes.contains(LdapServer.ROLE1));
assertTrue(attributes.contains(LdapServer.ROLE2));
}
Also used :
CommonProfile(org.pac4j.core.profile.CommonProfile)
Collection(java.util.Collection)
LdapProfile(org.pac4j.ldap.profile.LdapProfile)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.Test)
Example 5 with UsernamePasswordCredentials
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project pac4j by pac4j.
the class LdapProfileServiceTests method testCreateUpdateFindDelete.
@Test
public void testCreateUpdateFindDelete() {
final LdapProfile profile = new LdapProfile();
profile.setId(LDAP_ID);
profile.setLinkedId(LDAP_LINKED_ID);
profile.addAttribute(USERNAME, LDAP_USER);
final LdapProfileService ldapProfileService = new LdapProfileService(connectionFactory, authenticator, LdapServer.BASE_PEOPLE_DN);
ldapProfileService.setIdAttribute(LdapServer.CN);
ldapProfileService.setUsernameAttribute(LdapServer.SN);
ldapProfileService.setPasswordAttribute("userPassword");
// create
ldapProfileService.create(profile, LDAP_PASS);
// check credentials
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(LDAP_ID, LDAP_PASS);
ldapProfileService.validate(credentials, null);
final CommonProfile profile1 = credentials.getUserProfile();
assertNotNull(profile1);
// check data
final List<Map<String, Object>> results = getData(ldapProfileService, LDAP_ID);
assertEquals(1, results.size());
final Map<String, Object> result = results.get(0);
assertEquals(4, result.size());
assertEquals(LDAP_ID, result.get(LdapServer.CN));
assertEquals(LDAP_LINKED_ID, result.get(AbstractProfileService.LINKEDID));
assertNotNull(result.get(AbstractProfileService.SERIALIZED_PROFILE));
assertEquals(LDAP_USER, result.get(LdapServer.SN));
// findById
final LdapProfile profile2 = ldapProfileService.findById(LDAP_ID);
assertEquals(LDAP_ID, profile2.getId());
assertEquals(LDAP_LINKED_ID, profile2.getLinkedId());
assertEquals(LDAP_USER, profile2.getUsername());
assertEquals(1, profile2.getAttributes().size());
// update
profile.addAttribute(USERNAME, LDAP_USER2);
ldapProfileService.update(profile, LDAP_PASS2);
final List<Map<String, Object>> results2 = getData(ldapProfileService, LDAP_ID);
assertEquals(1, results2.size());
final Map<String, Object> result2 = results2.get(0);
assertEquals(4, result2.size());
assertEquals(LDAP_ID, result2.get(LdapServer.CN));
assertEquals(LDAP_LINKED_ID, result2.get(AbstractProfileService.LINKEDID));
assertNotNull(result2.get(AbstractProfileService.SERIALIZED_PROFILE));
assertEquals(LDAP_USER2, result2.get(LdapServer.SN));
// check credentials
final UsernamePasswordCredentials credentials2 = new UsernamePasswordCredentials(LDAP_ID, LDAP_PASS2);
ldapProfileService.validate(credentials2, null);
final CommonProfile profile3 = credentials.getUserProfile();
assertNotNull(profile3);
// remove
ldapProfileService.remove(profile);
final List<Map<String, Object>> results3 = getData(ldapProfileService, LDAP_ID);
assertEquals(0, results3.size());
}
Also used :
CommonProfile(org.pac4j.core.profile.CommonProfile)
LdapProfile(org.pac4j.ldap.profile.LdapProfile)
Map(java.util.Map)
UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials)
Test(org.junit.Test)
Aggregations
UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)80
lombok.val (lombok.val)34
JEEContext (org.pac4j.core.context.JEEContext)24
CommonProfile (org.pac4j.core.profile.CommonProfile)22
Test (org.junit.Test)21
Test (org.junit.jupiter.api.Test)21
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)20
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)20
MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)10
BasicAuthExtractor (org.pac4j.core.credentials.extractor.BasicAuthExtractor)9
OAuth20DefaultCode (org.apereo.cas.ticket.code.OAuth20DefaultCode)8
HardTimeoutExpirationPolicy (org.apereo.cas.ticket.expiration.HardTimeoutExpirationPolicy)8
HashMap (java.util.HashMap)7
SimpleTestUsernamePasswordAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator)6
Map (java.util.Map)5
MockWebContext (org.pac4j.core.context.MockWebContext)5
UsernamePasswordCredential (org.apereo.cas.authentication.credential.UsernamePasswordCredential)4
CredentialsException (org.pac4j.core.exception.CredentialsException)4
ArrayList (java.util.ArrayList)3
WebContext (org.pac4j.core.context.WebContext)3
