use of org.pac4j.core.credentials.UsernamePasswordCredentials in project cas by apereo.
the class ECPProfileHandlerController method extractBasicAuthenticationCredential.
private Credential extractBasicAuthenticationCredential(final HttpServletRequest request, final HttpServletResponse response) {
try {
final BasicAuthExtractor extractor = new BasicAuthExtractor();
final WebContext webContext = Pac4jUtils.getPac4jJ2EContext(request, response);
final UsernamePasswordCredentials credentials = extractor.extract(webContext);
if (credentials != null) {
LOGGER.debug("Received basic authentication ECP request from credentials [{}]", credentials);
return new UsernamePasswordCredential(credentials.getUsername(), credentials.getPassword());
}
} catch (final Exception e) {
LOGGER.warn(e.getMessage(), e);
}
return null;
}
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project cas by apereo.
the class OidcRevocationEndpointController method handleRequestInternal.
/**
* Handle request for revocation.
*
* @param request the request
* @param response the response
* @return the jwk set
*/
@GetMapping(value = '/' + OidcConstants.BASE_OIDC_URL + '/' + OidcConstants.REVOCATION_URL)
public ResponseEntity<String> handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response) {
try {
final CredentialsExtractor<UsernamePasswordCredentials> authExtractor = new BasicAuthExtractor();
final UsernamePasswordCredentials credentials = authExtractor.extract(Pac4jUtils.getPac4jJ2EContext(request, response));
if (credentials == null) {
throw new IllegalArgumentException("No credentials are provided to verify introspection on the access token");
}
final OAuthRegisteredService service = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, credentials.getUsername());
if (this.validator.checkServiceValid(service) && this.validator.checkParameterExist(request, OAuth20Constants.ACCESS_TOKEN) && this.validator.checkClientSecret(service, credentials.getPassword())) {
final String token = request.getParameter(OidcConstants.TOKEN);
if (StringUtils.isNotBlank(token)) {
this.ticketRegistry.deleteTicket(token);
}
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return new ResponseEntity<>(HttpStatus.OK);
}
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project pac4j by pac4j.
the class LdapProfileServiceTests method authentSuccessSingleAttribute.
@Test
public void authentSuccessSingleAttribute() {
final LdapProfileService ldapProfileService = new LdapProfileService(connectionFactory, authenticator, LdapServer.SN, LdapServer.BASE_PEOPLE_DN);
ldapProfileService.setUsernameAttribute(LdapServer.CN);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
ldapProfileService.validate(credentials, null);
final CommonProfile profile = credentials.getUserProfile();
assertNotNull(profile);
assertTrue(profile instanceof LdapProfile);
final LdapProfile ldapProfile = (LdapProfile) profile;
assertEquals(GOOD_USERNAME, ldapProfile.getId());
assertEquals(1, ldapProfile.getAttributes().size());
assertEquals(FIRSTNAME_VALUE, ldapProfile.getAttribute(LdapServer.SN));
}
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project pac4j by pac4j.
the class LdapProfileServiceTests method authentSuccessMultiAttribute.
@Test
public void authentSuccessMultiAttribute() {
final LdapProfileService ldapProfileService = new LdapProfileService(connectionFactory, authenticator, LdapServer.SN + "," + LdapServer.ROLE, LdapServer.BASE_PEOPLE_DN);
ldapProfileService.setUsernameAttribute(LdapServer.CN);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(GOOD_USERNAME2, PASSWORD);
ldapProfileService.validate(credentials, null);
final CommonProfile profile = credentials.getUserProfile();
assertNotNull(profile);
assertTrue(profile instanceof LdapProfile);
final LdapProfile ldapProfile = (LdapProfile) profile;
assertEquals(GOOD_USERNAME2, ldapProfile.getId());
assertEquals(1, ldapProfile.getAttributes().size());
assertNull(ldapProfile.getAttribute(LdapServer.SN));
final Collection<String> attributes = (Collection<String>) ldapProfile.getAttribute(LdapServer.ROLE);
assertEquals(2, attributes.size());
assertTrue(attributes.contains(LdapServer.ROLE1));
assertTrue(attributes.contains(LdapServer.ROLE2));
}
use of org.pac4j.core.credentials.UsernamePasswordCredentials in project pac4j by pac4j.
the class LdapProfileServiceTests method testCreateUpdateFindDelete.
@Test
public void testCreateUpdateFindDelete() {
final LdapProfile profile = new LdapProfile();
profile.setId(LDAP_ID);
profile.setLinkedId(LDAP_LINKED_ID);
profile.addAttribute(USERNAME, LDAP_USER);
final LdapProfileService ldapProfileService = new LdapProfileService(connectionFactory, authenticator, LdapServer.BASE_PEOPLE_DN);
ldapProfileService.setIdAttribute(LdapServer.CN);
ldapProfileService.setUsernameAttribute(LdapServer.SN);
ldapProfileService.setPasswordAttribute("userPassword");
// create
ldapProfileService.create(profile, LDAP_PASS);
// check credentials
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(LDAP_ID, LDAP_PASS);
ldapProfileService.validate(credentials, null);
final CommonProfile profile1 = credentials.getUserProfile();
assertNotNull(profile1);
// check data
final List<Map<String, Object>> results = getData(ldapProfileService, LDAP_ID);
assertEquals(1, results.size());
final Map<String, Object> result = results.get(0);
assertEquals(4, result.size());
assertEquals(LDAP_ID, result.get(LdapServer.CN));
assertEquals(LDAP_LINKED_ID, result.get(AbstractProfileService.LINKEDID));
assertNotNull(result.get(AbstractProfileService.SERIALIZED_PROFILE));
assertEquals(LDAP_USER, result.get(LdapServer.SN));
// findById
final LdapProfile profile2 = ldapProfileService.findById(LDAP_ID);
assertEquals(LDAP_ID, profile2.getId());
assertEquals(LDAP_LINKED_ID, profile2.getLinkedId());
assertEquals(LDAP_USER, profile2.getUsername());
assertEquals(1, profile2.getAttributes().size());
// update
profile.addAttribute(USERNAME, LDAP_USER2);
ldapProfileService.update(profile, LDAP_PASS2);
final List<Map<String, Object>> results2 = getData(ldapProfileService, LDAP_ID);
assertEquals(1, results2.size());
final Map<String, Object> result2 = results2.get(0);
assertEquals(4, result2.size());
assertEquals(LDAP_ID, result2.get(LdapServer.CN));
assertEquals(LDAP_LINKED_ID, result2.get(AbstractProfileService.LINKEDID));
assertNotNull(result2.get(AbstractProfileService.SERIALIZED_PROFILE));
assertEquals(LDAP_USER2, result2.get(LdapServer.SN));
// check credentials
final UsernamePasswordCredentials credentials2 = new UsernamePasswordCredentials(LDAP_ID, LDAP_PASS2);
ldapProfileService.validate(credentials2, null);
final CommonProfile profile3 = credentials.getUserProfile();
assertNotNull(profile3);
// remove
ldapProfileService.remove(profile);
final List<Map<String, Object>> results3 = getData(ldapProfileService, LDAP_ID);
assertEquals(0, results3.size());
}
Aggregations