Example 1 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project pac4j by pac4j.
the class DirectDigestAuthClientTests method testMissingProfileCreator.
@Test
public void testMissingProfileCreator() {
final DirectDigestAuthClient digestAuthClient = new DirectDigestAuthClient(new SimpleTestTokenAuthenticator(), null);
TestsHelper.expectException(() -> digestAuthClient.getUserProfile(new DigestCredentials(TOKEN, HTTP_METHOD.POST.name(), null, null, null, null, null, null, null), MockWebContext.create()), TechnicalException.class, "profileCreator cannot be null");
}
Also used :
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
SimpleTestTokenAuthenticator(org.pac4j.http.credentials.authenticator.test.SimpleTestTokenAuthenticator)
Test(org.junit.Test)
Example 2 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project pac4j by pac4j.
the class DigestExtractorTests method testNotDigest.
@Test
public void testNotDigest() {
final MockWebContext context = MockWebContext.create();
final DigestCredentials credentials = digestExtractor.extract(context);
assertNull(credentials);
}
Also used :
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
MockWebContext(org.pac4j.core.context.MockWebContext)
Test(org.junit.Test)
Example 3 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project pac4j by pac4j.
the class SimpleTestDigestAuthenticator method validate.
@Override
public void validate(final TokenCredentials credentials, final WebContext context) {
if (credentials == null) {
throw new CredentialsException("No credential");
}
if (!(credentials instanceof DigestCredentials)) {
throw new CredentialsException("Unsupported credentials type " + credentials.getClass());
}
DigestCredentials digestCredentials = (DigestCredentials) credentials;
String username = digestCredentials.getUsername();
if (CommonHelper.isBlank(username)) {
throw new CredentialsException("Username cannot be blank");
}
String token = credentials.getToken();
if (CommonHelper.isBlank(token)) {
throw new CredentialsException("Token cannot be blank");
}
CommonProfile profile = new CommonProfile();
profile.setId(username);
credentials.setUserProfile(profile);
}
Also used :
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
CommonProfile(org.pac4j.core.profile.CommonProfile)
CredentialsException(org.pac4j.core.exception.CredentialsException)
Example 4 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project pac4j by pac4j.
the class DigestAuthExtractor method extract.
/**
* Extracts digest Authorization header components.
* As per RFC 2617 :
* username is the user's name in the specified realm
* qop is quality of protection
* uri is the request uri
* response is the client response
* nonce is a server-specified data string which should be uniquely generated
* each time a 401 response is made
* cnonce is the client nonce
* nc is the nonce count
* If in the Authorization header it is not specified a username and response, we throw CredentialsException because
* the client uses an username and a password to authenticate. response is just a MD5 encoded value
* based on user provided password and RFC 2617 digest authentication encoding rules
* @param context the current web context
* @return the Digest credentials
*/
@Override
public DigestCredentials extract(WebContext context) {
final TokenCredentials credentials = this.extractor.extract(context);
if (credentials == null) {
return null;
}
String token = credentials.getToken();
Map<String, String> valueMap = parseTokenValue(token);
String username = valueMap.get("username");
String response = valueMap.get("response");
if (CommonHelper.isBlank(username) || CommonHelper.isBlank(response)) {
throw new CredentialsException("Bad format of the digest auth header");
}
String realm = valueMap.get("realm");
String nonce = valueMap.get("nonce");
String uri = valueMap.get("uri");
String cnonce = valueMap.get("cnonce");
String nc = valueMap.get("nc");
String qop = valueMap.get("qop");
String method = context.getRequestMethod();
return new DigestCredentials(response, method, username, realm, nonce, uri, cnonce, nc, qop);
}
Also used :
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
CredentialsException(org.pac4j.core.exception.CredentialsException)
TokenCredentials(org.pac4j.core.credentials.TokenCredentials)
Example 5 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project pac4j by pac4j.
the class DigestExtractorTests method testRetrieveDigestHeaderComponents.
@Test
public void testRetrieveDigestHeaderComponents() {
final MockWebContext context = MockWebContext.create();
context.addRequestHeader(HttpConstants.AUTHORIZATION_HEADER, DIGEST_AUTHORIZATION_HEADER_VALUE);
final DigestCredentials credentials = digestExtractor.extract(context);
assertEquals(DIGEST_RESPONSE, credentials.getToken());
assertEquals(USERNAME, credentials.getUsername());
}
Also used :
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
MockWebContext(org.pac4j.core.context.MockWebContext)
Test(org.junit.Test)
Aggregations
DigestCredentials (org.pac4j.http.credentials.DigestCredentials)8
Test (org.junit.Test)4
MockWebContext (org.pac4j.core.context.MockWebContext)3
CredentialsException (org.pac4j.core.exception.CredentialsException)2
CommonProfile (org.pac4j.core.profile.CommonProfile)2
lombok.val (lombok.val)1
DigestCredential (org.apereo.cas.digest.DigestCredential)1
JEEContext (org.pac4j.core.context.JEEContext)1
TokenCredentials (org.pac4j.core.credentials.TokenCredentials)1
SimpleTestDigestAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestDigestAuthenticator)1
SimpleTestTokenAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestTokenAuthenticator)1
DigestAuthExtractor (org.pac4j.http.credentials.extractor.DigestAuthExtractor)1
