Search in sources :

Example 1 with SAML2Client

use of org.pac4j.saml.client.SAML2Client in project cas by apereo.

the class Pac4jAuthenticationEventExecutionPlanConfiguration method configureSamlClient.

private void configureSamlClient(final Collection<BaseClient> properties) {
    final AtomicInteger index = new AtomicInteger();
    casProperties.getAuthn().getPac4j().getSaml().stream().filter(saml -> StringUtils.isNotBlank(saml.getKeystorePath()) && StringUtils.isNotBlank(saml.getIdentityProviderMetadataPath())).forEach(saml -> {
        final SAML2ClientConfiguration cfg = new SAML2ClientConfiguration(saml.getKeystorePath(), saml.getKeystorePassword(), saml.getPrivateKeyPassword(), saml.getIdentityProviderMetadataPath());
        cfg.setMaximumAuthenticationLifetime(saml.getMaximumAuthenticationLifetime());
        cfg.setServiceProviderEntityId(saml.getServiceProviderEntityId());
        cfg.setServiceProviderMetadataPath(saml.getServiceProviderMetadataPath());
        cfg.setDestinationBindingType(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
        final SAML2Client client = new SAML2Client(cfg);
        client.setName(client.getClass().getSimpleName() + index.incrementAndGet());
        properties.add(client);
    });
}
Also used : CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) CasConfiguration(org.pac4j.cas.config.CasConfiguration) CasClient(org.pac4j.cas.client.CasClient) Google2Client(org.pac4j.oauth.client.Google2Client) OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) SAML2Client(org.pac4j.saml.client.SAML2Client) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) StringUtils(org.apache.commons.lang3.StringUtils) AuthenticationEventExecutionPlan(org.apereo.cas.authentication.AuthenticationEventExecutionPlan) YahooClient(org.pac4j.oauth.client.YahooClient) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) AuthenticationHandler(org.apereo.cas.authentication.AuthenticationHandler) PrincipalFactory(org.apereo.cas.authentication.principal.PrincipalFactory) Clients(org.pac4j.core.client.Clients) LinkedIn2Client(org.pac4j.oauth.client.LinkedIn2Client) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) ClientAuthenticationHandler(org.apereo.cas.support.pac4j.authentication.handler.support.ClientAuthenticationHandler) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ClientAuthenticationMetaDataPopulator(org.apereo.cas.support.pac4j.authentication.ClientAuthenticationMetaDataPopulator) Verb(com.github.scribejava.core.model.Verb) Collection(java.util.Collection) PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver) Set(java.util.Set) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) SAML2ClientLogoutAction(org.apereo.cas.support.pac4j.web.flow.SAML2ClientLogoutAction) Action(org.springframework.webflow.execution.Action) AuthenticationEventExecutionPlanConfigurer(org.apereo.cas.config.support.authentication.AuthenticationEventExecutionPlanConfigurer) Configuration(org.springframework.context.annotation.Configuration) BaseClient(org.pac4j.core.client.BaseClient) FoursquareClient(org.pac4j.oauth.client.FoursquareClient) GitHubClient(org.pac4j.oauth.client.GitHubClient) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration) AuthenticationMetaDataPopulator(org.apereo.cas.authentication.AuthenticationMetaDataPopulator) WindowsLiveClient(org.pac4j.oauth.client.WindowsLiveClient) AzureAdClient(org.pac4j.oidc.client.AzureAdClient) BitbucketClient(org.pac4j.oauth.client.BitbucketClient) WordPressClient(org.pac4j.oauth.client.WordPressClient) ArrayList(java.util.ArrayList) OidcClient(org.pac4j.oidc.client.OidcClient) Qualifier(org.springframework.beans.factory.annotation.Qualifier) PayPalClient(org.pac4j.oauth.client.PayPalClient) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) LinkedHashSet(java.util.LinkedHashSet) ServicesManager(org.apereo.cas.services.ServicesManager) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) Logger(org.slf4j.Logger) FacebookClient(org.pac4j.oauth.client.FacebookClient) GenericOAuth20Client(org.pac4j.oauth.client.GenericOAuth20Client) Pac4jProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jProperties) TwitterClient(org.pac4j.oauth.client.TwitterClient) Bean(org.springframework.context.annotation.Bean) DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory) DropBoxClient(org.pac4j.oauth.client.DropBoxClient) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) SAML2Client(org.pac4j.saml.client.SAML2Client) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration)

Example 2 with SAML2Client

use of org.pac4j.saml.client.SAML2Client in project cas by apereo.

the class DelegatedClientWebflowManager method store.

/**
 * Store.
 *
 * @param webContext the web context
 * @param client     the client
 * @return the ticket
 */
public Ticket store(final WebContext webContext, final BaseClient client) {
    final Map<String, Serializable> properties = new LinkedHashMap<>();
    final Service service = determineService(webContext);
    properties.put(CasProtocolConstants.PARAMETER_SERVICE, service);
    properties.put(this.themeParamName, StringUtils.defaultString(webContext.getRequestParameter(this.themeParamName)));
    properties.put(this.localParamName, StringUtils.defaultString(webContext.getRequestParameter(this.localParamName)));
    properties.put(CasProtocolConstants.PARAMETER_METHOD, StringUtils.defaultString(webContext.getRequestParameter(CasProtocolConstants.PARAMETER_METHOD)));
    final TransientSessionTicketFactory transientFactory = (TransientSessionTicketFactory) this.ticketFactory.get(TransientSessionTicket.class);
    final TransientSessionTicket ticket = transientFactory.create(service, properties);
    LOGGER.debug("Storing delegated authentication request ticket [{}] for service [{}] with properties [{}]", ticket.getId(), ticket.getService(), ticket.getProperties());
    this.ticketRegistry.addTicket(ticket);
    webContext.setRequestAttribute(PARAMETER_CLIENT_ID, ticket.getId());
    if (client instanceof SAML2Client) {
        webContext.getSessionStore().set(webContext, SAML2Client.SAML_RELAY_STATE_ATTRIBUTE, ticket.getId());
    }
    if (client instanceof OAuth20Client) {
        final OAuth20Client oauthClient = (OAuth20Client) client;
        oauthClient.getConfiguration().setWithState(true);
        oauthClient.getConfiguration().setStateData(ticket.getId());
    }
    if (client instanceof OidcClient) {
        final OidcClient oidcClient = (OidcClient) client;
        oidcClient.getConfiguration().setCustomParams(CollectionUtils.wrap(PARAMETER_CLIENT_ID, ticket.getId()));
        oidcClient.getConfiguration().setWithState(true);
        oidcClient.getConfiguration().setStateData(ticket.getId());
    }
    if (client instanceof CasClient) {
        final CasClient casClient = (CasClient) client;
        casClient.getConfiguration().addCustomParam(DelegatedClientWebflowManager.PARAMETER_CLIENT_ID, ticket.getId());
    }
    return ticket;
}
Also used : TransientSessionTicket(org.apereo.cas.ticket.TransientSessionTicket) OAuth20Client(org.pac4j.oauth.client.OAuth20Client) Serializable(java.io.Serializable) OidcClient(org.pac4j.oidc.client.OidcClient) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) Service(org.apereo.cas.authentication.principal.Service) SAML2Client(org.pac4j.saml.client.SAML2Client) TransientSessionTicketFactory(org.apereo.cas.ticket.TransientSessionTicketFactory) LinkedHashMap(java.util.LinkedHashMap) CasClient(org.pac4j.cas.client.CasClient)

Example 3 with SAML2Client

use of org.pac4j.saml.client.SAML2Client in project pac4j by pac4j.

the class PropertiesConfigFactoryTests method test.

@Test
public void test() {
    final Map<String, String> properties = new HashMap<>();
    properties.put(FACEBOOK_ID, ID);
    properties.put(FACEBOOK_SECRET, SECRET);
    properties.put(TWITTER_ID, ID);
    properties.put(TWITTER_SECRET, SECRET);
    properties.put(CAS_LOGIN_URL, CALLBACK_URL);
    properties.put(CAS_PROTOCOL, CasProtocol.CAS20.toString());
    properties.put(SAML_KEYSTORE_PASSWORD, PASSWORD);
    properties.put(SAML_PRIVATE_KEY_PASSWORD, PASSWORD);
    properties.put(SAML_KEYSTORE_PATH, PATH);
    properties.put(SAML_IDENTITY_PROVIDER_METADATA_PATH, PATH);
    properties.put(SAML_DESTINATION_BINDING_TYPE, SAMLConstants.SAML2_REDIRECT_BINDING_URI);
    properties.put(SAML_KEYSTORE_ALIAS, VALUE);
    properties.put(OIDC_ID, ID);
    properties.put(OIDC_SECRET, SECRET);
    properties.put(OIDC_DISCOVERY_URI, CALLBACK_URL);
    properties.put(OIDC_USE_NONCE, "true");
    properties.put(OIDC_PREFERRED_JWS_ALGORITHM, "RS384");
    properties.put(OIDC_MAX_CLOCK_SKEW, "60");
    properties.put(OIDC_CLIENT_AUTHENTICATION_METHOD, "CLIENT_SECRET_POST");
    properties.put(OIDC_CUSTOM_PARAM_KEY + "1", KEY);
    properties.put(OIDC_CUSTOM_PARAM_VALUE + "1", VALUE);
    properties.put(CAS_LOGIN_URL.concat(".1"), LOGIN_URL);
    properties.put(CAS_PROTOCOL.concat(".1"), CasProtocol.CAS30.toString());
    properties.put(OIDC_TYPE.concat(".1"), "google");
    properties.put(OIDC_ID.concat(".1"), ID);
    properties.put(OIDC_SECRET.concat(".1"), SECRET);
    properties.put(ANONYMOUS, "whatever the value");
    properties.put(FORMCLIENT_LOGIN_URL, LOGIN_URL);
    properties.put(FORMCLIENT_AUTHENTICATOR, "testUsernamePassword");
    properties.put(INDIRECTBASICAUTH_AUTHENTICATOR.concat(".2"), "testUsernamePassword");
    properties.put(LDAP_TYPE, "direct");
    properties.put(LDAP_URL, "ldap://localhost:" + PORT);
    properties.put(LDAP_USE_SSL, "false");
    properties.put(LDAP_USE_START_TLS, "false");
    properties.put(LDAP_DN_FORMAT, CN + "=%s," + BASE_PEOPLE_DN);
    properties.put(LDAP_USERS_DN, BASE_PEOPLE_DN);
    properties.put(LDAP_PRINCIPAL_ATTRIBUTE_ID, CN);
    properties.put(LDAP_ATTRIBUTES, SN + "," + ROLE);
    properties.put(FORMCLIENT_LOGIN_URL.concat(".2"), PAC4J_BASE_URL);
    properties.put(FORMCLIENT_AUTHENTICATOR.concat(".2"), "ldap");
    properties.put(SPRING_ENCODER_TYPE.concat(".4"), "standard");
    properties.put(SPRING_ENCODER_STANDARD_SECRET.concat(".4"), SALT);
    properties.put(DB_JDBC_URL, "jdbc:h2:mem:test");
    properties.put(DB_USERNAME, Pac4jConstants.USERNAME);
    properties.put(DB_PASSWORD, Pac4jConstants.PASSWORD);
    properties.put(DB_USERNAME_ATTRIBUTE, Pac4jConstants.USERNAME);
    properties.put(DB_USER_PASSWORD_ATTRIBUTE, Pac4jConstants.PASSWORD);
    properties.put(DB_ATTRIBUTES, FIRSTNAME);
    properties.put(DB_PASSWORD_ENCODER, "encoder.spring.4");
    properties.put(INDIRECTBASICAUTH_AUTHENTICATOR.concat(".5"), "db");
    properties.put(REST_URL.concat(".3"), PAC4J_BASE_URL);
    properties.put(DIRECTBASICAUTH_AUTHENTICATOR.concat(".7"), "rest.3");
    LdapServer ldapServer = null;
    try {
        ldapServer = new LdapServer();
        ldapServer.start();
        new DbServer();
        final PropertiesConfigFactory factory = new PropertiesConfigFactory(CALLBACK_URL, properties);
        final Config config = factory.build();
        final Clients clients = config.getClients();
        assertEquals(13, clients.getClients().size());
        final FacebookClient fbClient = (FacebookClient) clients.findClient("FacebookClient");
        assertEquals(ID, fbClient.getKey());
        assertEquals(SECRET, fbClient.getSecret());
        assertNotNull(clients.findClient("AnonymousClient"));
        final TwitterClient twClient = (TwitterClient) clients.findClient("TwitterClient");
        assertEquals(ID, twClient.getKey());
        assertEquals(SECRET, twClient.getSecret());
        final CasClient casClient = (CasClient) clients.findClient("CasClient");
        assertEquals(CALLBACK_URL, casClient.getConfiguration().getLoginUrl());
        assertEquals(CasProtocol.CAS20, casClient.getConfiguration().getProtocol());
        final SAML2Client saml2client = (SAML2Client) clients.findClient("SAML2Client");
        assertNotNull(saml2client);
        final SAML2ClientConfiguration saml2Config = saml2client.getConfiguration();
        assertEquals(SAMLConstants.SAML2_REDIRECT_BINDING_URI, saml2Config.getDestinationBindingType());
        assertEquals(VALUE, saml2Config.getKeyStoreAlias());
        final OidcClient oidcClient = (OidcClient) clients.findClient("OidcClient");
        assertNotNull(oidcClient);
        assertEquals(ClientAuthenticationMethod.CLIENT_SECRET_POST.toString(), oidcClient.getConfiguration().getClientAuthenticationMethod().toString().toLowerCase());
        final CasClient casClient1 = (CasClient) clients.findClient("CasClient.1");
        assertEquals(CasProtocol.CAS30, casClient1.getConfiguration().getProtocol());
        final GoogleOidcClient googleOidcClient = (GoogleOidcClient) clients.findClient("GoogleOidcClient.1");
        googleOidcClient.init();
        assertEquals(ID, googleOidcClient.getConfiguration().getClientId());
        assertEquals(SECRET, googleOidcClient.getConfiguration().getSecret());
        assertEquals("https://accounts.google.com/.well-known/openid-configuration", googleOidcClient.getConfiguration().getDiscoveryURI());
        assertEquals(CALLBACK_URL + "?client_name=GoogleOidcClient.1", googleOidcClient.getCallbackUrlResolver().compute(googleOidcClient.getUrlResolver(), googleOidcClient.getCallbackUrl(), googleOidcClient.getName(), MockWebContext.create()));
        final FormClient formClient = (FormClient) clients.findClient("FormClient");
        assertEquals(LOGIN_URL, formClient.getLoginUrl());
        assertTrue(formClient.getAuthenticator() instanceof SimpleTestUsernamePasswordAuthenticator);
        final FormClient formClient2 = (FormClient) clients.findClient("FormClient.2");
        assertEquals(PAC4J_BASE_URL, formClient2.getLoginUrl());
        assertTrue(formClient2.getAuthenticator() instanceof LdapProfileService);
        final LdapProfileService ldapAuthenticator = (LdapProfileService) formClient2.getAuthenticator();
        final UsernamePasswordCredentials ldapCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
        ldapAuthenticator.validate(ldapCredentials, MockWebContext.create());
        assertNotNull(ldapCredentials.getUserProfile());
        final IndirectBasicAuthClient indirectBasicAuthClient = (IndirectBasicAuthClient) clients.findClient("IndirectBasicAuthClient.2");
        assertEquals("authentication required", indirectBasicAuthClient.getRealmName());
        assertTrue(indirectBasicAuthClient.getAuthenticator() instanceof SimpleTestUsernamePasswordAuthenticator);
        final IndirectBasicAuthClient indirectBasicAuthClient2 = (IndirectBasicAuthClient) clients.findClient("IndirectBasicAuthClient.5");
        assertTrue(indirectBasicAuthClient2.getAuthenticator() instanceof DbProfileService);
        final DbProfileService dbAuthenticator = (DbProfileService) indirectBasicAuthClient2.getAuthenticator();
        assertNotNull(dbAuthenticator);
        final UsernamePasswordCredentials dbCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
        dbAuthenticator.validate(dbCredentials, MockWebContext.create());
        assertNotNull(dbCredentials.getUserProfile());
        final DirectBasicAuthClient directBasicAuthClient = (DirectBasicAuthClient) clients.findClient("DirectBasicAuthClient.7");
        assertNotNull(directBasicAuthClient);
        final RestAuthenticator restAuthenticator = (RestAuthenticator) directBasicAuthClient.getAuthenticator();
        assertEquals(PAC4J_BASE_URL, restAuthenticator.getUrl());
    } finally {
        if (ldapServer != null) {
            ldapServer.stop();
        }
    }
}
Also used : TwitterClient(org.pac4j.oauth.client.TwitterClient) HashMap(java.util.HashMap) Config(org.pac4j.core.config.Config) FacebookClient(org.pac4j.oauth.client.FacebookClient) FormClient(org.pac4j.http.client.indirect.FormClient) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) DirectBasicAuthClient(org.pac4j.http.client.direct.DirectBasicAuthClient) Clients(org.pac4j.core.client.Clients) RestAuthenticator(org.pac4j.http.credentials.authenticator.RestAuthenticator) UsernamePasswordCredentials(org.pac4j.core.credentials.UsernamePasswordCredentials) LdapServer(org.pac4j.ldap.test.tools.LdapServer) OidcClient(org.pac4j.oidc.client.OidcClient) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) DbProfileService(org.pac4j.sql.profile.service.DbProfileService) DbServer(org.pac4j.sql.test.tools.DbServer) SAML2Client(org.pac4j.saml.client.SAML2Client) CasClient(org.pac4j.cas.client.CasClient) SimpleTestUsernamePasswordAuthenticator(org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator) LdapProfileService(org.pac4j.ldap.profile.service.LdapProfileService) IndirectBasicAuthClient(org.pac4j.http.client.indirect.IndirectBasicAuthClient) Test(org.junit.Test)

Example 4 with SAML2Client

use of org.pac4j.saml.client.SAML2Client in project pac4j by pac4j.

the class Saml2ClientBuilder method tryCreateSaml2Client.

public void tryCreateSaml2Client(final List<Client> clients) {
    for (int i = 0; i <= MAX_NUM_CLIENTS; i++) {
        final String keystorePassword = getProperty(SAML_KEYSTORE_PASSWORD, i);
        final String privateKeyPassword = getProperty(SAML_PRIVATE_KEY_PASSWORD, i);
        final String keystorePath = getProperty(SAML_KEYSTORE_PATH, i);
        final String identityProviderMetadataPath = getProperty(SAML_IDENTITY_PROVIDER_METADATA_PATH, i);
        if (isNotBlank(keystorePassword) && isNotBlank(privateKeyPassword) && isNotBlank(keystorePath) && isNotBlank(identityProviderMetadataPath)) {
            final String maximumAuthenticationLifetime = getProperty(SAML_MAXIMUM_AUTHENTICATION_LIFETIME, i);
            final String serviceProviderEntityId = getProperty(SAML_SERVICE_PROVIDER_ENTITY_ID, i);
            final String serviceProviderMetadataPath = getProperty(SAML_SERVICE_PROVIDER_METADATA_PATH, i);
            final String destinationBindingType = getProperty(SAML_DESTINATION_BINDING_TYPE, i);
            final String keystoreAlias = getProperty(SAML_KEYSTORE_ALIAS, i);
            final SAML2ClientConfiguration cfg = new SAML2ClientConfiguration(keystorePath, keystorePassword, privateKeyPassword, identityProviderMetadataPath);
            if (isNotBlank(maximumAuthenticationLifetime)) {
                cfg.setMaximumAuthenticationLifetime(Integer.parseInt(maximumAuthenticationLifetime));
            }
            if (isNotBlank(serviceProviderEntityId)) {
                cfg.setServiceProviderEntityId(serviceProviderEntityId);
            }
            if (isNotBlank(serviceProviderMetadataPath)) {
                cfg.setServiceProviderMetadataPath(serviceProviderMetadataPath);
            }
            if (isNotBlank(destinationBindingType)) {
                cfg.setDestinationBindingType(destinationBindingType);
            }
            if (isNotBlank(keystoreAlias)) {
                cfg.setKeystoreAlias(keystoreAlias);
            }
            final SAML2Client saml2Client = new SAML2Client(cfg);
            saml2Client.setName(concat(saml2Client.getName(), i));
            clients.add(saml2Client);
        }
    }
}
Also used : SAML2Client(org.pac4j.saml.client.SAML2Client) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration)

Example 5 with SAML2Client

use of org.pac4j.saml.client.SAML2Client in project cas by apereo.

the class SamlObjectSignatureValidatorTests method setupTestContextFor.

private void setupTestContextFor(final String spMetadataPath, final String spEntityId) throws Exception {
    val idpMetadata = new File("src/test/resources/metadata/idp-metadata.xml").getCanonicalPath();
    val keystorePath = new File(FileUtils.getTempDirectory(), "keystore").getCanonicalPath();
    saml2ClientConfiguration = new SAML2Configuration(keystorePath, "changeit", "changeit", idpMetadata);
    saml2ClientConfiguration.setServiceProviderEntityId(spEntityId);
    saml2ClientConfiguration.setServiceProviderMetadataPath(spMetadataPath);
    saml2ClientConfiguration.init();
    val saml2Client = new SAML2Client(saml2ClientConfiguration);
    saml2Client.setCallbackUrl("http://callback.example.org");
    saml2Client.init();
    samlContext = new MessageContext();
    saml2MessageContext = new SAML2MessageContext();
    saml2MessageContext.setSaml2Configuration(saml2ClientConfiguration);
    saml2MessageContext.setWebContext(new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse()));
    val peer = saml2MessageContext.getMessageContext().getSubcontext(SAMLPeerEntityContext.class, true);
    assertNotNull(peer);
    peer.setEntityId("https://cas.example.org/idp");
    val md = peer.getSubcontext(SAMLMetadataContext.class, true);
    assertNotNull(md);
    val idpResolver = SamlIdPUtils.getRoleDescriptorResolver(casSamlIdPMetadataResolver, true);
    md.setRoleDescriptor(idpResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(peer.getEntityId())), new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME))));
    val self = saml2MessageContext.getMessageContext().getSubcontext(SAMLSelfEntityContext.class, true);
    assertNotNull(self);
    self.setEntityId(saml2ClientConfiguration.getServiceProviderEntityId());
    val sp = self.getSubcontext(SAMLMetadataContext.class, true);
    assertNotNull(sp);
    val spRes = new InMemoryResourceMetadataResolver(saml2ClientConfiguration.getServiceProviderMetadataResource(), openSamlConfigBean);
    spRes.setId(getClass().getSimpleName());
    spRes.initialize();
    val spResolver = SamlIdPUtils.getRoleDescriptorResolver(spRes, true);
    sp.setRoleDescriptor(spResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(Objects.requireNonNull(self.getEntityId())), new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME))));
    val service = new SamlRegisteredService();
    service.setName("Sample");
    service.setServiceId(saml2ClientConfiguration.getServiceProviderEntityId());
    service.setId(100);
    service.setDescription("SAML Service");
    service.setMetadataLocation(spMetadataPath);
    val facade = SamlRegisteredServiceServiceProviderMetadataFacade.get(samlRegisteredServiceCachingMetadataResolver, service, service.getServiceId());
    this.adaptor = facade.get();
}
Also used : lombok.val(lombok.val) SAML2Configuration(org.pac4j.saml.config.SAML2Configuration) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JEEContext(org.pac4j.core.context.JEEContext) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion) SAML2Client(org.pac4j.saml.client.SAML2Client) MessageContext(org.opensaml.messaging.context.MessageContext) SAML2MessageContext(org.pac4j.saml.context.SAML2MessageContext) File(java.io.File) InMemoryResourceMetadataResolver(org.apereo.cas.support.saml.InMemoryResourceMetadataResolver) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)

Aggregations

SAML2Client (org.pac4j.saml.client.SAML2Client)24 lombok.val (lombok.val)16 Test (org.junit.jupiter.api.Test)6 CasClient (org.pac4j.cas.client.CasClient)6 OidcClient (org.pac4j.oidc.client.OidcClient)6 SAML2Configuration (org.pac4j.saml.config.SAML2Configuration)6 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)6 SAML2ClientConfiguration (org.pac4j.saml.client.SAML2ClientConfiguration)5 File (java.io.File)4 Collection (java.util.Collection)4 Set (java.util.Set)4 StringUtils (org.apache.commons.lang3.StringUtils)4 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)4 MockServletContext (org.apereo.cas.util.MockServletContext)4 Clients (org.pac4j.core.client.Clients)4 JEEContext (org.pac4j.core.context.JEEContext)4 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4 Verb (com.github.scribejava.core.model.Verb)3 JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)3