Search in sources :

Example 71 with StaticApplicationContext

use of org.springframework.context.support.StaticApplicationContext in project cas by apereo.

the class MultifactorAuthenticationProviderBypassTests method verifyMultifactorAuthenticationBypassByHttpRequestHeader.

@Test
public void verifyMultifactorAuthenticationBypassByHttpRequestHeader() {
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    ApplicationContextProvider.holdApplicationContext(applicationContext);
    ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    val request = new MockHttpServletRequest();
    request.addHeader("headerbypass", "true");
    val props = new MultifactorAuthenticationProviderBypassProperties();
    props.setHttpRequestHeaders("headerbypass");
    val principal = MultifactorAuthenticationTestUtils.getPrincipal("casuser");
    val authentication = MultifactorAuthenticationTestUtils.getAuthentication(principal);
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val bypass = new HttpRequestMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
    val service = MultifactorAuthenticationTestUtils.getRegisteredService();
    assertFalse(bypass.shouldMultifactorAuthenticationProviderExecute(authentication, service, provider, request));
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator) Test(org.junit.jupiter.api.Test)

Example 72 with StaticApplicationContext

use of org.springframework.context.support.StaticApplicationContext in project cas by apereo.

the class MultifactorAuthenticationProviderBypassTests method verifyMultifactorAuthenticationBypassByHttpRequestRemoteAddress.

@Test
public void verifyMultifactorAuthenticationBypassByHttpRequestRemoteAddress() {
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    ApplicationContextProvider.holdApplicationContext(applicationContext);
    ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    val request = new MockHttpServletRequest();
    request.setRemoteAddr("123.456.789.000");
    val props = new MultifactorAuthenticationProviderBypassProperties();
    props.setHttpRequestRemoteAddress("123.+");
    val principal = MultifactorAuthenticationTestUtils.getPrincipal("casuser");
    val authentication = MultifactorAuthenticationTestUtils.getAuthentication(principal);
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val bypass = new HttpRequestMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
    val service = MultifactorAuthenticationTestUtils.getRegisteredService();
    assertFalse(bypass.shouldMultifactorAuthenticationProviderExecute(authentication, service, provider, request));
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator) Test(org.junit.jupiter.api.Test)

Example 73 with StaticApplicationContext

use of org.springframework.context.support.StaticApplicationContext in project cas by apereo.

the class MultifactorAuthenticationProviderBypassTests method verifyMultifactorAuthenticationBypassByAuthenticationHandler.

@Test
public void verifyMultifactorAuthenticationBypassByAuthenticationHandler() {
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    ApplicationContextProvider.holdApplicationContext(applicationContext);
    ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    val request = new MockHttpServletRequest();
    val props = new MultifactorAuthenticationProviderBypassProperties();
    props.setAuthenticationHandlerName("SimpleAuthenticationHandler");
    val principal = MultifactorAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("givenName", "CAS"));
    val authentication = MultifactorAuthenticationTestUtils.getAuthentication(principal, CollectionUtils.wrap(AuthenticationHandler.SUCCESSFUL_AUTHENTICATION_HANDLERS, "SimpleAuthenticationHandler"));
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
    val service = MultifactorAuthenticationTestUtils.getRegisteredService();
    assertFalse(bypass.shouldMultifactorAuthenticationProviderExecute(authentication, service, provider, request));
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator) Test(org.junit.jupiter.api.Test)

Example 74 with StaticApplicationContext

use of org.springframework.context.support.StaticApplicationContext in project cas by apereo.

the class MultifactorAuthenticationProviderBypassTests method verifyMultifactorAuthenticationBypassByHttpRequestRemoteHost.

@Test
public void verifyMultifactorAuthenticationBypassByHttpRequestRemoteHost() {
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    ApplicationContextProvider.holdApplicationContext(applicationContext);
    ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    val request = new MockHttpServletRequest();
    request.setRemoteHost("somewhere.example.org");
    val props = new MultifactorAuthenticationProviderBypassProperties();
    props.setHttpRequestRemoteAddress(".+example\\.org");
    val principal = MultifactorAuthenticationTestUtils.getPrincipal("casuser");
    val authentication = MultifactorAuthenticationTestUtils.getAuthentication(principal);
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val bypass = new HttpRequestMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
    val service = MultifactorAuthenticationTestUtils.getRegisteredService();
    assertFalse(bypass.shouldMultifactorAuthenticationProviderExecute(authentication, service, provider, request));
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator) Test(org.junit.jupiter.api.Test)

Example 75 with StaticApplicationContext

use of org.springframework.context.support.StaticApplicationContext in project cas by apereo.

the class MultifactorAuthenticationProviderBypassTests method verifyMultifactorAuthenticationBypassIgnored.

@Test
public void verifyMultifactorAuthenticationBypassIgnored() {
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    ApplicationContextProvider.holdApplicationContext(applicationContext);
    ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    val request = new MockHttpServletRequest();
    val principal = MultifactorAuthenticationTestUtils.getPrincipal("casuser");
    val authentication = MultifactorAuthenticationTestUtils.getAuthentication(principal);
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val bypass = new RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator(provider.getId());
    val service = MultifactorAuthenticationTestUtils.getRegisteredService();
    assertTrue(bypass.shouldMultifactorAuthenticationProviderExecute(authentication, service, provider, request));
}
Also used : lombok.val(lombok.val) RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.jupiter.api.Test)

Aggregations

StaticApplicationContext (org.springframework.context.support.StaticApplicationContext)322 Test (org.junit.jupiter.api.Test)218 lombok.val (lombok.val)159 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)59 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)39 BeforeEach (org.junit.jupiter.api.BeforeEach)36 Test (org.junit.Test)34 RootBeanDefinition (org.springframework.beans.factory.support.RootBeanDefinition)31 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)25 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)20 HashSet (java.util.HashSet)19 MockRequestContext (org.springframework.webflow.test.MockRequestContext)19 InMemoryServiceRegistry (org.apereo.cas.services.InMemoryServiceRegistry)16 MockServletContext (org.springframework.mock.web.MockServletContext)16 MultifactorAuthenticationProviderBypassProperties (org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)15 BeanDefinitionReader (org.springframework.beans.factory.support.BeanDefinitionReader)13 ApplicationContext (org.springframework.context.ApplicationContext)12 BeanDefinition (org.springframework.beans.factory.config.BeanDefinition)11 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)11 QueueChannel (org.springframework.integration.channel.QueueChannel)11