Search in sources :

Example 71 with EventFactorySupport

use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.

the class RedirectUnauthorizedServiceUrlActionTests method verifyUrl.

@Test
public void verifyUrl() throws Exception {
    val appCtx = new StaticApplicationContext();
    appCtx.refresh();
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    RequestContextHolder.setRequestContext(context);
    ExternalContextHolder.setExternalContext(context.getExternalContext());
    context.setCurrentEvent(new EventFactorySupport().success(this));
    WebUtils.putUnauthorizedRedirectUrlIntoFlowScope(context, new URI("https://github.com/apereo/cas"));
    val action = new RedirectUnauthorizedServiceUrlAction(mock(ServicesManager.class), appCtx);
    assertNull(action.doExecute(context));
    assertEquals("https://github.com/apereo/cas", WebUtils.getUnauthorizedRedirectUrlFromFlowScope(context).toASCIIString());
}
Also used : lombok.val(lombok.val) ServicesManager(org.apereo.cas.services.ServicesManager) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) URI(java.net.URI) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport) RedirectUnauthorizedServiceUrlAction(org.apereo.cas.web.flow.login.RedirectUnauthorizedServiceUrlAction) Test(org.junit.jupiter.api.Test)

Example 72 with EventFactorySupport

use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.

the class RedirectUnauthorizedServiceUrlActionTests method verifyScript.

@Test
public void verifyScript() throws Exception {
    val appCtx = new StaticApplicationContext();
    appCtx.refresh();
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    RequestContextHolder.setRequestContext(context);
    ExternalContextHolder.setExternalContext(context.getExternalContext());
    context.setCurrentEvent(new EventFactorySupport().success(this));
    WebUtils.putRegisteredService(context, RegisteredServiceTestUtils.getRegisteredService());
    WebUtils.putUnauthorizedRedirectUrlIntoFlowScope(context, new URI("classpath:UnauthorizedServiceUrl.groovy"));
    val action = new RedirectUnauthorizedServiceUrlAction(mock(ServicesManager.class), appCtx);
    assertNull(action.doExecute(context));
    assertEquals("https://apereo.org/cas", WebUtils.getUnauthorizedRedirectUrlFromFlowScope(context).toASCIIString());
}
Also used : lombok.val(lombok.val) ServicesManager(org.apereo.cas.services.ServicesManager) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) URI(java.net.URI) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport) RedirectUnauthorizedServiceUrlAction(org.apereo.cas.web.flow.login.RedirectUnauthorizedServiceUrlAction) Test(org.junit.jupiter.api.Test)

Example 73 with EventFactorySupport

use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.

the class DetermineMultifactorPasswordlessAuthenticationAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    val user = WebUtils.getPasswordlessAuthenticationAccount(requestContext, PasswordlessUserAccount.class);
    if (user == null) {
        LOGGER.error("Unable to locate passwordless account in the flow");
        return error();
    }
    if (multifactorTriggerSelectionStrategy.getMultifactorAuthenticationTriggers().isEmpty()) {
        LOGGER.debug("No multifactor authentication triggers are available or defined");
        return success();
    }
    if (!shouldActivateMultifactorAuthenticationFor(requestContext, user)) {
        LOGGER.debug("User [{}] is not activated to use CAS-provided multifactor authentication providers. " + "You may wish to re-examine your CAS configuration to enable and allow for multifactor authentication to be " + "combined with passwordless authentication", user);
        return success();
    }
    val attributes = CoreAuthenticationUtils.convertAttributeValuesToMultiValuedObjects((Map) user.getAttributes());
    val principal = this.passwordlessPrincipalFactory.createPrincipal(user.getId(), attributes);
    val auth = DefaultAuthenticationBuilder.newInstance().setPrincipal(principal).build();
    val service = WebUtils.getService(requestContext);
    val result = resolveMultifactorAuthenticationProvider(requestContext, auth, service);
    if (result.isEmpty()) {
        LOGGER.debug("No CAS-provided multifactor authentication trigger required user [{}] to proceed with MFA. " + "CAS will proceed with its normal passwordless authentication flow.", user);
        return success();
    }
    populateContextWithAuthenticationResult(requestContext, auth, service);
    LOGGER.debug("Proceed with multifactor authentication flow [{}] for user [{}]", result.get(), user);
    return new EventFactorySupport().event(this, result.map(MultifactorAuthenticationProvider::getId).orElse(StringUtils.EMPTY));
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProvider(org.apereo.cas.authentication.MultifactorAuthenticationProvider) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)

Example 74 with EventFactorySupport

use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.

the class DetermineDelegatedAuthenticationAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    val user = WebUtils.getPasswordlessAuthenticationAccount(requestContext, PasswordlessUserAccount.class);
    if (user == null) {
        LOGGER.error("Unable to locate passwordless account in the flow");
        return error();
    }
    val clients = providerConfigurationProducer.produce(requestContext);
    if (clients.isEmpty()) {
        LOGGER.debug("No delegated authentication providers are available or defined");
        return success();
    }
    if (!isDelegatedAuthenticationActiveFor(requestContext, user)) {
        LOGGER.debug("User [{}] is not activated to use CAS delegated authentication to external identity providers. " + "You may wish to re-examine your CAS configuration to enable and allow for delegated authentication to be " + "combined with passwordless authentication", user);
        return success();
    }
    val providerResult = determineDelegatedIdentityProviderConfiguration(requestContext, user, clients);
    if (providerResult.isPresent()) {
        val resolvedId = providerResult.get();
        requestContext.getFlashScope().put("delegatedClientIdentityProvider", resolvedId);
        return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_REDIRECT, "delegatedClientIdentityProvider", resolvedId);
    }
    LOGGER.trace("Delegated identity provider could not be determined for [{}] based on [{}]", user, clients);
    return success();
}
Also used : lombok.val(lombok.val) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)

Example 75 with EventFactorySupport

use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.

the class SpnegoCredentialsActionTests method verifyErrorWithBadCredential.

@Test
public void verifyErrorWithBadCredential() throws Exception {
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    request.addHeader(SpnegoConstants.HEADER_AUTHORIZATION, SpnegoConstants.NEGOTIATE + ' ' + EncodingUtils.encodeBase64("credential"));
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    val stResolver = mock(CasWebflowEventResolver.class);
    val err = new EventFactorySupport().error(this);
    when(stResolver.resolveSingle(any())).thenReturn(err);
    val action = new SpnegoCredentialsAction(mock(CasDelegatingWebflowEventResolver.class), stResolver, mock(AdaptiveAuthenticationPolicy.class), false, true);
    assertEquals(CasWebflowConstants.TRANSITION_ID_ERROR, action.execute(context).getId());
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) MockRequestContext(org.springframework.webflow.test.MockRequestContext) CasDelegatingWebflowEventResolver(org.apereo.cas.web.flow.resolver.CasDelegatingWebflowEventResolver) AdaptiveAuthenticationPolicy(org.apereo.cas.authentication.adaptive.AdaptiveAuthenticationPolicy) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport) Test(org.junit.jupiter.api.Test)

Aggregations

EventFactorySupport (org.springframework.webflow.action.EventFactorySupport)78 lombok.val (lombok.val)61 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)26 MockServletContext (org.springframework.mock.web.MockServletContext)25 MockRequestContext (org.springframework.webflow.test.MockRequestContext)23 Test (org.junit.jupiter.api.Test)21 Event (org.springframework.webflow.execution.Event)12 Test (org.junit.Test)7 LocalAttributeMap (org.springframework.webflow.core.collection.LocalAttributeMap)7 HttpServletRequest (javax.servlet.http.HttpServletRequest)5 HashMap (java.util.HashMap)4 Authentication (org.apereo.cas.authentication.Authentication)4 AuthenticationException (org.apereo.cas.authentication.AuthenticationException)4 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4 WebUtils (org.apereo.cas.web.support.WebUtils)3 LiteralExpression (org.springframework.binding.expression.support.LiteralExpression)3 MessageContext (org.springframework.binding.message.MessageContext)3 Transition (org.springframework.webflow.engine.Transition)3