org.jasig.cas.ticket.ServiceTicket Java Examples
The following examples show how to use
org.jasig.cas.ticket.ServiceTicket.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TicketOrCredentialPrincipalResolverTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyResolverServiceTicket() throws Exception { final Credential c = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketId = getCentralAuthenticationService() .createTicketGrantingTicket(c); final ServiceTicket st = getCentralAuthenticationService().grantServiceTicket(ticketId.getId(), TestUtils.getService()); final TicketOrCredentialPrincipalResolver res = new TicketOrCredentialPrincipalResolver(getCentralAuthenticationService()); final JoinPoint jp = mock(JoinPoint.class); when(jp.getArgs()).thenReturn(new Object[] {st.getId()}); final String result = res.resolveFrom(jp, null); assertNotNull(result); assertEquals(result, c.getId()); }
Example #2
Source File: OAuth20AccessTokenControllerTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
@Test public void testExpiredServiceTicket() throws Exception { final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.ACCESS_TOKEN_URL); mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID); mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI); mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET); mockRequest.setParameter(OAuthConstants.CODE, CODE); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); final ServicesManager servicesManager = mock(ServicesManager.class); final List<RegisteredService> services = new ArrayList<RegisteredService>(); services.add(getRegisteredService(REDIRECT_URI, CLIENT_SECRET)); when(servicesManager.getAllServices()).thenReturn(services); final TicketRegistry ticketRegistry = mock(TicketRegistry.class); final ServiceTicket serviceTicket = mock(ServiceTicket.class); when(serviceTicket.isExpired()).thenReturn(true); when(ticketRegistry.getTicket(CODE)).thenReturn(serviceTicket); final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController(); oauth20WrapperController.setServicesManager(servicesManager); oauth20WrapperController.setTicketRegistry(ticketRegistry); oauth20WrapperController.afterPropertiesSet(); oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertEquals(400, mockResponse.getStatus()); assertEquals("error=" + OAuthConstants.INVALID_GRANT, mockResponse.getContentAsString()); }
Example #3
Source File: DistributedTicketRegistryTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyUpdateOfRegistry() { final TicketGrantingTicket t = new TicketGrantingTicketImpl("test", TestUtils.getAuthentication(), new NeverExpiresExpirationPolicy()); this.ticketRegistry.addTicket(t); final TicketGrantingTicket returned = (TicketGrantingTicket) this.ticketRegistry.getTicket("test"); final ServiceTicket s = returned.grantServiceTicket("test2", TestUtils.getService(), new NeverExpiresExpirationPolicy(), true); this.ticketRegistry.addTicket(s); final ServiceTicket s2 = (ServiceTicket) this.ticketRegistry.getTicket("test2"); assertNotNull(s2.grantTicketGrantingTicket("ff", TestUtils.getAuthentication(), new NeverExpiresExpirationPolicy())); assertTrue(s2.isValidFor(TestUtils.getService())); assertTrue(this.wasTicketUpdated); returned.markTicketExpired(); assertTrue(t.isExpired()); }
Example #4
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyValidateServiceTicketWithInvalidUsernameAttribute() throws Exception { final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final Service svc = TestUtils.getService("eduPersonTestInvalid"); final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc); final Authentication auth = assertion.getPrimaryAuthentication(); /* * The attribute specified for this service does not resolve. * Therefore, we expect the default to be returned. */ assertEquals(auth.getPrincipal().getId(), cred.getUsername()); }
Example #5
Source File: JpaTicketRegistry.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
@Transactional(readOnly = false) public boolean deleteTicket(final String ticketId) { final Ticket ticket = getRawTicket(ticketId); if (ticket == null) { return false; } if (ticket instanceof ServiceTicket) { removeTicket(ticket); logger.debug("Deleted ticket [{}] from the registry.", ticket); return true; } deleteTicketAndChildren(ticket); logger.debug("Deleted ticket [{}] and its children from the registry.", ticket); return true; }
Example #6
Source File: CentralAuthenticationServiceImpl.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Audit( action="SERVICE_TICKET", actionResolverName="GRANT_SERVICE_TICKET_RESOLVER", resourceResolverName="GRANT_SERVICE_TICKET_RESOURCE_RESOLVER") @Timed(name = "GRANT_SERVICE_TICKET_TIMER") @Metered(name="GRANT_SERVICE_TICKET_METER") @Counted(name="GRANT_SERVICE_TICKET_COUNTER", monotonic=true) @Override public ServiceTicket grantServiceTicket(final String ticketGrantingTicketId, final Service service) throws TicketException { try { return this.grantServiceTicket(ticketGrantingTicketId, service, (Credential[]) null); } catch (final AuthenticationException e) { throw new IllegalStateException("Unexpected authentication exception", e); } }
Example #7
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyValidateServiceTicketWithExpires() throws Exception { ((CentralAuthenticationServiceImpl) getCentralAuthenticationService()) .setServiceTicketExpirationPolicy(new MultiTimeUseOrTimeoutExpirationPolicy( 1, 1100)); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService() .createTicketGrantingTicket( TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket serviceTicket = getCentralAuthenticationService() .grantServiceTicket(ticketGrantingTicket.getId(), TestUtils.getService()); getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), TestUtils.getService()); assertFalse(getTicketRegistry().deleteTicket(serviceTicket.getId())); ((CentralAuthenticationServiceImpl) getCentralAuthenticationService()) .setServiceTicketExpirationPolicy(new NeverExpiresExpirationPolicy()); }
Example #8
Source File: CentralAuthenticationServiceImplWithMockitoTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
private TicketGrantingTicket createMockTicketGrantingTicket(final String id, final ServiceTicket svcTicket, final boolean isExpired, final TicketGrantingTicket root, final List<Authentication> chainedAuthnList) { final TicketGrantingTicket tgtMock = mock(TicketGrantingTicket.class); when(tgtMock.isExpired()).thenReturn(isExpired); when(tgtMock.getId()).thenReturn(id); final String svcId = svcTicket.getService().getId(); when(tgtMock.grantServiceTicket(anyString(), argThat(new VerifyServiceByIdMatcher(svcId)), any(ExpirationPolicy.class), anyBoolean())).thenReturn(svcTicket); when(tgtMock.getRoot()).thenReturn(root); when(tgtMock.getChainedAuthentications()).thenReturn(chainedAuthnList); when(svcTicket.getGrantingTicket()).thenReturn(tgtMock); return tgtMock; }
Example #9
Source File: JpaTicketRegistry.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Transactional(readOnly = false) @Override public boolean deleteTicket(final String ticketId) { final Ticket ticket = getRawTicket(ticketId); if (ticket == null) { return false; } if (ticket instanceof ServiceTicket) { removeTicket(ticket); logger.debug("Deleted ticket [{}] from the registry.", ticket); return true; } deleteTicketAndChildren(ticket); logger.debug("Deleted ticket [{}] and its children from the registry.", ticket); return true; }
Example #10
Source File: AbstractServiceValidateControllerTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyValidServiceTicketWithInvalidPgt() throws Exception { this.serviceValidateController.setProxyHandler(new Cas10ProxyHandler()); final TicketGrantingTicket tId = getCentralAuthenticationService() .createTicketGrantingTicket(TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), TestUtils.getService()); final MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter("service", TestUtils.getService().getId()); request.addParameter("ticket", sId.getId()); request.addParameter("pgtUrl", "duh"); final ModelAndView modelAndView = this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse()); assertEquals(ServiceValidateController.DEFAULT_SERVICE_SUCCESS_VIEW_NAME, modelAndView.getViewName()); assertNull(modelAndView.getModel().get("pgtIou")); }
Example #11
Source File: AbstractServiceValidateControllerTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyValidServiceTicketWithDifferentEncodingAndIgnoringCase() throws Exception { this.serviceValidateController.setProxyHandler(new Cas10ProxyHandler()); final TicketGrantingTicket tId = getCentralAuthenticationService() .createTicketGrantingTicket(TestUtils.getCredentialsWithSameUsernameAndPassword()); final String origSvc = "http://www.jasig.org?param=hello+world"; final ServiceTicket sId = getCentralAuthenticationService() .grantServiceTicket(tId.getId(), TestUtils.getService(origSvc)); final String reqSvc = "http://WWW.JASIG.ORG?PARAM=hello%20world"; final MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter("service", TestUtils.getService(reqSvc).getId()); request.addParameter("ticket", sId.getId()); assertEquals(ServiceValidateController.DEFAULT_SERVICE_SUCCESS_VIEW_NAME, this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse()).getViewName()); }
Example #12
Source File: AbstractServiceValidateControllerTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyValidServiceTicketWithDifferentEncoding() throws Exception { this.serviceValidateController.setProxyHandler(new Cas10ProxyHandler()); final TicketGrantingTicket tId = getCentralAuthenticationService() .createTicketGrantingTicket(TestUtils.getCredentialsWithSameUsernameAndPassword()); final String origSvc = "http://www.jasig.org?param=hello+world"; final ServiceTicket sId = getCentralAuthenticationService() .grantServiceTicket(tId.getId(), TestUtils.getService(origSvc)); final String reqSvc = "http://www.jasig.org?param=hello%20world"; final MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter("service", TestUtils.getService(reqSvc).getId()); request.addParameter("ticket", sId.getId()); assertEquals(ServiceValidateController.DEFAULT_SERVICE_SUCCESS_VIEW_NAME, this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse()).getViewName()); }
Example #13
Source File: AbstractServiceValidateControllerTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyValidServiceTicketAndPgtUrlMismatch() throws Exception { final TicketGrantingTicket tId = getCentralAuthenticationService() .createTicketGrantingTicket(TestUtils.getCredentialsWithSameUsernameAndPassword()); final Service svc = TestUtils.getService("proxyService"); final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), svc); final MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter("service", svc.getId()); request.addParameter("ticket", sId.getId()); request.addParameter("pgtUrl", "http://www.github.com"); final ModelAndView modelAndView = this.serviceValidateController.handleRequestInternal(request, new MockHttpServletResponse()); assertEquals(ServiceValidateController.DEFAULT_SERVICE_FAILURE_VIEW_NAME, modelAndView.getViewName()); assertNull(modelAndView.getModel().get("pgtIou")); }
Example #14
Source File: AbstractServiceValidateControllerTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
protected final ModelAndView getModelAndViewUponServiceValidationWithSecurePgtUrl() throws Exception { final TicketGrantingTicket tId = getCentralAuthenticationService() .createTicketGrantingTicket(TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket sId = getCentralAuthenticationService().grantServiceTicket(tId.getId(), TestUtils.getService()); final MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter("service", TestUtils.getService().getId()); request.addParameter("ticket", sId.getId()); request.addParameter("pgtUrl", "https://www.github.com"); return this.serviceValidateController .handleRequestInternal(request, new MockHttpServletResponse()); }
Example #15
Source File: AbstractTicketRegistryTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testGetTicketsFromRegistryEqualToTicketsAdded() { final Collection<Ticket> tickets = new ArrayList<Ticket>(); for (int i = 0; i < TICKETS_IN_REGISTRY; i++) { final TicketGrantingTicket ticketGrantingTicket = new TicketGrantingTicketImpl("TEST" + i, TestUtils.getAuthentication(), new NeverExpiresExpirationPolicy()); final ServiceTicket st = ticketGrantingTicket.grantServiceTicket("tests" + i, TestUtils.getService(), new NeverExpiresExpirationPolicy(), false); tickets.add(ticketGrantingTicket); tickets.add(st); this.ticketRegistry.addTicket(ticketGrantingTicket); this.ticketRegistry.addTicket(st); } try { Collection<Ticket> ticketRegistryTickets = this.ticketRegistry.getTickets(); assertEquals("The size of the registry is not the same as the collection.", ticketRegistryTickets.size(), tickets.size()); for (final Ticket ticket : tickets) { if (!ticketRegistryTickets.contains(ticket)) { fail("Ticket was added to registry but was not found in retrieval of collection of all tickets."); } } } catch (final Exception e) { fail("Caught an exception. But no exception should have been thrown."); } }
Example #16
Source File: AbstractServiceValidateControllerTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
private HttpServletRequest getHttpServletRequest() throws Exception { final TicketGrantingTicket tId = getCentralAuthenticationService() .createTicketGrantingTicket(TestUtils.getCredentialsWithSameUsernameAndPassword()); getCentralAuthenticationService().grantServiceTicket(tId.getId(), TestUtils.getService()); final ServiceTicket sId2 = getCentralAuthenticationService().grantServiceTicket(tId.getId(), TestUtils.getService()); final MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter("service", TestUtils.getService().getId()); request.addParameter("ticket", sId2.getId()); request.addParameter("renew", "true"); return request; }
Example #17
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyValidateServiceTicketAnonymous() throws Exception { final Service service = TestUtils.getService("testAnonymous"); final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), service); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), service); final Authentication auth = assertion.getPrimaryAuthentication(); assertNotEquals(cred.getUsername(), auth.getPrincipal().getId()); }
Example #18
Source File: HazelcastTicketRegistry.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
/** * A method to get the starting TTL for a ticket based upon type. * * @param t Ticket to get starting TTL for * * @return Initial TTL for ticket */ private long getTimeout(final Ticket t) { if (t instanceof TicketGrantingTicket) { return this.ticketGrantingTicketTimoutInSeconds; } else if (t instanceof ServiceTicket) { return this.serviceTicketTimeoutInSeconds; } throw new IllegalArgumentException( String.format("Invalid ticket type [%s]. Expecting either [TicketGrantingTicket] or [ServiceTicket]", t.getClass().getName())); }
Example #19
Source File: KryoTranscoderTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Override public ServiceTicket grantServiceTicket( final String id, final Service service, final ExpirationPolicy expirationPolicy, final boolean credentialsProvided) { this.usageCount++; return new MockServiceTicket(id); }
Example #20
Source File: KryoTranscoderTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyEncodeDecodeTGTImpl() throws Exception { final Credential userPassCredential = new UsernamePasswordCredential(USERNAME, PASSWORD); final AuthenticationBuilder bldr = new DefaultAuthenticationBuilder( new DefaultPrincipalFactory() .createPrincipal("user", Collections.unmodifiableMap(this.principalAttributes))); bldr.setAttributes(Collections.unmodifiableMap(this.principalAttributes)); bldr.setAuthenticationDate(new Date()); bldr.addCredential(new BasicCredentialMetaData(userPassCredential)); bldr.addFailure("error", AccountNotFoundException.class); bldr.addSuccess("authn", new DefaultHandlerResult( new AcceptUsersAuthenticationHandler(), new BasicCredentialMetaData(userPassCredential))); final TicketGrantingTicket parent = new TicketGrantingTicketImpl(TGT_ID, TestUtils.getService(), null, bldr.build(), new NeverExpiresExpirationPolicy()); final TicketGrantingTicket expectedTGT = new TicketGrantingTicketImpl(TGT_ID, TestUtils.getService(), null, bldr.build(), new NeverExpiresExpirationPolicy()); final ServiceTicket ticket = expectedTGT.grantServiceTicket(ST_ID, TestUtils.getService(), new NeverExpiresExpirationPolicy(), false); CachedData result = transcoder.encode(expectedTGT); final TicketGrantingTicket resultTicket = (TicketGrantingTicket) transcoder.decode(result); assertEquals(expectedTGT, resultTicket); result = transcoder.encode(ticket); final ServiceTicket resultStTicket = (ServiceTicket) transcoder.decode(result); assertEquals(ticket, resultStTicket); }
Example #21
Source File: JpaTicketRegistryTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testTicketCreationAndDeletion() throws Exception { final TicketGrantingTicket newTgt = newTGT(); addTicketInTransaction(newTgt); final TicketGrantingTicket tgtFromDb = (TicketGrantingTicket) getTicketInTransaction(newTgt.getId()); assertNotNull(tgtFromDb); assertEquals(newTgt.getId(), tgtFromDb.getId()); final ServiceTicket newSt = grantServiceTicketInTransaction(tgtFromDb); final ServiceTicket stFromDb = (ServiceTicket) getTicketInTransaction(newSt.getId()); assertNotNull(stFromDb); assertEquals(newSt.getId(), stFromDb.getId()); deleteTicketInTransaction(newTgt.getId()); assertNull(getTicketInTransaction(newTgt.getId())); assertNull(getTicketInTransaction(newSt.getId())); }
Example #22
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyValidateServiceTicketWithUsernameAttribute() throws Exception { final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final Service svc = TestUtils.getService("eduPersonTest"); final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc); assertEquals("developer", assertion.getPrimaryAuthentication().getPrincipal().getId()); }
Example #23
Source File: AbstractDistributedTicketRegistry.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
protected final Ticket getProxiedTicketInstance(final Ticket ticket) { if (ticket == null) { return null; } if (ticket instanceof TicketGrantingTicket) { return new TicketGrantingTicketDelegator(this, (TicketGrantingTicket) ticket, needsCallback()); } return new ServiceTicketDelegator(this, (ServiceTicket) ticket, needsCallback()); }
Example #24
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test(expected=TicketException.class) public void verifyValidateServiceTicketWithInvalidServiceTicket() throws Exception { final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService() .createTicketGrantingTicket( TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket serviceTicket = getCentralAuthenticationService() .grantServiceTicket(ticketGrantingTicket.getId(), TestUtils.getService()); getCentralAuthenticationService().destroyTicketGrantingTicket( ticketGrantingTicket.getId()); getCentralAuthenticationService().validateServiceTicket( serviceTicket.getId(), TestUtils.getService()); }
Example #25
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test(expected=UnauthorizedServiceException.class) public void verifyValidateServiceTicketWithInvalidService() throws Exception { final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService() .createTicketGrantingTicket( TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket serviceTicket = getCentralAuthenticationService() .grantServiceTicket(ticketGrantingTicket.getId(), TestUtils.getService()); getCentralAuthenticationService().validateServiceTicket( serviceTicket.getId(), TestUtils.getService("test2")); }
Example #26
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyValidateServiceTicketWithValidService() throws Exception { final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService() .createTicketGrantingTicket( TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket serviceTicket = getCentralAuthenticationService() .grantServiceTicket(ticketGrantingTicket.getId(), TestUtils.getService()); getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), TestUtils.getService()); }
Example #27
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test(expected=TicketException.class) public void verifyDelegateTicketGrantingTicketWithBadServiceTicket() throws Exception { final TicketGrantingTicket ticketId = getCentralAuthenticationService() .createTicketGrantingTicket( TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket serviceTicketId = getCentralAuthenticationService() .grantServiceTicket(ticketId.getId(), TestUtils.getService()); getCentralAuthenticationService().destroyTicketGrantingTicket(ticketId.getId()); getCentralAuthenticationService().delegateTicketGrantingTicket( serviceTicketId.getId(), TestUtils.getHttpBasedServiceCredentials()); }
Example #28
Source File: CentralAuthenticationServiceImpl.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
/** * Determines the principal id to use for a {@link RegisteredService} using the following rules: * * <ul> * <li> If the service is marked to allow anonymous access, a persistent id is returned. </li> * <li> If the {@link org.jasig.cas.services.RegisteredService#getUsernameAttribute()} is blank, then the default * principal id is returned.</li> * <li>If the username attribute is available as part of the principal's attributes, * the corresponding attribute value will be returned. * </li> * <li>Otherwise, the default principal's id is returned as the username attribute * with an additional warning.</li> * </ul> * * @param principal The principal object to be validated and constructed * @param registeredService Requesting service for which a principal is being validated. * @param serviceTicket An instance of the service ticket used for validation * * @return The principal id to use for the requesting registered service */ private String determinePrincipalIdForRegisteredService(final Principal principal, final RegisteredService registeredService, final ServiceTicket serviceTicket) { String principalId = null; final String serviceUsernameAttribute = registeredService.getUsernameAttribute(); if (registeredService.isAnonymousAccess()) { principalId = this.persistentIdGenerator.generate(principal, serviceTicket.getService()); } else if (StringUtils.isBlank(serviceUsernameAttribute)) { principalId = principal.getId(); } else { if (principal.getAttributes().containsKey(serviceUsernameAttribute)) { principalId = principal.getAttributes().get(serviceUsernameAttribute).toString(); } else { principalId = principal.getId(); final Object[] errorLogParameters = new Object[] { principalId, registeredService.getUsernameAttribute(), principal.getAttributes(), registeredService.getServiceId(), principalId }; logger.warn("Principal [{}] did not have attribute [{}] among attributes [{}] so CAS cannot " + "provide on the validation response the user attribute the registered service [{}] expects. " + "CAS will instead return the default username attribute [{}]", errorLogParameters); } } logger.debug("Principal id to return for service [{}] is [{}]. The default principal id is [{}].", new Object[]{registeredService.getName(), principal.getId(), principalId}); return principalId; }
Example #29
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyGrantProxyTicketWithValidTicketGrantingTicket() throws Exception { final TicketGrantingTicket ticketId = getCentralAuthenticationService() .createTicketGrantingTicket( TestUtils.getCredentialsWithSameUsernameAndPassword()); final ServiceTicket serviceTicketId = getCentralAuthenticationService() .grantServiceTicket(ticketId.getId(), TestUtils.getService()); final TicketGrantingTicket pgt = getCentralAuthenticationService().delegateTicketGrantingTicket( serviceTicketId.getId(), TestUtils.getHttpBasedServiceCredentials()); final ServiceTicket pt = getCentralAuthenticationService().grantServiceTicket(pgt.getId(), TestUtils.getService(), new Credential[] {}); assertTrue(pt.getId().startsWith(ServiceTicket.PROXY_TICKET_PREFIX)); }
Example #30
Source File: MemCacheTicketRegistry.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
private int getTimeout(final Ticket t) { if (t instanceof TicketGrantingTicket) { return this.tgtTimeout; } else if (t instanceof ServiceTicket) { return this.stTimeout; } throw new IllegalArgumentException("Invalid ticket type"); }