org.pac4j.core.client.Clients Java Examples

@Test
public void shouldReturnOkIfClientNameIsSet() throws RequiresHttpAction {
	Session session = mock(Session.class);
	Response response = mock(Response.class);
	JaxrsWebContext webContext = mock(JaxrsWebContext.class);
	when(webContext.getResponse()).thenReturn(response);
	doReturn(session).when(filter).getSession(context, true);
	doReturn(webContext).when(filter).getContext(context, session);
	doReturn(client).when(filter).getClient(session);
	Credentials credentials = mock(Credentials.class);
	HttpProfile profile = mock(HttpProfile.class);
	when(client.getCredentials(webContext)).thenReturn(credentials);
	when(client.getUserProfile(credentials, webContext)).thenReturn(profile);
	filter.filter(context);
	verify(session).addAttribute(AuthenticationFilter.PRINCIPAL, profile);
	verify(session).addAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "client1");
	verify(sessionStore).save(session);
	verify(webContext).setResponseStatus(Response.Status.OK.getStatusCode());
	verify(listener).authSuccess(session, profile);
	verify(context).abortWith(response);
}
 

@BeforeMethod
public void setup() {
	client = mock(Client.class);
	listener = mock(AuthenticationListener.class);
	when(client.getName()).thenReturn("client1");
	clients = new Clients("/callback", client);
	sessionStore = mock(SessionStore.class);
	configuration = mock(SecurityConfiguration.class);
	when(configuration.getSessionStore()).thenReturn(sessionStore);
	filter = spy(new CallbackFilter(clients, configuration));
	filter.registerListener(listener);
	context = mock(ContainerRequestContext.class);
	uriInfo = mock(UriInfo.class);
	when(uriInfo.getPath()).thenReturn("/callback");
	when(context.getUriInfo()).thenReturn(uriInfo);
}
 

@Test
public void checkUnautorizedProtocol() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "BasicAuthClient");

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);

    final BasicAuthClient basicAuthClient = new BasicAuthClient();
    final Clients clients = new Clients(MY_LOGIN_URL, basicAuthClient);
    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);

    try {
        action.execute(mockRequestContext);
        fail("Should fail as the HTTP protocol is not authorized");
    } catch (final TechnicalException e) {
        assertEquals("Only CAS, OAuth, OpenID and SAML protocols are supported: " + basicAuthClient, e.getMessage());
    }
}
 

default Config getConfig() {
    // login not used because the ajax resolver always answer true
    Authenticator<UsernamePasswordCredentials> auth = new SimpleTestUsernamePasswordAuthenticator();
    FormClient client = new FormClient("notUsedLoginUrl", auth);
    DirectFormClient client2 = new DirectFormClient(auth);
    DirectFormClient client3 = new DirectFormClient(auth);
    client3.setName(DEFAULT_CLIENT);

    Clients clients = new Clients("notUsedCallbackUrl", client, client2, client3);
    // in case of invalid credentials, we simply want the error, not a redirect to the login url
    clients.setAjaxRequestResolver(new JaxRsAjaxRequestResolver());
    
    // so that callback url have the correct prefix w.r.t. the container's context
    clients.setUrlResolver(new JaxRsUrlResolver());
    
    clients.setDefaultSecurityClients(DEFAULT_CLIENT);

    return new Config(clients);
}
 

/**
 * Build the action.
 *
 * @param theCentralAuthenticationService The service for CAS authentication
 * @param theClients The clients for authentication
 */
public ClientAction(final CentralAuthenticationService theCentralAuthenticationService,
        final Clients theClients) {
    this.centralAuthenticationService = theCentralAuthenticationService;
    this.clients = theClients;
    ProfileHelper.setKeepRawData(true);
}
 

@Autowired
@Bean
public ClientAuthenticationProvider clientAuthenticationProvider(Clients clients) {
	ClientAuthenticationProvider provider = new ClientAuthenticationProvider();
	provider.setClients(clients);
	return provider;
}
 

@Autowired
@Bean
public ClientAuthenticationFilter clientAuthenticationFilter(AuthenticationManager authenticationManager, Clients clients) {
	ClientAuthenticationFilter filter = new ClientAuthenticationFilter("/" + Pac4jAuthenticationUtils.CALLBACK_URI);
	filter.setClients(clients);
	filter.setAuthenticationManager(authenticationManager);
	filter.setAuthenticationFailureHandler(pac4jAuthenticationFailureHandler());
	filter.setAuthenticationSuccessHandler(pac4jAuthenticationSuccessHandler());
	return filter;
}
 

@Test
public void shouldSetClientNameParamInSessionIfNotAuthenticated() throws RequiresHttpAction {
	Session session = mock(Session.class);
	Response response = mock(Response.class);
	JaxrsWebContext webContext = mock(JaxrsWebContext.class);
	when(webContext.getResponse()).thenReturn(response);
	doReturn(basicClient).when(filter).getClient(webContext);
	doReturn(false).when(filter).isAuthenticated(session);
	doReturn(session).when(filter).getSession(context, true);
	doReturn(webContext).when(filter).getContext(context, session);
	filter.filter(context);
	verify(session).addAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "client1");
	verify(sessionStore).save(session);
}
 

@BeforeMethod
public void setup() {
	basicClient = mock(BasicAuthClient.class);
	when(basicClient.getName()).thenReturn("client1");
	clients = new Clients("/callback", basicClient);
	sessionStore = mock(SessionStore.class);
	configuration = mock(SecurityConfiguration.class);
	when(configuration.getSessionStore()).thenReturn(sessionStore);
	filter = spy(new AuthenticationFilter(clients, configuration));
	context = mock(ContainerRequestContext.class);
	uriInfo = mock(UriInfo.class);
	when(uriInfo.getPath()).thenReturn("/dummy");
	when(context.getUriInfo()).thenReturn(uriInfo);
}
 

@Override
public void filter(ContainerRequestContext request) {
	URI uri = URI.create(getClients().getCallbackUrl());
	if (! HttpUtil.structureUrl(request.getUriInfo().getPath()).equalsIgnoreCase(uri.getPath())) {
	    logger.debug("Request path {} doesn't match callback url. Skipping", request.getUriInfo().getPath());
		return;
	}
	
	Session session = getSession(request, true);
	JaxrsWebContext context = getContext(request, session);
	Client client = getClient(session);
	if (client == null) {
	    client = getClient(context);
	}
	if (client == null) {
		context.setResponseStatus(422);
		if (listener != null) {
		    listener.authFailed(session);
		}
	} else {
		try {
			Credentials credentials = client.getCredentials(context);
			UserProfile userProfile = client.getUserProfile(credentials, context);
			session.addAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER, client.getName());
			session.addAttribute(PRINCIPAL, userProfile);
			if (listener != null) {
                listener.authSuccess(session, userProfile);
			}
			getConfiguration().getSessionStore().save(session);
			context.setResponseStatus(Response.Status.OK.getStatusCode());
		} catch (RequiresHttpAction e) {
			context.setResponseStatus(e.getCode());
			if (listener != null) {
                listener.authFailed(session);
            }
		}
	}
	request.abortWith(context.getResponse());
}
 

protected Client getClient(Session session) {
    String clientName = session.getAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER);
    if (Strings.isNullOrEmpty(clientName)) {
        return null;
    }
    return clients.findClient(clientName);
}
 

@Override
public void filter(ContainerRequestContext request) {
    Session session = getSession(request, true);
       request.setProperty(SESSION, session);
       
	if (isWhiteListed(request)) {
	    logger.debug("Request path {} is in whitelisted set of urls. Skipping authentication", request.getUriInfo());
		return;
	}
	if (isAuthenticated(session)) {
	    logger.debug("Session is already authenticated. Skipping authentication");
		return;
	}

	JaxrsWebContext context = getContext(request, session);
	Client client = getClient(context);

	if (client != null) {
		session.addAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER, client.getName());
		getConfiguration().getSessionStore().save(session);
		
		try {
			client.redirect(context, false, false);
		} catch (RequiresHttpAction e) {
			logger.error("Failed while redirecting the request", e);
			context.setResponseStatus(e.getCode());
		}
	} else {
		context.setResponseStatus(Response.Status.UNAUTHORIZED.getStatusCode());
	}
	context.setResponseHeader(HttpHeaders.SET_COOKIE, createSessionCookie(session).toString());
	request.abortWith(context.getResponse());
}
 

@Test
public void testFinishAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");

    final MockHttpSession mockSession = new MockHttpSession();
    mockSession.setAttribute(ClientAction.THEME, MY_THEME);
    mockSession.setAttribute(ClientAction.LOCALE, MY_LOCALE);
    mockSession.setAttribute(ClientAction.METHOD, MY_METHOD);
    final Service service = new SimpleWebApplicationServiceImpl(MY_SERVICE);
    mockSession.setAttribute(ClientAction.SERVICE, service);
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);

    final FacebookClient facebookClient = new MockFacebookClient();
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient);

    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);
    final Event event = action.execute(mockRequestContext);
    assertEquals("success", event.getId());
    assertEquals(MY_THEME, mockRequest.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockRequest.getAttribute(ClientAction.METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    assertEquals(service, flowScope.get(ClientAction.SERVICE));
}
 

@Test
public void defaultsUnset() throws Exception {
    Pac4jFactory conf = getPac4jFactory("defaults.yaml");
    Config config = conf.build();

    Clients clients = config.getClients();
    // check that it is the correct file
    assertThat(clients.getCallbackUrl()).isEqualTo("test");
    // the default settings should be used!
    assertThat(clients.getAjaxRequestResolver()).isExactlyInstanceOf(JaxRsAjaxRequestResolver.class);
    assertThat(clients.getUrlResolver()).isExactlyInstanceOf(JaxRsUrlResolver.class);
}
 

@Test
public void testStartAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(ClientAction.THEME, MY_THEME);
    mockRequest.setParameter(ClientAction.LOCALE, MY_LOCALE);
    mockRequest.setParameter(ClientAction.METHOD, MY_METHOD);

    final MockHttpSession mockSession = new MockHttpSession();
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    mockRequestContext.getFlowScope().put(ClientAction.SERVICE, new SimpleWebApplicationServiceImpl(MY_SERVICE));

    final FacebookClient facebookClient = new FacebookClient(MY_KEY, MY_SECRET);
    final TwitterClient twitterClient = new TwitterClient(MY_KEY, MY_SECRET);
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient, twitterClient);
    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);

    final Event event = action.execute(mockRequestContext);
    assertEquals("error", event.getId());
    assertEquals(MY_THEME, mockSession.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockSession.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockSession.getAttribute(ClientAction.METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    assertTrue(((String) flowScope.get("FacebookClientUrl"))
            .startsWith("https://www.facebook.com/v2.2/dialog/oauth?client_id=my_key&redirect_uri=http%3A%2F%2Fcasserver%2Flogin%3F"
                    + Clients.DEFAULT_CLIENT_NAME_PARAMETER + "%3DFacebookClient&state="));
    assertEquals(MY_LOGIN_URL + "?" + Clients.DEFAULT_CLIENT_NAME_PARAMETER
            + "=TwitterClient&needs_client_redirection=true", flowScope.get("TwitterClientUrl"));
}
 

@Test
public void verifyStartAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(ClientAction.THEME, MY_THEME);
    mockRequest.setParameter(ClientAction.LOCALE, MY_LOCALE);
    mockRequest.setParameter(ClientAction.METHOD, MY_METHOD);

    final MockHttpSession mockSession = new MockHttpSession();
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    mockRequestContext.getFlowScope().put(ClientAction.SERVICE, new SimpleWebApplicationServiceImpl(MY_SERVICE));

    final FacebookClient facebookClient = new FacebookClient(MY_KEY, MY_SECRET);
    final TwitterClient twitterClient = new TwitterClient(MY_KEY, MY_SECRET);
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient, twitterClient);
    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);

    final Event event = action.execute(mockRequestContext);
    assertEquals("error", event.getId());
    assertEquals(MY_THEME, mockSession.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockSession.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockSession.getAttribute(ClientAction.METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    assertTrue(((String) flowScope.get("FacebookClientUrl"))
            .startsWith("https://www.facebook.com/v2.2/dialog/oauth?client_id=my_key&redirect_uri=http%3A%2F%2Fcasserver%2Flogin%3F"
                    + Clients.DEFAULT_CLIENT_NAME_PARAMETER + "%3DFacebookClient&state="));
    assertEquals(MY_LOGIN_URL + "?" + Clients.DEFAULT_CLIENT_NAME_PARAMETER
            + "=TwitterClient&needs_client_redirection=true", flowScope.get("TwitterClientUrl"));
}
 

@Test
public void verifyFinishAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");

    final MockHttpSession mockSession = new MockHttpSession();
    mockSession.setAttribute(ClientAction.THEME, MY_THEME);
    mockSession.setAttribute(ClientAction.LOCALE, MY_LOCALE);
    mockSession.setAttribute(ClientAction.METHOD, MY_METHOD);
    final Service service = new SimpleWebApplicationServiceImpl(MY_SERVICE);
    mockSession.setAttribute(ClientAction.SERVICE, service);
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);

    final FacebookClient facebookClient = new MockFacebookClient();
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient);

    final TicketGrantingTicket tgt = new TicketGrantingTicketImpl(TGT_ID, mock(Authentication.class), mock(ExpirationPolicy.class));
    final CentralAuthenticationService casImpl = mock(CentralAuthenticationService.class);
    when(casImpl.createTicketGrantingTicket(any(Credential.class))).thenReturn(tgt);
    final ClientAction action = new ClientAction(casImpl, clients);
    final Event event = action.execute(mockRequestContext);
    assertEquals("success", event.getId());
    assertEquals(MY_THEME, mockRequest.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockRequest.getAttribute(ClientAction.METHOD));
    assertEquals(MY_SERVICE, mockRequest.getAttribute(ClientAction.SERVICE));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    final MutableAttributeMap requestScope = mockRequestContext.getRequestScope();
    assertEquals(service, flowScope.get(ClientAction.SERVICE));
    assertEquals(TGT_ID, flowScope.get(TGT_NAME));
    assertEquals(TGT_ID, requestScope.get(TGT_NAME));
}
 

/**
 * Build the action.
 *
 * @param theCentralAuthenticationService The service for CAS authentication
 * @param theClients The clients for authentication
 */
public ClientAction(final CentralAuthenticationService theCentralAuthenticationService,
        final Clients theClients) {
    this.centralAuthenticationService = theCentralAuthenticationService;
    this.clients = theClients;
    ProfileHelper.setKeepRawData(true);
}
 

@Before
public void setUp() {
    this.fbClient = new MockFacebookClient();
    final Clients clients = new Clients(CALLBACK_URL, fbClient);
    this.handler = new ClientAuthenticationHandler(clients);
    final Credentials credentials = new OAuthCredentials(null, MockFacebookClient.CLIENT_NAME);
    this.clientCredential = new ClientCredential(credentials);
    ExternalContextHolder.setExternalContext(mock(ServletExternalContext.class));
}
 

@Bean
protected Config casConfig(Clients clients) {
    Config config = new Config();
    config.setClients(clients);
    return config;
}
 

@Bean
public Clients clients() {
	return new Clients(configurer.getAuthenticationCallbackBaseUrl() + Pac4jAuthenticationUtils.CALLBACK_URI,
			googleClient(), gitHubClient(), twitterClient());
}
 

@Test(expectedExceptions=TechnicalException.class)
public void shouldThrowExceptionIfClientNameIsNotFoundInSession() {
	Session session = mock(Session.class);
	when(session.getAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER)).thenReturn("unknownClient");
	filter.getClient(session);
}
 

@Test
public void shouldReturnNullClientFromSessionIfClientNameAttributeIsNotSet() {
	Session session = mock(Session.class);
	when(session.getAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER)).thenReturn(null);
	assertNull(filter.getClient(session));
}
 

@Test
public void shouldGetClientFromSessionIfClientNameAttributeIsSet() {
	Session session = mock(Session.class);
	when(session.getAttribute(Clients.DEFAULT_CLIENT_NAME_PARAMETER)).thenReturn("client1");
	assertEquals(filter.getClient(session), basicClient);
}
 

@Test
public void shouldGetClientFromRequestContextIfClientNameAttributeIsSet() {
	JaxrsWebContext context = mock(JaxrsWebContext.class);
	when(context.getRequestParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER)).thenReturn("client1");
	assertEquals(filter.getClient(context), basicClient);
}
 

@Test
public void shouldThrowExceptionIfClientNameIsNotFoundInRequestContext() {
	JaxrsWebContext context = mock(JaxrsWebContext.class);
	when(context.getRequestParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER)).thenReturn("unknownClient");
	assertNull(filter.getClient(context));
}
 

@Test
public void shouldReturnNullFromRequestContextIfClientNameAttributeIsNotSet() {
	JaxrsWebContext context = mock(JaxrsWebContext.class);
	when(context.getRequestParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER)).thenReturn(null);
	assertNull(filter.getClient(context));
}
 

/**
 * @param clients
 */
public SecurityPlugin(Clients clients) {
	this.clients = clients;
}
 

/**
 * @param callbackUrl
 * @param clients
 */
public SecurityPlugin(String callbackUrl, AuthenticationListener listener, Client... clients) {
    this.clients = new Clients(callbackUrl, clients);
    this.listener = listener;
}
 

/**
 * @param clients
 */
public CallbackFilter(Clients clients, SecurityConfiguration configuration) {
	super(clients, configuration);
}