org.jasig.cas.authentication.CredentialMetaData Java Examples

public MockTicketGrantingTicket(final String id, final Credential credential, final Map<String, Object> principalAttributes) {
    this.id = id;
    final CredentialMetaData credentialMetaData = new BasicCredentialMetaData(credential);
    final DefaultAuthenticationBuilder builder = new DefaultAuthenticationBuilder();
    builder.setPrincipal(this.principalFactory.createPrincipal(USERNAME, principalAttributes));
    builder.setAuthenticationDate(new Date());
    builder.addCredential(credentialMetaData);
    builder.addAttribute(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME, Boolean.TRUE);
    final AuthenticationHandler handler = new MockAuthenticationHandler();
    try {
        builder.addSuccess(handler.getName(), handler.authenticate(credential));
    } catch (final Exception e) {
        throw new RuntimeException(e);
    }
    builder.addFailure(handler.getName(), FailedLoginException.class);
    this.authentication = builder.build();
}
 

public MockTicketGrantingTicket(final String id, final Credential credential) {
    this.id = id;
    final CredentialMetaData credentialMetaData = new BasicCredentialMetaData(credential);
    final AuthenticationBuilder builder = new AuthenticationBuilder();
    final Map<String, Object> attributes = new HashMap<String, Object>();
    attributes.put("nickname", "bob");
    builder.setPrincipal(new SimplePrincipal("handymanbob", attributes));
    builder.setAuthenticationDate(new Date());
    builder.addCredential(credentialMetaData);
    final AuthenticationHandler handler = new MockAuthenticationHandler();
    try {
        builder.addSuccess(handler.getName(), handler.authenticate(credential));
    } catch (final Exception e) {
        throw new RuntimeException(e);
    }
    builder.addFailure(handler.getName(), FailedLoginException.class);
    this.authentication = builder.build();
}
 

private static AuthenticationBuilder newAuthenticationBuilder(final Principal principal) {
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    return new DefaultAuthenticationBuilder(principal)
            .addCredential(meta)
            .addSuccess("test", new DefaultHandlerResult(handler, meta));
}
 

public MockTicketGrantingTicket(final String principal) {
    id = ID_GENERATOR.getNewTicketId("TGT");
    final CredentialMetaData metaData = new BasicCredentialMetaData(
            TestUtils.getCredentialsWithSameUsernameAndPassword());
    authentication = new DefaultAuthenticationBuilder(new DefaultPrincipalFactory().createPrincipal(principal))
                        .addCredential(metaData)
                        .addSuccess(SimpleTestUsernamePasswordAuthenticationHandler.class.getName(),
                        new DefaultHandlerResult(new SimpleTestUsernamePasswordAuthenticationHandler(), metaData))
                        .build();

    created = new Date();
}
 

private AuthenticationBuilder newBuilder(final Credential credential) {
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    final AuthenticationBuilder builder = new DefaultAuthenticationBuilder(TestUtils.getPrincipal())
            .addCredential(meta)
            .addSuccess("test", new DefaultHandlerResult(handler, meta));

    if (this.p.supports(credential)) {
        this.p.populateAttributes(builder, credential);
    }
    return builder;
}
 

public static Authentication getAuthentication(final Principal principal, final Map<String, Object> attributes) {
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    return new DefaultAuthenticationBuilder(principal)
            .addCredential(meta)
            .addSuccess("testHandler", new DefaultHandlerResult(handler, meta))
            .setAttributes(attributes)
            .build();
}
 

private static AuthenticationBuilder newAuthenticationBuilder(final Principal principal) {
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    return new AuthenticationBuilder(principal)
            .addCredential(meta)
            .addSuccess("test", new HandlerResult(handler, meta));
}
 

private AuthenticationBuilder newBuilder(final Credential credential) {
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    final AuthenticationBuilder builder = new AuthenticationBuilder(TestUtils.getPrincipal())
            .addCredential(meta)
            .addSuccess("test", new HandlerResult(handler, meta));

    this.p.populateAttributes(builder, credential);
    return builder;
}
 

public static Authentication getAuthentication(final Principal principal, final Map<String, Object> attributes) {
    final AuthenticationHandler handler = new SimpleTestUsernamePasswordAuthenticationHandler();
    final CredentialMetaData meta = new BasicCredentialMetaData(new UsernamePasswordCredential());
    return new AuthenticationBuilder(principal)
            .addCredential(meta)
            .addSuccess("testHandler", new HandlerResult(handler, meta))
            .setAttributes(attributes)
            .build();
}
 

/**
 * Initialize this instance with a principal and given authentication attributes.
 *
 * @param p           the principal
 * @param attributes  attributes for this authentication
 * @param credentials the credentials
 * @param successes   the successes
 * @param failures    the failures
 */
public DefaultCompositeAuthentication(final Principal p, final Map<String, Object> attributes,
                                      final List<CredentialMetaData> credentials,
                                      final Map<String, HandlerResult> successes,
                                      final Map<String, Class<? extends Exception>>  failures) {
    this.principal = p;
    this.authenticationAttributes = attributes;
    this.credentials = credentials;
    this.successes = successes;
    this.failures = failures;
}
 

@Before
public void prepareNewCAS() {
    this.authentication = mock(Authentication.class);
    when(this.authentication.getAuthenticationDate()).thenReturn(new Date());
    final CredentialMetaData metadata = new BasicCredentialMetaData(TestUtils.getCredentialsWithSameUsernameAndPassword("principal"));
    final Map<String, HandlerResult> successes = new HashMap<>();
    successes.put("handler1", new DefaultHandlerResult(mock(AuthenticationHandler.class), metadata));
    when(this.authentication.getCredentials()).thenReturn(Arrays.asList(metadata));
    when(this.authentication.getSuccesses()).thenReturn(successes);
    when(this.authentication.getPrincipal()).thenReturn(new DefaultPrincipalFactory().createPrincipal(PRINCIPAL));
     
    final Service service1 = TestUtils.getService(SVC1_ID);
    final ServiceTicket stMock = createMockServiceTicket(ST_ID, service1); 
    
    final TicketGrantingTicket tgtRootMock = createRootTicketGrantingTicket();
    
    final TicketGrantingTicket tgtMock = createMockTicketGrantingTicket(TGT_ID, stMock, false,
            tgtRootMock, new ArrayList<Authentication>());
    when(tgtMock.getProxiedBy()).thenReturn(TestUtils.getService("proxiedBy"));

    final List<Authentication> authnListMock = mock(List.class);
    //Size is required to be 2, so that we can simulate proxying capabilities
    when(authnListMock.size()).thenReturn(2);
    when(authnListMock.get(anyInt())).thenReturn(this.authentication);
    when(tgtMock.getChainedAuthentications()).thenReturn(authnListMock);
    when(stMock.getGrantingTicket()).thenReturn(tgtMock);
    
    final Service service2 = TestUtils.getService(SVC2_ID);
    final ServiceTicket stMock2 = createMockServiceTicket(ST2_ID, service2);
    
    final TicketGrantingTicket tgtMock2 = createMockTicketGrantingTicket(TGT2_ID, stMock2, false, tgtRootMock, authnListMock);        
    
    //Mock TicketRegistry
    this.ticketRegMock = mock(TicketRegistry.class);
    when(ticketRegMock.getTicket(eq(tgtMock.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock);
    when(ticketRegMock.getTicket(eq(tgtMock2.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock2);
    when(ticketRegMock.getTicket(eq(stMock.getId()), eq(ServiceTicket.class))).thenReturn(stMock);
    when(ticketRegMock.getTicket(eq(stMock2.getId()), eq(ServiceTicket.class))).thenReturn(stMock2);
    when(ticketRegMock.getTickets()).thenReturn(Arrays.asList(tgtMock, tgtMock2, stMock, stMock2));

    //Mock ServicesManager
    final RegisteredService mockRegSvc1 = createMockRegisteredService(service1.getId(), true, getServiceProxyPolicy(false));
    final RegisteredService mockRegSvc2 = createMockRegisteredService("test", false, getServiceProxyPolicy(true)); 
    final RegisteredService mockRegSvc3 = createMockRegisteredService(service2.getId(), true, getServiceProxyPolicy(true)); 
    
    final ServicesManager smMock = mock(ServicesManager.class);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(service1.getId())))).thenReturn(mockRegSvc1);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher("test")))).thenReturn(mockRegSvc2);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(service2.getId())))).thenReturn(mockRegSvc3);
    
    final Map ticketIdGenForServiceMock = mock(Map.class);
    when(ticketIdGenForServiceMock.containsKey(any())).thenReturn(true);
    when(ticketIdGenForServiceMock.get(any())).thenReturn(new DefaultUniqueTicketIdGenerator());
    
    this.cas = new CentralAuthenticationServiceImpl(ticketRegMock, null, mock(AuthenticationManager.class),
            mock(UniqueTicketIdGenerator.class), ticketIdGenForServiceMock, mock(ExpirationPolicy.class),
            mock(ExpirationPolicy.class), smMock, mock(LogoutManager.class));
}
 

@Before
public void prepareNewCAS() {
    this.authentication = mock(Authentication.class);
    when(this.authentication.getAuthenticatedDate()).thenReturn(new Date());
    final CredentialMetaData metadata = new BasicCredentialMetaData(TestUtils.getCredentialsWithSameUsernameAndPassword("principal"));
    final Map<String, HandlerResult> successes = new HashMap<String, HandlerResult>();
    successes.put("handler1", new HandlerResult(mock(AuthenticationHandler.class), metadata));
    when(this.authentication.getCredentials()).thenReturn(Arrays.asList(metadata));
    when(this.authentication.getSuccesses()).thenReturn(successes);
    when(this.authentication.getPrincipal()).thenReturn(new SimplePrincipal(PRINCIPAL));
    
    final ServiceTicket stMock = mock(ServiceTicket.class);
    when(stMock.getService()).thenReturn(TestUtils.getService());
    when(stMock.getId()).thenReturn(ST_ID);
    when(stMock.isValidFor(TestUtils.getService())).thenReturn(true);
    
    final TicketGrantingTicket tgtRootMock = mock(TicketGrantingTicket.class);
    when(tgtRootMock.isExpired()).thenReturn(false);
    when(tgtRootMock.getAuthentication()).thenReturn(this.authentication);
    
    final TicketGrantingTicket tgtMock = mock(TicketGrantingTicket.class);
    when(tgtMock.isExpired()).thenReturn(false);
    when(tgtMock.getId()).thenReturn(TGT_ID);
    when(tgtMock.grantServiceTicket(anyString(), argThat(new VerifyServiceByIdMatcher(TestUtils.getService().getId())),
            any(ExpirationPolicy.class), anyBoolean())).thenReturn(stMock);
    when(tgtMock.getRoot()).thenReturn(tgtRootMock);
            
    final List<Authentication> authnListMock = mock(List.class);
    //Size is required to be 2, so that we can simulate proxying capabilities
    when(authnListMock.size()).thenReturn(2);
    when(authnListMock.get(anyInt())).thenReturn(this.authentication);
    when(tgtMock.getChainedAuthentications()).thenReturn(authnListMock);
    when(stMock.getGrantingTicket()).thenReturn(tgtMock);
    
    final Service service2 = TestUtils.getService(SVC2_ID);
    final ServiceTicket stMock2 = mock(ServiceTicket.class);
    when(stMock2.getService()).thenReturn(service2);
    when(stMock2.getId()).thenReturn(ST2_ID);
    when(stMock2.isValidFor(service2)).thenReturn(true);
    
    final TicketGrantingTicket tgtMock2 = mock(TicketGrantingTicket.class);
    when(tgtMock2.isExpired()).thenReturn(false);
    when(tgtMock2.getId()).thenReturn(TGT2_ID);
    when(tgtMock2.grantServiceTicket(anyString(), argThat(new VerifyServiceByIdMatcher(service2.getId())),
            any(ExpirationPolicy.class), anyBoolean())).thenReturn(stMock2);
    when(tgtMock2.getRoot()).thenReturn(tgtRootMock);
    when(tgtMock2.getChainedAuthentications()).thenReturn(authnListMock);
    when(stMock2.getGrantingTicket()).thenReturn(tgtMock2);
    
    
    //Mock TicketRegistry
    final TicketRegistry ticketRegMock = mock(TicketRegistry.class);
    when(ticketRegMock.getTicket(eq(tgtMock.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock);
    when(ticketRegMock.getTicket(eq(tgtMock2.getId()), eq(TicketGrantingTicket.class))).thenReturn(tgtMock2);
    when(ticketRegMock.getTicket(eq(stMock.getId()), eq(ServiceTicket.class))).thenReturn(stMock);
    when(ticketRegMock.getTicket(eq(stMock2.getId()), eq(ServiceTicket.class))).thenReturn(stMock2);
    
    //Mock ServicesManager
    final RegisteredService mockRegSvc1 = mock(RegisteredService.class);
    when(mockRegSvc1.getServiceId()).thenReturn(SVC1_ID);
    when(mockRegSvc1.isEnabled()).thenReturn(true);
    when(mockRegSvc1.isAllowedToProxy()).thenReturn(false);
    when(mockRegSvc1.getName()).thenReturn(SVC1_ID);

    final RegisteredService mockRegSvc2 = mock(RegisteredService.class);
    when(mockRegSvc2.getServiceId()).thenReturn("test");
    when(mockRegSvc2.isEnabled()).thenReturn(false);
    when(mockRegSvc2.getName()).thenReturn("test");

    final RegisteredService mockRegSvc3 = mock(RegisteredService.class);
    when(mockRegSvc3.getServiceId()).thenReturn(service2.getId());
    when(mockRegSvc3.isEnabled()).thenReturn(true);
    when(mockRegSvc3.isAllowedToProxy()).thenReturn(true);
    when(mockRegSvc3.getName()).thenReturn(service2.getId());
    when(mockRegSvc3.matches(argThat(new VerifyServiceByIdMatcher(service2.getId())))).thenReturn(true);
    
    final ServicesManager smMock = mock(ServicesManager.class);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(SVC1_ID)))).thenReturn(mockRegSvc1);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher("test")))).thenReturn(mockRegSvc2);
    when(smMock.findServiceBy(argThat(new VerifyServiceByIdMatcher(SVC2_ID)))).thenReturn(mockRegSvc3);
    
    final Map ticketIdGenForServiceMock = mock(Map.class);
    when(ticketIdGenForServiceMock.containsKey(any())).thenReturn(true);
    when(ticketIdGenForServiceMock.get(any())).thenReturn(new DefaultUniqueTicketIdGenerator());
    
    this.cas = new CentralAuthenticationServiceImpl(ticketRegMock, null, mock(AuthenticationManager.class),
            mock(UniqueTicketIdGenerator.class), ticketIdGenForServiceMock, mock(ExpirationPolicy.class),
            mock(ExpirationPolicy.class), smMock, mock(LogoutManager.class));
}
 

/**
 * Creates an instance of the {@link net.unicon.cas.mfa.authentication.CompositeAuthentication} object that collects
 * and harmonizes all principal and authentication attributes into one context.
 *
 * <p>Principal attributes are merged from all principals that are already resolved in the authentication chain.
 * Attributes with the same name that belong to the same principal are merged into one, with the latter value
 * overwriting the first. The established principal will be one that is based of {@link Principal}.</p>
 *
 * <p>Authentication attributes are merged from all authentications that make up the chain.
 * The merging strategy is such that duplicate attribute names are grouped together into an instance of
 * a {@link Collection} implementation and preserved.
 * @return an instance of {@link net.unicon.cas.mfa.authentication.CompositeAuthentication}
 */
public final Authentication getAuthentication() {
    if (!isEmpty()) {
        /**
         * Principal id is and must be enforced to be the same for all authentication contexts.
         * Based on that restriction, it's safe to simply grab the first principal id in the chain
         * when composing the authentication chain for the caller.
         */
        final String principalId = this.chainedAuthentication.get(0).getPrincipal().getId();
        final Map<String, Object> principalAttributes = new HashMap<>();

        final Map<String, Object> authenticationAttributes = new HashMap<>();

        final List<CredentialMetaData> credentials = new ArrayList<>();
        final Map<String, HandlerResult> successes = new LinkedHashMap<>();
        final Map<String, Class<? extends Exception>> failures = new LinkedHashMap<>();

        for (final Authentication authn : this.chainedAuthentication) {
            final Principal authenticatedPrincipal = authn.getPrincipal();
            principalAttributes.putAll(authenticatedPrincipal.getAttributes());

            credentials.addAll(authn.getCredentials());
            successes.putAll(authn.getSuccesses());
            failures.putAll(authn.getFailures());

            for (final String attrName : authn.getAttributes().keySet()) {
                if (!authenticationAttributes.containsKey(attrName)) {
                    authenticationAttributes.put(attrName, authn.getAttributes().get(attrName));
                } else {
                    final Object oldValue = authenticationAttributes.remove(attrName);
                    final Collection<Object> listOfValues = MultiFactorUtils.convertValueToCollection(oldValue);

                    listOfValues.add(authn.getAttributes().get(attrName));
                    authenticationAttributes.put(attrName, listOfValues);
                }
            }
        }
        final Principal compositePrincipal = principalFactory.createPrincipal(principalId, principalAttributes);
        final DefaultCompositeAuthentication finalAuth =
                new DefaultCompositeAuthentication(compositePrincipal,
                        authenticationAttributes, credentials, successes, failures);

        return finalAuth;
    }
    return null;
}
 

@Override
public List<CredentialMetaData> getCredentials() {
    return this.credentials;
}