org.jasig.cas.validation.Assertion Java Examples
The following examples show how to use
org.jasig.cas.validation.Assertion.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ServiceValidateController.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
/** * Generate the success view. The result will contain the assertion and the proxy iou. * * @param assertion the assertion * @param proxyIou the proxy iou * @param service the validated service * @param proxyGrantingTicket the proxy granting ticket * @return the model and view, pointed to the view name set by */ private ModelAndView generateSuccessView(final Assertion assertion, final String proxyIou, final WebApplicationService service, final TicketGrantingTicket proxyGrantingTicket) { final ModelAndView success = new ModelAndView(this.successView); success.addObject(CasViewConstants.MODEL_ATTRIBUTE_NAME_ASSERTION, assertion); success.addObject(CasViewConstants.MODEL_ATTRIBUTE_NAME_SERVICE, service); success.addObject(CasViewConstants.MODEL_ATTRIBUTE_NAME_PROXY_GRANTING_TICKET_IOU, proxyIou); if (proxyGrantingTicket != null) { success.addObject(CasViewConstants.MODEL_ATTRIBUTE_NAME_PROXY_GRANTING_TICKET, proxyGrantingTicket.getId()); } final Map<String, ?> augmentedModelObjects = augmentSuccessViewModelObjects(assertion); if (augmentedModelObjects != null) { success.addAllObjects(augmentedModelObjects); } return success; }
Example #2
Source File: MultifactorAuthenticationTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyAllowsAccessToHighSecurityServiceWithPasswordAndOTPViaRenew() throws Exception { // Note the original credential used to start SSO session does not satisfy security policy final TicketGrantingTicket tgt = cas.createTicketGrantingTicket(newUserPassCredentials("alice", "alice")); assertNotNull(tgt); final Service service = newService("https://example.com/high/"); final ServiceTicket st = cas.grantServiceTicket( tgt.getId(), service, newUserPassCredentials("alice", "alice"), new OneTimePasswordCredential("alice", "31415")); assertNotNull(st); // Confirm the authentication in the assertion is the one that satisfies security policy final Assertion assertion = cas.validateServiceTicket(st.getId(), service); assertEquals(2, assertion.getPrimaryAuthentication().getSuccesses().size()); assertTrue(assertion.getPrimaryAuthentication().getSuccesses().containsKey("passwordHandler")); assertTrue(assertion.getPrimaryAuthentication().getSuccesses().containsKey("oneTimePasswordHandler")); assertTrue(assertion.getPrimaryAuthentication().getAttributes().containsKey( SuccessfulHandlerMetaDataPopulator.SUCCESSFUL_AUTHENTICATION_HANDLERS)); }
Example #3
Source File: MultifactorAuthenticationTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
@Test public void testAllowsAccessToHighSecurityServiceWithPasswordAndOTPViaRenew() throws Exception { // Note the original credential used to start SSO session does not satisfy security policy final String tgt = cas.createTicketGrantingTicket(newUserPassCredentials("alice", "alice")); assertNotNull(tgt); final Service service = newService("https://example.com/high/"); final String st = cas.grantServiceTicket( tgt, service, newUserPassCredentials("alice", "alice"), new OneTimePasswordCredential("alice", "31415")); assertNotNull(st); // Confirm the authentication in the assertion is the one that satisfies security policy final Assertion assertion = cas.validateServiceTicket(st, service); assertEquals(2, assertion.getPrimaryAuthentication().getSuccesses().size()); assertTrue(assertion.getPrimaryAuthentication().getSuccesses().containsKey("passwordHandler")); assertTrue(assertion.getPrimaryAuthentication().getSuccesses().containsKey("oneTimePasswordHandler")); assertTrue(assertion.getPrimaryAuthentication().getAttributes().containsKey( SuccessfulHandlerMetaDataPopulator.SUCCESSFUL_AUTHENTICATION_HANDLERS)); }
Example #4
Source File: AbstractCasView.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
/** * Gets chained authentications. * * @param model the model * @return the chained authentications */ protected final Collection<Authentication> getChainedAuthentications(final Map<String, Object> model) { final List<Authentication> chainedAuthenticationsToReturn = new ArrayList<>(); final Assertion assertion = getAssertionFrom(model); final List<Authentication> chainedAuthentications = assertion.getChainedAuthentications(); /** * Note that the last index in the list always describes the primary authentication * event. All others in the chain should denote proxies. Per the CAS protocol, * when authentication has proceeded through multiple proxies, * the order in which the proxies were traversed MUST be reflected in the response. * The most recently-visited proxy MUST be the first proxy listed, and all the * other proxies MUST be shifted down as new proxies are added. I */ final int numberAuthenticationsExceptPrimary = chainedAuthentications.size() - 1; for (int i = 0; i < numberAuthenticationsExceptPrimary; i++) { chainedAuthenticationsToReturn.add(chainedAuthentications.get(i)); } return chainedAuthenticationsToReturn; }
Example #5
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyValidateServiceTicketWithInvalidUsernameAttribute() throws Exception { final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final Service svc = TestUtils.getService("eduPersonTestInvalid"); final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc); final Authentication auth = assertion.getPrimaryAuthentication(); /* * The attribute specified for this service does not resolve. * Therefore, we expect the default to be returned. */ assertEquals(auth.getPrincipal().getId(), cred.getUsername()); }
Example #6
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
@Test public void testValidateServiceTicketWithInvalidUsernameAttribute() throws Exception { final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final Service svc = TestUtils.getService("eduPersonTestInvalid"); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, svc); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, svc); final Authentication auth = assertion.getPrimaryAuthentication(); /* * The attribute specified for this service does not resolve. * Therefore, we expect the default to be returned. */ assertEquals(auth.getPrincipal().getId(), cred.getUsername()); }
Example #7
Source File: Saml10SuccessResponseViewTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
@Test public void testResponseWithoutAuthMethod() throws Exception { final Map<String, Object> model = new HashMap<String, Object>(); final Map<String, Object> attributes = new HashMap<String, Object>(); attributes.put("testAttribute", "testValue"); final SimplePrincipal principal = new SimplePrincipal("testPrincipal", attributes); final Authentication primary = TestUtils.getAuthentication(principal); final Assertion assertion = new ImmutableAssertion( primary, Collections.singletonList(primary), TestUtils.getService(), true); model.put("assertion", assertion); final MockHttpServletResponse servletResponse = new MockHttpServletResponse(); this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse); final String written = servletResponse.getContentAsString(); assertTrue(written.contains("testPrincipal")); assertTrue(written.contains("testAttribute")); assertTrue(written.contains("testValue")); assertTrue(written.contains("urn:oasis:names:tc:SAML:1.0:am:unspecified")); }
Example #8
Source File: CentralAuthenticationServiceImplWithMockitoTests.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
@Test public void verifyChainedAuthenticationsOnValidation() throws TicketException { final Service svc = TestUtils.getService(SVC2_ID); final ServiceTicket st = this.cas.grantServiceTicket(TGT2_ID, svc); assertNotNull(st); final Assertion assertion = this.cas.validateServiceTicket(st.getId(), svc); assertNotNull(assertion); assertEquals(assertion.getService(), svc); assertEquals(assertion.getPrimaryAuthentication().getPrincipal().getId(), PRINCIPAL); assertTrue(assertion.getChainedAuthentications().size() == 2); for (int i = 0; i < assertion.getChainedAuthentications().size(); i++) { final Authentication auth = assertion.getChainedAuthentications().get(i); assertEquals(auth, authentication); } }
Example #9
Source File: CentralAuthenticationServiceImplWithMokitoTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
@Test public void testChainedAuthenticationsOnValidation() throws TicketException { final Service svc = TestUtils.getService(SVC2_ID); final String st = this.cas.grantServiceTicket(TGT2_ID, svc); assertNotNull(st); final Assertion assertion = this.cas.validateServiceTicket(st, svc); assertNotNull(assertion); assertEquals(assertion.getService(), svc); assertEquals(assertion.getPrimaryAuthentication().getPrincipal().getId(), PRINCIPAL); assertTrue(assertion.getChainedAuthentications().size() == 2); for (int i = 0; i < assertion.getChainedAuthentications().size(); i++) { final Authentication auth = assertion.getChainedAuthentications().get(i); assertEquals(auth, authentication); } }
Example #10
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testValidateServiceTicketReturnAllAttributes() throws Exception { final Service service = TestUtils.getService("eduPersonTest"); final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, service); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, service); final Authentication auth = assertion.getPrimaryAuthentication(); assertEquals(3, auth.getPrincipal().getAttributes().size()); }
Example #11
Source File: Saml10SuccessResponseViewTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testResponseWithNoAttributes() throws Exception { final Map<String, Object> model = new HashMap<String, Object>(); final SimplePrincipal principal = new SimplePrincipal("testPrincipal"); final Map<String, Object> authAttributes = new HashMap<String, Object>(); authAttributes.put( SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD, SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT); authAttributes.put("testSamlAttribute", "value"); final Authentication primary = TestUtils.getAuthentication(principal, authAttributes); final Assertion assertion = new ImmutableAssertion( primary, Collections.singletonList(primary), TestUtils.getService(), true); model.put("assertion", assertion); final MockHttpServletResponse servletResponse = new MockHttpServletResponse(); this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse); final String written = servletResponse.getContentAsString(); assertTrue(written.contains("testPrincipal")); assertTrue(written.contains(SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT)); assertTrue(written.contains("AuthenticationMethod")); }
Example #12
Source File: TestUtils.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
public static Assertion getAssertion(final boolean fromNewLogin, final String[] extraPrincipals) { final List<Authentication> list = new ArrayList<Authentication>(); list.add(TestUtils.getAuthentication()); for (int i = 0; i < extraPrincipals.length; i++) { list.add(TestUtils.getAuthentication(extraPrincipals[i])); } return new ImmutableAssertion(TestUtils.getAuthentication(), list, TestUtils.getService(), fromNewLogin); }
Example #13
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testValidateServiceTicketWithoutUsernameAttribute() throws Exception { UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, TestUtils.getService()); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, TestUtils.getService()); final Authentication auth = assertion.getPrimaryAuthentication(); assertEquals(auth.getPrincipal().getId(), cred.getUsername()); }
Example #14
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testValidateServiceTicketWithDefaultUsernameAttribute() throws Exception { UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); Service svc = TestUtils.getService("testDefault"); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, svc); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, svc); final Authentication auth = assertion.getPrimaryAuthentication(); assertEquals(auth.getPrincipal().getId(), cred.getUsername()); }
Example #15
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testValidateServiceTicketWithUsernameAttribute() throws Exception { UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); Service svc = TestUtils.getService("eduPersonTest"); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, svc); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, svc); assertEquals("developer", assertion.getPrimaryAuthentication().getPrincipal().getId()); }
Example #16
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testValidateServiceTicketNoAttributesReturned() throws Exception { final Service service = TestUtils.getService(); final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, service); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, service); final Authentication auth = assertion.getPrimaryAuthentication(); assertEquals(0, auth.getPrincipal().getAttributes().size()); }
Example #17
Source File: Saml10SuccessResponseViewTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testResponse() throws Exception { final Map<String, Object> model = new HashMap<String, Object>(); final Map<String, Object> attributes = new HashMap<String, Object>(); attributes.put("testAttribute", "testValue"); attributes.put("testEmptyCollection", Collections.emptyList()); attributes.put("testAttributeCollection", Arrays.asList(new String[] {"tac1", "tac2"})); final SimplePrincipal principal = new SimplePrincipal("testPrincipal", attributes); final Map<String, Object> authAttributes = new HashMap<String, Object>(); authAttributes.put( SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD, SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT); authAttributes.put("testSamlAttribute", "value"); final Authentication primary = TestUtils.getAuthentication(principal, authAttributes); final Assertion assertion = new ImmutableAssertion( primary, Collections.singletonList(primary), TestUtils.getService(), true); model.put("assertion", assertion); final MockHttpServletResponse servletResponse = new MockHttpServletResponse(); this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse); final String written = servletResponse.getContentAsString(); assertTrue(written.contains("testPrincipal")); assertTrue(written.contains("testAttribute")); assertTrue(written.contains("testValue")); assertFalse(written.contains("testEmptyCollection")); assertTrue(written.contains("testAttributeCollection")); assertTrue(written.contains("tac1")); assertTrue(written.contains("tac2")); assertTrue(written.contains(SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT)); assertTrue(written.contains("AuthenticationMethod")); assertTrue(written.contains("AssertionID")); }
Example #18
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testValidateServiceTicketReturnOnlyAllowedAttribute() throws Exception { final Service service = TestUtils.getService("eduPersonTestInvalid"); final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, service); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, service); final Authentication auth = assertion.getPrimaryAuthentication(); Map<String, Object> attributes = auth.getPrincipal().getAttributes(); assertEquals(1, attributes.size()); assertEquals("adopters", attributes.get("groupMembership")); }
Example #19
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Test public void testValidateServiceTicketAnonymous() throws Exception { final Service service = TestUtils.getService("testAnonymous"); final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final String serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket, service); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket, service); final Authentication auth = assertion.getPrimaryAuthentication(); assertNotEquals(cred.getUsername(), auth.getPrincipal().getId()); }
Example #20
Source File: CentralAuthenticationServiceImplTests.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
/** * This test simulates : * - a first authentication for a default service * - a second authentication with the renew parameter and the same service (and same credentials) * - a validation of the second ticket. * * When supplemental authentications were returned with the chained authentications, the validation specification * failed as it only expects one authentication. Thus supplemental authentications should not be returned in the * chained authentications. Both concepts are orthogonal. * * @throws TicketException * @throws AuthenticationException */ @Test public void authenticateTwiceWithRenew() throws TicketException, AuthenticationException { final CentralAuthenticationService cas = getCentralAuthenticationService(); final Service svc = TestUtils.getService("testDefault"); final UsernamePasswordCredential goodCredential = TestUtils.getCredentialsWithSameUsernameAndPassword(); final String tgtId = cas.createTicketGrantingTicket(goodCredential); cas.grantServiceTicket(tgtId, svc); // simulate renew with new good same credentials final String st2Id = cas.grantServiceTicket(tgtId, svc, goodCredential); final Assertion assertion = cas.validateServiceTicket(st2Id, svc); final ValidationSpecification validationSpecification = new Cas20WithoutProxyingValidationSpecification(); assertTrue(validationSpecification.isSatisfiedBy(assertion)); }
Example #21
Source File: Cas10ResponseView.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
@Override protected void renderMergedOutputModel(final Map model, final HttpServletRequest request, final HttpServletResponse response) throws Exception { final Assertion assertion = getAssertionFrom(model); if (this.successResponse) { response.getWriter().print( "yes\n" + assertion.getPrimaryAuthentication().getPrincipal() .getId() + "\n"); } else { response.getWriter().print("no\n\n"); } }
Example #22
Source File: MultiFactorAwareCentralAuthenticationService.java From cas-mfa with Apache License 2.0 | 5 votes |
@Audit( action="SERVICE_TICKET_VALIDATE", actionResolverName="VALIDATE_SERVICE_TICKET_RESOLVER", resourceResolverName="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER") @Timed(name="VALIDATE_SERVICE_TICKET_TIMER") @Metered(name="VALIDATE_SERVICE_TICKET_METER") @Counted(name="VALIDATE_SERVICE_TICKET_COUNTER", monotonic=true) @Override public Assertion validateServiceTicket(final String serviceTicketId, final Service service) throws TicketException { return this.delegate.validateServiceTicket(serviceTicketId, service); }
Example #23
Source File: MultiFactorUtils.java From cas-mfa with Apache License 2.0 | 5 votes |
/** * Gets authentication from assertionfinal. * * @param assertion the assertion * @return the authentication from assertionfinal */ public static Authentication getAuthenticationFromAssertion(final Assertion assertion) { final List<Authentication> chainedAuthentications = assertion.getChainedAuthentications(); if (!chainedAuthentications.isEmpty()) { final int index = chainedAuthentications.size() - 1; return chainedAuthentications.get(index); } return null; }
Example #24
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyValidateServiceTicketNoAttributesReturned() throws Exception { final Service service = TestUtils.getService(); final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), service); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), service); final Authentication auth = assertion.getPrimaryAuthentication(); assertEquals(0, auth.getPrincipal().getAttributes().size()); }
Example #25
Source File: Saml10SuccessResponseViewTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyResponse() throws Exception { final Map<String, Object> model = new HashMap<>(); final Map<String, Object> attributes = new HashMap<>(); attributes.put("testAttribute", "testValue"); attributes.put("testEmptyCollection", Collections.emptyList()); attributes.put("testAttributeCollection", Arrays.asList("tac1", "tac2")); final Principal principal = new DefaultPrincipalFactory().createPrincipal("testPrincipal", attributes); final Map<String, Object> authAttributes = new HashMap<>(); authAttributes.put( SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD, SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT); authAttributes.put("testSamlAttribute", "value"); final Authentication primary = TestUtils.getAuthentication(principal, authAttributes); final Assertion assertion = new ImmutableAssertion( primary, Collections.singletonList(primary), TestUtils.getService(), true); model.put("assertion", assertion); final MockHttpServletResponse servletResponse = new MockHttpServletResponse(); this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse); final String written = servletResponse.getContentAsString(); assertTrue(written.contains("testPrincipal")); assertTrue(written.contains("testAttribute")); assertTrue(written.contains("testValue")); assertFalse(written.contains("testEmptyCollection")); assertTrue(written.contains("testAttributeCollection")); assertTrue(written.contains("tac1")); assertTrue(written.contains("tac2")); assertTrue(written.contains(SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT)); assertTrue(written.contains("AuthenticationMethod")); assertTrue(written.contains("AssertionID")); }
Example #26
Source File: Saml10SuccessResponseViewTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyResponseWithNoAttributes() throws Exception { final Map<String, Object> model = new HashMap<>(); final Principal principal = new DefaultPrincipalFactory().createPrincipal("testPrincipal"); final Map<String, Object> authAttributes = new HashMap<>(); authAttributes.put( SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD, SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT); authAttributes.put("testSamlAttribute", "value"); final Authentication primary = TestUtils.getAuthentication(principal, authAttributes); final Assertion assertion = new ImmutableAssertion( primary, Collections.singletonList(primary), TestUtils.getService(), true); model.put("assertion", assertion); final MockHttpServletResponse servletResponse = new MockHttpServletResponse(); this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse); final String written = servletResponse.getContentAsString(); assertTrue(written.contains("testPrincipal")); assertTrue(written.contains(SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_SSL_TLS_CLIENT)); assertTrue(written.contains("AuthenticationMethod=")); }
Example #27
Source File: Saml10SuccessResponseViewTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyResponseWithoutAuthMethod() throws Exception { final Map<String, Object> model = new HashMap<>(); final Map<String, Object> attributes = new HashMap<>(); attributes.put("testAttribute", "testValue"); final Principal principal = new DefaultPrincipalFactory().createPrincipal("testPrincipal", attributes); final Map<String, Object> authnAttributes = new HashMap<>(); authnAttributes.put("authnAttribute1", "authnAttrbuteV1"); authnAttributes.put("authnAttribute2", "authnAttrbuteV2"); authnAttributes.put(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME, Boolean.TRUE); final Authentication primary = TestUtils.getAuthentication(principal, authnAttributes); final Assertion assertion = new ImmutableAssertion( primary, Collections.singletonList(primary), TestUtils.getService(), true); model.put("assertion", assertion); final MockHttpServletResponse servletResponse = new MockHttpServletResponse(); this.response.renderMergedOutputModel(model, new MockHttpServletRequest(), servletResponse); final String written = servletResponse.getContentAsString(); assertTrue(written.contains("testPrincipal")); assertTrue(written.contains("testAttribute")); assertTrue(written.contains("testValue")); assertTrue(written.contains("authnAttribute1")); assertTrue(written.contains("authnAttribute2")); assertTrue(written.contains(CasProtocolConstants.VALIDATION_REMEMBER_ME_ATTRIBUTE_NAME)); assertTrue(written.contains("urn:oasis:names:tc:SAML:1.0:am:unspecified")); }
Example #28
Source File: TestUtils.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
public static Assertion getAssertion(final boolean fromNewLogin, final String[] extraPrincipals) { final List<Authentication> list = new ArrayList<>(); list.add(TestUtils.getAuthentication()); for (int i = 0; i < extraPrincipals.length; i++) { list.add(TestUtils.getAuthentication(extraPrincipals[i])); } return new ImmutableAssertion(TestUtils.getAuthentication(), list, TestUtils.getService(), fromNewLogin); }
Example #29
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyValidateServiceTicketWithoutUsernameAttribute() throws Exception { final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), TestUtils.getService()); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), TestUtils.getService()); final Authentication auth = assertion.getPrimaryAuthentication(); assertEquals(auth.getPrincipal().getId(), cred.getUsername()); }
Example #30
Source File: CentralAuthenticationServiceImplTests.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
@Test public void verifyValidateServiceTicketWithDefaultUsernameAttribute() throws Exception { final UsernamePasswordCredential cred = TestUtils.getCredentialsWithSameUsernameAndPassword(); final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(cred); final Service svc = TestUtils.getService("testDefault"); final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc); final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc); final Authentication auth = assertion.getPrimaryAuthentication(); assertEquals(auth.getPrincipal().getId(), cred.getUsername()); }