org.jasig.cas.CentralAuthenticationService Java Examples

The following examples show how to use org.jasig.cas.CentralAuthenticationService. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ClientActionTests.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Test
public void checkUnautorizedProtocol() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "BasicAuthClient");

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);

    final BasicAuthClient basicAuthClient = new BasicAuthClient();
    final Clients clients = new Clients(MY_LOGIN_URL, basicAuthClient);
    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);

    try {
        action.execute(mockRequestContext);
        fail("Should fail as the HTTP protocol is not authorized");
    } catch (final TechnicalException e) {
        assertEquals("Only CAS, OAuth, OpenID and SAML protocols are supported: " + basicAuthClient, e.getMessage());
    }
}
 
Example #2
Source File: GenericSuccessViewActionTests.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Test
public void verifyValidPrincipal() throws InvalidTicketException {
    final CentralAuthenticationService cas = mock(CentralAuthenticationService.class);
    final Authentication authn = mock(Authentication.class);
    when(authn.getPrincipal()).thenReturn(TestUtils.getPrincipal("cas"));
    final TicketGrantingTicket tgt = mock(TicketGrantingTicket.class);
    when(tgt.getAuthentication()).thenReturn(authn);



    when(cas.getTicket(any(String.class), any(Ticket.class.getClass()))).thenReturn(tgt);
    final GenericSuccessViewAction action = new GenericSuccessViewAction(cas);
    final Principal p = action.getAuthenticationPrincipal("TGT-1");
    assertNotNull(p);
    assertEquals(p.getId(), "cas");
}
 
Example #3
Source File: OpenIdServiceTests.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Before
public void setUp() throws Exception {
    request.addParameter("openid.identity", "http://openid.ja-sig.org/battags");
    request.addParameter("openid.return_to", "http://www.ja-sig.org/?service=fa");
    request.addParameter("openid.mode", "checkid_setup");
    sharedAssociations = mock(ServerAssociationStore.class);
    manager = new ServerManager();
    manager.setOPEndpointUrl("https://localshot:8443/cas/login");
    manager.setEnforceRpId(false);
    manager.setSharedAssociations(sharedAssociations);
    context = mock(ApplicationContext.class);
    cas = mock(CentralAuthenticationService.class);

    when(context.getBean("serverManager")).thenReturn(manager);
    when(context.getBean("centralAuthenticationService", CentralAuthenticationService.class)).thenReturn(cas);

    final ApplicationContextProvider contextProvider = new ApplicationContextProvider();
    contextProvider.setApplicationContext(context);
}
 
Example #4
Source File: TerminateSessionAction.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
/**
 * Creates a new instance with the given parameters.
 * @param cas Core business logic object.
 * @param tgtCookieGenerator TGT cookie generator.
 * @param warnCookieGenerator Warn cookie generator.
 */
public TerminateSessionAction(
        final CentralAuthenticationService cas,
        final CookieRetrievingCookieGenerator tgtCookieGenerator,
        final CookieRetrievingCookieGenerator warnCookieGenerator) {
    this.centralAuthenticationService = cas;
    this.ticketGrantingTicketCookieGenerator = tgtCookieGenerator;
    this.warnCookieGenerator = warnCookieGenerator;
}
 
Example #5
Source File: TerminateSessionAction.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a new instance with the given parameters.
 * @param cas Core business logic object.
 * @param tgtCookieGenerator TGT cookie generator.
 * @param warnCookieGenerator Warn cookie generator.
 */
public TerminateSessionAction(
        final CentralAuthenticationService cas,
        final CookieRetrievingCookieGenerator tgtCookieGenerator,
        final CookieRetrievingCookieGenerator warnCookieGenerator) {
    this.centralAuthenticationService = cas;
    this.ticketGrantingTicketCookieGenerator = tgtCookieGenerator;
    this.warnCookieGenerator = warnCookieGenerator;
}
 
Example #6
Source File: ClientAction.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
/**
 * Build the action.
 *
 * @param theCentralAuthenticationService The service for CAS authentication
 * @param theClients The clients for authentication
 */
public ClientAction(final CentralAuthenticationService theCentralAuthenticationService,
        final Clients theClients) {
    this.centralAuthenticationService = theCentralAuthenticationService;
    this.clients = theClients;
    ProfileHelper.setKeepRawData(true);
}
 
Example #7
Source File: ClientActionTests.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
@Test
public void verifyStartAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(ClientAction.THEME, MY_THEME);
    mockRequest.setParameter(ClientAction.LOCALE, MY_LOCALE);
    mockRequest.setParameter(ClientAction.METHOD, MY_METHOD);

    final MockHttpSession mockSession = new MockHttpSession();
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    mockRequestContext.getFlowScope().put(ClientAction.SERVICE, new SimpleWebApplicationServiceImpl(MY_SERVICE));

    final FacebookClient facebookClient = new FacebookClient(MY_KEY, MY_SECRET);
    final TwitterClient twitterClient = new TwitterClient(MY_KEY, MY_SECRET);
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient, twitterClient);
    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);

    final Event event = action.execute(mockRequestContext);
    assertEquals("error", event.getId());
    assertEquals(MY_THEME, mockSession.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockSession.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockSession.getAttribute(ClientAction.METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    assertTrue(((String) flowScope.get("FacebookClientUrl"))
            .startsWith("https://www.facebook.com/v2.2/dialog/oauth?client_id=my_key&redirect_uri=http%3A%2F%2Fcasserver%2Flogin%3F"
                    + Clients.DEFAULT_CLIENT_NAME_PARAMETER + "%3DFacebookClient&state="));
    assertEquals(MY_LOGIN_URL + "?" + Clients.DEFAULT_CLIENT_NAME_PARAMETER
            + "=TwitterClient&needs_client_redirection=true", flowScope.get("TwitterClientUrl"));
}
 
Example #8
Source File: ClientActionTests.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
@Test
public void verifyFinishAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");

    final MockHttpSession mockSession = new MockHttpSession();
    mockSession.setAttribute(ClientAction.THEME, MY_THEME);
    mockSession.setAttribute(ClientAction.LOCALE, MY_LOCALE);
    mockSession.setAttribute(ClientAction.METHOD, MY_METHOD);
    final Service service = new SimpleWebApplicationServiceImpl(MY_SERVICE);
    mockSession.setAttribute(ClientAction.SERVICE, service);
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);

    final FacebookClient facebookClient = new MockFacebookClient();
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient);

    final TicketGrantingTicket tgt = new TicketGrantingTicketImpl(TGT_ID, mock(Authentication.class), mock(ExpirationPolicy.class));
    final CentralAuthenticationService casImpl = mock(CentralAuthenticationService.class);
    when(casImpl.createTicketGrantingTicket(any(Credential.class))).thenReturn(tgt);
    final ClientAction action = new ClientAction(casImpl, clients);
    final Event event = action.execute(mockRequestContext);
    assertEquals("success", event.getId());
    assertEquals(MY_THEME, mockRequest.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockRequest.getAttribute(ClientAction.METHOD));
    assertEquals(MY_SERVICE, mockRequest.getAttribute(ClientAction.SERVICE));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    final MutableAttributeMap requestScope = mockRequestContext.getRequestScope();
    assertEquals(service, flowScope.get(ClientAction.SERVICE));
    assertEquals(TGT_ID, flowScope.get(TGT_NAME));
    assertEquals(TGT_ID, requestScope.get(TGT_NAME));
}
 
Example #9
Source File: SendTicketGrantingTicketAction.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
/**
 * Instantiates a new Send ticket granting ticket action.
 *
 * @param ticketGrantingTicketCookieGenerator the ticket granting ticket cookie generator
 * @param centralAuthenticationService the central authentication service
 * @param servicesManager the services manager
 */
public SendTicketGrantingTicketAction(final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator,
                                      final CentralAuthenticationService centralAuthenticationService,
                                      final ServicesManager servicesManager) {
    super();
    this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;
    this.centralAuthenticationService = centralAuthenticationService;
    this.servicesManager = servicesManager;
}
 
Example #10
Source File: GenericSuccessViewActionTests.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
@Test
public void verifyPrincipalCanNotBeDetemined() throws InvalidTicketException {
    final CentralAuthenticationService cas = mock(CentralAuthenticationService.class);
    when(cas.getTicket(any(String.class), any(Ticket.class.getClass()))).thenThrow(new InvalidTicketException("TGT-1"));
    final GenericSuccessViewAction action = new GenericSuccessViewAction(cas);
    final Principal p = action.getAuthenticationPrincipal("TGT-1");
    assertNotNull(p);
    assertTrue(p instanceof NullPrincipal);
}
 
Example #11
Source File: OpenIdServiceTests.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Before
public void setUp() throws Exception {
    request.addParameter("openid.identity", "http://openid.ja-sig.org/battags");
    request.addParameter("openid.return_to", "http://www.ja-sig.org/?service=fa");
    request.addParameter("openid.mode", "checkid_setup");
    sharedAssociations = mock(ServerAssociationStore.class);
    manager = new ServerManager();
    manager.setOPEndpointUrl("https://localshot:8443/cas/login");
    manager.setEnforceRpId(false);
    manager.setSharedAssociations(sharedAssociations);
    context = mock(ApplicationContext.class);
    ApplicationContextProvider contextProvider = new ApplicationContextProvider();
    contextProvider.setApplicationContext(context);
    cas = mock(CentralAuthenticationService.class);
}
 
Example #12
Source File: ClientAction.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
/**
 * Build the action.
 *
 * @param theCentralAuthenticationService The service for CAS authentication
 * @param theClients The clients for authentication
 */
public ClientAction(final CentralAuthenticationService theCentralAuthenticationService,
        final Clients theClients) {
    this.centralAuthenticationService = theCentralAuthenticationService;
    this.clients = theClients;
    ProfileHelper.setKeepRawData(true);
}
 
Example #13
Source File: ClientActionTests.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Test
public void testStartAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(ClientAction.THEME, MY_THEME);
    mockRequest.setParameter(ClientAction.LOCALE, MY_LOCALE);
    mockRequest.setParameter(ClientAction.METHOD, MY_METHOD);

    final MockHttpSession mockSession = new MockHttpSession();
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    mockRequestContext.getFlowScope().put(ClientAction.SERVICE, new SimpleWebApplicationServiceImpl(MY_SERVICE));

    final FacebookClient facebookClient = new FacebookClient(MY_KEY, MY_SECRET);
    final TwitterClient twitterClient = new TwitterClient(MY_KEY, MY_SECRET);
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient, twitterClient);
    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);

    final Event event = action.execute(mockRequestContext);
    assertEquals("error", event.getId());
    assertEquals(MY_THEME, mockSession.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockSession.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockSession.getAttribute(ClientAction.METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    assertTrue(((String) flowScope.get("FacebookClientUrl"))
            .startsWith("https://www.facebook.com/v2.2/dialog/oauth?client_id=my_key&redirect_uri=http%3A%2F%2Fcasserver%2Flogin%3F"
                    + Clients.DEFAULT_CLIENT_NAME_PARAMETER + "%3DFacebookClient&state="));
    assertEquals(MY_LOGIN_URL + "?" + Clients.DEFAULT_CLIENT_NAME_PARAMETER
            + "=TwitterClient&needs_client_redirection=true", flowScope.get("TwitterClientUrl"));
}
 
Example #14
Source File: ClientActionTests.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Test
public void testFinishAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");

    final MockHttpSession mockSession = new MockHttpSession();
    mockSession.setAttribute(ClientAction.THEME, MY_THEME);
    mockSession.setAttribute(ClientAction.LOCALE, MY_LOCALE);
    mockSession.setAttribute(ClientAction.METHOD, MY_METHOD);
    final Service service = new SimpleWebApplicationServiceImpl(MY_SERVICE);
    mockSession.setAttribute(ClientAction.SERVICE, service);
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);

    final FacebookClient facebookClient = new MockFacebookClient();
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient);

    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);
    final Event event = action.execute(mockRequestContext);
    assertEquals("success", event.getId());
    assertEquals(MY_THEME, mockRequest.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockRequest.getAttribute(ClientAction.METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    assertEquals(service, flowScope.get(ClientAction.SERVICE));
}
 
Example #15
Source File: OpenIdService.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
/**
 * Generates an Openid response.
 * If no ticketId is found, response is negative.
 * If we have a ticket id, then we check if we have an association.
 * If so, we ask OpenId server manager to generate the answer according with the existing association.
 * If not, we send back an answer with the ticket id as association handle.
 * This will force the consumer to ask a verification, which will validate the service ticket.
 * @param ticketId the service ticket to provide to the service.
 * @return the generated authentication answer
 */
@Override
public Response getResponse(final String ticketId) {
    final Map<String, String> parameters = new HashMap<String, String>();
    if (ticketId != null) {

        ServerManager manager = (ServerManager) ApplicationContextProvider.getApplicationContext().getBean("serverManager");
        CentralAuthenticationService cas = (CentralAuthenticationService) ApplicationContextProvider.getApplicationContext()
                                            .getBean("centralAuthenticationService");
        boolean associated = false;
        boolean associationValid = true;
        try {
            AuthRequest authReq = AuthRequest.createAuthRequest(requestParameters, manager.getRealmVerifier());
            Map parameterMap = authReq.getParameterMap();
            if (parameterMap != null && parameterMap.size() > 0) {
                String assocHandle = (String) parameterMap.get("openid.assoc_handle");
                if (assocHandle != null) {
                    Association association = manager.getSharedAssociations().load(assocHandle);
                    if (association != null) {
                        associated = true;
                        if (association.hasExpired()) {
                            associationValid = false;
                        }
                    }

                }
            }
        } catch (final MessageException me) {
            LOGGER.error("Message exception : {}", me.getMessage(), me);
        }

        boolean successFullAuthentication = true;
        try {
            if (associated) {
                if (associationValid) {
                    cas.validateServiceTicket(ticketId, this);
                    LOGGER.info("Validated openid ticket");
                } else {
                    successFullAuthentication = false;
                }
            }
        } catch (final TicketException te) {
            LOGGER.error("Could not validate ticket : {}", te.getMessage(), te);
            successFullAuthentication = false;
        }

        // We sign directly (final 'true') because we don't add extensions
        // response message can be either a DirectError or an AuthSuccess here.
        // Anyway, handling is the same : send the response message
        Message response = manager.authResponse(requestParameters,
                this.identity,
                this.identity,
                successFullAuthentication,
                true);
        parameters.putAll(response.getParameterMap());
        if (!associated) {
            parameters.put("openid.assoc_handle", ticketId);
        }
    } else {
        parameters.put("openid.mode", "cancel");
    }
    return Response.getRedirectResponse(getOriginalUrl(), parameters);
}
 
Example #16
Source File: AuthenticationViaFormAction.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
public final void setCentralAuthenticationService(final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #17
Source File: AbstractNonInteractiveCredentialsAction.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
public final void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #18
Source File: TicketsResource.java    From taoshop with Apache License 2.0 4 votes vote down vote up
public void setCentralAuthenticationService(final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #19
Source File: ProxyController.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
/**
 * @param centralAuthenticationService The centralAuthenticationService to
 * set.
 */
public void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #20
Source File: GenerateServiceTicketAction.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
public void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #21
Source File: SendTicketGrantingTicketAction.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
public void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #22
Source File: SendTicketGrantingTicketAction.java    From cas-mfa with Apache License 2.0 4 votes vote down vote up
public void setCentralAuthenticationService(
        final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #23
Source File: SendTicketGrantingTicketAction.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
/**
 * @deprecated As of 4.1, use constructors instead.
 * @param centralAuthenticationService  cas instance
 */
@Deprecated
public void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    logger.warn("setCentralAuthenticationService() is deprecated and has no effect. Use constructors instead.");
}
 
Example #24
Source File: AuthenticationViaFormAction.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
public final void setCentralAuthenticationService(final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #25
Source File: GenerateServiceTicketAction.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
public void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #26
Source File: AuthenticationViaFormAction.java    From taoshop with Apache License 2.0 4 votes vote down vote up
public void setCentralAuthenticationService(final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #27
Source File: ProxyController.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
/**
 * @param centralAuthenticationService The centralAuthenticationService to
 * set.
 */
public void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #28
Source File: OpenIdService.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
/**
 * Generates an Openid response.
 * If no ticketId is found, response is negative.
 * If we have a ticket id, then we check if we have an association.
 * If so, we ask OpenId server manager to generate the answer according with the existing association.
 * If not, we send back an answer with the ticket id as association handle.
 * This will force the consumer to ask a verification, which will validate the service ticket.
 * @param ticketId the service ticket to provide to the service.
 * @return the generated authentication answer
 */
@Override
public Response getResponse(final String ticketId) {
    final Map<String, String> parameters = new HashMap<>();
    if (ticketId != null) {

        final ServerManager manager = (ServerManager) ApplicationContextProvider.getApplicationContext().getBean("serverManager");
        final CentralAuthenticationService cas = ApplicationContextProvider.getApplicationContext()
                                            .getBean("centralAuthenticationService", CentralAuthenticationService.class);
        boolean associated = false;
        boolean associationValid = true;
        try {
            final AuthRequest authReq = AuthRequest.createAuthRequest(requestParameters, manager.getRealmVerifier());
            final Map parameterMap = authReq.getParameterMap();
            if (parameterMap != null && parameterMap.size() > 0) {
                final String assocHandle = (String) parameterMap.get(OpenIdConstants.OPENID_ASSOCHANDLE);
                if (assocHandle != null) {
                    final Association association = manager.getSharedAssociations().load(assocHandle);
                    if (association != null) {
                        associated = true;
                        if (association.hasExpired()) {
                            associationValid = false;
                        }
                    }

                }
            }
        } catch (final MessageException me) {
            LOGGER.error("Message exception : {}", me.getMessage(), me);
        }

        boolean successFullAuthentication = true;
        Assertion assertion = null;
        try {
            if (associated) {
                if (associationValid) {
                    assertion = cas.validateServiceTicket(ticketId, this);
                    LOGGER.info("Validated openid ticket");
                } else {
                    successFullAuthentication = false;
                }
            }
        } catch (final TicketException te) {
            LOGGER.error("Could not validate ticket : {}", te.getMessage(), te);
            successFullAuthentication = false;
        }

        final String id;
        if (assertion != null && OpenIdConstants.OPENID_IDENTIFIERSELECT.equals(this.identity)) {
            id = this.openIdPrefixUrl + '/' + assertion.getPrimaryAuthentication().getPrincipal().getId();
        } else {
            id = this.identity;
        }
        // We sign directly (final 'true') because we don't add extensions
        // response message can be either a DirectError or an AuthSuccess here.
        // Anyway, handling is the same : send the response message
        final Message response = manager.authResponse(requestParameters,
                id,
                id,
                successFullAuthentication,
                true);
        parameters.putAll(response.getParameterMap());
        if (!associated) {
            parameters.put(OpenIdConstants.OPENID_ASSOCHANDLE, ticketId);
        }
    } else {
        parameters.put(OpenIdConstants.OPENID_MODE, OpenIdConstants.CANCEL);
    }
    return DefaultResponse.getRedirectResponse(getOriginalUrl(), parameters);
}
 
Example #29
Source File: AbstractNonInteractiveCredentialsAction.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
public final void setCentralAuthenticationService(
    final CentralAuthenticationService centralAuthenticationService) {
    this.centralAuthenticationService = centralAuthenticationService;
}
 
Example #30
Source File: AbstractNonInteractiveCredentialsAction.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
public CentralAuthenticationService getCentralAuthenticationService() {
    return centralAuthenticationService;
}