Java Code Examples for org.springframework.webflow.execution.Event

The following examples show how to use org.springframework.webflow.execution.Event. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
@Test
public void testLogoutOneLogoutRequestNotAttempted() throws Exception {
    final String FAKE_URL = "http://url";
    LogoutRequest logoutRequest = new LogoutRequest(TICKET_ID, new SimpleWebApplicationServiceImpl(FAKE_URL));
    WebUtils.putLogoutRequests(this.requestContext, Arrays.asList(logoutRequest));
    this.requestContext.getFlowScope().put(FrontChannelLogoutAction.LOGOUT_INDEX, 0);
    final Event event = this.frontChannelLogoutAction.doExecute(this.requestContext);
    assertEquals(FrontChannelLogoutAction.REDIRECT_APP_EVENT, event.getId());
    List<LogoutRequest> list = WebUtils.getLogoutRequests(this.requestContext);
    assertEquals(1, list.size());
    final String url = (String) event.getAttributes().get("logoutUrl");
    assertTrue(url.startsWith(FAKE_URL + "?SAMLRequest="));
    final byte[] samlMessage = Base64.decodeBase64(URLDecoder.decode(StringUtils.substringAfter(url,  "?SAMLRequest="), "UTF-8"));
    final Inflater decompresser = new Inflater();
    decompresser.setInput(samlMessage);
    final byte[] result = new byte[1000];
    decompresser.inflate(result);
    decompresser.end();
    final String message = new String(result);
    assertTrue(message.startsWith("<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\""));
    assertTrue(message.indexOf("<samlp:SessionIndex>" + TICKET_ID + "</samlp:SessionIndex>") >= 0);
}
 
Example 2
@Override
protected Event doExecute(final RequestContext context) {
    final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
    final String ticketGrantingTicketValueFromCookie = (String) context.getFlowScope().get("ticketGrantingTicketId");

    if (ticketGrantingTicketId == null) {
        return success();
    }

    this.ticketGrantingTicketCookieGenerator.addCookie(WebUtils.getHttpServletRequest(context), WebUtils
        .getHttpServletResponse(context), ticketGrantingTicketId);

    if (ticketGrantingTicketValueFromCookie != null && !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) {
        this.centralAuthenticationService
            .destroyTicketGrantingTicket(ticketGrantingTicketValueFromCookie);
    }

    return success();
}
 
Example 3
/**
 * Terminates the CAS SSO session by destroying the TGT (if any) and removing cookies related to the SSO session.
 *
 * @param context Request context.
 *
 * @return "success"
 */
public Event terminate(final RequestContext context) {
    // in login's webflow : we can get the value from context as it has already been stored
    String tgtId = WebUtils.getTicketGrantingTicketId(context);
    // for logout, we need to get the cookie's value
    if (tgtId == null) {
        final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
        tgtId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
    }
    if (tgtId != null) {
        WebUtils.putLogoutRequests(context, this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId));
    }
    final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
    this.ticketGrantingTicketCookieGenerator.removeCookie(response);
    this.warnCookieGenerator.removeCookie(response);
    return this.eventFactorySupport.success(this);
}
 
Example 4
/**
 * Terminates the CAS SSO session by destroying the TGT (if any) and removing cookies related to the SSO session.
 *
 * @param context Request context.
 *
 * @return "success"
 */
public Event terminate(final RequestContext context) {
    // in login's webflow : we can get the value from context as it has already been stored
    String tgtId = WebUtils.getTicketGrantingTicketId(context);
    // for logout, we need to get the cookie's value
    if (tgtId == null) {
        final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
        tgtId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
    }
    if (tgtId != null) {
        WebUtils.putLogoutRequests(context, this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId));
    }
    final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
    this.ticketGrantingTicketCookieGenerator.removeCookie(response);
    this.warnCookieGenerator.removeCookie(response);
    return this.eventFactorySupport.success(this);
}
 
Example 5
@Test
public void verifyLogoutOneLogoutRequestNotAttempted() throws Exception {
    final LogoutRequest logoutRequest = new DefaultLogoutRequest(TICKET_ID,
            new SimpleWebApplicationServiceImpl(TEST_URL),
            new URL(TEST_URL));
    final Event event = getLogoutEvent(Arrays.asList(logoutRequest));

    assertEquals(FrontChannelLogoutAction.REDIRECT_APP_EVENT, event.getId());
    final List<LogoutRequest> list = WebUtils.getLogoutRequests(this.requestContext);
    assertEquals(1, list.size());
    final String url = (String) event.getAttributes().get(FrontChannelLogoutAction.DEFAULT_FLOW_ATTRIBUTE_LOGOUT_URL);
    assertTrue(url.startsWith(TEST_URL + "?" + FrontChannelLogoutAction.DEFAULT_LOGOUT_PARAMETER + "="));
    final byte[] samlMessage = CompressionUtils.decodeBase64ToByteArray(
            URLDecoder.decode(StringUtils.substringAfter(url, "?" + FrontChannelLogoutAction.DEFAULT_LOGOUT_PARAMETER + "="), "UTF-8"));
    final Inflater decompresser = new Inflater();
    decompresser.setInput(samlMessage);
    final byte[] result = new byte[1000];
    decompresser.inflate(result);
    decompresser.end();
    final String message = new String(result);
    assertTrue(message.startsWith("<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\""));
    assertTrue(message.contains("<samlp:SessionIndex>" + TICKET_ID + "</samlp:SessionIndex>"));
}
 
Example 6
@Test
public void verifyLogoutUrlForServiceIsUsed() throws Exception {
    final RegisteredService svc = getRegisteredService();
    when(this.servicesManager.findServiceBy(any(SingleLogoutService.class))).thenReturn(svc);

    final SingleLogoutService service = mock(SingleLogoutService.class);
    when(service.getId()).thenReturn(svc.getServiceId());
    when(service.getOriginalUrl()).thenReturn(svc.getServiceId());

    final MockTicketGrantingTicket tgt = new MockTicketGrantingTicket("test");
    tgt.getServices().put("service", service);
    final Event event = getLogoutEvent(this.logoutManager.performLogout(tgt));
    assertEquals(FrontChannelLogoutAction.REDIRECT_APP_EVENT, event.getId());
    final List<LogoutRequest> list = WebUtils.getLogoutRequests(this.requestContext);
    assertEquals(1, list.size());
    final String url = (String) event.getAttributes().get(FrontChannelLogoutAction.DEFAULT_FLOW_ATTRIBUTE_LOGOUT_URL);
    assertTrue(url.startsWith(svc.getLogoutUrl().toExternalForm()));

}
 
Example 7
Source Project: sso   Source File: ValidateLoginCaptchaAction.java    License: MIT License 6 votes vote down vote up
@Override
protected Event doExecute(RequestContext context) throws Exception {
    Credential credential = WebUtils.getCredential(context);
    //系统信息不为空才检测校验码
    if(credential instanceof UsernamePasswordSysCredential && ((UsernamePasswordSysCredential) credential).getSystem() != null) {
        if (isEnable()) {
            LOGGER.debug("开始校验登录校验码");
            HttpServletRequest request = WebUtils.getHttpServletRequest();
            HttpSession httpSession = request.getSession();
            //校验码
            String inCode = request.getParameter(CODE_PARAM);
            //校验码失败跳转到登录页
            if(!this.captchaResultProvider.validate(httpSession, inCode)) {
                return getError(context);
            }
        }
    }
    return null;
}
 
Example 8
@Override
protected MockHttpServletResponse loginUnsuccessfully(final String username, final String fromAddress)
        throws Exception {
    final MockHttpServletRequest request = new MockHttpServletRequest();
    final MockHttpServletResponse response = new MockHttpServletResponse();
    request.setMethod("POST");
    request.setParameter("username", username);
    request.setRemoteAddr(fromAddress);
    final MockRequestContext context = new MockRequestContext();
    context.setCurrentEvent(new Event("", "error"));
    request.setAttribute("flowRequestContext", context);
    ClientInfoHolder.setClientInfo(new ClientInfo(request));

    getThrottle().preHandle(request, response, null);

    try {
        authenticationManager.authenticate(badCredentials(username));
    } catch (final AuthenticationException e) {
        getThrottle().postHandle(request, response, null, null);
        return response;
    }
    fail("Expected AuthenticationException");
    return null;
}
 
Example 9
@Test
public void ensureRemoteIpShouldNotBeChecked() {
    final BaseSpnegoKnownClientSystemsFilterAction action =
            new BaseSpnegoKnownClientSystemsFilterAction("^192\\.158\\..+");

    final MockRequestContext ctx = new MockRequestContext();
    final MockHttpServletRequest req = new MockHttpServletRequest();
    req.setRemoteAddr("193.158.5.781");
    final ServletExternalContext extCtx = new ServletExternalContext(
            new MockServletContext(), req,
            new MockHttpServletResponse());
    ctx.setExternalContext(extCtx);

    final Event ev = action.doExecute(ctx);
    assertNotEquals(ev.getId(), new EventFactorySupport().yes(this).getId());
}
 
Example 10
@Test
public void ensureAltRemoteIpHeaderShouldBeChecked() {
    final BaseSpnegoKnownClientSystemsFilterAction action =
            new BaseSpnegoKnownClientSystemsFilterAction("^74\\.125\\..+", "alternateRemoteIp");

    final MockRequestContext ctx = new MockRequestContext();
    final MockHttpServletRequest req = new MockHttpServletRequest();
    req.setRemoteAddr("555.555.555.555");
    req.addHeader("alternateRemoteIp", "74.125.136.102");
    final ServletExternalContext extCtx = new ServletExternalContext(
            new MockServletContext(), req,
            new MockHttpServletResponse());
    ctx.setExternalContext(extCtx);

    final Event ev = action.doExecute(ctx);
    assertEquals(ev.getId(), new EventFactorySupport().yes(this).getId());
}
 
Example 11
@Test
public void ensureHostnameShouldDoSpnego() {
    final HostNameSpnegoKnownClientSystemsFilterAction action =
            new HostNameSpnegoKnownClientSystemsFilterAction("\\w+\\.\\w+\\.\\w+");

    final MockRequestContext ctx = new MockRequestContext();
    final MockHttpServletRequest req = new MockHttpServletRequest();
    req.setRemoteAddr("74.125.136.102");
    final ServletExternalContext extCtx = new ServletExternalContext(
            new MockServletContext(), req,
            new MockHttpServletResponse());
    ctx.setExternalContext(extCtx);

    final Event ev = action.doExecute(ctx);
    assertEquals(ev.getId(), new EventFactorySupport().yes(this).getId());

}
 
Example 12
@Test
public void ensureHostnameAndIpShouldDoSpnego() {
    final HostNameSpnegoKnownClientSystemsFilterAction action =
            new HostNameSpnegoKnownClientSystemsFilterAction("\\w+\\.\\w+\\.\\w+");
    action.setIpsToCheckPattern("74\\..+");

    final MockRequestContext ctx = new MockRequestContext();
    final MockHttpServletRequest req = new MockHttpServletRequest();
    req.setRemoteAddr("74.125.136.102");
    final ServletExternalContext extCtx = new ServletExternalContext(
            new MockServletContext(), req,
            new MockHttpServletResponse());
    ctx.setExternalContext(extCtx);

    final Event ev = action.doExecute(ctx);
    assertEquals(ev.getId(), new EventFactorySupport().yes(this).getId());

}
 
Example 13
@Test
public void verifyIpMismatchWhenCheckingHostnameForSpnego() {
    final HostNameSpnegoKnownClientSystemsFilterAction action =
            new HostNameSpnegoKnownClientSystemsFilterAction("\\w+\\.\\w+\\.\\w+");
    action.setIpsToCheckPattern("14\\..+");

    final MockRequestContext ctx = new MockRequestContext();
    final MockHttpServletRequest req = new MockHttpServletRequest();
    req.setRemoteAddr("74.125.136.102");
    final ServletExternalContext extCtx = new ServletExternalContext(
            new MockServletContext(), req,
            new MockHttpServletResponse());
    ctx.setExternalContext(extCtx);

    final Event ev = action.doExecute(ctx);
    assertEquals(ev.getId(), new EventFactorySupport().no(this).getId());

}
 
Example 14
@Test
public void ensureLdapAttributeShouldDoSpnego() {
    final LdapSpnegoKnownClientSystemsFilterAction action =
            new LdapSpnegoKnownClientSystemsFilterAction(this.connectionFactory,
            this.searchRequest, "mail");
    final MockRequestContext ctx = new MockRequestContext();
    final MockHttpServletRequest req = new MockHttpServletRequest();
    req.setRemoteAddr("localhost");
    final ServletExternalContext extCtx = new ServletExternalContext(
            new MockServletContext(), req,
            new MockHttpServletResponse());
    ctx.setExternalContext(extCtx);

    final Event ev = action.doExecute(ctx);
    assertEquals(ev.getId(), new EventFactorySupport().yes(this).getId());
}
 
Example 15
Source Project: CAS   Source File: ValidateLoginAction.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected Event doExecute(RequestContext context) throws Exception {
    CustomCredential credential = (CustomCredential) WebUtils.getCredential(context);

    System.out.println("excute");

    //系统信息不为空才检测校验码
    if (credential instanceof CustomCredential) {

        String email = credential.getEmail();
        String telephone = credential.getTelephone();
        String capcha = credential.getCapcha();

        if (capcha.equals("") || capcha == null) {
            return getError(context, CAPTCHA_CODE);
        }

        if (email.equals("") || email == null) {
            return getError(context, EMAIL_CODE);
        }

        if (telephone.equals("") || telephone == null) {
            return getError(context, TELEPHONE_CODE);
        }

    }
    return null;
}
 
Example 16
Source Project: CAS   Source File: ValidateLoginAction.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected Event doExecute(RequestContext context) throws Exception {
    CustomCredential credential = (CustomCredential) WebUtils.getCredential(context);

    System.out.println("excute");

    //系统信息不为空才检测校验码
    if (credential instanceof CustomCredential) {

        String email = credential.getEmail();
        String telephone = credential.getTelephone();
        String capcha = credential.getCapcha();

        if (capcha.equals("") || capcha == null) {
            return getError(context, CAPTCHA_CODE);
        }

        if (email.equals("") || email == null) {
            return getError(context, EMAIL_CODE);
        }

        if (telephone.equals("") || telephone == null) {
            return getError(context, TELEPHONE_CODE);
        }

    }
    return null;
}
 
Example 17
Source Project: CAS   Source File: ValidateLoginAction.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected Event doExecute(RequestContext context) throws Exception {
    CustomCredential credential = (CustomCredential) WebUtils.getCredential(context);

    System.out.println("excute");

    //系统信息不为空才检测校验码
    if (credential instanceof CustomCredential) {

        String email = credential.getEmail();
        String telephone = credential.getTelephone();
        String capcha = credential.getCapcha();



        if (capcha.equals("") || capcha == null) {
            return getError(context, CAPTCHA_CODE);
        }

        if (email.equals("") || email == null) {
            return getError(context, EMAIL_CODE);
        }

        if (telephone.equals("") || telephone == null) {
            return getError(context, TELEPHONE_CODE);
        }

    }
    return null;
}
 
Example 18
@Test
public void noServiceProvided() throws Exception {
    MockRequestContext mockRequestContext = new MockRequestContext();
    Event event = this.serviceAuthorizationCheck.doExecute(mockRequestContext);
    assertEquals("success", event.getId());

}
 
Example 19
@Override
protected Event doExecute(final RequestContext context) {
    final HttpServletRequest request = WebUtils
            .getHttpServletRequest(context);
    final HttpServletResponse response = WebUtils
            .getHttpServletResponse(context);
    final String authorizationHeader = request
            .getHeader(SpnegoConstants.HEADER_AUTHORIZATION);
    final String userAgent = request
            .getHeader(SpnegoConstants.HEADER_USER_AGENT);

    if (StringUtils.hasText(userAgent) && isSupportedBrowser(userAgent)) {
        if (!StringUtils.hasText(authorizationHeader)
                || !authorizationHeader.startsWith(this.messageBeginPrefix)
                || authorizationHeader.length() <= this.messageBeginPrefix
                .length()) {
            if (logger.isDebugEnabled()) {
                logger
                .debug("Authorization header not found. Sending WWW-Authenticate header");
            }
            response.setHeader(SpnegoConstants.HEADER_AUTHENTICATE,
                    this.ntlm ? SpnegoConstants.NTLM
                            : SpnegoConstants.NEGOTIATE);
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            // The responseComplete flag tells the pausing view-state not to render the response
            // because another object has taken care of it. If mixed mode authentication is allowed
            // then responseComplete should not be called so that webflow will display the login page.
            if (!this.mixedModeAuthentication) {
                context.getExternalContext().recordResponseComplete();
            }
        }
    }
    return success();
}
 
Example 20
Source Project: CAS   Source File: ValidateLoginAction.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected Event doExecute(RequestContext context) throws Exception {
    CustomCredential credential = (CustomCredential) WebUtils.getCredential(context);

    System.out.println("excute");

    //系统信息不为空才检测校验码
    if (credential instanceof CustomCredential) {

        String email = credential.getEmail();
        String telephone = credential.getTelephone();
        String capcha = credential.getCapcha();

        if (capcha.equals("") || capcha == null) {
            return getError(context, CAPTCHA_CODE);
        }

        if (email.equals("") || email == null) {
            return getError(context, EMAIL_CODE);
        }

        if (telephone.equals("") || telephone == null) {
            return getError(context, TELEPHONE_CODE);
        }

    }
    return null;
}
 
Example 21
Source Project: cas4.0.x-server-wechat   Source File: LogoutActionTests.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void logoutForServiceWithNoFollowRedirects() throws Exception {
    this.request.addParameter("service", "TestService");
    this.logoutAction.setFollowServiceRedirects(false);
    final Event event = this.logoutAction.doExecute(this.requestContext);
    assertEquals(LogoutAction.FINISH_EVENT, event.getId());
    assertNull(this.requestContext.getFlowScope().get("logoutRedirectUrl"));
}
 
Example 22
Source Project: CAS   Source File: ValidateLoginAction.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected Event doExecute(RequestContext context) throws Exception {
    CustomCredential credential = (CustomCredential) WebUtils.getCredential(context);

    System.out.println("excute");

    //系统信息不为空才检测校验码
    if (credential instanceof CustomCredential) {

        String email = credential.getEmail();
        String telephone = credential.getTelephone();
        String capcha = credential.getCapcha();



        if (capcha.equals("") || capcha == null) {
            return getError(context, CAPTCHA_CODE);
        }

        if (email.equals("") || email == null) {
            return getError(context, EMAIL_CODE);
        }

        if (telephone.equals("") || telephone == null) {
            return getError(context, TELEPHONE_CODE);
        }

    }
    return null;
}
 
Example 23
Source Project: CAS   Source File: ValidateLoginAction.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected Event doExecute(RequestContext context) throws Exception {
    CustomCredential credential = (CustomCredential) WebUtils.getCredential(context);

    System.out.println("excute");

    //系统信息不为空才检测校验码
    if (credential instanceof CustomCredential) {

        String email = credential.getEmail();
        String telephone = credential.getTelephone();
        String capcha = credential.getCapcha();

        if (capcha.equals("") || capcha == null) {
            return getError(context, CAPTCHA_CODE);
        }

        if (email.equals("") || email == null) {
            return getError(context, EMAIL_CODE);
        }

        if (telephone.equals("") || telephone == null) {
            return getError(context, TELEPHONE_CODE);
        }

    }
    return null;
}
 
Example 24
Source Project: springboot-shiro-cas-mybatis   Source File: ClientActionTests.java    License: MIT License 5 votes vote down vote up
@Test
public void verifyStartAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(ClientAction.THEME, MY_THEME);
    mockRequest.setParameter(ClientAction.LOCALE, MY_LOCALE);
    mockRequest.setParameter(ClientAction.METHOD, MY_METHOD);

    final MockHttpSession mockSession = new MockHttpSession();
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);
    mockRequestContext.getFlowScope().put(ClientAction.SERVICE, new SimpleWebApplicationServiceImpl(MY_SERVICE));

    final FacebookClient facebookClient = new FacebookClient(MY_KEY, MY_SECRET);
    final TwitterClient twitterClient = new TwitterClient(MY_KEY, MY_SECRET);
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient, twitterClient);
    final ClientAction action = new ClientAction(mock(CentralAuthenticationService.class), clients);

    final Event event = action.execute(mockRequestContext);
    assertEquals("error", event.getId());
    assertEquals(MY_THEME, mockSession.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockSession.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockSession.getAttribute(ClientAction.METHOD));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    assertTrue(((String) flowScope.get("FacebookClientUrl"))
            .startsWith("https://www.facebook.com/v2.2/dialog/oauth?client_id=my_key&redirect_uri=http%3A%2F%2Fcasserver%2Flogin%3F"
                    + Clients.DEFAULT_CLIENT_NAME_PARAMETER + "%3DFacebookClient&state="));
    assertEquals(MY_LOGIN_URL + "?" + Clients.DEFAULT_CLIENT_NAME_PARAMETER
            + "=TwitterClient&needs_client_redirection=true", flowScope.get("TwitterClientUrl"));
}
 
Example 25
Source Project: springboot-shiro-cas-mybatis   Source File: ClientActionTests.java    License: MIT License 5 votes vote down vote up
@Test
public void verifyFinishAuthentication() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest();
    mockRequest.setParameter(Clients.DEFAULT_CLIENT_NAME_PARAMETER, "FacebookClient");

    final MockHttpSession mockSession = new MockHttpSession();
    mockSession.setAttribute(ClientAction.THEME, MY_THEME);
    mockSession.setAttribute(ClientAction.LOCALE, MY_LOCALE);
    mockSession.setAttribute(ClientAction.METHOD, MY_METHOD);
    final Service service = new SimpleWebApplicationServiceImpl(MY_SERVICE);
    mockSession.setAttribute(ClientAction.SERVICE, service);
    mockRequest.setSession(mockSession);

    final ServletExternalContext servletExternalContext = mock(ServletExternalContext.class);
    when(servletExternalContext.getNativeRequest()).thenReturn(mockRequest);

    final MockRequestContext mockRequestContext = new MockRequestContext();
    mockRequestContext.setExternalContext(servletExternalContext);

    final FacebookClient facebookClient = new MockFacebookClient();
    final Clients clients = new Clients(MY_LOGIN_URL, facebookClient);

    final TicketGrantingTicket tgt = new TicketGrantingTicketImpl(TGT_ID, mock(Authentication.class), mock(ExpirationPolicy.class));
    final CentralAuthenticationService casImpl = mock(CentralAuthenticationService.class);
    when(casImpl.createTicketGrantingTicket(any(Credential.class))).thenReturn(tgt);
    final ClientAction action = new ClientAction(casImpl, clients);
    final Event event = action.execute(mockRequestContext);
    assertEquals("success", event.getId());
    assertEquals(MY_THEME, mockRequest.getAttribute(ClientAction.THEME));
    assertEquals(MY_LOCALE, mockRequest.getAttribute(ClientAction.LOCALE));
    assertEquals(MY_METHOD, mockRequest.getAttribute(ClientAction.METHOD));
    assertEquals(MY_SERVICE, mockRequest.getAttribute(ClientAction.SERVICE));
    final MutableAttributeMap flowScope = mockRequestContext.getFlowScope();
    final MutableAttributeMap requestScope = mockRequestContext.getRequestScope();
    assertEquals(service, flowScope.get(ClientAction.SERVICE));
    assertEquals(TGT_ID, flowScope.get(TGT_NAME));
    assertEquals(TGT_ID, requestScope.get(TGT_NAME));
}
 
Example 26
@Test
public void verifyNoService() throws Exception {
    final MockRequestContext context = new MockRequestContext();
    final MockHttpServletRequest request = new MockHttpServletRequest();
    context.setExternalContext(new ServletExternalContext(
            new MockServletContext(), request,
            new MockHttpServletResponse()));
    final Event event = this.action.execute(context);

    assertNotNull(event);

    assertEquals("error", this.action.execute(context).getId());
}
 
Example 27
@Test
public void testNoServiceFound() throws Exception {
    final MockRequestContext context = new MockRequestContext();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), new MockHttpServletRequest(),
            new MockHttpServletResponse()));

    final Event event = this.action.execute(context);

    assertNull(WebUtils.getService(context));

    assertEquals("success", event.getId());
}
 
Example 28
@Override
protected Event doExecute(final RequestContext context) throws Exception {
    final Service service = WebUtils.getService(context);

    final boolean match = this.servicesManager.matchesExistingService(service);

    if (match) {
        return success();
    }

    final String msg = String.format("ServiceManagement: Unauthorized Service Access. "
            + "Service [%s] does not match entries in service registry.", service.getId());
    logger.warn(msg);
    throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg);
}
 
Example 29
@Override
protected MockHttpServletResponse loginUnsuccessfully(final String username, final String fromAddress) throws Exception {
    final MockHttpServletRequest request = new MockHttpServletRequest();
    final MockHttpServletResponse response = new MockHttpServletResponse();
    request.setMethod("POST");
    request.setParameter("username", username);
    request.setRemoteAddr(fromAddress);
    MockRequestContext context = new MockRequestContext();
    context.setCurrentEvent(new Event("", "error"));
    request.setAttribute("flowRequestContext", context);
    getThrottle().preHandle(request, response, null);
    getThrottle().postHandle(request, response, null, null);
    return response;
}
 
Example 30
Source Project: springboot-shiro-cas-mybatis   Source File: LogoutAction.java    License: MIT License 5 votes vote down vote up
@Override
protected Event doInternalExecute(final HttpServletRequest request, final HttpServletResponse response,
        final RequestContext context) throws Exception {

    boolean needFrontSlo = false;
    putLogoutIndex(context, 0);
    final List<LogoutRequest> logoutRequests = WebUtils.getLogoutRequests(context);
    if (logoutRequests != null) {
        for (final LogoutRequest logoutRequest : logoutRequests) {
            // if some logout request must still be attempted
            if (logoutRequest.getStatus() == LogoutRequestStatus.NOT_ATTEMPTED) {
                needFrontSlo = true;
                break;
            }
        }
    }

    final String service = request.getParameter("service");
    if (this.followServiceRedirects && service != null) {
        final Service webAppService = new SimpleWebApplicationServiceImpl(service);
        final RegisteredService rService = this.servicesManager.findServiceBy(webAppService);

        if (rService != null && rService.getAccessStrategy().isServiceAccessAllowed()) {
            context.getFlowScope().put("logoutRedirectUrl", service);
        }
    }

    // there are some front services to logout, perform front SLO
    if (needFrontSlo) {
        return new Event(this, FRONT_EVENT);
    } else {
        // otherwise, finish the logout process
        return new Event(this, FINISH_EVENT);
    }
}