Refine search
@SuppressWarnings("unchecked") @Override protected UserDetails loadUserDetails(final Assertion assertion) { final List<GrantedAuthority> grantedAuthorities = new ArrayList<>(); for (final String attribute : this.attributes) { final Object value = assertion.getPrincipal().getAttributes().get(attribute); if (value == null) { continue; } if (value instanceof List) { final List list = (List) value; for (final Object o : list) { grantedAuthorities.add(new SimpleGrantedAuthority( this.convertToUpperCase ? o.toString().toUpperCase() : o .toString())); } } else { grantedAuthorities.add(new SimpleGrantedAuthority( this.convertToUpperCase ? value.toString().toUpperCase() : value .toString())); } } return new User(assertion.getPrincipal().getName(), NON_EXISTENT_PASSWORD_VALUE, true, true, true, true, grantedAuthorities); }
@Test public void deserializeCasAuthenticationTest() throws IOException, JSONException { CasAuthenticationToken token = mapper.readValue(CAS_TOKEN_JSON, CasAuthenticationToken.class); assertThat(token).isNotNull(); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("admin"); assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo("1234"); assertThat(token.getUserDetails()).isNotNull().isInstanceOf(User.class); assertThat(token.getAssertion()).isNotNull().isInstanceOf(AssertionImpl.class); assertThat(token.getKeyHash()).isEqualTo(KEY.hashCode()); assertThat(token.getUserDetails().getAuthorities()) .extracting(GrantedAuthority::getAuthority) .containsOnly("ROLE_USER"); assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(START_DATE); assertThat(token.getAssertion().getValidFromDate()).isEqualTo(START_DATE); assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(END_DATE); assertThat(token.getAssertion().getPrincipal().getName()).isEqualTo("assertName"); assertThat(token.getAssertion().getAttributes()).hasSize(0); }
public Object getPrincipal() { return this.assertion.getPrincipal().getName(); }
@Override @SneakyThrows public String build(final String serviceTicketId, final Service service) { val assertion = this.ticketValidator.validate(serviceTicketId, service.getId()); val attributes = new HashMap<String, Object>(assertion.getAttributes()); attributes.putAll(assertion.getPrincipal().getAttributes()); val validUntilDate = FunctionUtils.doIf( assertion.getValidUntilDate() != null, assertion::getValidUntilDate, () -> { val dt = ZonedDateTime.now().plusSeconds(expirationPolicy.getTimeToLive()); return DateTimeUtils.dateOf(dt); }) .get(); return buildJwt(serviceTicketId, service.getId(), assertion.getAuthenticationDate(), assertion.getPrincipal().getName(), validUntilDate, attributes); }
assertion.getPrincipal().getName()); String proxyTicket = assertion.getPrincipal().getProxyTicketFor(this.clearPassUrl); log.debug( "Attempting to get password for user {} using Proxy Ticket {}", assertion.getPrincipal().getName(), proxyTicket); + " Replaying credentials", proxyTicket == null ? "proxy ticket" : "password", assertion.getPrincipal().getName());
String appendProxyTicketToURL(String url, Assertion casAssertion) { if (casAssertion == null) { return url; } String proxyTicket = casAssertion.getPrincipal().getProxyTicketFor(url); if (proxyTicket == null || proxyTicket.isEmpty()) { return url; } try { char parameterSeparator = '?'; if (url.contains("?")) { parameterSeparator = '&'; } url += parameterSeparator + "ticket=" + URLEncoder. encode(proxyTicket, "UTF-8"); } catch (UnsupportedEncodingException ex) { logger.error("Error on encoding proxy ticket {}", ex); } return url; }
/** * Log cas validation assertion. * * @param assertion the assertion */ protected void logCasValidationAssertion(final Assertion assertion) { LOGGER.debug("CAS Assertion Valid: [{}]", assertion.isValid()); LOGGER.debug("CAS Assertion Principal: [{}]", assertion.getPrincipal().getName()); LOGGER.debug("CAS Assertion authentication Date: [{}]", assertion.getAuthenticationDate()); LOGGER.debug("CAS Assertion ValidFrom Date: [{}]", assertion.getValidFromDate()); LOGGER.debug("CAS Assertion ValidUntil Date: [{}]", assertion.getValidUntilDate()); LOGGER.debug("CAS Assertion Attributes: [{}]", assertion.getAttributes()); LOGGER.debug("CAS Assertion Principal Attributes: [{}]", assertion.getPrincipal().getAttributes()); }
final String username = assertion.getPrincipal().getName(); PasswordData password = null; final AttributePrincipal attributePrincipal = assertion.getPrincipal(); final Map<String, Object> casAttributes = attributePrincipal.getAttributes(); final String proxyTicket = assertion.getPrincipal().getProxyTicketFor( clearPassUrl ); if ( proxyTicket == null )
protected AttributePrincipal retrievePrincipalFromSessionOrRequest(final ServletRequest servletRequest) { final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpSession session = request.getSession(false); final Assertion assertion = (Assertion) (session == null ? request .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : session .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION)); return assertion == null ? null : assertion.getPrincipal(); }
private AttributeStatement buildAttributeStatement(final Object casAssertion, final RequestAbstractType authnRequest, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final MessageContext messageContext) throws SamlException { val assertion = Assertion.class.cast(casAssertion); val attributes = new HashMap<String, Object>(assertion.getAttributes()); attributes.putAll(assertion.getPrincipal().getAttributes()); val encodedAttrs = this.samlAttributeEncoder.encodeAttributes(attributes, service); val resp = samlIdPProperties.getResponse(); val nameFormats = new HashMap<String, String>(resp.configureAttributeNameFormats()); nameFormats.putAll(service.getAttributeNameFormats()); return newAttributeStatement(encodedAttrs, service.getAttributeFriendlyNames(), nameFormats, resp.getDefaultAttributeNameFormat(), new SamlProfileSamlRegisteredServiceAttributeBuilder(service, adaptor, messageContext, samlObjectEncrypter)); } }
/** * Removes expired entries from the assertion cache. */ private void cleanCache() { logger.debug("Cleaning assertion cache of size {}", ASSERTION_CACHE.size()); final Iterator<Map.Entry<TicketCredential, Assertion>> iter = ASSERTION_CACHE.entrySet().iterator(); final Calendar cutoff = Calendar.getInstance(); cutoff.setTimeInMillis(System.currentTimeMillis() - this.cacheTimeoutUnit.toMillis(this.cacheTimeout)); while (iter.hasNext()) { final Assertion assertion = iter.next().getValue(); final Calendar created = Calendar.getInstance(); created.setTime(assertion.getValidFromDate()); if (created.before(cutoff)) { logger.debug("Removing expired assertion for principal {}", assertion.getPrincipal()); iter.remove(); } } } }
if (assertion.getPrincipal().getAttributes() == null || assertion.getPrincipal().getAttributes().isEmpty()) { return; assertion.getPrincipal().getAttributes().entrySet()) { log.debug( "Adding attribute '{}' from Assertion with value '{}'; runtime type of value is {}",
public void testPrincipalConstructor() { final Assertion assertion = new AssertionImpl(CONST_PRINCIPAL); assertEquals(CONST_PRINCIPAL, assertion.getPrincipal()); assertTrue(assertion.getAttributes().isEmpty()); assertNull(assertion.getPrincipal().getProxyTicketFor("test")); }
public void testCompleteConstructor() { final Assertion assertion = new AssertionImpl(CONST_PRINCIPAL, CONST_ATTRIBUTES); assertEquals(CONST_PRINCIPAL, assertion.getPrincipal()); assertEquals(CONST_ATTRIBUTES, assertion.getAttributes()); } }
SecurityContext ctx=SecurityContextHolder.getContext(); CasAuthenticationToken casToken=(CasAuthenticationToken) ctx.getAuthentication(); Assertion assertion=casToken.getAssertion(); user_fullName=(String) assertion.getAttributes().get("FullName");
Date validUntilDate = assertion.getValidUntilDate(); expirationTime = assertion.getValidUntilDate().getTime(); } else { Date validFromDate = assertion.getValidFromDate();
id = '_' + String.valueOf(RandomUtils.getNativeInstance().nextLong()); val statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id); if (assertion.getValidUntilDate() != null) { val dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate()); statement.setSessionNotOnOrAfter( DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
val validFromDate = ZonedDateTime.ofInstant(assertion.getValidFromDate().toInstant(), ZoneOffset.UTC); LOGGER.debug("Locating the assertion consumer service url for binding [{}]", binding); @NonNull
public Object getPrincipal() { return this.assertion.getPrincipal().getName(); }
.issuer(casProperties.getServer().getPrefix()) .jwtID(ticketId) .issueTime(assertion.getAuthenticationDate()) .subject(assertion.getPrincipal().getName()); assertion.getAttributes().forEach(claims::claim); assertion.getPrincipal().getAttributes().forEach(claims::claim); if (assertion.getValidUntilDate() != null) { claims.expirationTime(assertion.getValidUntilDate()); } else { final ZonedDateTime dt = ZonedDateTime.now().plusSeconds(ticketGrantingTicketExpirationPolicy.getTimeToLive());