public DirectFormClient(final Authenticator usernamePasswordAuthenticator, final ProfileCreator profileCreator) { defaultAuthenticator(usernamePasswordAuthenticator); defaultProfileCreator(profileCreator); }
@Override public String toString() { return CommonHelper.toNiceString(this.getClass(), "name", getName(), "usernameParameter", this.usernameParameter, "passwordParameter", this.passwordParameter, "extractor", getCredentialsExtractor(), "authenticator", getAuthenticator(), "profileCreator", getProfileCreator()); } }
@Bean public Config oauthSecConfig() { val cfg = new CasConfiguration(casProperties.getServer().getLoginUrl()); val oauthCasClient = new CasClient(cfg); oauthCasClient.setRedirectActionBuilder(webContext -> oauthCasClientRedirectActionBuilder().build(oauthCasClient, webContext)); oauthCasClient.setName(Authenticators.CAS_OAUTH_CLIENT); oauthCasClient.setUrlResolver(casCallbackUrlResolver()); val authenticator = oAuthClientAuthenticator(); val basicAuthClient = new DirectBasicAuthClient(authenticator); basicAuthClient.setName(Authenticators.CAS_OAUTH_CLIENT_BASIC_AUTHN); val directFormClient = new DirectFormClient(authenticator); directFormClient.setName(Authenticators.CAS_OAUTH_CLIENT_DIRECT_FORM); directFormClient.setUsernameParameter(OAuth20Constants.CLIENT_ID); directFormClient.setPasswordParameter(OAuth20Constants.CLIENT_SECRET); val pkceAuthnClient = new DirectFormClient(oAuthProofKeyCodeExchangeAuthenticator()); pkceAuthnClient.setName(Authenticators.CAS_OAUTH_CLIENT_PROOF_KEY_CODE_EXCHANGE_AUTHN); pkceAuthnClient.setUsernameParameter(OAuth20Constants.CLIENT_ID); pkceAuthnClient.setPasswordParameter(OAuth20Constants.CODE_VERIFIER); val userFormClient = new DirectFormClient(oAuthUserAuthenticator()); userFormClient.setName(Authenticators.CAS_OAUTH_CLIENT_USER_FORM); val config = new Config(OAuth20Utils.casOAuthCallbackUrl(casProperties.getServer().getPrefix()), oauthCasClient, basicAuthClient, pkceAuthnClient, directFormClient, userFormClient); config.setSessionStore(new J2ESessionStore()); return config; }
default Config getConfig() { // login not used because the ajax resolver always answer true Authenticator<UsernamePasswordCredentials> auth = new SimpleTestUsernamePasswordAuthenticator(); FormClient client = new FormClient("notUsedLoginUrl", auth); DirectFormClient client2 = new DirectFormClient(auth); DirectFormClient client3 = new DirectFormClient(auth); client3.setName(DEFAULT_CLIENT); Clients clients = new Clients("notUsedCallbackUrl", client, client2, client3); // in case of invalid credentials, we simply want the error, not a redirect to the login url clients.setAjaxRequestResolver(new JaxRsAjaxRequestResolver()); // so that callback url have the correct prefix w.r.t. the container's context clients.setUrlResolver(new JaxRsUrlResolver()); clients.setDefaultSecurityClients(DEFAULT_CLIENT); return new Config(clients); } }
@Test public void testMissingUsernamePasswordAuthenticator() { final DirectFormClient formClient = new DirectFormClient(null); TestsHelper.expectException(() -> formClient.getCredentials(MockWebContext.create()), TechnicalException.class, "authenticator cannot be null"); }
@Test public void testGetBadCredentials() { final DirectFormClient formClient = getFormClient(); final MockWebContext context = MockWebContext.create(); assertNull(formClient.getCredentials(context.addRequestParameter(formClient.getUsernameParameter(), USERNAME) .addRequestParameter(formClient.getPasswordParameter(), PASSWORD))); }
@Test public void testMissingProfileCreator() { final DirectFormClient formClient = new DirectFormClient(new SimpleTestUsernamePasswordAuthenticator(), null); TestsHelper.expectException(() -> formClient.getUserProfile(new UsernamePasswordCredentials(USERNAME, PASSWORD), MockWebContext.create()), TechnicalException.class, "profileCreator cannot be null"); }
@Test public void testHasDefaultProfileCreator() { final DirectFormClient formClient = new DirectFormClient(new LocalCachingAuthenticator<>(new SimpleTestUsernamePasswordAuthenticator(), 10, 10, TimeUnit.DAYS)); formClient.init(); }
private DirectFormClient getFormClient() { return new DirectFormClient(new SimpleTestUsernamePasswordAuthenticator()); }
@Test public void testGetCredentialsMissingPassword() { final DirectFormClient formClient = getFormClient(); final MockWebContext context = MockWebContext.create(); assertNull(formClient.getCredentials(context.addRequestParameter(formClient.getPasswordParameter(), PASSWORD))); }
@Test public void testGetCredentialsMissingUsername() { final DirectFormClient formClient = getFormClient(); final MockWebContext context = MockWebContext.create(); assertNull(formClient.getCredentials(context.addRequestParameter(formClient.getUsernameParameter(), USERNAME))); }
public DirectFormClient(final String usernameParameter, final String passwordParameter, final Authenticator usernamePasswordAuthenticator) { this.usernameParameter = usernameParameter; this.passwordParameter = passwordParameter; defaultAuthenticator(usernamePasswordAuthenticator); }
@Override protected void clientInit() { CommonHelper.assertNotBlank("usernameParameter", usernameParameter); CommonHelper.assertNotBlank("passwordParameter", passwordParameter); defaultCredentialsExtractor(new FormExtractor(usernameParameter, passwordParameter)); }
@Test public void testGetGoodCredentials() { final DirectFormClient formClient = getFormClient(); final UsernamePasswordCredentials credentials = formClient.getCredentials(MockWebContext.create() .addRequestParameter(formClient.getUsernameParameter(), USERNAME) .addRequestParameter(formClient.getPasswordParameter(), USERNAME)); assertEquals(USERNAME, credentials.getUsername()); assertEquals(USERNAME, credentials.getPassword()); }
public DirectFormClient(final Authenticator usernamePasswordAuthenticator) { defaultAuthenticator(usernamePasswordAuthenticator); }