/** * Is inline groovy script ?. * * @param script the script * @return the boolean */ public static boolean isInlineGroovyScript(final String script) { return getMatcherForInlineGroovyScript(script).find(); }
@Override public boolean isSatisfiedBy(final Authentication auth, final Set<AuthenticationHandler> authenticationHandlers) throws Exception { val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(script); val ex = getScriptExecutionResult(auth, matcherInline); if (ex != null && ex.isPresent()) { throw new GeneralSecurityException(ex.get()); } return true; }
@Override public Map<String, Object> getAttributesInternal(final Principal principal, final Map<String, Object> attributes, final RegisteredService service) { try { if (StringUtils.isBlank(this.scriptFile)) { return new HashMap<>(0); } val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(this.scriptFile); if (matcherInline.find()) { return getAttributesFromInlineGroovyScript(attributes, matcherInline); } return getScriptedAttributesFromFile(attributes); } catch (final Exception e) { LOGGER.error(e.getMessage(), e); } return new HashMap<>(0); }
@Override public Map<String, Object> filter(final Map<String, Object> givenAttributes) { val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(script); val matcherFile = ScriptingUtils.getMatcherForExternalGroovyScript(script); if (matcherInline.find()) { return filterInlinedGroovyAttributeValues(givenAttributes, matcherInline.group(1)); } if (matcherFile.find()) { return filterFileBasedGroovyAttributeValues(givenAttributes, matcherFile.group(2)); } return givenAttributes; }
private static void mapSingleAttributeDefinition(final String attributeName, final String mappedAttributeName, final Object attributeValue, final Map<String, Object> resolvedAttributes, final Map<String, Object> attributesToRelease) { val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(mappedAttributeName); val matcherFile = ScriptingUtils.getMatcherForExternalGroovyScript(mappedAttributeName); if (matcherInline.find()) { LOGGER.debug("Mapped attribute [{}] is an inlined groovy script", mappedAttributeName); processInlineGroovyAttribute(resolvedAttributes, attributesToRelease, matcherInline, attributeName); } else if (matcherFile.find()) { LOGGER.debug("Mapped attribute [{}] is an external groovy script", mappedAttributeName); processFileBasedGroovyAttributes(resolvedAttributes, attributesToRelease, matcherFile, attributeName); } else { if (attributeValue != null) { LOGGER.debug("Found attribute [{}] in the list of allowed attributes, mapped to the name [{}]", attributeName, mappedAttributeName); attributesToRelease.put(mappedAttributeName, attributeValue); } else { LOGGER.warn("Could not find value for mapped attribute [{}] that is based off of [{}] in the allowed attributes list. " + "Ensure the original attribute [{}] is retrieved and contains at least a single value. Attribute [{}] " + "will and can not be released without the presence of a value.", mappedAttributeName, attributeName, attributeName, mappedAttributeName); } } }
@Override public String resolveUsernameInternal(final Principal principal, final Service service, final RegisteredService registeredService) { val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(this.groovyScript); val matcherFile = ScriptingUtils.getMatcherForExternalGroovyScript(this.groovyScript); if (matcherInline.find()) { return resolveUsernameFromInlineGroovyScript(principal, service, matcherInline.group(1)); } if (matcherFile.find()) { return resolveUsernameFromExternalGroovyScript(principal, service, matcherFile.group(1)); } LOGGER.warn("Groovy script [{}] is not valid. CAS will switch to use the default principal identifier [{}]", this.groovyScript, principal.getId()); return principal.getId(); }