/** * Gets the {@link ConsumerManager} that was configured or defaults to using a * {@link ConsumerManager} with the default constructor. * @return the {@link ConsumerManager} to use */ private ConsumerManager getConsumerManager() { if (this.consumerManager != null) { return this.consumerManager; } return new ConsumerManager(); }
verification = consumerManager.verify(receivingURL.toString(), openidResp, discovered); Identifier verified = verification.getVerifiedId(); return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, id == null ? "Unknown" : id.getIdentifier(), "Verification status message: [" + verification.getStatusMsg() + "]", Collections.<OpenIDAttribute> emptyList()); verification.getAuthResponse(), attributesToFetch);
@SuppressWarnings("serial") @Test public void successfulVerificationReturnsExpectedAuthentication() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); VerificationResult vr = mock(VerificationResult.class); DiscoveryInformation di = mock(DiscoveryInformation.class); Identifier id = new Identifier() { public String getIdentifier() { return "id"; } }; Message msg = mock(Message.class); when( mgr.verify(any(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr); when(vr.getVerifiedId()).thenReturn(id); when(vr.getAuthResponse()).thenReturn(msg); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute(DiscoveryInformation.class.getName(), di); request.getSession().setAttribute( "SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST", attributes); OpenIDAuthenticationToken auth = consumer.endConsumption(request); assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.SUCCESS); }
public SampleConsumer(String returnToUrl) throws ConsumerException { // configure the return_to URL where your application will receive // the authentication responses from the OpenID provider this.returnToUrl = returnToUrl; // instantiate a ConsumerManager object manager = new ConsumerManager(); manager.setAssociations(new InMemoryConsumerAssociationStore()); manager.setNonceVerifier(new InMemoryNonceVerifier(5000)); // for a working demo, not enforcing RP realm discovery // since this new feature is not deployed manager.getRealmVerifier().setEnforceRpId(false); }
discoveries = consumerManager.discover(identityUrl); DiscoveryInformation information = consumerManager.associate(discoveries); req.getSession().setAttribute(DISCOVERY_INFO_KEY, information); authReq = consumerManager.authenticate(information, returnToUrl, realm);
@SuppressWarnings("deprecation") @Test public void beginConsumptionCreatesExpectedSessionData() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); AuthRequest authReq = mock(AuthRequest.class); DiscoveryInformation di = mock(DiscoveryInformation.class); when(mgr.authenticate(any(DiscoveryInformation.class), any(), any())) .thenReturn(authReq); when(mgr.associate(any())).thenReturn(di); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new MockAttributesFactory()); MockHttpServletRequest request = new MockHttpServletRequest(); consumer.beginConsumption(request, "", "", ""); assertThat(request.getSession().getAttribute( "SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST")).isEqualTo(attributes); assertThat( request.getSession().getAttribute(DiscoveryInformation.class.getName())).isEqualTo(di); // Check with empty attribute fetch list consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); request = new MockHttpServletRequest(); consumer.beginConsumption(request, "", "", ""); }
@Test public void messageOrConsumerAuthenticationExceptionRaisesOpenIDException() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); when(mgr.authenticate(ArgumentMatchers.<DiscoveryInformation>any(), any(), any())) .thenThrow(new MessageException("msg"), new ConsumerException("msg")); try { consumer.beginConsumption(new MockHttpServletRequest(), "", "", ""); fail("OpenIDConsumerException was not thrown"); } catch (OpenIDConsumerException expected) { } try { consumer.beginConsumption(new MockHttpServletRequest(), "", "", ""); fail("OpenIDConsumerException was not thrown"); } catch (OpenIDConsumerException expected) { } }
@Test public void failedVerificationReturnsFailedAuthenticationStatus() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); VerificationResult vr = mock(VerificationResult.class); DiscoveryInformation di = mock(DiscoveryInformation.class); when( mgr.verify(any(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute(DiscoveryInformation.class.getName(), di); OpenIDAuthenticationToken auth = consumer.endConsumption(request); assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.FAILURE); }
@Test(expected = OpenIDConsumerException.class) public void discoveryExceptionRaisesOpenIDException() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); when(mgr.discover(any())).thenThrow(new DiscoveryException("msg")); consumer.beginConsumption(new MockHttpServletRequest(), "", "", ""); }
/** * Sets the max age (in seconds) configured for keeping track of nonces. * <p> * Nonces older than the max age will be removed from the store and * authentication responses will be considered failures. */ public void setMaxNonceAge(int ageSeconds) { _nonceVerifier.setMaxAge(ageSeconds); }
/** * Gets the max age (in seconds) configured for keeping track of nonces. * <p> * Nonces older than the max age will be removed from the store and * authentication responses will be considered failures. */ public int getMaxNonceAge() { return _nonceVerifier.getMaxAge(); }
public JdbcNonceVerifier ( int maxAge, String tableName ) { this ( maxAge ) ; setTableName ( tableName ) ; }
@Test public void requestWhenAttributeExchangeConfiguredThenFetchAttributesPassedToIdp() throws Exception { this.spring.configLocations(this.xml("WithOpenIDAttributes")).autowire(); OpenIDAuthenticationFilter openIDFilter = getFilter(OpenIDAuthenticationFilter.class); OpenID4JavaConsumer consumer = getFieldValue(openIDFilter, "consumer"); ConsumerManager manager = getFieldValue(consumer, "consumerManager"); manager.setMaxAssocAttempts(0); try ( MockWebServer server = new MockWebServer() ) { String endpoint = server.url("/").toString(); server.enqueue(new MockResponse() .addHeader(YADIS_XRDS_LOCATION, endpoint)); server.enqueue(new MockResponse() .setBody(String.format( "<XRDS><XRD><Service><URI>%s</URI></Service></XRD></XRDS>", endpoint))); this.mvc.perform(get("/login/openid") .param(OpenIDAuthenticationFilter.DEFAULT_CLAIMED_IDENTITY_FIELD, endpoint)) .andExpect(status().isFound()) .andExpect(result -> result.getResponse().getRedirectedUrl().endsWith( "openid.ext1.type.nickname=http%3A%2F%2Fschema.openid.net%2FnamePerson%2Ffriendly&" + "openid.ext1.if_available=nickname&" + "openid.ext1.type.email=http%3A%2F%2Fschema.openid.net%2Fcontact%2Femail&" + "openid.ext1.required=email&" + "openid.ext1.count.email=2")); } }
public OpenIDManager(OpenIDRequest theReq) { this.request = theReq; consumerManager = new ConsumerManager(); consumerManager.setAssociations(new InMemoryConsumerAssociationStore()); consumerManager.setNonceVerifier(new InMemoryNonceVerifier(5000)); userString = request.getURL(); }
public OpenID4JavaConsumer(AxFetchListFactory attributesToFetchFactory) throws ConsumerException { this(new ConsumerManager(), attributesToFetchFactory); }
mgr.verify(any(), any(ParameterList.class), any(DiscoveryInformation.class))) .thenThrow(new MessageException(""))
public OpenIDManager(OpenIDRequest theReq) { this.request = theReq; consumerManager = new ConsumerManager(); consumerManager.setAssociations(new InMemoryConsumerAssociationStore()); consumerManager.setNonceVerifier(new InMemoryNonceVerifier(5000)); userString = request.getURL(); }
public OpenID4JavaConsumer() throws ConsumerException { this(new ConsumerManager(), new NullAxFetchListFactory()); }
public OpenIDManager(OpenIDRequest theReq) { this.request = theReq; consumerManager = new ConsumerManager(); consumerManager.setAssociations(new InMemoryConsumerAssociationStore()); consumerManager.setNonceVerifier(new InMemoryNonceVerifier(5000)); userString = request.getURL(); }
/** * Gets the {@link ConsumerManager} that was configured or defaults to using a * {@link ConsumerManager} with the default constructor. * @return the {@link ConsumerManager} to use */ private ConsumerManager getConsumerManager() { if (this.consumerManager != null) { return this.consumerManager; } return new ConsumerManager(); }