TouchInstinct
/
java-cas-client
303
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into CASC-202

This commit is contained in:
Scott Battaglia 2013-01-08 23:34:01 -05:00
parent f2df7a8603 d69e083f28
commit 105bd17b61
4 changed files with 96 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutFilter.java
View File

@ -45,6 +45,7 @@ public final class SingleSignOutFilter extends AbstractConfigurationFilter {
handler.setArtifactParameterName(getPropertyFromInitParams(filterConfig, "artifactParameterName", "ticket"));
handler.setLogoutParameterName(getPropertyFromInitParams(filterConfig, "logoutParameterName", "logoutRequest"));
handler.setArtifactParameterOverPost(parseBoolean(getPropertyFromInitParams(filterConfig, "artifactParameterOverPost", "false")));
handler.setEagerlyCreateSessions(parseBoolean(getPropertyFromInitParams(filterConfig, "eagerlyCreateSessions", "true")));
}
handler.init();
}

13
cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java
View File

@ -54,6 +54,8 @@ public final class SingleSignOutHandler {
private boolean artifactParameterOverPost = false;
private boolean eagerlyCreateSessions = true;
private List<String> safeParameters;
@ -83,6 +85,10 @@ public final class SingleSignOutHandler {
this.logoutParameterName = name;
}
public void setEagerlyCreateSessions(final boolean eagerlyCreateSessions) {
this.eagerlyCreateSessions = eagerlyCreateSessions;
}
/**
* Initializes the component for use.
*/
@ -128,7 +134,12 @@ public final class SingleSignOutHandler {
* @param request HTTP request containing an authentication token.
*/
public void recordSession(final HttpServletRequest request) {
final HttpSession session = request.getSession(true);
final HttpSession session = request.getSession(this.eagerlyCreateSessions);
if (session == null) {
log.debug("No session currently exists (and none created). Cannot record session information for single sign out.");
return;
}
final String token = CommonUtils.safeGetParameter(request, this.artifactParameterName, this.safeParameters);
logger.debug("Recording session for token {}", token);

104
cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java
View File

@ -27,10 +27,16 @@ import org.jasig.cas.client.proxy.ProxyRetriever;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.XmlUtils;
import org.w3c.dom.NodeList;
import org.xml.sax.Attributes;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.XMLReader;
import org.xml.sax.helpers.DefaultHandler;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import java.io.StringReader;
import java.util.*;
/**
* Implementation of the TicketValidator that will validate Service Tickets in compliance with the CAS 2.
@ -128,27 +134,18 @@ public class Cas20ServiceTicketValidator extends AbstractCasProtocolUrlBasedTick
* @return the map of attributes.
*/
protected Map<String,Object> extractCustomAttributes(final String xml) {
if (!xml.contains("<cas:attributes>")) {
return new HashMap<String, Object>();
}
final Map<String, Object> attributes = new HashMap<String, Object>();
final SAXParserFactory spf = SAXParserFactory.newInstance();
spf.setNamespaceAware(true);
spf.setValidating(false);
try {
NodeList nodeList = XmlUtils.getNodeListForElements(xml,"cas:attributes");
for (int i = 0; i < nodeList.getLength(); i++) {
final String nodeName = nodeList.item(i).getNodeName();
final int beginIndex = nodeName.indexOf(":") + 1;
final int endIndex = nodeList.item(i).getNodeName().length();
final String attributeName = nodeName.substring(beginIndex, endIndex); // remove the "cas:" prefix from node name
final Object attributeValue = nodeList.item(i).getTextContent();
attributes.put(attributeName, attributeValue);
}
return attributes;
} catch (Exception e) {
final SAXParser saxParser = spf.newSAXParser();
final XMLReader xmlReader = saxParser.getXMLReader();
final CustomAttributeHandler handler = new CustomAttributeHandler();
xmlReader.setContentHandler(handler);
xmlReader.parse(new InputSource(new StringReader(xml)));
return handler.getAttributes();
} catch (final Exception e) {
log.error(e.getMessage(), e);
return Collections.emptyMap();
}
}
@ -187,4 +184,65 @@ public class Cas20ServiceTicketValidator extends AbstractCasProtocolUrlBasedTick
protected final ProxyRetriever getProxyRetriever() {
return this.proxyRetriever;
}
private class CustomAttributeHandler extends DefaultHandler {
private Map<String, Object> attributes;
private boolean foundAttributes;
private String currentAttribute;
private StringBuilder value;
@Override
public void startDocument() throws SAXException {
this.attributes = new HashMap<String, Object>();
}
@Override
public void startElement(final String namespaceURI, final String localName, final String qName, final Attributes attributes) throws SAXException {
if ("attributes".equals(localName)) {
this.foundAttributes = true;
} else if (this.foundAttributes) {
this.value = new StringBuilder();
this.currentAttribute = localName;
}
}
@Override
public void characters(final char[] chars, final int start, final int length) throws SAXException {
if (this.currentAttribute != null) {
value.append(chars, start, length);
}
}
@Override
public void endElement(final String namespaceURI, final String localName, final String qName) throws SAXException {
if ("attributes".equals(localName)) {
this.foundAttributes = false;
this.currentAttribute = null;
} else if (this.foundAttributes) {
final Object o = this.attributes.get(this.currentAttribute);
if (o == null) {
this.attributes.put(this.currentAttribute, this.value.toString());
} else {
final List<Object> items;
if (o instanceof List) {
items = (List<Object>) o;
} else {
items = new LinkedList<Object>();
items.add(o);
this.attributes.put(this.currentAttribute, items);
}
items.add(this.value.toString());
}
}
}
public Map<String, Object> getAttributes() {
return this.attributes;
}
}
}

3
cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidatorTests.java
View File

@ -139,13 +139,14 @@ public final class Cas20ServiceTicketValidatorTests extends AbstractTicketValida
+ USERNAME
+ "</cas:user><cas:proxyGrantingTicket>"
+ PGTIOU
+ "</cas:proxyGrantingTicket><cas:attributes><cas:password>test</cas:password><cas:eduPersonId>id</cas:eduPersonId></cas:attributes></cas:authenticationSuccess></cas:serviceResponse>";
+ "</cas:proxyGrantingTicket><cas:attributes><cas:password>test</cas:password><cas:eduPersonId>id</cas:eduPersonId><cas:longAttribute>test1\n\ntest</cas:longAttribute></cas:attributes></cas:authenticationSuccess></cas:serviceResponse>";
server.content = RESPONSE.getBytes(server.encoding);
final Assertion assertion = this.ticketValidator.validate("test", "test");
assertEquals(USERNAME, assertion.getPrincipal().getName());
assertEquals("test", assertion.getPrincipal().getAttributes().get("password"));
assertEquals("id", assertion.getPrincipal().getAttributes().get("eduPersonId"));
assertEquals("test1\n\ntest", assertion.getPrincipal().getAttributes().get("longAttribute"));
//assertEquals(PGT, assertion.getProxyGrantingTicketId());
}