TouchInstinct
/
java-cas-client
303
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added support for having regex expressions in the proxy (chaining) list.

This commit is contained in:
John Gasper 2014-03-05 10:17:59 -08:00
parent 590a79c6a6
commit 80ff9857f0
2 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cas-client-core/src/main/java/org/jasig/cas/client/validation/ProxyList.java
View File

@ -27,6 +27,7 @@ import org.jasig.cas.client.util.CommonUtils;
* Holding class for the proxy list to make Spring configuration easier.
*
* @author Scott Battaglia
* @author John Gasper
* @version $Revision$ $Date$
* @since 3.1.3
*/
@ -47,6 +48,24 @@ public final class ProxyList {
for (final String[] list : this.proxyChains) {
if (Arrays.equals(proxiedList, list)) {
return true;
} else {
//strings might be regex, so check for each string
if (list.length == proxiedList.length) {
boolean passed = false;
for (int i=0; i<list.length; i++) {
String pattern = list[i];
if ((pattern.startsWith("^") && proxiedList[i].matches(pattern))
|| pattern.equals(proxiedList[i])) {
passed = true;
} else {
break;
}
}
if (passed == true) {
return true;
}
}
}
}

32
cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidatorTests.java
View File

@ -35,6 +35,7 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
* Test cases for the {@link Cas20ProxyTicketValidator}.
*
* @author Scott Battaglia
* @author John Gasper
* @version $Revision: 11737 $ $Date: 2007-10-03 09:14:02 -0400 (Tue, 03 Oct 2007) $
* @since 3.0
*/
@ -105,6 +106,37 @@ public final class Cas20ProxyTicketValidatorTests extends AbstractTicketValidato
}
}
@Test
public void testRegexProxyChainWithValidProxy() throws TicketValidationException, UnsupportedEncodingException {
final List<String[]> list = new ArrayList<String[]>();
list.add(new String[] { "proxy1", "proxy2", "^proxy3/[a-z]*/" });
this.ticketValidator.setAllowedProxyChains(new ProxyList(list));
final String USERNAME = "username";
final String RESPONSE = "<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'><cas:authenticationSuccess><cas:user>username</cas:user><cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket><cas:proxies><cas:proxy>proxy1</cas:proxy><cas:proxy>proxy2</cas:proxy><cas:proxy>proxy3/abc/</cas:proxy></cas:proxies></cas:authenticationSuccess></cas:serviceResponse>";
server.content = RESPONSE.getBytes(server.encoding);
final Assertion assertion = this.ticketValidator.validate("test", "test");
assertEquals(USERNAME, assertion.getPrincipal().getName());
}
@Test
public void testRegexProxyChainWithInvalidProxy() throws TicketValidationException, UnsupportedEncodingException {
final List<String[]> list = new ArrayList<String[]>();
list.add(new String[] { "proxy1", "proxy2", "^proxy3/[a-z]*/" });
this.ticketValidator.setAllowedProxyChains(new ProxyList(list));
final String RESPONSE = "<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'><cas:authenticationSuccess><cas:user>username</cas:user><cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket><cas:proxies><cas:proxy>proxy/ABC/</cas:proxy><cas:proxy>proxy2</cas:proxy><cas:proxy>proxy3</cas:proxy></cas:proxies></cas:authenticationSuccess></cas:serviceResponse>";
server.content = RESPONSE.getBytes(server.encoding);
try {
this.ticketValidator.validate("test", "test");
fail("Invalid proxy chain");
} catch (InvalidProxyChainTicketValidationException e) {
// expected
}
}
@Test
public void testConstructionFromSpringBean() throws TicketValidationException, UnsupportedEncodingException {
final ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext(