Merge branch 'master' into CASC-196

2013-01-07 22:56:07 -05:00 · 2013-01-07 22:56:07 -05:00 · e95d867792
parent 980d0ff116 27d89ccb30
commit e95d867792
7 changed files with 62 additions and 14 deletions
--- a/cas-client-core/src/main/java/org/jasig/cas/client/proxy/ProxyGrantingTicketStorageImpl.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/proxy/ProxyGrantingTicketStorageImpl.java
@ -25,6 +25,7 @@ import java.util.concurrent.ConcurrentMap;

 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.jasig.cas.client.util.CommonUtils;

 /**
 * Implementation of {@link ProxyGrantingTicketStorage} that is backed by a
@ -82,6 +83,10 @@ public final class ProxyGrantingTicketStorageImpl implements ProxyGrantingTicket
     * Its removed after retrieval.
     */
    public String retrieve(final String proxyGrantingTicketIou) {
+        if (CommonUtils.isBlank(proxyGrantingTicketIou)) {
+            return null;
+        }
+
        final ProxyGrantingTicketHolder holder = this.cache.get(proxyGrantingTicketIou);

        if (holder == null) {
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Assertion.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Assertion.java
@ -69,4 +69,12 @@ public interface Assertion extends Serializable {
     * @return the principal.
     */
    AttributePrincipal getPrincipal();
+
+    /**
+     * Determines whether an Assertion is considered usable or not.  A naive implementation may just check the date validity.
+     *
+     * @return true if its valid, false otherwise.
+     * @since 3.3.0 (though in 3.3.0, no one actually calls this)
+     */
+    boolean isValid();
 }
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AssertionImpl.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AssertionImpl.java
@ -121,4 +121,13 @@ public final class AssertionImpl implements Assertion {
    public AttributePrincipal getPrincipal() {
        return this.principal;
    }
+
+    public boolean isValid() {
+        if (this.validFromDate == null) {
+            return true;
+        }
+
+        final Date now = new Date();
+        return this.validFromDate.before(now) && (this.validUntilDate == null || this.validUntilDate.after(now));
+    }
 }
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyReceivingTicketValidationFilter.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyReceivingTicketValidationFilter.java
@ -49,7 +49,7 @@ import org.jasig.cas.client.util.ReflectUtils;
 */
 public class Cas20ProxyReceivingTicketValidationFilter extends AbstractTicketValidationFilter {

-    private static final String[] RESERVED_INIT_PARAMS = new String[] {"proxyGrantingTicketStorageClass", "proxyReceptorUrl", "acceptAnyProxy", "allowedProxyChains", "casServerUrlPrefix", "proxyCallbackUrl", "renew", "exceptionOnValidationFailure", "redirectAfterValidation", "useSession", "serverName", "service", "artifactParameterName", "serviceParameterName", "encodeServiceUrl", "millisBetweenCleanUps", "hostnameVerifier", "encoding", "config"};
+    private static final String[] RESERVED_INIT_PARAMS = new String[] {"proxyGrantingTicketStorageClass", "proxyReceptorUrl", "acceptAnyProxy", "allowedProxyChains", "casServerUrlPrefix", "proxyCallbackUrl", "renew", "exceptionOnValidationFailure", "redirectAfterValidation", "useSession", "serverName", "service", "artifactParameterName", "serviceParameterName", "encodeServiceUrl", "millisBetweenCleanUps", "hostnameVerifier", "encoding", "config", "ticketValidatorClass"};

    private static final int DEFAULT_MILLIS_BETWEEN_CLEANUPS = 60 * 1000;

@ -113,6 +113,14 @@ public class Cas20ProxyReceivingTicketValidationFilter extends AbstractTicketVal
        this.timer.schedule(this.timerTask, this.millisBetweenCleanUps, this.millisBetweenCleanUps);
    }

+    private <T> T createNewTicketValidator(final String ticketValidatorClass, final String casServerUrlPrefix, final Class<T> clazz) {
+        if (CommonUtils.isBlank(ticketValidatorClass)) {
+            return ReflectUtils.newInstance(clazz, casServerUrlPrefix);
+        }
+
+        return ReflectUtils.newInstance(ticketValidatorClass, casServerUrlPrefix);
+    }
+
    /**
     * Constructs a Cas20ServiceTicketValidator or a Cas20ProxyTicketValidator based on supplied parameters.
     *
@ -123,15 +131,16 @@ public class Cas20ProxyReceivingTicketValidationFilter extends AbstractTicketVal
        final String allowAnyProxy = getPropertyFromInitParams(filterConfig, "acceptAnyProxy", null);
        final String allowedProxyChains = getPropertyFromInitParams(filterConfig, "allowedProxyChains", null);
        final String casServerUrlPrefix = getPropertyFromInitParams(filterConfig, "casServerUrlPrefix", null);
+        final String ticketValidatorClass = getPropertyFromInitParams(filterConfig, "ticketValidatorClass", null);
        final Cas20ServiceTicketValidator validator;

        if (CommonUtils.isNotBlank(allowAnyProxy) || CommonUtils.isNotBlank(allowedProxyChains)) {
-            final Cas20ProxyTicketValidator v = new Cas20ProxyTicketValidator(casServerUrlPrefix);
+            final Cas20ProxyTicketValidator v = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas20ProxyTicketValidator.class);
            v.setAcceptAnyProxy(parseBoolean(allowAnyProxy));
            v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains));
            validator = v;
        } else {
-            validator = new Cas20ServiceTicketValidator(casServerUrlPrefix);
+            validator = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas20ServiceTicketValidator.class);
        }
        validator.setProxyCallbackUrl(getPropertyFromInitParams(filterConfig, "proxyCallbackUrl", null));
        validator.setProxyGrantingTicketStorage(this.proxyGrantingTicketStorage);
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java
@ -75,20 +75,20 @@ public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator {
        this.allowedProxyChains = allowedProxyChains;
    }

-    protected boolean isAcceptAnyProxy() {
+    protected final boolean isAcceptAnyProxy() {
        return this.acceptAnyProxy;
    }

-    protected boolean isAllowEmptyProxyChain() {
+    protected final boolean isAllowEmptyProxyChain() {
      return this.allowEmptyProxyChain;
    }

    /**
     * Set to determine whether empty proxy chains are allowed.
     * @see #customParseResponse(String, Assertion)
-     * @param allowEmptyProxyChain
+     * @param allowEmptyProxyChain whether to allow empty proxy chains or not.  True if so, false otherwise.
     */
-    public void setAllowEmptyProxyChain(final boolean allowEmptyProxyChain) {
+    public final void setAllowEmptyProxyChain(final boolean allowEmptyProxyChain) {
      this.allowEmptyProxyChain = allowEmptyProxyChain;
    }
 }
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java
@ -36,6 +36,7 @@ import org.opensaml.xml.io.UnmarshallerFactory;
 import org.opensaml.xml.io.UnmarshallingException;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.parse.XMLParserException;
+import org.opensaml.xml.schema.XSAny;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;

@ -220,7 +221,11 @@ public final class Saml11TicketValidator extends AbstractUrlBasedTicketValidator
    private List<?> getValuesFrom(final Attribute attribute) {
        final List<Object> list = new ArrayList<Object>();
        for (final Object o : attribute.getAttributeValues()) {
-            list.add(o.toString());
+            if (o instanceof XSAny) {
+                list.add(((XSAny) o).getTextContent());
+            } else {
+                list.add(o.toString());
+            }
        }
        return list;
    }
--- a/cas-client-core/src/test/java/org/jasig/cas/client/proxy/ProxyGrantingTicketStorageImplTest.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/proxy/ProxyGrantingTicketStorageImplTest.java
@ -20,25 +20,37 @@
 package org.jasig.cas.client.proxy;

 import junit.framework.TestCase;
+import org.junit.Assert;
+import org.junit.Test;

 /**
 * Unit test for {@link ProxyGrantingTicketStorageImpl}
 * 
 * @author Brad Cupit (brad [at] lsu {dot} edu)
 */
-public class ProxyGrantingTicketStorageImplTest extends TestCase {
-    public void testCleanUp() throws Exception {
+public class ProxyGrantingTicketStorageImplTest {
+
+    private static final int TIME_OUT = 250;
+
+    private ProxyGrantingTicketStorage storage = new ProxyGrantingTicketStorageImpl(TIME_OUT);
+
+    @Test
+    public void cleanUp() throws Exception {
        String proxyGrantingTicketIou = "proxyGrantingTicketIou";
        
        int timeout = 250;
-        ProxyGrantingTicketStorageImpl storage = new ProxyGrantingTicketStorageImpl(timeout);
-        storage.save(proxyGrantingTicketIou, "proxyGrantingTicket");
+        this.storage.save(proxyGrantingTicketIou, "proxyGrantingTicket");
        
        // sleep long enough for the ticket to timeout
        Thread.sleep(timeout * 2);
        
-        storage.cleanUp();
+        this.storage.cleanUp();
        
-        assertNull(storage.retrieve(proxyGrantingTicketIou));
+        Assert.assertNull(this.storage.retrieve(proxyGrantingTicketIou));
+    }
+
+    @Test
+    public void nullPGTIOU() {
+        Assert.assertNull(this.storage.retrieve(null));
    }
 }