From 1fc896c4583b77e9785216662a0bb4124f882657 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 17 May 2017 15:04:42 -0700 Subject: [PATCH 01/11] allow extension points for JSON validation parsing. add filter and validator --- .../validation/Cas20ProxyTicketValidator.java | 6 ++- .../Cas20ServiceTicketValidator.java | 18 ++++++-- ...nProxyReceivingTicketValidationFilter.java | 33 +++++++++++++++ .../Cas30JsonServiceTicketValidator.java | 41 +++++++++++++++++++ 4 files changed, 94 insertions(+), 4 deletions(-) create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonProxyReceivingTicketValidationFilter.java create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java index c97cf21..bf10e5c 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java @@ -52,7 +52,7 @@ public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator { protected void customParseResponse(final String response, final Assertion assertion) throws TicketValidationException { - final List proxies = XmlUtils.getTextForElements(response, "proxy"); + final List proxies = parseProxiesFromResponse(response); if (proxies == null) { throw new InvalidProxyChainTicketValidationException( @@ -85,6 +85,10 @@ public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator { throw new InvalidProxyChainTicketValidationException("Invalid proxy chain: " + proxies.toString()); } + protected List parseProxiesFromResponse(final String response) { + return XmlUtils.getTextForElements(response, "proxy"); + } + public final void setAcceptAnyProxy(final boolean acceptAnyProxy) { this.acceptAnyProxy = acceptAnyProxy; } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java index 9ecc5b8..e45e50c 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java @@ -78,14 +78,14 @@ public class Cas20ServiceTicketValidator extends AbstractCasProtocolUrlBasedTick } protected final Assertion parseResponseFromServer(final String response) throws TicketValidationException { - final String error = XmlUtils.getTextForElement(response, "authenticationFailure"); + final String error = parseAuthenticationFailureFromResponse(response); if (CommonUtils.isNotBlank(error)) { throw new TicketValidationException(error); } - final String principal = XmlUtils.getTextForElement(response, "user"); - final String proxyGrantingTicketIou = XmlUtils.getTextForElement(response, "proxyGrantingTicket"); + final String principal = parsePrincipalFromResponse(response); + final String proxyGrantingTicketIou = parseProxyGrantingTicketFromResponse(response); final String proxyGrantingTicket; if (CommonUtils.isBlank(proxyGrantingTicketIou) || this.proxyGrantingTicketStorage == null) { @@ -113,6 +113,18 @@ public class Cas20ServiceTicketValidator extends AbstractCasProtocolUrlBasedTick return assertion; } + protected String parseProxyGrantingTicketFromResponse(final String response) { + return XmlUtils.getTextForElement(response, "proxyGrantingTicket"); + } + + protected String parsePrincipalFromResponse(final String response) { + return XmlUtils.getTextForElement(response, "user"); + } + + protected String parseAuthenticationFailureFromResponse(final String response) { + return XmlUtils.getTextForElement(response, "authenticationFailure"); + } + /** * Default attribute parsing of attributes that look like the following: * <cas:attributes> diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonProxyReceivingTicketValidationFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonProxyReceivingTicketValidationFilter.java new file mode 100644 index 0000000..3d8a41a --- /dev/null +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonProxyReceivingTicketValidationFilter.java @@ -0,0 +1,33 @@ +/* + * Licensed to Jasig under one or more contributor license + * agreements. See the NOTICE file distributed with this work + * for additional information regarding copyright ownership. + * Jasig licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a + * copy of the License at the following location: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.jasig.cas.client.validation; + +/** + * Creates either a Cas30JsonServiceTicketValidator to validate tickets. + * + * @author Misagh Moayyed + */ +public class Cas30JsonProxyReceivingTicketValidationFilter extends Cas30ProxyReceivingTicketValidationFilter { + + public Cas30JsonProxyReceivingTicketValidationFilter() { + super(); + this.defaultServiceTicketValidatorClass = Cas30JsonServiceTicketValidator.class; + this.defaultProxyTicketValidatorClass = Cas30JsonServiceTicketValidator.class; + } +} diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java new file mode 100644 index 0000000..39b0fc6 --- /dev/null +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java @@ -0,0 +1,41 @@ +package org.jasig.cas.client.validation; + +import java.util.List; +import java.util.Map; + +/** + * This is {@link Cas30JsonServiceTicketValidator}. + * + * @author Misagh Moayyed + */ +public class Cas30JsonServiceTicketValidator extends Cas30ProxyTicketValidator { + public Cas30JsonServiceTicketValidator(final String casServerUrlPrefix) { + super(casServerUrlPrefix); + getCustomParameters().put("format", "JSON"); + } + + @Override + protected List parseProxiesFromResponse(final String response) { + return super.parseProxiesFromResponse(response); + } + + @Override + protected String parseProxyGrantingTicketFromResponse(final String response) { + return super.parseProxyGrantingTicketFromResponse(response); + } + + @Override + protected String parsePrincipalFromResponse(final String response) { + return super.parsePrincipalFromResponse(response); + } + + @Override + protected String parseAuthenticationFailureFromResponse(final String response) { + return super.parseAuthenticationFailureFromResponse(response); + } + + @Override + protected Map extractCustomAttributes(final String xml) { + return super.extractCustomAttributes(xml); + } +} From 5152f40be9f60a441a54a6dcdf583987b130b0d2 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 17 May 2017 15:59:20 -0700 Subject: [PATCH 02/11] allow extension points for JSON validation parsing. add filter and validator --- cas-client-core/pom.xml | 5 + .../validation/Cas20ProxyTicketValidator.java | 4 +- .../Cas20ServiceTicketValidator.java | 2 +- .../Cas30JsonServiceTicketValidator.java | 41 --------- .../Cas30ServiceTicketValidator.java | 2 +- ...nProxyReceivingTicketValidationFilter.java | 6 +- .../json/Cas30JsonProxyTicketValidator.java | 26 ++++++ .../json/Cas30JsonServiceTicketValidator.java | 51 ++++++++++ .../json/JsonValidationResponseParser.java | 49 ++++++++++ .../json/TicketValidationJsonResponse.java | 92 +++++++++++++++++++ pom.xml | 6 ++ 11 files changed, 237 insertions(+), 47 deletions(-) delete mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java rename cas-client-core/src/main/java/org/jasig/cas/client/validation/{ => json}/Cas30JsonProxyReceivingTicketValidationFilter.java (84%) create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java diff --git a/cas-client-core/pom.xml b/cas-client-core/pom.xml index ead56f8..9d5ceae 100644 --- a/cas-client-core/pom.xml +++ b/cas-client-core/pom.xml @@ -35,6 +35,11 @@ true + + com.fasterxml.jackson.core + jackson-databind + + org.springframework spring-beans diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java index bf10e5c..96f8854 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java @@ -28,7 +28,7 @@ import org.jasig.cas.client.util.XmlUtils; * @author Scott Battaglia * @since 3.1 */ -public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator { +public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator implements ProxyTicketValidator { private boolean acceptAnyProxy; @@ -61,7 +61,7 @@ public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator { ); } // this means there was nothing in the proxy chain, which is okay - if ((this.allowEmptyProxyChain && proxies.isEmpty())) { + if (this.allowEmptyProxyChain && proxies.isEmpty()) { logger.debug("Found an empty proxy chain, permitted by client configuration"); return; } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java index e45e50c..fa20991 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ServiceTicketValidator.java @@ -77,7 +77,7 @@ public class Cas20ServiceTicketValidator extends AbstractCasProtocolUrlBasedTick return "serviceValidate"; } - protected final Assertion parseResponseFromServer(final String response) throws TicketValidationException { + protected Assertion parseResponseFromServer(final String response) throws TicketValidationException { final String error = parseAuthenticationFailureFromResponse(response); if (CommonUtils.isNotBlank(error)) { diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java deleted file mode 100644 index 39b0fc6..0000000 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonServiceTicketValidator.java +++ /dev/null @@ -1,41 +0,0 @@ -package org.jasig.cas.client.validation; - -import java.util.List; -import java.util.Map; - -/** - * This is {@link Cas30JsonServiceTicketValidator}. - * - * @author Misagh Moayyed - */ -public class Cas30JsonServiceTicketValidator extends Cas30ProxyTicketValidator { - public Cas30JsonServiceTicketValidator(final String casServerUrlPrefix) { - super(casServerUrlPrefix); - getCustomParameters().put("format", "JSON"); - } - - @Override - protected List parseProxiesFromResponse(final String response) { - return super.parseProxiesFromResponse(response); - } - - @Override - protected String parseProxyGrantingTicketFromResponse(final String response) { - return super.parseProxyGrantingTicketFromResponse(response); - } - - @Override - protected String parsePrincipalFromResponse(final String response) { - return super.parsePrincipalFromResponse(response); - } - - @Override - protected String parseAuthenticationFailureFromResponse(final String response) { - return super.parseAuthenticationFailureFromResponse(response); - } - - @Override - protected Map extractCustomAttributes(final String xml) { - return super.extractCustomAttributes(xml); - } -} diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30ServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30ServiceTicketValidator.java index cb155a7..236ea6e 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30ServiceTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30ServiceTicketValidator.java @@ -26,7 +26,7 @@ package org.jasig.cas.client.validation; */ public class Cas30ServiceTicketValidator extends Cas20ServiceTicketValidator { - public Cas30ServiceTicketValidator(String casServerUrlPrefix) { + public Cas30ServiceTicketValidator(final String casServerUrlPrefix) { super(casServerUrlPrefix); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonProxyReceivingTicketValidationFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java similarity index 84% rename from cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonProxyReceivingTicketValidationFilter.java rename to cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java index 3d8a41a..76c9d7e 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas30JsonProxyReceivingTicketValidationFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java @@ -16,7 +16,9 @@ * specific language governing permissions and limitations * under the License. */ -package org.jasig.cas.client.validation; +package org.jasig.cas.client.validation.json; + +import org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter; /** * Creates either a Cas30JsonServiceTicketValidator to validate tickets. @@ -28,6 +30,6 @@ public class Cas30JsonProxyReceivingTicketValidationFilter extends Cas30ProxyRec public Cas30JsonProxyReceivingTicketValidationFilter() { super(); this.defaultServiceTicketValidatorClass = Cas30JsonServiceTicketValidator.class; - this.defaultProxyTicketValidatorClass = Cas30JsonServiceTicketValidator.class; + this.defaultProxyTicketValidatorClass = Cas30JsonProxyTicketValidator.class; } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java new file mode 100644 index 0000000..8ef4d80 --- /dev/null +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java @@ -0,0 +1,26 @@ +package org.jasig.cas.client.validation.json; + +import org.jasig.cas.client.validation.Assertion; +import org.jasig.cas.client.validation.Cas30ProxyTicketValidator; +import org.jasig.cas.client.validation.ProxyTicketValidator; +import org.jasig.cas.client.validation.TicketValidationException; + +import java.util.List; + +/** + * This is {@link Cas30JsonProxyTicketValidator} that attempts to parse the CAS validation response + * as JSON. Very similar to {@link Cas30JsonServiceTicketValidator}, it also honors proxies as the name suggests. + * + * @author Misagh Moayyed + */ +public class Cas30JsonProxyTicketValidator extends Cas30JsonServiceTicketValidator implements ProxyTicketValidator { + public Cas30JsonProxyTicketValidator(final String casServerUrlPrefix) { + super(casServerUrlPrefix); + getCustomParameters().put("format", "JSON"); + } + + @Override + protected Assertion parseResponseFromServer(final String response) throws TicketValidationException { + return super.parseResponseFromServer(response); + } +} diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java new file mode 100644 index 0000000..4476296 --- /dev/null +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java @@ -0,0 +1,51 @@ +package org.jasig.cas.client.validation.json; + +import org.jasig.cas.client.authentication.AttributePrincipal; +import org.jasig.cas.client.authentication.AttributePrincipalImpl; +import org.jasig.cas.client.util.CommonUtils; +import org.jasig.cas.client.validation.Assertion; +import org.jasig.cas.client.validation.AssertionImpl; +import org.jasig.cas.client.validation.Cas30ServiceTicketValidator; +import org.jasig.cas.client.validation.TicketValidationException; + +import java.util.Map; + +/** + * This is {@link Cas30JsonServiceTicketValidator} that attempts to parse the CAS validation response + * as JSON. If the response is not formatted as JSON, it shall fallback to the XML default syntax. + * The JSON response provides advantages in terms of naming and parsing CAS attributes that have special + * names that otherwise may not be encoded as XML, such as the invalid {@code value} + * + * @author Misagh Moayyed + */ +public class Cas30JsonServiceTicketValidator extends Cas30ServiceTicketValidator { + + public Cas30JsonServiceTicketValidator(final String casServerUrlPrefix) { + super(casServerUrlPrefix); + getCustomParameters().put("format", "JSON"); + } + + @Override + protected Assertion parseResponseFromServer(final String response) throws TicketValidationException { + final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); + final String proxyGrantingTicketIou = json.getAuthenticationSuccess().getProxyGrantingTicket(); + final String proxyGrantingTicket; + if (CommonUtils.isBlank(proxyGrantingTicketIou) || getProxyGrantingTicketStorage() == null) { + proxyGrantingTicket = null; + } else { + proxyGrantingTicket = getProxyGrantingTicketStorage().retrieve(proxyGrantingTicketIou); + } + + final Assertion assertion; + final Map attributes = json.getAuthenticationSuccess().getAttributes(); + final String principal = json.getAuthenticationSuccess().getUser(); + if (CommonUtils.isNotBlank(proxyGrantingTicket)) { + final AttributePrincipal attributePrincipal = new AttributePrincipalImpl(principal, attributes, + proxyGrantingTicket, getProxyRetriever()); + assertion = new AssertionImpl(attributePrincipal); + } else { + assertion = new AssertionImpl(new AttributePrincipalImpl(principal, attributes)); + } + return assertion; + } +} diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java new file mode 100644 index 0000000..1977c3a --- /dev/null +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java @@ -0,0 +1,49 @@ +package org.jasig.cas.client.validation.json; + +import com.fasterxml.jackson.databind.ObjectMapper; +import org.jasig.cas.client.util.CommonUtils; +import org.jasig.cas.client.validation.TicketValidationException; + +import java.util.List; +import java.util.Map; + +/** + * This is {@link JsonValidationResponseParser}. + * + * @author Misagh Moayyed + */ +final class JsonValidationResponseParser { + private final ObjectMapper objectMapper; + + public JsonValidationResponseParser() { + this.objectMapper = new ObjectMapper(); + this.objectMapper.findAndRegisterModules(); + } + + + + public TicketValidationJsonResponse parse(final String response) throws TicketValidationException { + try { + final TicketValidationJsonResponse json = this.objectMapper.readValue(response, TicketValidationJsonResponse.class); + + if (json == null || json.getAuthenticationFailure() != null && json.getAuthenticationSuccess() != null) { + throw new TicketValidationException("Invalid JSON response; either the response is empty or it indicates both a success " + + "and a failure event, which is indicative of a server error. The actual response is " + response); + } + + if (json.getAuthenticationFailure() != null) { + final String error = json.getAuthenticationFailure().getDescription() + + " - " + json.getAuthenticationFailure().getDescription(); + throw new TicketValidationException(error); + } + + final String principal = json.getAuthenticationSuccess().getUser(); + if (CommonUtils.isEmpty(principal)) { + throw new TicketValidationException("No principal was found in the response from the CAS server."); + } + return json; + } catch (final Exception e) { + throw new RuntimeException("Unable to parse JSON validation response", e); + } + } +} diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java new file mode 100644 index 0000000..75e83af --- /dev/null +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java @@ -0,0 +1,92 @@ +package org.jasig.cas.client.validation.json; + +import java.util.List; +import java.util.Map; + +/** + * This is {@link TicketValidationJsonResponse}. + * + * @author Misagh Moayyed + */ +final class TicketValidationJsonResponse { + private CasServiceResponseAuthenticationFailure authenticationFailure; + private CasServiceResponseAuthenticationSuccess authenticationSuccess; + + public CasServiceResponseAuthenticationFailure getAuthenticationFailure() { + return this.authenticationFailure; + } + + public void setAuthenticationFailure(final CasServiceResponseAuthenticationFailure authenticationFailure) { + this.authenticationFailure = authenticationFailure; + } + + public CasServiceResponseAuthenticationSuccess getAuthenticationSuccess() { + return this.authenticationSuccess; + } + + public void setAuthenticationSuccess(final CasServiceResponseAuthenticationSuccess authenticationSuccess) { + this.authenticationSuccess = authenticationSuccess; + } + + static class CasServiceResponseAuthenticationSuccess { + private String user; + private String proxyGrantingTicket; + private List proxies; + private Map attributes; + + public String getUser() { + return this.user; + } + + public void setUser(final String user) { + this.user = user; + } + + public String getProxyGrantingTicket() { + return this.proxyGrantingTicket; + } + + public void setProxyGrantingTicket(final String proxyGrantingTicket) { + this.proxyGrantingTicket = proxyGrantingTicket; + } + + public List getProxies() { + return this.proxies; + } + + public void setProxies(final List proxies) { + this.proxies = proxies; + } + + public Map getAttributes() { + return this.attributes; + } + + public void setAttributes(final Map attributes) { + this.attributes = attributes; + } + } + + static class CasServiceResponseAuthenticationFailure { + private String code; + private String description; + + public String getCode() { + return this.code; + } + + public void setCode(final String code) { + this.code = code; + } + + public String getDescription() { + return this.description; + } + + public void setDescription(final String description) { + this.description = description; + } + } +} + + diff --git a/pom.xml b/pom.xml index 7a16ddc..1a9f4d7 100644 --- a/pom.xml +++ b/pom.xml @@ -206,6 +206,11 @@ + + com.fasterxml.jackson.core + jackson-databind + ${jackson.version} + @@ -261,5 +266,6 @@ 2.2.0 3.0.2 1.7.1 + 2.8.8.1 From 88789ef358d0fb705d948ded964dbcacb190dddd Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 17 May 2017 16:00:24 -0700 Subject: [PATCH 03/11] allow extension points for JSON validation parsing. add filter and validator --- .../cas/client/validation/Cas20ProxyTicketValidator.java | 2 +- .../validation/json/Cas30JsonProxyTicketValidator.java | 6 +----- .../validation/json/JsonValidationResponseParser.java | 4 +--- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java index 96f8854..289c402 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java @@ -28,7 +28,7 @@ import org.jasig.cas.client.util.XmlUtils; * @author Scott Battaglia * @since 3.1 */ -public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator implements ProxyTicketValidator { +public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator { private boolean acceptAnyProxy; diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java index 8ef4d80..43dcc89 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java @@ -1,19 +1,15 @@ package org.jasig.cas.client.validation.json; import org.jasig.cas.client.validation.Assertion; -import org.jasig.cas.client.validation.Cas30ProxyTicketValidator; -import org.jasig.cas.client.validation.ProxyTicketValidator; import org.jasig.cas.client.validation.TicketValidationException; -import java.util.List; - /** * This is {@link Cas30JsonProxyTicketValidator} that attempts to parse the CAS validation response * as JSON. Very similar to {@link Cas30JsonServiceTicketValidator}, it also honors proxies as the name suggests. * * @author Misagh Moayyed */ -public class Cas30JsonProxyTicketValidator extends Cas30JsonServiceTicketValidator implements ProxyTicketValidator { +public class Cas30JsonProxyTicketValidator extends Cas30JsonServiceTicketValidator { public Cas30JsonProxyTicketValidator(final String casServerUrlPrefix) { super(casServerUrlPrefix); getCustomParameters().put("format", "JSON"); diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java index 1977c3a..2cf1f05 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java @@ -19,9 +19,7 @@ final class JsonValidationResponseParser { this.objectMapper = new ObjectMapper(); this.objectMapper.findAndRegisterModules(); } - - - + public TicketValidationJsonResponse parse(final String response) throws TicketValidationException { try { final TicketValidationJsonResponse json = this.objectMapper.readValue(response, TicketValidationJsonResponse.class); From f2ea4129bd8dd437863de894c613218f01a55849 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 17 May 2017 16:13:46 -0700 Subject: [PATCH 04/11] allow extension points for JSON validation parsing. add filter and validator --- .../validation/Cas20ProxyTicketValidator.java | 1 + ...nProxyReceivingTicketValidationFilter.java | 2 ++ .../json/Cas30JsonProxyTicketValidator.java | 24 ++++++++++++-- .../json/Cas30JsonServiceTicketValidator.java | 33 +++++++------------ .../json/JsonValidationResponseParser.java | 3 -- .../json/TicketValidationJsonResponse.java | 32 ++++++++++++++++++ 6 files changed, 68 insertions(+), 27 deletions(-) diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java index 289c402..7bdf0d7 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Cas20ProxyTicketValidator.java @@ -50,6 +50,7 @@ public class Cas20ProxyTicketValidator extends Cas20ServiceTicketValidator { return "proxyValidate"; } + @Override protected void customParseResponse(final String response, final Assertion assertion) throws TicketValidationException { final List proxies = parseProxiesFromResponse(response); diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java index 76c9d7e..4fdb0e1 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java @@ -32,4 +32,6 @@ public class Cas30JsonProxyReceivingTicketValidationFilter extends Cas30ProxyRec this.defaultServiceTicketValidatorClass = Cas30JsonServiceTicketValidator.class; this.defaultProxyTicketValidatorClass = Cas30JsonProxyTicketValidator.class; } + + } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java index 43dcc89..48ff1f3 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java @@ -1,15 +1,18 @@ package org.jasig.cas.client.validation.json; import org.jasig.cas.client.validation.Assertion; +import org.jasig.cas.client.validation.Cas30ProxyTicketValidator; import org.jasig.cas.client.validation.TicketValidationException; +import java.util.List; + /** * This is {@link Cas30JsonProxyTicketValidator} that attempts to parse the CAS validation response * as JSON. Very similar to {@link Cas30JsonServiceTicketValidator}, it also honors proxies as the name suggests. * * @author Misagh Moayyed */ -public class Cas30JsonProxyTicketValidator extends Cas30JsonServiceTicketValidator { +public class Cas30JsonProxyTicketValidator extends Cas30ProxyTicketValidator { public Cas30JsonProxyTicketValidator(final String casServerUrlPrefix) { super(casServerUrlPrefix); getCustomParameters().put("format", "JSON"); @@ -17,6 +20,23 @@ public class Cas30JsonProxyTicketValidator extends Cas30JsonServiceTicketValidat @Override protected Assertion parseResponseFromServer(final String response) throws TicketValidationException { - return super.parseResponseFromServer(response); + try { + final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); + return json.getAssertion(getProxyGrantingTicketStorage(), getProxyRetriever()); + } catch (final Exception e) { + logger.warn("Unable parse the JSON response"); + return super.parseResponseFromServer(response); + } + } + + @Override + protected List parseProxiesFromResponse(final String response) { + try { + final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); + return json.getAuthenticationSuccess().getProxies(); + } catch (final Exception e) { + logger.warn("Unable to locate proxies from the JSON response"); + return super.parseProxiesFromResponse(response); + } } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java index 4476296..f53a0be 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java @@ -1,13 +1,10 @@ package org.jasig.cas.client.validation.json; -import org.jasig.cas.client.authentication.AttributePrincipal; -import org.jasig.cas.client.authentication.AttributePrincipalImpl; -import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.client.validation.Assertion; -import org.jasig.cas.client.validation.AssertionImpl; import org.jasig.cas.client.validation.Cas30ServiceTicketValidator; import org.jasig.cas.client.validation.TicketValidationException; +import java.util.Collections; import java.util.Map; /** @@ -27,25 +24,17 @@ public class Cas30JsonServiceTicketValidator extends Cas30ServiceTicketValidator @Override protected Assertion parseResponseFromServer(final String response) throws TicketValidationException { - final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); - final String proxyGrantingTicketIou = json.getAuthenticationSuccess().getProxyGrantingTicket(); - final String proxyGrantingTicket; - if (CommonUtils.isBlank(proxyGrantingTicketIou) || getProxyGrantingTicketStorage() == null) { - proxyGrantingTicket = null; - } else { - proxyGrantingTicket = getProxyGrantingTicketStorage().retrieve(proxyGrantingTicketIou); + try { + final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); + return json.getAssertion(getProxyGrantingTicketStorage(), getProxyRetriever()); + } catch (final Exception e) { + logger.warn("Unable parse the JSON response"); + return super.parseResponseFromServer(response); } + } - final Assertion assertion; - final Map attributes = json.getAuthenticationSuccess().getAttributes(); - final String principal = json.getAuthenticationSuccess().getUser(); - if (CommonUtils.isNotBlank(proxyGrantingTicket)) { - final AttributePrincipal attributePrincipal = new AttributePrincipalImpl(principal, attributes, - proxyGrantingTicket, getProxyRetriever()); - assertion = new AssertionImpl(attributePrincipal); - } else { - assertion = new AssertionImpl(new AttributePrincipalImpl(principal, attributes)); - } - return assertion; + @Override + protected Map extractCustomAttributes(final String xml) { + return Collections.emptyMap(); } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java index 2cf1f05..8d37d15 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java @@ -4,9 +4,6 @@ import com.fasterxml.jackson.databind.ObjectMapper; import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.client.validation.TicketValidationException; -import java.util.List; -import java.util.Map; - /** * This is {@link JsonValidationResponseParser}. * diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java index 75e83af..e806470 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java @@ -1,5 +1,13 @@ package org.jasig.cas.client.validation.json; +import org.jasig.cas.client.authentication.AttributePrincipal; +import org.jasig.cas.client.authentication.AttributePrincipalImpl; +import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage; +import org.jasig.cas.client.proxy.ProxyRetriever; +import org.jasig.cas.client.util.CommonUtils; +import org.jasig.cas.client.validation.Assertion; +import org.jasig.cas.client.validation.AssertionImpl; + import java.util.List; import java.util.Map; @@ -28,6 +36,30 @@ final class TicketValidationJsonResponse { this.authenticationSuccess = authenticationSuccess; } + Assertion getAssertion(final ProxyGrantingTicketStorage proxyGrantingTicketStorage, + final ProxyRetriever proxyRetriever) { + final String proxyGrantingTicketIou = getAuthenticationSuccess().getProxyGrantingTicket(); + final String proxyGrantingTicket; + if (CommonUtils.isBlank(proxyGrantingTicketIou) || proxyGrantingTicketStorage == null) { + proxyGrantingTicket = null; + } else { + proxyGrantingTicket = proxyGrantingTicketStorage.retrieve(proxyGrantingTicketIou); + } + + final Assertion assertion; + final Map attributes = getAuthenticationSuccess().getAttributes(); + final String principal = getAuthenticationSuccess().getUser(); + if (CommonUtils.isNotBlank(proxyGrantingTicket)) { + final AttributePrincipal attributePrincipal = new AttributePrincipalImpl(principal, attributes, + proxyGrantingTicket, proxyRetriever); + assertion = new AssertionImpl(attributePrincipal); + } else { + assertion = new AssertionImpl(new AttributePrincipalImpl(principal, attributes)); + } + return assertion; + } + + static class CasServiceResponseAuthenticationSuccess { private String user; private String proxyGrantingTicket; From 059ec7d527d9818884cae4c93cf061ffd5cc494e Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 17 May 2017 16:31:50 -0700 Subject: [PATCH 05/11] clean up JIRA dependencies so project can compile --- cas-client-integration-atlassian/pom.xml | 131 +++++++++++++++-------- 1 file changed, 86 insertions(+), 45 deletions(-) diff --git a/cas-client-integration-atlassian/pom.xml b/cas-client-integration-atlassian/pom.xml index e9193cb..52cd771 100644 --- a/cas-client-integration-atlassian/pom.xml +++ b/cas-client-integration-atlassian/pom.xml @@ -10,10 +10,11 @@ Jasig CAS Client for Java - Atlassian Integration + atlassian-seraph com.atlassian.seraph - 2.5.1 + 3.0.0 provided jar @@ -50,6 +51,47 @@ spring-context + + atlassian-user + com.atlassian.user + 1.26 + provided + jar + true + + + opensymphony + oscore + + + opensymphony + propertyset + + + commons-logging + commons-logging + + + + ofbcore + ofbcore-jira-entity + + + ofbcore + ofbcore-jira-share + + + log4j + log4j + + + + dom4j + dom4j + + + + atlassian-osuser com.atlassian.osuser @@ -92,10 +134,9 @@ - com.atlassian.confluence confluence - 3.5 + 4.0 provided @@ -652,50 +693,50 @@ com.atlassian.jira jira-core - 4.4 + 4.4.5 provided jar - - com.atlassian.jira - jira-api - - - com.atlassian.multitenant - multitenant-core - - - com.atlassian.multitenant - multitenant-utils - - - com.atlassian.crowd - atlassian-embedded-crowd-ofbiz - - - com.atlassian.crowd - embedded-crowd-core - - - com.atlassian.crowd - embedded-crowd-spi - - - com.atlassian.crowd - crowd-api - - - com.atlassian.crowd - crowd-core - - - com.atlassian.crowd - crowd-integration-api - - - com.atlassian.crowd - crowd-integration-client-rest - + + com.atlassian.jira + jira-api + + + com.atlassian.multitenant + multitenant-core + + + com.atlassian.multitenant + multitenant-utils + + + com.atlassian.crowd + atlassian-embedded-crowd-ofbiz + + + com.atlassian.crowd + embedded-crowd-core + + + com.atlassian.crowd + embedded-crowd-spi + + + com.atlassian.crowd + crowd-api + + + com.atlassian.crowd + crowd-core + + + com.atlassian.crowd + crowd-integration-api + + + com.atlassian.crowd + crowd-integration-client-rest + com.atlassian.crowd crowd-persistence @@ -1371,7 +1412,7 @@ atlassian Atlassian Repository - https://maven.atlassian.com/repository/public + https://maven.atlassian.com/content/repositories/atlassian-public/ From 24f1f9c8149647b5a35ac09997f1315e75ea1a53 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 17 May 2017 16:42:09 -0700 Subject: [PATCH 06/11] clean up JIRA dependencies so project can compile --- cas-client-integration-atlassian/pom.xml | 2551 +++++++++++----------- pom.xml | 1 + 2 files changed, 1286 insertions(+), 1266 deletions(-) diff --git a/cas-client-integration-atlassian/pom.xml b/cas-client-integration-atlassian/pom.xml index 52cd771..e1db904 100644 --- a/cas-client-integration-atlassian/pom.xml +++ b/cas-client-integration-atlassian/pom.xml @@ -1,4 +1,5 @@ - + org.jasig.cas.client 3.4.2-SNAPSHOT @@ -10,7 +11,7 @@ Jasig CAS Client for Java - Atlassian Integration - + atlassian-seraph com.atlassian.seraph @@ -18,33 +19,37 @@ provided jar - - commons-lang - commons-lang - - - log4j - log4j - - - javax.servlet - servlet-api - - - opensymphony - oscore - - - com.atlassian.security - atlassian-secure-random - - - com.atlassian.security - atlassian-cookie-tools - - - true - + + commons-lang + commons-lang + + + log4j + log4j + + + javax.servlet + servlet-api + + + opensymphony + oscore + + + com.atlassian.security + atlassian-secure-random + + + com.atlassian.security + atlassian-cookie-tools + + + commons-logging + commons-logging + + + true + org.springframework @@ -85,13 +90,17 @@ log4j + + commons-logging + commons-logging + dom4j dom4j - + atlassian-osuser com.atlassian.osuser @@ -100,36 +109,36 @@ jar true - - opensymphony - oscore - - - opensymphony - propertyset - - - commons-logging - commons-logging - + + opensymphony + oscore + + + opensymphony + propertyset + + + commons-logging + commons-logging + - - ofbcore - ofbcore-jira-entity - - - ofbcore - ofbcore-jira-share - - - log4j - log4j - + + ofbcore + ofbcore-jira-entity + + + ofbcore + ofbcore-jira-share + + + log4j + log4j + - - dom4j - dom4j - + + dom4j + dom4j + @@ -139,554 +148,554 @@ 4.0 provided - - opensymphony - webwork - - - com.atlassian.crowd - embedded-crowd-api - - - com.atlassian.crowd - crowd-integration-api - - - com.atlassian.crowd - crowd-integration-seraph22 - - - com.atlassian.crowd - embedded-crowd-spi - - - com.atlassian.crowd - crowd-password-encoders - - - com.atlassian.crowd - atlassian-embedded-crowd-atlassian-user - - - com.atlassian.crowd - atlassian-embedded-crowd-hibernate2 - - - com.atlassian.crowd - embedded-crowd-core - - - com.atlassian.crowd - crowd-persistence - - - com.atlassian.crowd - crowd-ldap - - - org.springframework.ldap - spring-ldap-core - - - com.atlassian.confluence - confluence-upgrade - - - com.atlassian.gzipfilter - atlassian-gzipfilter - - - com.atlassian.applinks - applinks-api - - - com.atlassian.applinks - applinks-spi - - - com.atlassian.applinks - applinks-host - - - com.atlassian.util.concurrent - atlassian-util-concurrent - - - com.atlassian.modzdetector - modz-detector - - - com.atlassian.mail - atlassian-mail - - - com.atlassian.velocity - atlassian-velocity - - - com.atlassian.core - atlassian-core - - - com.atlassian.config - atlassian-config - - - com.atlassian.spring - atlassian-spring - - - com.atlassian.confluence - confluence-bucket - - - com.atlassian.xwork - atlassian-xwork-10 - - - com.atlassian.xwork - atlassian-xwork-core - - - com.atlassian.profiling - atlassian-profiling - - - com.atlassian.trackback - atlassian-trackback - - - com.atlassian.extras - atlassian-extras - - - com.atlassian.johnson - atlassian-johnson - - - com.atlassian.plugins - atlassian-plugins-core - - - com.atlassian.plugins - atlassian-plugins-servlet - - - com.atlassian.plugins - atlassian-plugins-webfragment - - - com.atlassian.plugins - atlassian-plugins-webresource - - - com.atlassian.plugins - atlassian-plugins-osgi - - - com.atlassian.plugins - atlassian-plugins-spring - - - com.atlassian.bandana - atlassian-bandana - - - com.atlassian.user - atlassian-user - - - com.atlassian.renderer - atlassian-renderer - - - com.atlassian.bonnie - atlassian-bonnie - - - com.atlassian.jdk.utilities - atlassian-jdk-utilities - - - joda-time - joda-time - - - com.atlassian.seraph - atlassian-seraph - - - com.atlassian.security.auth.trustedapps - atlassian-trusted-apps-core - - - com.atlassian.security.auth.trustedapps - atlassian-trusted-apps-seraph-integration - - - javax.activation - activation - - - log4j - log4j - - - org.slf4j - slf4j-api - - - org.slf4j - slf4j-log4j12 - - - org.slf4j - jul-to-slf4j - - - commons-lang - commons-lang - - - commons-logging - commons-logging - - - commons-io - commons-io - - - commons-beanutils - commons-beanutils - - - commons-fileupload - commons-fileupload - - - org.directwebremoting - dwr - - - hibernate - hibernate - - - cglib - cglib - - - dom4j - dom4j - - - odmg - odmg - - - c3p0 - c3p0 - - - javax.transaction - jta - - - javax.media - jai-core - - - com.sun - jai_codec - - - opensymphony - webwork - - - opensymphony - xwork - - - ognl - ognl - - - opensymphony - oscore - - - oscache - oscache - - - osuser - osuser - - - opensymphony - propertyset - - - org.apache.velocity - velocity - - - javax.servlet - servlet-api - - - javax.mail - mail - - - org.springframework - spring-core - - - org.springframework - spring-web - - - org.springframework - spring-support - - - org.springframework - spring-aop - - - org.springframework - spring-hibernate2 - - - org.springframework - spring-beans - - - org.springframework - spring-jdbc - - - org.springframework - spring-dao - - - org.springframework - spring-jmx - - - com.atlassian.paddle - atlassian-paddle - - - org.aspectj - aspectjweaver - - - net.sf.ldaptemplate - ldaptemplate - - - opensymphony - sitemesh - - - velocity-tools - velocity-tools - - - radeox - radeox - - - org.apache.lucene - lucene-core - - - org.apache.lucene - lucene-analyzers - - - org.apache.lucene - lucene-misc - - - org.apache.lucene - lucene-highlighter - - - commons-digester - commons-digester - - - batik - batik-all - - - net.sourceforge.cssparser - cssparser - - - org.hibernate - jtidy - - - org.quartz-scheduler - quartz - - - org.hsqldb - hsqldb - - - mockobjects - mockobjects-core - - - org.mockito - mockito-all - - - org.springframework - spring-mock - - - rome - rome - - - jdom - jdom - - - commons-jrcs - commons-jrcs - - - commons-httpclient - commons-httpclient - - - xerces - xercesImpl - - - xmlrpc - xmlrpc - - - glue - glue - - - exml - exml - - - axis - axis - - - axis - axis-jaxrpc - - - axis - axis-saaj - - - commons-discovery - commons-discovery - - - commons-codec - commons-codec - - - oro - oro - - - slide - slide - - - com.thoughtworks.xstream - xstream - - - jfree - jfreechart - - - xalan - xalan - - - com.octo.captcha - jcaptcha-all - - - net.java.dev.urlrewrite - urlrewrite - - - commons-collections - commons-collections - - - javax.xml.stream - stax-api - - - org.codehaus.woodstox - wstx-asl - - - org.codehaus.xfire - xfire-core - - - org.codehaus.xfire - xfire-aegis - - - net.jcip - jcip-annotations - - - com.atlassian.cache - atlassian-cache-api - - - com.atlassian.sal - sal-spi - - - com.atlassian.sal - sal-spring - - - com.atlassian.sal - sal-api - - - com.atlassian.cache - atlassian-cache-memory - - - net.sourceforge.findbugs - jsr305 - - - opensymphony - pell-multipart - - - ch.qos.logback - logback-classic - + + opensymphony + webwork + + + com.atlassian.crowd + embedded-crowd-api + + + com.atlassian.crowd + crowd-integration-api + + + com.atlassian.crowd + crowd-integration-seraph22 + + + com.atlassian.crowd + embedded-crowd-spi + + + com.atlassian.crowd + crowd-password-encoders + + + com.atlassian.crowd + atlassian-embedded-crowd-atlassian-user + + + com.atlassian.crowd + atlassian-embedded-crowd-hibernate2 + + + com.atlassian.crowd + embedded-crowd-core + + + com.atlassian.crowd + crowd-persistence + + + com.atlassian.crowd + crowd-ldap + + + org.springframework.ldap + spring-ldap-core + + + com.atlassian.confluence + confluence-upgrade + + + com.atlassian.gzipfilter + atlassian-gzipfilter + + + com.atlassian.applinks + applinks-api + + + com.atlassian.applinks + applinks-spi + + + com.atlassian.applinks + applinks-host + + + com.atlassian.util.concurrent + atlassian-util-concurrent + + + com.atlassian.modzdetector + modz-detector + + + com.atlassian.mail + atlassian-mail + + + com.atlassian.velocity + atlassian-velocity + + + com.atlassian.core + atlassian-core + + + com.atlassian.config + atlassian-config + + + com.atlassian.spring + atlassian-spring + + + com.atlassian.confluence + confluence-bucket + + + com.atlassian.xwork + atlassian-xwork-10 + + + com.atlassian.xwork + atlassian-xwork-core + + + com.atlassian.profiling + atlassian-profiling + + + com.atlassian.trackback + atlassian-trackback + + + com.atlassian.extras + atlassian-extras + + + com.atlassian.johnson + atlassian-johnson + + + com.atlassian.plugins + atlassian-plugins-core + + + com.atlassian.plugins + atlassian-plugins-servlet + + + com.atlassian.plugins + atlassian-plugins-webfragment + + + com.atlassian.plugins + atlassian-plugins-webresource + + + com.atlassian.plugins + atlassian-plugins-osgi + + + com.atlassian.plugins + atlassian-plugins-spring + + + com.atlassian.bandana + atlassian-bandana + + + com.atlassian.user + atlassian-user + + + com.atlassian.renderer + atlassian-renderer + + + com.atlassian.bonnie + atlassian-bonnie + + + com.atlassian.jdk.utilities + atlassian-jdk-utilities + + + joda-time + joda-time + + + com.atlassian.seraph + atlassian-seraph + + + com.atlassian.security.auth.trustedapps + atlassian-trusted-apps-core + + + com.atlassian.security.auth.trustedapps + atlassian-trusted-apps-seraph-integration + + + javax.activation + activation + + + log4j + log4j + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-log4j12 + + + org.slf4j + jul-to-slf4j + + + commons-lang + commons-lang + + + commons-logging + commons-logging + + + commons-io + commons-io + + + commons-beanutils + commons-beanutils + + + commons-fileupload + commons-fileupload + + + org.directwebremoting + dwr + + + hibernate + hibernate + + + cglib + cglib + + + dom4j + dom4j + + + odmg + odmg + + + c3p0 + c3p0 + + + javax.transaction + jta + + + javax.media + jai-core + + + com.sun + jai_codec + + + opensymphony + webwork + + + opensymphony + xwork + + + ognl + ognl + + + opensymphony + oscore + + + oscache + oscache + + + osuser + osuser + + + opensymphony + propertyset + + + org.apache.velocity + velocity + + + javax.servlet + servlet-api + + + javax.mail + mail + + + org.springframework + spring-core + + + org.springframework + spring-web + + + org.springframework + spring-support + + + org.springframework + spring-aop + + + org.springframework + spring-hibernate2 + + + org.springframework + spring-beans + + + org.springframework + spring-jdbc + + + org.springframework + spring-dao + + + org.springframework + spring-jmx + + + com.atlassian.paddle + atlassian-paddle + + + org.aspectj + aspectjweaver + + + net.sf.ldaptemplate + ldaptemplate + + + opensymphony + sitemesh + + + velocity-tools + velocity-tools + + + radeox + radeox + + + org.apache.lucene + lucene-core + + + org.apache.lucene + lucene-analyzers + + + org.apache.lucene + lucene-misc + + + org.apache.lucene + lucene-highlighter + + + commons-digester + commons-digester + + + batik + batik-all + + + net.sourceforge.cssparser + cssparser + + + org.hibernate + jtidy + + + org.quartz-scheduler + quartz + + + org.hsqldb + hsqldb + + + mockobjects + mockobjects-core + + + org.mockito + mockito-all + + + org.springframework + spring-mock + + + rome + rome + + + jdom + jdom + + + commons-jrcs + commons-jrcs + + + commons-httpclient + commons-httpclient + + + xerces + xercesImpl + + + xmlrpc + xmlrpc + + + glue + glue + + + exml + exml + + + axis + axis + + + axis + axis-jaxrpc + + + axis + axis-saaj + + + commons-discovery + commons-discovery + + + commons-codec + commons-codec + + + oro + oro + + + slide + slide + + + com.thoughtworks.xstream + xstream + + + jfree + jfreechart + + + xalan + xalan + + + com.octo.captcha + jcaptcha-all + + + net.java.dev.urlrewrite + urlrewrite + + + commons-collections + commons-collections + + + javax.xml.stream + stax-api + + + org.codehaus.woodstox + wstx-asl + + + org.codehaus.xfire + xfire-core + + + org.codehaus.xfire + xfire-aegis + + + net.jcip + jcip-annotations + + + com.atlassian.cache + atlassian-cache-api + + + com.atlassian.sal + sal-spi + + + com.atlassian.sal + sal-spring + + + com.atlassian.sal + sal-api + + + com.atlassian.cache + atlassian-cache-memory + + + net.sourceforge.findbugs + jsr305 + + + opensymphony + pell-multipart + + + ch.qos.logback + logback-classic + @@ -697,6 +706,10 @@ provided jar + + commons-logging + commons-logging + com.atlassian.jira jira-api @@ -737,666 +750,666 @@ com.atlassian.crowd crowd-integration-client-rest - - com.atlassian.crowd - crowd-persistence - - - com.atlassian.crowd - crowd-events - - - com.atlassian.crowd - crowd-ldap - - - com.atlassian.crowd - crowd-remote - - - com.atlassian.crowd - crowd-server-common - - - com.atlassian.crowd - crowd-password-encoders - - - com.atlassian.security - atlassian-password-encoder - - - org.springframework.security - spring-security-core - - - org.springframework - spring-core - - - org.springframework - spring-beans - - - org.springframework.ldap - spring-ldap-core - - - org.springframework - spring-tx - - - com.atlassian.crowd - crowd-integration-client - - - wsdl4j - wsdl4j - - - org.codehaus.xfire - xfire-core - - - org.codehaus.xfire - xfire-aegis - - - sal-spi - com.atlassian.sal - - - com.atlassian.sal - sal-core - - - com.atlassian.gadgets - atlassian-gadgets-api - - - com.atlassian.gadgets - atlassian-gadgets-spi - - - com.atlassian.oauth - atlassian-oauth-api - - - com.atlassian.p4package - atlassian-p4package - - - com.atlassian.extras - atlassian-extras - - - com.atlassian.cache - atlassian-cache-api - - - com.atlassian.cache - atlassian-cache-memory - - - joda-time - joda-time - - - com.sun - jai_core - - - com.sun - jai_codec - - - commons-lang - commons-lang - - - commons-collections - commons-collections - - - commons-io - commons-io - - - com.atlassian.activeobjects - activeobjects-spi - - - log4j - log4j - - - dom4j - dom4j - - - oro - oro - - - com.atlassian.util.concurrent - atlassian-util-concurrent - - - com.atlassian.profiling - atlassian-profiling - - - org.slf4j - slf4j-api - - - org.slf4j - slf4j-log4j12 - - - org.slf4j - jul-to-slf4j - - - org.slf4j - jcl-over-slf4j - - - com.atlassian.jdk.utilities - atlassian-jdk-utilities - - - com.atlassian.scheduler - atlassian-scheduler - - - com.atlassian.johnson - atlassian-johnson - - - com.atlassian.plugins - atlassian-plugins-core - - - com.atlassian.plugins - atlassian-plugins-servlet - - - com.atlassian.plugins - atlassian-plugins-webfragment - - - com.atlassian.plugins - atlassian-plugins-webresource - - - com.atlassian.plugins - atlassian-plugins-osgi - - - com.atlassian.plugins - atlassian-plugins-osgi-events - - - com.atlassian.seraph - atlassian-seraph - - - com.atlassian.security - atlassian-secure-random - - - com.atlassian.security.auth.trustedapps - atlassian-trusted-apps-core - - - com.atlassian.security.auth.trustedapps - atlassian-trusted-apps-seraph-integration - - - bouncycastle - bcprov-jdk15 - - - com.atlassian.renderer - atlassian-renderer - - - com.atlassian.gzipfilter - atlassian-gzipfilter - - - com.atlassian.event - atlassian-event - - - opensymphony - oscore - - - opensymphony - sitemesh - - - commons-digester - commons-digester - - - commons-beanutils - commons-beanutils - - - commons-configuration - commons-configuration - - - org.apache.lucene - lucene-analyzers - - - velocity - velocity - - - org.apache.velocity - velocity-tools - - - javax.activation - activation - - - javax.mail - mail - - - glue - glue - - - bsf - bsf - - - bsh - bsh - - - com.atlassian.ofbiz - entityengine-share - - - com.atlassian.ofbiz - entityengine - - - csv - csv - - - quartz - quartz - - - picocontainer - picocontainer - - - jzlib - jzlib - - - jsch - jsch - - - com.octo.captcha - jcaptcha - - - com.octo.captcha - jcaptcha-api - - - com.jhlabs - filters - - - javacvs - javacvs - - - statcvs - statcvs - - - commons-dbcp - commons-dbcp - - - commons-pool - commons-pool - - - hsqldb - hsqldb - - - jndi - jndi - - - jta - jta - - - ots-jts - ots-jts - - - jotm - jotm - - - jotm - jotm-jrmp_stubs - - - jotm - jotm-iiop_stubs - - - jotm - jonas_timer - - - jotm - objectweb-datasource - - - carol - carol - - - carol - carol-properties - - - xapool - xapool - - - xml-apis - xml-apis - - - saxon - saxon-noaelfred - - - commons-jelly - commons-jelly - - - commons-jelly - commons-jelly-tags-junit - - - commons-jelly - commons-jelly-tags-util - - - commons-jelly - commons-jelly-tags-email - - - commons-jelly - commons-jelly-tags-log - - - commons-jelly - commons-jelly-tags-http - - - commons-jelly - commons-jelly-tags-soap - - - commons-jelly - commons-jelly-tags-sql - - - commons-jelly - commons-jelly-tags-regexp - - - commons-jexl - commons-jexl - - - commons-httpclient - commons-httpclient - - - commons-codec - commons-codec - - - xmlrpc - xmlrpc - - - axis - axis - - - axis - axis-jaxrpc - - - axis - axis-saaj - - - commons-discovery - commons-discovery - - - xerces - xercesImpl - - - xalan - xalan - - - xml-security - xmlsec - - - datafile - datafile - - - xpp3 - xpp3 - - - com.thoughtworks.xstream - xstream - - - jfree - jfreechart - - - jfree - jcommon - - - net.java.dev.urlrewrite - urlrewrite - - - radeox - radeox - - - jtidy - jtidy - - - jdom - jdom - - - net.sf.ehcache - ehcache - - - org.codehaus.woodstox - wstx-asl - - - javax.servlet - servlet-api - - - javax.servlet - jsp-api - - - com.atlassian.modzdetector - modz-detector - - - org.antlr - antlr-runtime - - - commons-jrcs - commons-jrcs - - - com.google.collections - google-collections - - - com.atlassian.jira - jira-lang-ca_ES - - - com.atlassian.jira - jira-lang-cs_CZ - - - com.atlassian.jira - jira-lang-da_DK - - - com.atlassian.jira - jira-lang-de_CH - - - com.atlassian.jira - jira-lang-de_DE - - - com.atlassian.jira - jira-lang-en_UK - - - com.atlassian.jira - jira-lang-en_US - - - com.atlassian.jira - jira-lang-es_ES - - - com.atlassian.jira - jira-lang-fr_FR - - - com.atlassian.jira - jira-lang-hu_HU - - - com.atlassian.jira - jira-lang-it_IT - - - com.atlassian.jira - jira-lang-ja_JP - - - com.atlassian.jira - jira-lang-nl_BE - - - com.atlassian.jira - jira-lang-no_NO - - - com.atlassian.jira - jira-lang-pl_PL - - - com.atlassian.jira - jira-lang-pt_BR - - - com.atlassian.jira - jira-lang-ru_RU - - - com.atlassian.jira - jira-lang-sk_SK - - - com.atlassian.jira - jira-lang-tr_TR - - - com.atlassian.jira - jira-lang-zh_CN - - - com.atlassian.jira - jira-lang-zh_TW - - - com.google.code.findbugs - jsr305 - - - com.google.code.findbugs - annotations - - - cglib - cglib-nodep - - - com.atlassian.sal - sal-api - - - com.atlassian.applinks - applinks-api - - - com.atlassian.applinks - applinks-spi - - - com.atlassian.applinks - applinks-host - - - rhino - js - + + com.atlassian.crowd + crowd-persistence + + + com.atlassian.crowd + crowd-events + + + com.atlassian.crowd + crowd-ldap + + + com.atlassian.crowd + crowd-remote + + + com.atlassian.crowd + crowd-server-common + + + com.atlassian.crowd + crowd-password-encoders + + + com.atlassian.security + atlassian-password-encoder + + + org.springframework.security + spring-security-core + + + org.springframework + spring-core + + + org.springframework + spring-beans + + + org.springframework.ldap + spring-ldap-core + + + org.springframework + spring-tx + + + com.atlassian.crowd + crowd-integration-client + + + wsdl4j + wsdl4j + + + org.codehaus.xfire + xfire-core + + + org.codehaus.xfire + xfire-aegis + + + sal-spi + com.atlassian.sal + + + com.atlassian.sal + sal-core + + + com.atlassian.gadgets + atlassian-gadgets-api + + + com.atlassian.gadgets + atlassian-gadgets-spi + + + com.atlassian.oauth + atlassian-oauth-api + + + com.atlassian.p4package + atlassian-p4package + + + com.atlassian.extras + atlassian-extras + + + com.atlassian.cache + atlassian-cache-api + + + com.atlassian.cache + atlassian-cache-memory + + + joda-time + joda-time + + + com.sun + jai_core + + + com.sun + jai_codec + + + commons-lang + commons-lang + + + commons-collections + commons-collections + + + commons-io + commons-io + + + com.atlassian.activeobjects + activeobjects-spi + + + log4j + log4j + + + dom4j + dom4j + + + oro + oro + + + com.atlassian.util.concurrent + atlassian-util-concurrent + + + com.atlassian.profiling + atlassian-profiling + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-log4j12 + + + org.slf4j + jul-to-slf4j + + + org.slf4j + jcl-over-slf4j + + + com.atlassian.jdk.utilities + atlassian-jdk-utilities + + + com.atlassian.scheduler + atlassian-scheduler + + + com.atlassian.johnson + atlassian-johnson + + + com.atlassian.plugins + atlassian-plugins-core + + + com.atlassian.plugins + atlassian-plugins-servlet + + + com.atlassian.plugins + atlassian-plugins-webfragment + + + com.atlassian.plugins + atlassian-plugins-webresource + + + com.atlassian.plugins + atlassian-plugins-osgi + + + com.atlassian.plugins + atlassian-plugins-osgi-events + + + com.atlassian.seraph + atlassian-seraph + + + com.atlassian.security + atlassian-secure-random + + + com.atlassian.security.auth.trustedapps + atlassian-trusted-apps-core + + + com.atlassian.security.auth.trustedapps + atlassian-trusted-apps-seraph-integration + + + bouncycastle + bcprov-jdk15 + + + com.atlassian.renderer + atlassian-renderer + + + com.atlassian.gzipfilter + atlassian-gzipfilter + + + com.atlassian.event + atlassian-event + + + opensymphony + oscore + + + opensymphony + sitemesh + + + commons-digester + commons-digester + + + commons-beanutils + commons-beanutils + + + commons-configuration + commons-configuration + + + org.apache.lucene + lucene-analyzers + + + velocity + velocity + + + org.apache.velocity + velocity-tools + + + javax.activation + activation + + + javax.mail + mail + + + glue + glue + + + bsf + bsf + + + bsh + bsh + + + com.atlassian.ofbiz + entityengine-share + + + com.atlassian.ofbiz + entityengine + + + csv + csv + + + quartz + quartz + + + picocontainer + picocontainer + + + jzlib + jzlib + + + jsch + jsch + + + com.octo.captcha + jcaptcha + + + com.octo.captcha + jcaptcha-api + + + com.jhlabs + filters + + + javacvs + javacvs + + + statcvs + statcvs + + + commons-dbcp + commons-dbcp + + + commons-pool + commons-pool + + + hsqldb + hsqldb + + + jndi + jndi + + + jta + jta + + + ots-jts + ots-jts + + + jotm + jotm + + + jotm + jotm-jrmp_stubs + + + jotm + jotm-iiop_stubs + + + jotm + jonas_timer + + + jotm + objectweb-datasource + + + carol + carol + + + carol + carol-properties + + + xapool + xapool + + + xml-apis + xml-apis + + + saxon + saxon-noaelfred + + + commons-jelly + commons-jelly + + + commons-jelly + commons-jelly-tags-junit + + + commons-jelly + commons-jelly-tags-util + + + commons-jelly + commons-jelly-tags-email + + + commons-jelly + commons-jelly-tags-log + + + commons-jelly + commons-jelly-tags-http + + + commons-jelly + commons-jelly-tags-soap + + + commons-jelly + commons-jelly-tags-sql + + + commons-jelly + commons-jelly-tags-regexp + + + commons-jexl + commons-jexl + + + commons-httpclient + commons-httpclient + + + commons-codec + commons-codec + + + xmlrpc + xmlrpc + + + axis + axis + + + axis + axis-jaxrpc + + + axis + axis-saaj + + + commons-discovery + commons-discovery + + + xerces + xercesImpl + + + xalan + xalan + + + xml-security + xmlsec + + + datafile + datafile + + + xpp3 + xpp3 + + + com.thoughtworks.xstream + xstream + + + jfree + jfreechart + + + jfree + jcommon + + + net.java.dev.urlrewrite + urlrewrite + + + radeox + radeox + + + jtidy + jtidy + + + jdom + jdom + + + net.sf.ehcache + ehcache + + + org.codehaus.woodstox + wstx-asl + + + javax.servlet + servlet-api + + + javax.servlet + jsp-api + + + com.atlassian.modzdetector + modz-detector + + + org.antlr + antlr-runtime + + + commons-jrcs + commons-jrcs + + + com.google.collections + google-collections + + + com.atlassian.jira + jira-lang-ca_ES + + + com.atlassian.jira + jira-lang-cs_CZ + + + com.atlassian.jira + jira-lang-da_DK + + + com.atlassian.jira + jira-lang-de_CH + + + com.atlassian.jira + jira-lang-de_DE + + + com.atlassian.jira + jira-lang-en_UK + + + com.atlassian.jira + jira-lang-en_US + + + com.atlassian.jira + jira-lang-es_ES + + + com.atlassian.jira + jira-lang-fr_FR + + + com.atlassian.jira + jira-lang-hu_HU + + + com.atlassian.jira + jira-lang-it_IT + + + com.atlassian.jira + jira-lang-ja_JP + + + com.atlassian.jira + jira-lang-nl_BE + + + com.atlassian.jira + jira-lang-no_NO + + + com.atlassian.jira + jira-lang-pl_PL + + + com.atlassian.jira + jira-lang-pt_BR + + + com.atlassian.jira + jira-lang-ru_RU + + + com.atlassian.jira + jira-lang-sk_SK + + + com.atlassian.jira + jira-lang-tr_TR + + + com.atlassian.jira + jira-lang-zh_CN + + + com.atlassian.jira + jira-lang-zh_TW + + + com.google.code.findbugs + jsr305 + + + com.google.code.findbugs + annotations + + + cglib + cglib-nodep + + + com.atlassian.sal + sal-api + + + com.atlassian.applinks + applinks-api + + + com.atlassian.applinks + applinks-spi + + + com.atlassian.applinks + applinks-host + + + rhino + js + @@ -1414,5 +1427,11 @@ Atlassian Repository https://maven.atlassian.com/content/repositories/atlassian-public/ + + atlassian-3rdparty + Atlassian 3rd Party Repository + https://maven.atlassian.com/3rdparty/ + + diff --git a/pom.xml b/pom.xml index 1a9f4d7..8ea32a7 100644 --- a/pom.xml +++ b/pom.xml @@ -127,6 +127,7 @@ + com.mycila.maven-license-plugin maven-license-plugin From 1e1a0ec5e877a32e777bb8d1fac38a0f2129e365 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 17 May 2017 16:50:13 -0700 Subject: [PATCH 07/11] update readme --- README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index ebdfe9f..5576b8d 100644 --- a/README.md +++ b/README.md @@ -342,7 +342,14 @@ Validates the tickets using the CAS 2.0 protocol. If you provide either the `acc | `hostnameVerifier` | Hostname verifier class name, used when making back-channel calls | No #### org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter -Validates the tickets using the CAS 3.0 protocol. If you provide either the `acceptAnyProxy` or the `allowedProxyChains` parameters, a `Cas30ProxyTicketValidator` will be constructed. Otherwise a general `Cas30ServiceTicketValidator` will be constructed that does not accept proxy tickets. Supports all configurations that are available for `Cas20ProxyReceivingTicketValidationFilter`. +Validates the tickets using the CAS 3.0 protocol. If you provide either the `acceptAnyProxy` or the `allowedProxyChains` parameters, +a `Cas30ProxyTicketValidator` will be constructed. Otherwise a general `Cas30ServiceTicketValidator` will be constructed that does not +accept proxy tickets. Supports all configurations that are available for `Cas20ProxyReceivingTicketValidationFilter`. + +#### org.jasig.cas.client.validation.json.Cas30JsonProxyReceivingTicketValidationFilter +Indentical to `Cas30ProxyReceivingTicketValidationFilter`, yet the filter is able to accept validation responses from CAS +that are formatted as JSON per guidelines laid out by the CAS protocol. See the [protocol documentation](https://apereo.github.io/cas/) +for more info. ##### Proxy Authentication vs. Distributed Caching The client has support for clustering and distributing the TGT state among application nodes that are behind a load balancer. In order to do so, the parameter needs to be defined as such for the filter. From 552b9f9fac45b39a748ac1a073d45418a62f1e95 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Thu, 18 May 2017 12:31:44 -0700 Subject: [PATCH 08/11] Fix test cases with attribute encoding --- .../json/Cas30JsonProxyReceivingTicketValidationFilter.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java index 4fdb0e1..76c9d7e 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyReceivingTicketValidationFilter.java @@ -32,6 +32,4 @@ public class Cas30JsonProxyReceivingTicketValidationFilter extends Cas30ProxyRec this.defaultServiceTicketValidatorClass = Cas30JsonServiceTicketValidator.class; this.defaultProxyTicketValidatorClass = Cas30JsonProxyTicketValidator.class; } - - } From dfb13e5397c5fdf68b389ed3d207435de7f8af89 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Thu, 18 May 2017 14:09:11 -0700 Subject: [PATCH 09/11] add test cases --- .../json/Cas30JsonProxyTicketValidator.java | 7 +- .../json/Cas30JsonServiceTicketValidator.java | 4 +- .../json/JsonValidationResponseParser.java | 18 ++-- .../json/TicketValidationJsonResponse.java | 45 ++++++---- .../Cas30JsonServiceTicketValidatorTests.java | 90 +++++++++++++++++++ 5 files changed, 136 insertions(+), 28 deletions(-) create mode 100644 cas-client-core/src/test/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidatorTests.java diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java index 48ff1f3..0cd5ec0 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonProxyTicketValidator.java @@ -4,6 +4,7 @@ import org.jasig.cas.client.validation.Assertion; import org.jasig.cas.client.validation.Cas30ProxyTicketValidator; import org.jasig.cas.client.validation.TicketValidationException; +import java.util.Collections; import java.util.List; /** @@ -15,7 +16,7 @@ import java.util.List; public class Cas30JsonProxyTicketValidator extends Cas30ProxyTicketValidator { public Cas30JsonProxyTicketValidator(final String casServerUrlPrefix) { super(casServerUrlPrefix); - getCustomParameters().put("format", "JSON"); + setCustomParameters(Collections.singletonMap("format", "JSON")); } @Override @@ -33,9 +34,9 @@ public class Cas30JsonProxyTicketValidator extends Cas30ProxyTicketValidator { protected List parseProxiesFromResponse(final String response) { try { final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); - return json.getAuthenticationSuccess().getProxies(); + return json.getServiceResponse().getAuthenticationSuccess().getProxies(); } catch (final Exception e) { - logger.warn("Unable to locate proxies from the JSON response"); + logger.warn("Unable to locate proxies from the JSON response", e); return super.parseProxiesFromResponse(response); } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java index f53a0be..6b4418d 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java @@ -19,7 +19,7 @@ public class Cas30JsonServiceTicketValidator extends Cas30ServiceTicketValidator public Cas30JsonServiceTicketValidator(final String casServerUrlPrefix) { super(casServerUrlPrefix); - getCustomParameters().put("format", "JSON"); + setCustomParameters(Collections.singletonMap("format", "JSON")); } @Override @@ -28,7 +28,7 @@ public class Cas30JsonServiceTicketValidator extends Cas30ServiceTicketValidator final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); return json.getAssertion(getProxyGrantingTicketStorage(), getProxyRetriever()); } catch (final Exception e) { - logger.warn("Unable parse the JSON response"); + logger.warn("Unable parse the JSON response", e); return super.parseResponseFromServer(response); } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java index 8d37d15..5dd3abd 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java @@ -19,20 +19,26 @@ final class JsonValidationResponseParser { public TicketValidationJsonResponse parse(final String response) throws TicketValidationException { try { + if (CommonUtils.isBlank(response)) { + throw new TicketValidationException("Invalid JSON response; The response is empty"); + } + final TicketValidationJsonResponse json = this.objectMapper.readValue(response, TicketValidationJsonResponse.class); - if (json == null || json.getAuthenticationFailure() != null && json.getAuthenticationSuccess() != null) { - throw new TicketValidationException("Invalid JSON response; either the response is empty or it indicates both a success " + final TicketValidationJsonResponse.CasServiceResponseAuthentication serviceResponse = json.getServiceResponse(); + if (serviceResponse.getAuthenticationFailure() != null + && serviceResponse.getAuthenticationSuccess() != null) { + throw new TicketValidationException("Invalid JSON response; It indicates both a success " + "and a failure event, which is indicative of a server error. The actual response is " + response); } - if (json.getAuthenticationFailure() != null) { - final String error = json.getAuthenticationFailure().getDescription() - + " - " + json.getAuthenticationFailure().getDescription(); + if (serviceResponse.getAuthenticationFailure() != null) { + final String error = json.getServiceResponse().getAuthenticationFailure().getCode() + + " - " + serviceResponse.getAuthenticationFailure().getDescription(); throw new TicketValidationException(error); } - final String principal = json.getAuthenticationSuccess().getUser(); + final String principal = json.getServiceResponse().getAuthenticationSuccess().getUser(); if (CommonUtils.isEmpty(principal)) { throw new TicketValidationException("No principal was found in the response from the CAS server."); } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java index e806470..c880667 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java @@ -17,28 +17,19 @@ import java.util.Map; * @author Misagh Moayyed */ final class TicketValidationJsonResponse { - private CasServiceResponseAuthenticationFailure authenticationFailure; - private CasServiceResponseAuthenticationSuccess authenticationSuccess; + private CasServiceResponseAuthentication serviceResponse; - public CasServiceResponseAuthenticationFailure getAuthenticationFailure() { - return this.authenticationFailure; + public void setServiceResponse(final CasServiceResponseAuthentication serviceResponse) { + this.serviceResponse = serviceResponse; } - public void setAuthenticationFailure(final CasServiceResponseAuthenticationFailure authenticationFailure) { - this.authenticationFailure = authenticationFailure; - } - - public CasServiceResponseAuthenticationSuccess getAuthenticationSuccess() { - return this.authenticationSuccess; - } - - public void setAuthenticationSuccess(final CasServiceResponseAuthenticationSuccess authenticationSuccess) { - this.authenticationSuccess = authenticationSuccess; + public CasServiceResponseAuthentication getServiceResponse() { + return serviceResponse; } Assertion getAssertion(final ProxyGrantingTicketStorage proxyGrantingTicketStorage, final ProxyRetriever proxyRetriever) { - final String proxyGrantingTicketIou = getAuthenticationSuccess().getProxyGrantingTicket(); + final String proxyGrantingTicketIou = getServiceResponse().getAuthenticationSuccess().getProxyGrantingTicket(); final String proxyGrantingTicket; if (CommonUtils.isBlank(proxyGrantingTicketIou) || proxyGrantingTicketStorage == null) { proxyGrantingTicket = null; @@ -47,8 +38,8 @@ final class TicketValidationJsonResponse { } final Assertion assertion; - final Map attributes = getAuthenticationSuccess().getAttributes(); - final String principal = getAuthenticationSuccess().getUser(); + final Map attributes = getServiceResponse().getAuthenticationSuccess().getAttributes(); + final String principal = getServiceResponse().getAuthenticationSuccess().getUser(); if (CommonUtils.isNotBlank(proxyGrantingTicket)) { final AttributePrincipal attributePrincipal = new AttributePrincipalImpl(principal, attributes, proxyGrantingTicket, proxyRetriever); @@ -59,6 +50,26 @@ final class TicketValidationJsonResponse { return assertion; } + static class CasServiceResponseAuthentication { + private CasServiceResponseAuthenticationFailure authenticationFailure; + private CasServiceResponseAuthenticationSuccess authenticationSuccess; + + public CasServiceResponseAuthenticationFailure getAuthenticationFailure() { + return this.authenticationFailure; + } + + public void setAuthenticationFailure(final CasServiceResponseAuthenticationFailure authenticationFailure) { + this.authenticationFailure = authenticationFailure; + } + + public CasServiceResponseAuthenticationSuccess getAuthenticationSuccess() { + return this.authenticationSuccess; + } + + public void setAuthenticationSuccess(final CasServiceResponseAuthenticationSuccess authenticationSuccess) { + this.authenticationSuccess = authenticationSuccess; + } + } static class CasServiceResponseAuthenticationSuccess { private String user; diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidatorTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidatorTests.java new file mode 100644 index 0000000..1163331 --- /dev/null +++ b/cas-client-core/src/test/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidatorTests.java @@ -0,0 +1,90 @@ +package org.jasig.cas.client.validation.json; + +import org.jasig.cas.client.PublicTestHttpServer; +import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage; +import org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl; +import org.jasig.cas.client.proxy.ProxyRetriever; +import org.jasig.cas.client.validation.AbstractTicketValidatorTests; +import org.jasig.cas.client.validation.Assertion; +import org.jasig.cas.client.validation.TicketValidationException; +import org.junit.Before; +import org.junit.Test; +import junit.framework.Assert; + +public class Cas30JsonServiceTicketValidatorTests extends AbstractTicketValidatorTests { + private static final PublicTestHttpServer server = PublicTestHttpServer.instance(8088); + private ProxyGrantingTicketStorage proxyGrantingTicketStorage; + + private Cas30JsonServiceTicketValidator ticketValidator; + + @Before + public void setUp() throws Exception { + this.proxyGrantingTicketStorage = getProxyGrantingTicketStorage(); + this.ticketValidator = new Cas30JsonServiceTicketValidator(CONST_CAS_SERVER_URL_PREFIX + "8088"); + this.ticketValidator.setProxyCallbackUrl("test"); + this.ticketValidator.setProxyGrantingTicketStorage(getProxyGrantingTicketStorage()); + this.ticketValidator.setProxyRetriever(getProxyRetriever()); + this.ticketValidator.setRenew(true); + } + + private ProxyGrantingTicketStorage getProxyGrantingTicketStorage() { + return new ProxyGrantingTicketStorageImpl(); + } + + private ProxyRetriever getProxyRetriever() { + return new ProxyRetriever() { + + /** Unique Id for serialization. */ + private static final long serialVersionUID = 1L; + + public String getProxyTicketIdFor(final String proxyGrantingTicketId, final String targetService) { + return "test"; + } + }; + } + + @Test + public void testSuccessfulJsonResponse() throws Exception { + final String RESPONSE = "{ " + + "\"serviceResponse\" : { " + + "\"authenticationSuccess\" : { " + + "\"user\" : \"casuser\", " + + "\"proxyGrantingTicket\" : \"PGTIOU-84678-8a9d\" ," + + "\"attributes\" : { " + + "\"cn\" : [ \"Name\" ] " + + '}' + + '}' + + '}' + + '}'; + + server.content = RESPONSE.getBytes(server.encoding); + final Assertion assertion = ticketValidator.validate("test", "test"); + Assert.assertEquals(assertion.getPrincipal().getName(), "casuser"); + Assert.assertTrue(assertion.getPrincipal().getAttributes().containsKey("cn")); + } + + @Test(expected = TicketValidationException.class) + public void testFailingJsonResponse() throws Exception { + final String RESPONSE = "{ " + + "\"serviceResponse\" : { " + + "\"authenticationFailure\" : { " + + "\"code\" : \"INVALID_TICKET\", " + + "\"description\" : \"Description\" " + + '}' + + '}' + + '}'; + + server.content = RESPONSE.getBytes(server.encoding); + ticketValidator.validate("test", "test"); + + } + + + @Test + public void testSuccessfulXmlResponseWithJson() throws Exception { + final String RESPONSE = "" + + "testPGTIOU"; + server.content = RESPONSE.getBytes(server.encoding); + ticketValidator.validate("test", "test"); + } +} From e56e0d2aa0831dd6911886045b16059a21941000 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Mon, 22 May 2017 09:19:54 -0700 Subject: [PATCH 10/11] Exclude transaction dependency --- cas-client-integration-atlassian/pom.xml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/cas-client-integration-atlassian/pom.xml b/cas-client-integration-atlassian/pom.xml index e1db904..7404439 100644 --- a/cas-client-integration-atlassian/pom.xml +++ b/cas-client-integration-atlassian/pom.xml @@ -19,6 +19,10 @@ provided jar + + javax.transaction + jta + commons-lang commons-lang @@ -76,7 +80,10 @@ commons-logging commons-logging - + + javax.transaction + jta + ofbcore ofbcore-jira-entity @@ -134,7 +141,10 @@ log4j log4j - + + javax.transaction + jta + dom4j dom4j From ccf8e718b2f25056773c57add0f81c9220e7c959 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Thu, 1 Jun 2017 21:03:51 -0400 Subject: [PATCH 11/11] Apply changes after code review by @serac --- README.md | 3 +- .../json/Cas30JsonServiceTicketValidator.java | 8 ++- .../json/JsonValidationResponseParser.java | 54 +++++++++---------- .../json/TicketValidationJsonResponse.java | 29 +++++----- 4 files changed, 51 insertions(+), 43 deletions(-) diff --git a/README.md b/README.md index 5576b8d..3a39f8a 100644 --- a/README.md +++ b/README.md @@ -348,7 +348,8 @@ accept proxy tickets. Supports all configurations that are available for `Cas20P #### org.jasig.cas.client.validation.json.Cas30JsonProxyReceivingTicketValidationFilter Indentical to `Cas30ProxyReceivingTicketValidationFilter`, yet the filter is able to accept validation responses from CAS -that are formatted as JSON per guidelines laid out by the CAS protocol. See the [protocol documentation](https://apereo.github.io/cas/) +that are formatted as JSON per guidelines laid out by the CAS protocol. +See the [protocol documentation](https://apereo.github.io/cas/5.1.x/protocol/CAS-Protocol-Specification.html) for more info. ##### Proxy Authentication vs. Distributed Caching diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java index 6b4418d..9fee4b3 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/Cas30JsonServiceTicketValidator.java @@ -1,9 +1,11 @@ package org.jasig.cas.client.validation.json; +import com.fasterxml.jackson.core.JsonProcessingException; import org.jasig.cas.client.validation.Assertion; import org.jasig.cas.client.validation.Cas30ServiceTicketValidator; import org.jasig.cas.client.validation.TicketValidationException; +import java.io.IOException; import java.util.Collections; import java.util.Map; @@ -27,9 +29,11 @@ public class Cas30JsonServiceTicketValidator extends Cas30ServiceTicketValidator try { final TicketValidationJsonResponse json = new JsonValidationResponseParser().parse(response); return json.getAssertion(getProxyGrantingTicketStorage(), getProxyRetriever()); - } catch (final Exception e) { - logger.warn("Unable parse the JSON response", e); + } catch (final JsonProcessingException e) { + logger.warn("Unable parse the JSON response. Falling back to XML", e); return super.parseResponseFromServer(response); + } catch (final IOException e) { + throw new TicketValidationException(e.getMessage(), e); } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java index 5dd3abd..c4b58fa 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/JsonValidationResponseParser.java @@ -4,6 +4,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.client.validation.TicketValidationException; +import java.io.IOException; + /** * This is {@link JsonValidationResponseParser}. * @@ -16,35 +18,31 @@ final class JsonValidationResponseParser { this.objectMapper = new ObjectMapper(); this.objectMapper.findAndRegisterModules(); } - - public TicketValidationJsonResponse parse(final String response) throws TicketValidationException { - try { - if (CommonUtils.isBlank(response)) { - throw new TicketValidationException("Invalid JSON response; The response is empty"); - } - final TicketValidationJsonResponse json = this.objectMapper.readValue(response, TicketValidationJsonResponse.class); - - final TicketValidationJsonResponse.CasServiceResponseAuthentication serviceResponse = json.getServiceResponse(); - if (serviceResponse.getAuthenticationFailure() != null - && serviceResponse.getAuthenticationSuccess() != null) { - throw new TicketValidationException("Invalid JSON response; It indicates both a success " - + "and a failure event, which is indicative of a server error. The actual response is " + response); - } - - if (serviceResponse.getAuthenticationFailure() != null) { - final String error = json.getServiceResponse().getAuthenticationFailure().getCode() - + " - " + serviceResponse.getAuthenticationFailure().getDescription(); - throw new TicketValidationException(error); - } - - final String principal = json.getServiceResponse().getAuthenticationSuccess().getUser(); - if (CommonUtils.isEmpty(principal)) { - throw new TicketValidationException("No principal was found in the response from the CAS server."); - } - return json; - } catch (final Exception e) { - throw new RuntimeException("Unable to parse JSON validation response", e); + public TicketValidationJsonResponse parse(final String response) throws TicketValidationException, IOException { + if (CommonUtils.isBlank(response)) { + throw new TicketValidationException("Invalid JSON response; The response is empty"); } + + final TicketValidationJsonResponse json = this.objectMapper.readValue(response, TicketValidationJsonResponse.class); + + final TicketValidationJsonResponse.CasServiceResponseAuthentication serviceResponse = json.getServiceResponse(); + if (serviceResponse.getAuthenticationFailure() != null + && serviceResponse.getAuthenticationSuccess() != null) { + throw new TicketValidationException("Invalid JSON response; It indicates both a success " + + "and a failure event, which is indicative of a server error. The actual response is " + response); + } + + if (serviceResponse.getAuthenticationFailure() != null) { + final String error = json.getServiceResponse().getAuthenticationFailure().getCode() + + " - " + serviceResponse.getAuthenticationFailure().getDescription(); + throw new TicketValidationException(error); + } + + final String principal = json.getServiceResponse().getAuthenticationSuccess().getUser(); + if (CommonUtils.isEmpty(principal)) { + throw new TicketValidationException("No principal was found in the response from the CAS server."); + } + return json; } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java index c880667..84db6e2 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/json/TicketValidationJsonResponse.java @@ -1,5 +1,7 @@ package org.jasig.cas.client.validation.json; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonProperty; import org.jasig.cas.client.authentication.AttributePrincipal; import org.jasig.cas.client.authentication.AttributePrincipalImpl; import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage; @@ -17,9 +19,11 @@ import java.util.Map; * @author Misagh Moayyed */ final class TicketValidationJsonResponse { - private CasServiceResponseAuthentication serviceResponse; + private final CasServiceResponseAuthentication serviceResponse; - public void setServiceResponse(final CasServiceResponseAuthentication serviceResponse) { + @JsonCreator + public TicketValidationJsonResponse(@JsonProperty("serviceResponse") + final CasServiceResponseAuthentication serviceResponse) { this.serviceResponse = serviceResponse; } @@ -51,24 +55,25 @@ final class TicketValidationJsonResponse { } static class CasServiceResponseAuthentication { - private CasServiceResponseAuthenticationFailure authenticationFailure; - private CasServiceResponseAuthenticationSuccess authenticationSuccess; + private final CasServiceResponseAuthenticationFailure authenticationFailure; + private final CasServiceResponseAuthenticationSuccess authenticationSuccess; + + @JsonCreator + public CasServiceResponseAuthentication(@JsonProperty("authenticationFailure") + final CasServiceResponseAuthenticationFailure authenticationFailure, + @JsonProperty("authenticationSuccess") + final CasServiceResponseAuthenticationSuccess authenticationSuccess) { + this.authenticationFailure = authenticationFailure; + this.authenticationSuccess = authenticationSuccess; + } public CasServiceResponseAuthenticationFailure getAuthenticationFailure() { return this.authenticationFailure; } - public void setAuthenticationFailure(final CasServiceResponseAuthenticationFailure authenticationFailure) { - this.authenticationFailure = authenticationFailure; - } - public CasServiceResponseAuthenticationSuccess getAuthenticationSuccess() { return this.authenticationSuccess; } - - public void setAuthenticationSuccess(final CasServiceResponseAuthenticationSuccess authenticationSuccess) { - this.authenticationSuccess = authenticationSuccess; - } } static class CasServiceResponseAuthenticationSuccess {