TouchInstinct
/
java-cas-client
306
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: TouchInstinct:master
Branches Tags
TouchInstinct:master
TouchInstinct:feature/skip-internal-validation
TouchInstinct:4.0-devel
TouchInstinct:3.5.x
TouchInstinct:urlenc-queryparams
TouchInstinct:Frontchannel-slo
TouchInstinct:Include-Patterns
TouchInstinct:Redundant-GroupId
TouchInstinct:Skew-assertion-date
TouchInstinct:Refact
TouchInstinct:Tostring
TouchInstinct:Dyna-Filters
TouchInstinct:assertionval
TouchInstinct:remove-lang
TouchInstinct:conditional-opensaml-init
TouchInstinct:3.2.x
TouchInstinct:jaas-unique-principal
TouchInstinct:cas-client-3.6.1
TouchInstinct:cas-client-3.6.0
TouchInstinct:cas-client-3.5.1
TouchInstinct:cas-client-3.5.0
TouchInstinct:cas-client-3.4.1
TouchInstinct:cas-client-3.4.0
TouchInstinct:cas-client-3.2.2
TouchInstinct:cas-client-3.3.3
TouchInstinct:cas-client-3.3.2
TouchInstinct:cas-client-3.3.1
TouchInstinct:v3.3.0
TouchInstinct:v3.2.1
TouchInstinct:v3.2.0
TouchInstinct:v3.1.12
TouchInstinct:v3.1.11
TouchInstinct:v3.1.10
TouchInstinct:v3.1.9
TouchInstinct:v3.1.8
TouchInstinct:v3.1.7
TouchInstinct:v3.1.6
TouchInstinct:v3.1.5
TouchInstinct:v3.1.4
TouchInstinct:v3.1.3
TouchInstinct:v3.1.3.3-RC3
TouchInstinct:v3.1.3.2-RC2
TouchInstinct:v3.1.3.1-RC1
TouchInstinct:v3.1.2
TouchInstinct:v3.1.1
TouchInstinct:v3.1.0
TouchInstinct:v3.1.0.3-RC3
TouchInstinct:v3.1.0.2-RC2
TouchInstinct:v3.1.0.1-RC1
TouchInstinct:v3.1.0.1-M1
TouchInstinct:v3.0.0
TouchInstinct:v3.0.0.2-RC2
TouchInstinct:v3.0.0.1-RC1
...
pull from: TouchInstinct:assertionval
Branches Tags
TouchInstinct:feature/skip-internal-validation
TouchInstinct:master
TouchInstinct:4.0-devel
TouchInstinct:3.5.x
TouchInstinct:urlenc-queryparams
TouchInstinct:Frontchannel-slo
TouchInstinct:Include-Patterns
TouchInstinct:Redundant-GroupId
TouchInstinct:Skew-assertion-date
TouchInstinct:Refact
TouchInstinct:Tostring
TouchInstinct:Dyna-Filters
TouchInstinct:assertionval
TouchInstinct:remove-lang
TouchInstinct:conditional-opensaml-init
TouchInstinct:3.2.x
TouchInstinct:jaas-unique-principal
TouchInstinct:cas-client-3.6.1
TouchInstinct:cas-client-3.6.0
TouchInstinct:cas-client-3.5.1
TouchInstinct:cas-client-3.5.0
TouchInstinct:cas-client-3.4.1
TouchInstinct:cas-client-3.4.0
TouchInstinct:cas-client-3.2.2
TouchInstinct:cas-client-3.3.3
TouchInstinct:cas-client-3.3.2
TouchInstinct:cas-client-3.3.1
TouchInstinct:v3.3.0
TouchInstinct:v3.2.1
TouchInstinct:v3.2.0
TouchInstinct:v3.1.12
TouchInstinct:v3.1.11
TouchInstinct:v3.1.10
TouchInstinct:v3.1.9
TouchInstinct:v3.1.8
TouchInstinct:v3.1.7
TouchInstinct:v3.1.6
TouchInstinct:v3.1.5
TouchInstinct:v3.1.4
TouchInstinct:v3.1.3
TouchInstinct:v3.1.3.3-RC3
TouchInstinct:v3.1.3.2-RC2
TouchInstinct:v3.1.3.1-RC1
TouchInstinct:v3.1.2
TouchInstinct:v3.1.1
TouchInstinct:v3.1.0
TouchInstinct:v3.1.0.3-RC3
TouchInstinct:v3.1.0.2-RC2
TouchInstinct:v3.1.0.1-RC1
TouchInstinct:v3.1.0.1-M1
TouchInstinct:v3.0.0
TouchInstinct:v3.0.0.2-RC2
TouchInstinct:v3.0.0.1-RC1

1 Commits
master ... assertionv

Author SHA1 Message Date
Misagh Moayyed 70665e57bb no message 2015-11-08 15:21:52 -07:00
8 changed files with 164 additions and 4 deletions
Show Stats Expand all files Collapse all files

36
cas-client-core/src/main/java/org/jasig/cas/client/configuration/BaseConfigurationStrategy.java
View File

@ -23,6 +23,10 @@ import org.jasig.cas.client.util.ReflectUtils;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
/** /**
* Base class to provide most of the boiler-plate code (i.e. checking for proper values, returning defaults, etc. * Base class to provide most of the boiler-plate code (i.e. checking for proper values, returning defaults, etc.
* *
@ -77,6 +81,38 @@ public abstract class BaseConfigurationStrategy implements ConfigurationStrategy
}); });
} }
public <T> Collection<? extends T> getCollection(final ConfigurationKey<Collection<? extends T>> configurationKey) {
return getValue(configurationKey, new Parser<Collection<? extends T>>() {
public Collection<? extends T> parse(final String value) {
try {
final String[] values = value.split(",");
final Set<T> collection = new HashSet<T>();
for (final String singleValue : values) {
Object objValue = CommonUtils.parseDouble(singleValue);
if (objValue != null) {
collection.add((T) objValue);
continue;
}
objValue = CommonUtils.parseLong(singleValue);
if (objValue != null) {
collection.add((T) objValue);
continue;
}
objValue = CommonUtils.parseClass(singleValue);
if (objValue != null) {
collection.add((T) objValue);
continue;
}
collection.add((T) singleValue);
}
return collection;
} catch (final IllegalArgumentException e) {
return configurationKey.getDefaultValue();
}
}
});
}
private <T> T getValue(final ConfigurationKey<T> configurationKey, final Parser<T> parser) { private <T> T getValue(final ConfigurationKey<T> configurationKey, final Parser<T> parser) {
final String value = getWithCheck(configurationKey); final String value = getWithCheck(configurationKey);

3
cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationKeys.java
View File

@ -24,9 +24,11 @@ import org.jasig.cas.client.authentication.DefaultGatewayResolverImpl;
import org.jasig.cas.client.authentication.GatewayResolver; import org.jasig.cas.client.authentication.GatewayResolver;
import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage; import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage;
import org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl; import org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl;
import org.jasig.cas.client.validation.AssertionValidator;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator; import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HostnameVerifier;
import java.util.Collection;
/** /**
* Holder interface for all known configuration keys. * Holder interface for all known configuration keys.
@ -51,6 +53,7 @@ public interface ConfigurationKeys {
ConfigurationKey<Boolean> GATEWAY = new ConfigurationKey<Boolean>("gateway", Boolean.FALSE); ConfigurationKey<Boolean> GATEWAY = new ConfigurationKey<Boolean>("gateway", Boolean.FALSE);
ConfigurationKey<Class<? extends AuthenticationRedirectStrategy>> AUTHENTICATION_REDIRECT_STRATEGY_CLASS = new ConfigurationKey<Class<? extends AuthenticationRedirectStrategy>>("authenticationRedirectStrategyClass", null); ConfigurationKey<Class<? extends AuthenticationRedirectStrategy>> AUTHENTICATION_REDIRECT_STRATEGY_CLASS = new ConfigurationKey<Class<? extends AuthenticationRedirectStrategy>>("authenticationRedirectStrategyClass", null);
ConfigurationKey<Class<? extends GatewayResolver>> GATEWAY_STORAGE_CLASS = new ConfigurationKey<Class<? extends GatewayResolver>>("gatewayStorageClass", DefaultGatewayResolverImpl.class); ConfigurationKey<Class<? extends GatewayResolver>> GATEWAY_STORAGE_CLASS = new ConfigurationKey<Class<? extends GatewayResolver>>("gatewayStorageClass", DefaultGatewayResolverImpl.class);
ConfigurationKey<Collection<Class<? extends AssertionValidator>>> ASSERTION_VALIDATOR_CLASS = new ConfigurationKey<Collection<Class<? extends AssertionValidator>>>("assertionValidatorClasses");
ConfigurationKey<String> CAS_SERVER_URL_PREFIX = new ConfigurationKey<String>("casServerUrlPrefix", null); ConfigurationKey<String> CAS_SERVER_URL_PREFIX = new ConfigurationKey<String>("casServerUrlPrefix", null);
ConfigurationKey<String> ENCODING = new ConfigurationKey<String>("encoding", null); ConfigurationKey<String> ENCODING = new ConfigurationKey<String>("encoding", null);
ConfigurationKey<Long> TOLERANCE = new ConfigurationKey<Long>("tolerance", 1000L); ConfigurationKey<Long> TOLERANCE = new ConfigurationKey<Long>("tolerance", 1000L);

10
cas-client-core/src/main/java/org/jasig/cas/client/configuration/ConfigurationStrategy.java
View File

@ -20,6 +20,7 @@ package org.jasig.cas.client.configuration;
import javax.servlet.Filter; import javax.servlet.Filter;
import javax.servlet.FilterConfig; import javax.servlet.FilterConfig;
import java.util.Collection;
/** /**
* Abstraction to allow for pluggable methods for retrieving filter configuration. * Abstraction to allow for pluggable methods for retrieving filter configuration.
@ -69,6 +70,15 @@ public interface ConfigurationStrategy {
*/ */
<T> Class<? extends T> getClass(ConfigurationKey<Class<? extends T>> configurationKey); <T> Class<? extends T> getClass(ConfigurationKey<Class<? extends T>> configurationKey);
/**
* Retrieves the value for the provided {@param configurationKey}, falling back to the {@param configurationKey}'s
* {@link ConfigurationKey#getDefaultValue()} if nothing can be found.
*
* @param configurationKey the configuration key. MUST NOT BE NULL.
* @return the configured value, or the default value.
*/
<T> Collection<? extends T> getCollection(ConfigurationKey<Collection<? extends T>> configurationKey);
/** /**
* Initializes the strategy. This must be called before calling any of the "get" methods. * Initializes the strategy. This must be called before calling any of the "get" methods.
* *

8
cas-client-core/src/main/java/org/jasig/cas/client/util/AbstractConfigurationFilter.java
View File

@ -28,6 +28,8 @@ import org.jasig.cas.client.configuration.ConfigurationStrategyName;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import java.util.Collection;
/** /**
* Abstracts out the ability to configure the filters from the initial properties provided. * Abstracts out the ability to configure the filters from the initial properties provided.
* *
@ -45,7 +47,7 @@ public abstract class AbstractConfigurationFilter implements Filter {
private ConfigurationStrategy configurationStrategy; private ConfigurationStrategy configurationStrategy;
public void init(FilterConfig filterConfig) throws ServletException { public void init(final FilterConfig filterConfig) throws ServletException {
final String configurationStrategyName = filterConfig.getServletContext().getInitParameter(CONFIGURATION_STRATEGY_KEY); final String configurationStrategyName = filterConfig.getServletContext().getInitParameter(CONFIGURATION_STRATEGY_KEY);
this.configurationStrategy = ReflectUtils.newInstance(ConfigurationStrategyName.resolveToConfigurationStrategy(configurationStrategyName)); this.configurationStrategy = ReflectUtils.newInstance(ConfigurationStrategyName.resolveToConfigurationStrategy(configurationStrategyName));
this.configurationStrategy.init(filterConfig, getClass()); this.configurationStrategy.init(filterConfig, getClass());
@ -71,6 +73,10 @@ public abstract class AbstractConfigurationFilter implements Filter {
return this.configurationStrategy.getClass(configurationKey); return this.configurationStrategy.getClass(configurationKey);
} }
protected final <T> Collection<?> getCollection(final ConfigurationKey<Collection<?>> configurationKey) {
return this.configurationStrategy.getCollection(configurationKey);
}
public final void setIgnoreInitConfiguration(final boolean ignoreInitConfiguration) { public final void setIgnoreInitConfiguration(final boolean ignoreInitConfiguration) {
this.ignoreInitConfiguration = ignoreInitConfiguration; this.ignoreInitConfiguration = ignoreInitConfiguration;
} }

24
cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java
View File

@ -201,6 +201,30 @@ public final class CommonUtils {
} }
} }
public static Double parseDouble(final String value) {
try {
return Double.parseDouble(value);
} catch (final Exception e) {
return null;
}
}
public static Long parseLong(final String value) {
try {
return Long.parseLong(value);
} catch (final Exception e) {
return null;
}
}
public static Class parseClass(final String value) {
try {
return Class.forName(value);
} catch (final Exception e) {
return null;
}
}
public static void readAndRespondToProxyReceptorRequest(final HttpServletRequest request, public static void readAndRespondToProxyReceptorRequest(final HttpServletRequest request,
final HttpServletResponse response, final ProxyGrantingTicketStorage proxyGrantingTicketStorage) final HttpServletResponse response, final ProxyGrantingTicketStorage proxyGrantingTicketStorage)
throws IOException { throws IOException {

31
cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java
View File

@ -20,6 +20,9 @@ package org.jasig.cas.client.validation;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Properties; import java.util.Properties;
import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HostnameVerifier;
import javax.servlet.*; import javax.servlet.*;
@ -27,6 +30,8 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.jasig.cas.client.Protocol; import org.jasig.cas.client.Protocol;
import org.jasig.cas.client.authentication.GatewayResolver;
import org.jasig.cas.client.configuration.ConfigurationKey;
import org.jasig.cas.client.configuration.ConfigurationKeys; import org.jasig.cas.client.configuration.ConfigurationKeys;
import org.jasig.cas.client.util.AbstractCasFilter; import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.client.util.CommonUtils;
@ -52,6 +57,9 @@ import org.jasig.cas.client.util.ReflectUtils;
*/ */
public abstract class AbstractTicketValidationFilter extends AbstractCasFilter { public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
/** Assertion validator instance. Default is to do nothing. */
private List<AssertionValidator> assertionValidators = new ArrayList<AssertionValidator>();
/** The TicketValidator we will use to validate tickets. */ /** The TicketValidator we will use to validate tickets. */
private TicketValidator ticketValidator; private TicketValidator ticketValidator;
@ -138,6 +146,16 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
} }
setTicketValidator(getTicketValidator(filterConfig)); setTicketValidator(getTicketValidator(filterConfig));
final ConfigurationKey key = ConfigurationKeys.ASSERTION_VALIDATOR_CLASS;
final Collection<Class<? extends AssertionValidator>> assertionValidatorClasses = getCollection(key);
for (final Class<? extends AssertionValidator> assertionValidatorClass : assertionValidatorClasses) {
this.
}
if (assertionValidatorClass != null) {
}
super.initInternal(filterConfig); super.initInternal(filterConfig);
} }
@ -166,8 +184,8 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
* if ticket validation succeeds. This method is called after all ValidationFilter processing required for a successful authentication * if ticket validation succeeds. This method is called after all ValidationFilter processing required for a successful authentication
* occurs. * occurs.
* *
* @param request the HttpServletRequest. * @param request the HttpServletRequest.
* @param response the HttpServletResponse. * @param response the HttpServletResponse.
* @param assertion the successful Assertion from the server. * @param assertion the successful Assertion from the server.
*/ */
protected void onSuccessfulValidation(final HttpServletRequest request, final HttpServletResponse response, protected void onSuccessfulValidation(final HttpServletRequest request, final HttpServletResponse response,
@ -204,6 +222,11 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
final Assertion assertion = this.ticketValidator.validate(ticket, final Assertion assertion = this.ticketValidator.validate(ticket,
constructServiceUrl(request, response)); constructServiceUrl(request, response));
if (this.assertionValidator != null) {
logger.debug("Validating assertion via {}", this.assertionValidator);
this.assertionValidator.validate(assertion);
}
logger.debug("Successfully authenticated user: {}", assertion.getPrincipal().getName()); logger.debug("Successfully authenticated user: {}", assertion.getPrincipal().getName());
request.setAttribute(CONST_CAS_ASSERTION, assertion); request.setAttribute(CONST_CAS_ASSERTION, assertion);
@ -252,4 +275,8 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
public final void setUseSession(final boolean useSession) { public final void setUseSession(final boolean useSession) {
this.useSession = useSession; this.useSession = useSession;
} }
public void setAssertionValidators(final List<AssertionValidator> assertionValidators) {
this.assertionValidators = assertionValidators;
}
} }

37
cas-client-core/src/main/java/org/jasig/cas/client/validation/AssertionValidationException.java Normal file
View File

@ -0,0 +1,37 @@
package org.jasig.cas.client.validation;
/**
* Thrown when assertion validation fails.
*
* @author Misagh Moayyed
*/
public class AssertionValidationException extends TicketValidationException {
private static final long serialVersionUID = 6304299836257355593L;
/**
* Constructs an exception with the supplied message.
*
* @param string the message
*/
public AssertionValidationException(final String string) {
super(string);
}
/**
* Constructs an exception with the supplied message and chained throwable.
*
* @param string the message
* @param throwable the original exception
*/
public AssertionValidationException(final String string, final Throwable throwable) {
super(string, throwable);
}
/**
* Constructs an exception with the chained throwable.
* @param throwable the original exception.
*/
public AssertionValidationException(final Throwable throwable) {
super(throwable);
}
}

17
cas-client-core/src/main/java/org/jasig/cas/client/validation/AssertionValidator.java Normal file
View File

@ -0,0 +1,17 @@
package org.jasig.cas.client.validation;
/**
* Executes additional proceesses on the retrieved assertion
* to ensure compliance with the application requirements.
*
* @author Misagh Moayyed
*/
public interface AssertionValidator {
/**
* Validate the given assertion.
* @param assertion retrieved and constructed once the ticket is validated.
* @throws AssertionValidationException throws on failures
*/
void validate(Assertion assertion) throws AssertionValidationException;
}