当前位置: 首页>>代码示例>>Java>>正文

Java Assertion类代码示例

本文整理汇总了Java中org.jasig.cas.client.validation.Assertion的典型用法代码示例。如果您正苦于以下问题:Java Assertion类的具体用法?Java Assertion怎么用?Java Assertion使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


Assertion类属于org.jasig.cas.client.validation包,在下文中一共展示了Assertion类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: buildSamlResponse

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Build saml response.
 *
 * @param response              the response
 * @param request               the request
 * @param authenticationContext the authentication context
 * @param casAssertion          the cas assertion
 * @param binding               the binding
 */
protected void buildSamlResponse(final HttpServletResponse response,
                                 final HttpServletRequest request,
                                 final Pair<AuthnRequest, MessageContext> authenticationContext,
                                 final Assertion casAssertion,
                                 final String binding) {
    final String issuer = SamlIdPUtils.getIssuerFromSamlRequest(authenticationContext.getKey());
    LOGGER.debug("Located issuer [{}] from authentication context", issuer);

    final SamlRegisteredService registeredService = verifySamlRegisteredService(issuer);

    LOGGER.debug("Located SAML metadata for [{}]", registeredService);
    final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor =
            getSamlMetadataFacadeFor(registeredService, authenticationContext.getKey());

    if (!adaptor.isPresent()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
    }
    LOGGER.debug("Preparing SAML response for [{}]", adaptor.get().getEntityId());
    final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
    final AuthnRequest authnRequest = authenticationContext.getKey();
    this.responseBuilder.build(authnRequest, request, response,
            casAssertion, registeredService, facade, binding);
    LOGGER.info("Built the SAML response for [{}]", facade.getEntityId());
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:34,代码来源:AbstractSamlProfileHandlerController.java

示例2: handleFederationRequest

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Handle federation request.
 *
 * @param response the response
 * @param request  the request
 * @return the model and view
 * @throws Exception the exception
 */
@GetMapping(path = WSFederationConstants.ENDPOINT_FEDERATION_REQUEST_CALLBACK)
protected ModelAndView handleFederationRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
    final WSFederationRequest fedRequest = WSFederationRequest.of(request);
    LOGGER.debug("Received callback profile request [{}]", request.getRequestURI());
    final WSFederationRegisteredService service = findAndValidateFederationRequestForRegisteredService(response, request, fedRequest);
    LOGGER.debug("Located matching service [{}]", service);

    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    if (StringUtils.isBlank(ticket)) {
        LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
        return new ModelAndView(CasWebflowConstants.VIEW_ID_ERROR, new HashMap<>(), HttpStatus.FORBIDDEN);
    }

    final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, fedRequest);
    SecurityToken securityToken = getSecurityTokenFromRequest(request);
    if (securityToken == null) {
        LOGGER.debug("No security token is yet available. Invoking security token service to issue token");
        securityToken = validateSecurityTokenInAssertion(assertion, request, response);
    }
    addSecurityTokenTicketToRegistry(request, securityToken);
    final String rpToken = produceRelyingPartyToken(response, request, fedRequest, securityToken, assertion);
    return postResponseBackToRelyingParty(rpToken, fedRequest);
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:32,代码来源:WSFederationValidateRequestCallbackController.java

示例3: handleCallbackProfileRequest

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Handle callback profile request.
 *
 * @param response the response
 * @param request  the request
 * @throws Exception the exception
 */
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {

    LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
    final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
    if (authnRequest == null) {
        LOGGER.error("Can not validate the request because the original Authn request can not be found.");
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }

    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    if (StringUtils.isBlank(ticket)) {
        LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return;
    }

    final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
    final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
    buildSamlResponse(response, request, authenticationContext, assertion, SAMLConstants.SAML2_POST_BINDING_URI);
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:30,代码来源:SSOPostProfileCallbackHandlerController.java

示例4: validateRequestAndBuildCasAssertion

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response,
                                                      final HttpServletRequest request,
                                                      final Pair<AuthnRequest, MessageContext> pair) throws Exception {
    final AuthnRequest authnRequest = pair.getKey();
    final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
    final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);

    final HttpsURLConnectionFactory factory = new HttpsURLConnectionFactory();
    factory.setHostnameVerifier(this.hostnameVerifier);
    validator.setURLConnectionFactory(factory);
    
    validator.setRenew(authnRequest.isForceAuthn());
    final String serviceUrl = constructServiceUrl(request, response, pair);
    LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
    final Assertion assertion = validator.validate(ticket, serviceUrl);
    logCasValidationAssertion(assertion);
    return assertion;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:19,代码来源:SSOPostProfileCallbackHandlerController.java

示例5: finalizeNameId

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Finalize name id name id.
 *
 * @param nameid               the nameid
 * @param authnRequest         the authn request
 * @param assertion            the assertion
 * @param supportedNameFormats the supported name formats
 * @param service              the service
 * @param adaptor              the adaptor
 * @return the name id
 */
protected NameID finalizeNameId(final NameID nameid,
                                final AuthnRequest authnRequest,
                                final Assertion assertion,
                                final List<String> supportedNameFormats,
                                final SamlRegisteredService service,
                                final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
    
    if (StringUtils.isNotBlank(service.getNameIdQualifier())) {
        nameid.setNameQualifier(service.getNameIdQualifier());
    }
    if (StringUtils.isNotBlank(service.getServiceProviderNameIdQualifier())) {
        nameid.setNameQualifier(service.getServiceProviderNameIdQualifier());
    }

    return nameid;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:28,代码来源:SamlProfileSamlNameIdBuilder.java

示例6: encodeNameIdBasedOnNameFormat

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Encode name id based on name format name id.
 *
 * @param authnRequest the authn request
 * @param assertion    the assertion
 * @param nameFormat   the name format
 * @param service      the service
 * @param adaptor      the adaptor
 * @return the name id
 */
protected NameID encodeNameIdBasedOnNameFormat(final AuthnRequest authnRequest,
                                               final Assertion assertion,
                                               final String nameFormat,
                                               final SamlRegisteredService service,
                                               final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
    try {
        final IdPAttribute attribute = prepareNameIdAttribute(assertion);
        final SAML2StringNameIDEncoder encoder = prepareNameIdEncoder(authnRequest, nameFormat, attribute, service, adaptor);
        LOGGER.debug("Encoding NameID based on [{}]", nameFormat);
        final NameID nameid = encoder.encode(attribute);
        LOGGER.debug("Final NameID encoded with format [{}] has value [{}]", nameid.getFormat(), nameid.getValue());
        return nameid;
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return null;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:28,代码来源:SamlProfileSamlNameIdBuilder.java

示例7: buildAttributeStatement

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
private AttributeStatement buildAttributeStatement(final Assertion assertion,
                                                   final AuthnRequest authnRequest,
                                                   final SamlRegisteredService service,
                                                   final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
    final Map<String, Object> attributes = new HashMap<>(assertion.getAttributes());
    attributes.putAll(assertion.getPrincipal().getAttributes());
    final Map<String, Object> encodedAttrs = this.samlAttributeEncoder.encodeAttributes(attributes, service);

    final SamlIdPProperties.Response resp = casProperties.getAuthn().getSamlIdp().getResponse();
    final Map<String, String> nameFormats = new HashMap<>(resp.configureAttributeNameFormats());
    nameFormats.putAll(service.getAttributeNameFormats());
    
    return newAttributeStatement(encodedAttrs,
            resp.isUseAttributeFriendlyName(),
            nameFormats);
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:17,代码来源:SamlProfileSamlAttributeStatementBuilder.java

示例8: buildAuthnStatement

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Creates an authentication statement for the current request.
 *
 * @param assertion    the assertion
 * @param authnRequest the authn request
 * @param adaptor      the adaptor
 * @param service      the service
 * @return constructed authentication statement
 * @throws SamlException the saml exception
 */
private AuthnStatement buildAuthnStatement(final Assertion assertion, final AuthnRequest authnRequest,
                                           final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                                           final SamlRegisteredService service) throws SamlException {

    final String authenticationMethod = this.authnContextClassRefBuilder.build(assertion, authnRequest, adaptor, service);
    final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
    final AuthnStatement statement = newAuthnStatement(authenticationMethod, DateTimeUtils.zonedDateTimeOf(assertion.getAuthenticationDate()), id);
    if (assertion.getValidUntilDate() != null) {
        final ZonedDateTime dt = DateTimeUtils.zonedDateTimeOf(assertion.getValidUntilDate());
        statement.setSessionNotOnOrAfter(
                DateTimeUtils.dateTimeOf(dt.plusSeconds(casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance())));
    }
    statement.setSubjectLocality(buildSubjectLocality(assertion, authnRequest, adaptor));
    return statement;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:SamlProfileSamlAuthNStatementBuilder.java

示例9: buildSubject

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
private Subject buildSubject(final HttpServletRequest request,
                             final HttpServletResponse response,
                             final AuthnRequest authnRequest,
                             final Assertion assertion,
                             final SamlRegisteredService service,
                             final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                             final String binding) throws SamlException {
    final NameID nameID = this.ssoPostProfileSamlNameIdBuilder.build(authnRequest, request, response, 
            assertion, service, adaptor, binding);
    final ZonedDateTime validFromDate = ZonedDateTime.ofInstant(assertion.getValidFromDate().toInstant(), ZoneOffset.UTC);

    final AssertionConsumerService acs = adaptor.getAssertionConsumerService(binding);
    if (acs == null) {
        throw new IllegalArgumentException("Failed to locate the assertion consumer service url");
    }

    final String location = StringUtils.isBlank(acs.getResponseLocation()) ? acs.getLocation() : acs.getResponseLocation();
    final Subject subject = newSubject(nameID.getFormat(), nameID.getValue(),
            location, validFromDate.plusSeconds(this.skewAllowance), authnRequest.getID());
    subject.setNameID(nameID);
    return subject;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:23,代码来源:SamlProfileSamlSubjectBuilder.java

示例10: build

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
@Override
public String build(final Assertion assertion, final AuthnRequest authnRequest,
                    final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                    final SamlRegisteredService service) {
    final RequestedAuthnContext requestedAuthnContext = authnRequest.getRequestedAuthnContext();
    if (requestedAuthnContext == null) {
        LOGGER.debug("No specific authN context is requested. Returning [{}]", AuthnContext.UNSPECIFIED_AUTHN_CTX);
        return AuthnContext.UNSPECIFIED_AUTHN_CTX;
    }
    final List<AuthnContextClassRef> authnContextClassRefs = requestedAuthnContext.getAuthnContextClassRefs();
    if (authnContextClassRefs == null || authnContextClassRefs.isEmpty()) {
        LOGGER.debug("Requested authN context class ref is unspecified. Returning [{}]", AuthnContext.UNSPECIFIED_AUTHN_CTX);
        return AuthnContext.UNSPECIFIED_AUTHN_CTX;
    }
    LOGGER.debug("AuthN Context comparison is requested to use [{}]", requestedAuthnContext.getComparison());
    authnContextClassRefs.forEach(authnContextClassRef -> LOGGER.debug("Requested AuthN Context [{}]", authnContextClassRef.getAuthnContextClassRef()));
    if (StringUtils.isNotBlank(service.getRequiredAuthenticationContextClass())) {
        LOGGER.debug("Using [{}] as indicated by SAML registered service [{}]",
                service.getRequiredAuthenticationContextClass(),
                service.getName());
        return service.getRequiredAuthenticationContextClass();
    }
    LOGGER.debug("Returning default AuthN Context [{}]", AuthnContext.PPT_AUTHN_CTX);
    return AuthnContext.PPT_AUTHN_CTX;
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:DefaultAuthnContextClassRefBuilder.java

示例11: loadUserDetails

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
protected UserDetails loadUserDetails(Assertion assertion) {
    String username = assertion.getPrincipal().getName();
    if (!StringUtils.hasText(username)) {
        throw new UsernameNotFoundException("Unable to retrieve username from CAS assertion");
    }

    List<GrantedAuthority> authorities = Arrays
            .stream(attributes)
            .map(a -> assertion.getPrincipal().getAttributes().get(a))
            .filter(Objects::nonNull)
            .flatMap(v -> (v instanceof Collection) ? ((Collection<?>) v).stream() : Stream.of(v))
            .map(v -> toUppercase ? v.toString().toUpperCase() : v.toString())
            .map(r -> r.replaceFirst("^ROLE_", ""))
            .map(r -> new SimpleGrantedAuthority("ROLE_" + r))
            .collect(Collectors.toList());

    authorities.addAll(defaultGrantedAuthorities);

    return new User(username, NON_EXISTENT_PASSWORD_VALUE, authorities);
}
开发者ID:kakawait,项目名称:cas-security-spring-boot-starter,代码行数:21,代码来源:GrantedAuthoritiesFromAssertionAttributesWithDefaultRolesUserDetailsService.java

示例12: getAttributePrincipalName

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Gets the attribute principal name.
 * 
 * @param assertion the assertion
 * 
 * @return the attribute principal name
 */
public static String getAttributePrincipalName(Assertion assertion) {

    AttributePrincipal attributePrincipal = AssertionUtils.getAttributePrincipal(assertion);

    String name = "";

    if (attributePrincipal != null) {
        name = attributePrincipal.getName();
    }
    return name;
}
开发者ID:clstoulouse,项目名称:motu,代码行数:19,代码来源:AssertionUtils.java

示例13: addCASTicket

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Adds the cas ticket.
 * 
 * @param targetService the target service
 * @param username the username
 * @param password the password
 * @param casRestUrlSuffix the cas rest url suffix
 * 
 * @return the string
 * @throws IOException
 * 
 * @throws MotuException the motu exception
 * @throws IOException Signals that an I/O exception has occurred.
 * @throws MotuCasBadRequestException
 */
public static String addCASTicket(String targetService, String username, String password, String casRestUrlSuffix, boolean useAssertion)
        throws IOException, MotuCasBadRequestException {
    LOG.debug("addCASTicket(String, String, String, String) - entering: (" + username + ") " + targetService);

    String returnString = targetService;
    String casRestUrlSuffixToUse = casRestUrlSuffix;

    Assertion assertion = null;
    if (useAssertion) {
        assertion = AssertionHolder.getAssertion();
    }
    if (assertion != null) {
        returnString = AssertionUtils.addCASTicket(assertion, targetService);
    } else if (!AssertionUtils.isNullOrEmpty(username)) {
        if (AssertionUtils.isNullOrEmpty(casRestUrlSuffixToUse)) {
            casRestUrlSuffixToUse = RestUtil.CAS_REST_URL_SUFFIX;
        }
        returnString = AssertionUtils.addCASTicketFromTGT(casRestUrlSuffixToUse, username, password, targetService);
    }

    LOG.debug("addCASTicket(String, String, String, String) - exiting: (" + username + ") " + targetService);
    return returnString;

}
开发者ID:clstoulouse,项目名称:motu,代码行数:40,代码来源:AssertionUtils.java

示例14: getAttributePrincipal

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
/**
 * Gets the attribute principal.
 * 
 * @param assertion the assertion
 * 
 * @return the attribute principal
 */
public static AttributePrincipal getAttributePrincipal(Assertion assertion) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("getAttributePrincipal(Assertion) - entering");
    }

    if (assertion == null) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("getAttributePrincipal(Assertion) - exiting");
        }
        return null;
    }

    AttributePrincipal returnAttributePrincipal = assertion.getPrincipal();
    if (LOG.isDebugEnabled()) {
        LOG.debug("getAttributePrincipal(Assertion) - exiting");
    }
    return returnAttributePrincipal;
}
开发者ID:clstoulouse,项目名称:motu,代码行数:26,代码来源:AssertionUtils.java

示例15: validateTicket

import org.jasig.cas.client.validation.Assertion; //导入依赖的package包/类
public final static Assertion validateTicket(String ticket, String legacyServerServiceUrl) {
    // AttributePrincipal principal = null;
    String casServerUrl = casServerUrlPrefix;
    Cas20ProxyTicketValidator pv = new Cas20ProxyTicketValidator(casServerUrl);
    // pv.setAcceptAnyProxy(true);
    // pv.setProxyCallbackUrl("https://atoll-dev.cls.fr:8443/mywebapp/proxyCallback");

    // pv.setProxyGrantingTicketStorage(new ProxyGrantingTicketStorageImpl());
    // pv.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix));
    pv.setRenew(false);

    Assertion assertion = null;
    try {
        // there is no need, that the legacy application is accessible
        // through this URL. But for validation purpose, even a non-web-app
        // needs a valid looking URL as identifier.
        // String legacyServerServiceUrl = "http://otherserver/legacy/service";
        assertion = pv.validate(ticket, legacyServerServiceUrl);
        // principal = a.getPrincipal();
        // System.out.println("user name:" + principal.getName());
    } catch (TicketValidationException e) {
        e.printStackTrace(); // bad style, but only for demonstration purpose.
    }
    return assertion;
}
开发者ID:clstoulouse,项目名称:motu,代码行数:26,代码来源:TestCASRest.java


注:本文中的org.jasig.cas.client.validation.Assertion类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。