GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Refactored up an AuthoritiesPopulator and DaoAuthoritiesPopulator from functionality in the cas provider. This interface and impl are well suited for use in the openid provider, and possibly in the sitemesh provider.

2.0.x
Ray Krueger 18 years ago
parent
e90498c4f7
commit
66f73897e6
10 changed files with 137 additions and 426 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 52
      core/src/main/java/org/springframework/security/providers/AuthoritiesPopulator.java
  2. 40
      core/src/main/java/org/springframework/security/providers/DaoAuthoritiesPopulator.java
  3. 38
      core/src/main/java/org/springframework/security/providers/cas/CasAuthoritiesPopulator.java
  4. 40
      core/src/main/java/org/springframework/security/providers/cas/populator/DaoCasAuthoritiesPopulator.java
  5. 130
      sandbox/openid/pom.xml
  6. 18
      sandbox/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java
  7. 201
      sandbox/openid/src/main/java/org/springframework/security/ui/openid/consumers/JanRainOpenIDConsumer.java
  8. 6
      sandbox/openid/src/test/java/org/springframework/security/providers/openid/MockAuthoritiesPopulator.java
  9. 28
      sandbox/openid/src/test/java/org/springframework/security/providers/openid/OpenIDAuthenticationProviderTests.java
  10. 10
      sandbox/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java

52
core/src/main/java/org/springframework/security/providers/AuthoritiesPopulator.java
Unescape View File

@ -0,0 +1,52 @@
package org.springframework.security.providers;
import org.springframework.security.AuthenticationException;
import org.springframework.security.userdetails.UserDetails;
/**
* Populates the <code>UserDetails</code> associated with a CAS authenticated
* user.
*
* <p>
* Intended to grant authorities (roles) for providers that do not support
* authorities/roles directly. It merely authenticates their identity.
* As Spring Security needs to know the authorities granted to a user in
* order to construct a valid <code>Authentication</code> object, implementations
* of this interface will provide this information.
* </p>
*
* <p>
* A {@link UserDetails} is returned by implementations. The
* <code>UserDetails</code> must, at minimum, contain the username and
* <code>GrantedAuthority[]</code> objects applicable to the authenticated
* user. Note that Spring Security ignores the password and enabled/disabled
* status of the <code>UserDetails</code> because this is
* authentication-related and should have been enforced by another provider server. The
* <code>UserDetails</code> returned by implementations is stored in the
* generated <code>AuthenticationToken</code>, so additional properties
* such as email addresses, telephone numbers etc can easily be stored.
* </p>
*
* <p>
* Implementations should not perform any caching. They will only be called
* when a refresh is required.
* </p>
*
* @author Ben Alex
* @author Ray Krueger
* @version $Id$
*/
public interface AuthoritiesPopulator {
/**
* Obtains the granted authorities for the specified user.<P>May throw any
* <code>AuthenticationException</code> or return <code>null</code> if the authorities are unavailable.</p>
*
* @param casUserId as obtained from the CAS validation service
*
* @return the details of the indicated user (at minimum the granted authorities and the username)
*
* @throws org.springframework.security.AuthenticationException DOCUMENT ME!
*/
UserDetails getUserDetails(String casUserId)
throws AuthenticationException;
}

40
core/src/main/java/org/springframework/security/providers/DaoAuthoritiesPopulator.java
Unescape View File

@ -0,0 +1,40 @@
package org.springframework.security.providers;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.AuthenticationException;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.util.Assert;
/**
* Populates the CAS authorities via an {@link org.springframework.security.userdetails.UserDetailsService}.<P>The additional information (username,
* password, enabled status etc) an <code>AuthenticationDao</code> implementation provides about a <code>User</code>
* is ignored. Only the <code>GrantedAuthority</code>s are relevant to this class.</p>
*
* @author Ben Alex
* @version $Id$
*/
public class DaoAuthoritiesPopulator implements AuthoritiesPopulator, InitializingBean {
//~ Instance fields ================================================================================================
private UserDetailsService userDetailsService;
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
}
public UserDetails getUserDetails(String casUserId)
throws AuthenticationException {
return this.userDetailsService.loadUserByUsername(casUserId);
}
public UserDetailsService getUserDetailsService() {
return userDetailsService;
}
public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService;
}
}

38
core/src/main/java/org/springframework/security/providers/cas/CasAuthoritiesPopulator.java
Unescape View File

@ -15,14 +15,19 @@
package org.springframework.security.providers.cas; package org.springframework.security.providers.cas;
import org.springframework.security.AuthenticationException; import org.springframework.security.providers.AuthoritiesPopulator;
import org.springframework.security.userdetails.UserDetails;
/** /**
* <p>
* <i>Backwards compatible extension to the {@link AuthoritiesPopulator} interface.
* This interface has usefulness outside of the CAS usecase. Thus, the {@link AuthoritiesPopulator}
* interface was refactored in.</i>
* </p>
* <p>
* Populates the <code>UserDetails</code> associated with a CAS authenticated * Populates the <code>UserDetails</code> associated with a CAS authenticated
* user. * user.
* </p>
* *
* <p> * <p>
* CAS does not provide the authorities (roles) granted to a user. It merely * CAS does not provide the authorities (roles) granted to a user. It merely
@ -33,18 +38,6 @@ import org.springframework.security.userdetails.UserDetails;
* </p> * </p>
* *
* <p> * <p>
* A {@link UserDetails} is returned by implementations. The
* <code>UserDetails</code> must, at minimum, contain the username and
* <code>GrantedAuthority[]</code> objects applicable to the CAS-authenticated
* user. Note that Spring Security ignores the password and enabled/disabled
* status of the <code>UserDetails</code> because this is
* authentication-related and should have been enforced by the CAS server. The
* <code>UserDetails</code> returned by implementations is stored in the
* generated <code>CasAuthenticationToken</code>, so additional properties
* such as email addresses, telephone numbers etc can easily be stored.
* </p>
*
* <p>
* Implementations should not perform any caching. They will only be called * Implementations should not perform any caching. They will only be called
* when a refresh is required. * when a refresh is required.
* </p> * </p>
@ -52,19 +45,6 @@ import org.springframework.security.userdetails.UserDetails;
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public interface CasAuthoritiesPopulator { public interface CasAuthoritiesPopulator extends AuthoritiesPopulator {
//~ Methods ========================================================================================================
/**
* Obtains the granted authorities for the specified user.<P>May throw any
* <code>AuthenticationException</code> or return <code>null</code> if the authorities are unavailable.</p>
*
* @param casUserId as obtained from the CAS validation service
*
* @return the details of the indicated user (at minimum the granted authorities and the username)
*
* @throws AuthenticationException DOCUMENT ME!
*/
UserDetails getUserDetails(String casUserId)
throws AuthenticationException;
} }

40
core/src/main/java/org/springframework/security/providers/cas/populator/DaoCasAuthoritiesPopulator.java
Unescape View File

@ -15,47 +15,21 @@
package org.springframework.security.providers.cas.populator; package org.springframework.security.providers.cas.populator;
import org.springframework.security.AuthenticationException;
import org.springframework.security.providers.cas.CasAuthoritiesPopulator;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.providers.DaoAuthoritiesPopulator;
import org.springframework.util.Assert;
/** /**
* Populates the CAS authorities via an {@link UserDetailsService}.<P>The additional information (username, * Backwards compatible placeholder.
* password, enabled status etc) an <code>AuthenticationDao</code> implementation provides about a <code>User</code> * This class will be removed, use {@link DaoAuthoritiesPopulator} instead.
* is ignored. Only the <code>GrantedAuthority</code>s are relevant to this class.</p> *
* * @deprecated Use {@link org.springframework.security.providers.DaoAuthoritiesPopulator}
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class DaoCasAuthoritiesPopulator implements CasAuthoritiesPopulator, InitializingBean { public class DaoCasAuthoritiesPopulator extends DaoAuthoritiesPopulator implements InitializingBean {
//~ Instance fields ================================================================================================
private UserDetailsService userDetailsService;
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
Assert.notNull(this.userDetailsService, "A UserDetailsService must be set"); super.afterPropertiesSet();
}
public UserDetails getUserDetails(String casUserId)
throws AuthenticationException {
return this.userDetailsService.loadUserByUsername(casUserId);
}
public UserDetailsService getUserDetailsService() {
return userDetailsService;
}
public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService;
} }
} }

130
sandbox/openid/pom.xml
Unescape View File

@ -11,6 +11,7 @@
<description>Spring Security - Support for OpenID</description> <description>Spring Security - Support for OpenID</description>
<version>0.1-SNAPSHOT</version> <version>0.1-SNAPSHOT</version>
<!--
<repositories> <repositories>
<repository> <repository>
<id>AcegiMaven</id> <id>AcegiMaven</id>
@ -21,6 +22,7 @@
</releases> </releases>
</repository> </repository>
</repositories> </repositories>
-->
<dependencies> <dependencies>
<dependency> <dependency>
@ -41,18 +43,9 @@
<dependency> <dependency>
<groupId>org.openid4java</groupId> <groupId>org.openid4java</groupId>
<artifactId>openid4java</artifactId> <artifactId>openid4java</artifactId>
<version>0.9.2</version> <version>0.9.3</version>
</dependency>
<dependency>
<groupId>com.janrain</groupId>
<artifactId>Janrain-Openid</artifactId>
<version>20070226</version>
</dependency>
<dependency>
<groupId>gnu</groupId>
<artifactId>libidn</artifactId>
<version>0.6.3</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.apache.geronimo.specs</groupId> <groupId>org.apache.geronimo.specs</groupId>
<artifactId>geronimo-servlet_2.4_spec</artifactId> <artifactId>geronimo-servlet_2.4_spec</artifactId>
@ -60,122 +53,7 @@
<scope>compile</scope> <scope>compile</scope>
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<!--
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.4</version>
<scope>provided</scope>
</dependency>
-->
<!--openid4java dependencies-->
<!--
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.3</version>
</dependency>
<dependency>
<groupId>commons-httpclient</groupId>
<artifactId>commons-httpclient</artifactId>
<version>3.0.1</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1</version>
</dependency>
<dependency>
<groupId>org.htmlparser</groupId>
<artifactId>htmlparser</artifactId>
<version>1.6</version>
</dependency>
<dependency>
<groupId>com.ibm.icu</groupId>
<artifactId>icu4j</artifactId>
<version>3.4.4</version>
</dependency>
<dependency>
<groupId>jug</groupId>
<artifactId>jug</artifactId>
<version>1.1</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.14</version>
</dependency>
<dependency>
<groupId>org.openxri</groupId>
<artifactId>openxri-client</artifactId>
<version>1.0.1</version>
<scope>system</scope>
<systemPath>${basedir}/lib/openxri-client.jar</systemPath>
</dependency>
<dependency>
<groupId>org.openxri</groupId>
<artifactId>openxri-syntax</artifactId>
<version>1.0.1</version>
<scope>system</scope>
<systemPath>${basedir}/lib/openxri-syntax.jar</systemPath>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring</artifactId>
<version>2.0.3</version>
</dependency>
<dependency>
<groupId>xml-security</groupId>
<artifactId>xmlsec</artifactId>
<version>1.3.0</version>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>jdom</groupId>
<artifactId>jdom</artifactId>
<version>1.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>jetty</groupId>
<artifactId>jetty</artifactId>
<version>6.0.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>6.0.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>xerces</groupId>
<artifactId>xercesImpl</artifactId>
<version>2.8.1</version>
<scope>test</scope>
</dependency>
-->
</dependencies> </dependencies>
<!--This doesn't even exist...-->
<!--
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>jalopy-maven-plugin</artifactId>
<version>1.0-SNAPSHOT</version>
<configuration>
<convention>../../jalopy.xml</convention>
<failOnError>false</failOnError>
</configuration>
</plugin>
</plugins>
</build>
-->
</project> </project>

18
sandbox/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java
Unescape View File

@ -14,18 +14,14 @@
*/ */
package org.springframework.security.providers.openid; package org.springframework.security.providers.openid;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.Authentication; import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException; import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException; import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.BadCredentialsException; import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.AuthenticationProvider; import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.cas.CasAuthoritiesPopulator; import org.springframework.security.providers.AuthoritiesPopulator;
import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetails;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -37,12 +33,12 @@ import org.springframework.util.Assert;
public class OpenIDAuthenticationProvider implements AuthenticationProvider, InitializingBean { public class OpenIDAuthenticationProvider implements AuthenticationProvider, InitializingBean {
//~ Instance fields ================================================================================================ //~ Instance fields ================================================================================================
private CasAuthoritiesPopulator ssoAuthoritiesPopulator; private AuthoritiesPopulator authoritiesPopulator;
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
Assert.notNull(this.ssoAuthoritiesPopulator, "The ssoAuthoritiesPopulator must be set"); Assert.notNull(this.authoritiesPopulator, "The authoritiesPopulator must be set");
} }
/* (non-Javadoc) /* (non-Javadoc)
@ -69,7 +65,7 @@ public class OpenIDAuthenticationProvider implements AuthenticationProvider, Ini
*/ */
// Lookup user details // Lookup user details
UserDetails userDetails = this.ssoAuthoritiesPopulator.getUserDetails(response.getIdentityUrl()); UserDetails userDetails = this.authoritiesPopulator.getUserDetails(response.getIdentityUrl());
authentication = new OpenIDAuthenticationToken(userDetails.getAuthorities(), response.getStatus(), authentication = new OpenIDAuthenticationToken(userDetails.getAuthorities(), response.getStatus(),
response.getIdentityUrl()); response.getIdentityUrl());
@ -92,8 +88,8 @@ public class OpenIDAuthenticationProvider implements AuthenticationProvider, Ini
return null; return null;
} }
public void setSsoAuthoritiesPopulator(CasAuthoritiesPopulator ssoAuthoritiesPopulator) { public void setAuthoritiesPopulator(AuthoritiesPopulator authoritiesPopulator) {
this.ssoAuthoritiesPopulator = ssoAuthoritiesPopulator; this.authoritiesPopulator = authoritiesPopulator;
} }
/* (non-Javadoc) /* (non-Javadoc)

201
sandbox/openid/src/main/java/org/springframework/security/ui/openid/consumers/JanRainOpenIDConsumer.java
Unescape View File

@ -1,201 +0,0 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.ui.openid.consumers;
import com.janrain.openid.consumer.AuthRequest;
import com.janrain.openid.consumer.Consumer;
import com.janrain.openid.consumer.ErrorResponse;
import com.janrain.openid.consumer.Response;
import com.janrain.openid.consumer.StatusCode;
import com.janrain.openid.store.OpenIDStore;
import org.springframework.security.providers.openid.OpenIDAuthenticationStatus;
import org.springframework.security.providers.openid.OpenIDAuthenticationToken;
import org.springframework.security.ui.openid.OpenIDConstants;
import org.springframework.security.ui.openid.OpenIDConsumer;
import org.springframework.security.ui.openid.OpenIDConsumerException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
/**
* OpenIDConsumer implementation using the JanRain OpenID library
*
* @author Robin Bramley, Opsera Ltd
* @version $Id:$
*/
public class JanRainOpenIDConsumer implements OpenIDConsumer, InitializingBean {
//~ Static fields/initializers =====================================================================================
private static final String SAVED_ID_SESSION_KEY = "savedId";
//~ Instance fields ================================================================================================
private OpenIDStore store;
private String returnToUrl = "j_spring_openid_security_check";
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(this.store, "An OpenIDStore must be set on the store property");
}
/* (non-Javadoc)
* @see org.springframework.security.ui.openid.OpenIDConsumer#beginConsumption(java.lang.String)
*/
public String beginConsumption(HttpServletRequest req, String identityUrl, String returnToUrl)
throws OpenIDConsumerException {
// fetch/create a session Map for the consumer's use
HttpSession session = req.getSession();
Map sessionMap = (Map) session.getAttribute(OpenIDConstants.OPENID_SESSION_MAP_KEY);
if (sessionMap == null) {
sessionMap = new HashMap();
session.setAttribute(OpenIDConstants.OPENID_SESSION_MAP_KEY, sessionMap);
}
Consumer openIdConsumer = new Consumer(sessionMap, store);
// Create an Authrequest object from the submitted value
AuthRequest ar;
try {
ar = openIdConsumer.begin(identityUrl);
} catch (IOException ioe) {
req.getSession().setAttribute(SAVED_ID_SESSION_KEY, escapeAttr(identityUrl));
throw new OpenIDConsumerException("Error on begin consumption for " + identityUrl, ioe);
}
// construct trust root and return to URLs.
String port = "";
if (req.getServerPort() != 80) {
port = ":" + req.getServerPort();
}
String trustRoot = req.getScheme() + "://" + req.getServerName() + port + "/";
String cp = req.getContextPath();
if (!cp.equals("")) {
cp = cp.substring(1) + "/";
}
String returnTo = trustRoot + cp + this.returnToUrl;
// send the user the redirect url to proceed with OpenID authentication
return ar.redirectUrl(trustRoot, returnTo);
}
/* (non-Javadoc)
* @see org.springframework.security.ui.openid.OpenIDConsumer#endConsumption(javax.servlet.http.HttpServletRequest)
*/
public OpenIDAuthenticationToken endConsumption(HttpServletRequest req)
throws OpenIDConsumerException {
HttpSession session = req.getSession();
Map sessionMap = (Map) session.getAttribute(OpenIDConstants.OPENID_SESSION_MAP_KEY);
if (sessionMap == null) {
sessionMap = new HashMap();
session.setAttribute(OpenIDConstants.OPENID_SESSION_MAP_KEY, sessionMap);
}
// get a Consumer instance
Consumer openIdConsumer = new Consumer(sessionMap, store);
// convert the argument map into the form the library uses with a handy
// convenience function
Map query = Consumer.filterArgs(req.getParameterMap());
// Check the arguments to see what the response was.
Response response = openIdConsumer.complete(query);
String message = "";
OpenIDAuthenticationStatus status;
StatusCode statusCode = response.getStatus();
if (statusCode == StatusCode.CANCELLED) {
status = OpenIDAuthenticationStatus.CANCELLED;
} else if (statusCode == StatusCode.ERROR) {
status = OpenIDAuthenticationStatus.ERROR;
message = ((ErrorResponse) response).getMessage();
} else if (statusCode == StatusCode.FAILURE) {
status = OpenIDAuthenticationStatus.FAILURE;
} else if (statusCode == StatusCode.SETUP_NEEDED) {
status = OpenIDAuthenticationStatus.SETUP_NEEDED;
} else if (statusCode == StatusCode.SUCCESS) {
status = OpenIDAuthenticationStatus.SUCCESS;
} else {
// unknown status code
throw new OpenIDConsumerException("Unknown response status " + statusCode.toString());
}
return new OpenIDAuthenticationToken(status, response.getIdentityUrl(), message);
}
/*
* This method escapes characters in a string that can cause problems in
* HTML
*/
private String escapeAttr(String s) {
if (s == null) {
return "";
}
StringBuffer result = new StringBuffer();
for (int i = 0; i < s.length(); i++) {
char c = s.charAt(i);
if (c == '<') {
result.append("&lt;");
} else if (c == '>') {
result.append("&gt;");
} else if (c == '&') {
result.append("&amp;");
} else if (c == '\"') {
result.append("&quot;");
} else if (c == '\'') {
result.append("&#039;");
} else if (c == '\\') {
result.append("&#092;");
} else {
result.append(c);
}
}
return result.toString();
}
public void setReturnToUrl(String returnToUrl) {
this.returnToUrl = returnToUrl;
}
// dependency injection
public void setStore(OpenIDStore store) {
this.store = store;
}
}

6
sandbox/openid/src/test/java/org/springframework/security/providers/openid/MockAuthoritiesPopulator.java
Unescape View File

@ -17,9 +17,7 @@ package org.springframework.security.providers.openid;
import org.springframework.security.AuthenticationException; import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority; import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl; import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.AuthoritiesPopulator;
import org.springframework.security.providers.cas.CasAuthoritiesPopulator;
import org.springframework.security.userdetails.User; import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetails;
@ -29,7 +27,7 @@ import org.springframework.security.userdetails.UserDetails;
* *
* @author Robin Bramley, Opsera Ltd * @author Robin Bramley, Opsera Ltd
*/ */
public class MockAuthoritiesPopulator implements CasAuthoritiesPopulator { public class MockAuthoritiesPopulator implements AuthoritiesPopulator {
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
public UserDetails getUserDetails(String ssoUserId) public UserDetails getUserDetails(String ssoUserId)

28
sandbox/openid/src/test/java/org/springframework/security/providers/openid/OpenIDAuthenticationProviderTests.java
Unescape View File

@ -15,11 +15,9 @@
package org.springframework.security.providers.openid; package org.springframework.security.providers.openid;
import junit.framework.TestCase; import junit.framework.TestCase;
import org.springframework.security.Authentication; import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationServiceException; import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.BadCredentialsException; import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken; import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
@ -40,7 +38,7 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testAuthenticateCancel() { public void testAuthenticateCancel() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.CANCELLED, USERNAME, ""); Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.CANCELLED, USERNAME, "");
@ -59,7 +57,7 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testAuthenticateError() { public void testAuthenticateError() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.ERROR, USERNAME, ""); Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.ERROR, USERNAME, "");
@ -78,7 +76,7 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testAuthenticateFailure() { public void testAuthenticateFailure() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, USERNAME, ""); Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, USERNAME, "");
@ -97,7 +95,7 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testAuthenticateSetupNeeded() { public void testAuthenticateSetupNeeded() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SETUP_NEEDED, USERNAME, ""); Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SETUP_NEEDED, USERNAME, "");
@ -116,7 +114,7 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testAuthenticateSuccess() { public void testAuthenticateSuccess() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, USERNAME, ""); Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, USERNAME, "");
@ -135,14 +133,14 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
assertTrue(((OpenIDAuthenticationToken) postAuth).getMessage() == null); assertTrue(((OpenIDAuthenticationToken) postAuth).getMessage() == null);
} }
public void testDetectsMissingAuthoritiesPopulator() { public void testDetectsMissingAuthoritiesPopulator() throws Exception {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
try { try {
provider.afterPropertiesSet(); provider.afterPropertiesSet();
fail("Should have thrown Exception"); fail("Should have thrown Exception");
} catch (Exception expected) { } catch (IllegalArgumentException expected) {
assertEquals("The ssoAuthoritiesPopulator must be set", expected.getMessage()); //ignored
} }
} }
@ -151,7 +149,7 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testDoesntSupport() { public void testDoesntSupport() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
assertFalse(provider.supports(UsernamePasswordAuthenticationToken.class)); assertFalse(provider.supports(UsernamePasswordAuthenticationToken.class));
} }
@ -161,7 +159,7 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testIgnoresUserPassAuthToken() { public void testIgnoresUserPassAuthToken() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(USERNAME, "password"); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(USERNAME, "password");
assertEquals(null, provider.authenticate(token)); assertEquals(null, provider.authenticate(token));
@ -172,17 +170,17 @@ public class OpenIDAuthenticationProviderTests extends TestCase {
*/ */
public void testSupports() { public void testSupports() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
assertTrue(provider.supports(OpenIDAuthenticationToken.class)); assertTrue(provider.supports(OpenIDAuthenticationToken.class));
} }
public void testValidation() throws Exception { public void testValidation() throws Exception {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setSsoAuthoritiesPopulator(new MockAuthoritiesPopulator()); provider.setAuthoritiesPopulator(new MockAuthoritiesPopulator());
provider.afterPropertiesSet(); provider.afterPropertiesSet();
provider.setSsoAuthoritiesPopulator(null); provider.setAuthoritiesPopulator(null);
try { try {
provider.afterPropertiesSet(); provider.afterPropertiesSet();

10
sandbox/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java
Unescape View File

@ -15,21 +15,17 @@
package org.springframework.security.ui.openid; package org.springframework.security.ui.openid;
import junit.framework.TestCase; import junit.framework.TestCase;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.AbstractAuthenticationManager; import org.springframework.security.AbstractAuthenticationManager;
import org.springframework.security.Authentication; import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException; import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException; import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.AuthoritiesPopulator;
import org.springframework.security.providers.cas.CasAuthoritiesPopulator;
import org.springframework.security.providers.openid.MockAuthoritiesPopulator; import org.springframework.security.providers.openid.MockAuthoritiesPopulator;
import org.springframework.security.providers.openid.OpenIDAuthenticationStatus; import org.springframework.security.providers.openid.OpenIDAuthenticationStatus;
import org.springframework.security.providers.openid.OpenIDAuthenticationToken; import org.springframework.security.providers.openid.OpenIDAuthenticationToken;
import org.springframework.security.ui.openid.consumers.MockOpenIDConsumer; import org.springframework.security.ui.openid.consumers.MockOpenIDConsumer;
import org.springframework.mock.web.MockHttpServletRequest;
/** /**
* Tests {@link OpenIDResponseProcessingFilter} * Tests {@link OpenIDResponseProcessingFilter}
@ -113,7 +109,7 @@ public class OpenIDResponseProcessingFilterTests extends TestCase {
// private mock AuthenticationManager // private mock AuthenticationManager
private class MockOpenIDAuthenticationManager extends AbstractAuthenticationManager { private class MockOpenIDAuthenticationManager extends AbstractAuthenticationManager {
private CasAuthoritiesPopulator ssoAuthoritiesPopulator; private AuthoritiesPopulator ssoAuthoritiesPopulator;
private boolean grantAccess = true; private boolean grantAccess = true;
public MockOpenIDAuthenticationManager(boolean grantAccess) { public MockOpenIDAuthenticationManager(boolean grantAccess) {

Write Preview
Loading…
Cancel
Save