hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 1 Activity

add CAS authentication #138

Merged
hsh-michaelhoennig merged 24 commits from feature/add-cas-authentication into master 2024-12-23 12:49:46 +01:00
Conversation 0 Commits 24 Files Changed 50 +9 -6
2 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 2c1a5f5933 - Show all commits

5
src/main/java/net/hostsharing/hsadminng/config/CasAuthenticator.java
View File

@ -31,12 +31,13 @@ public class CasAuthenticator implements Authenticator {
final var doc = DocumentBuilderFactory.newInstance().newDocumentBuilder() final var doc = DocumentBuilderFactory.newInstance().newDocumentBuilder()
.parse(new java.io.ByteArrayInputStream(response.getBytes())); .parse(new java.io.ByteArrayInputStream(response.getBytes()));
if ( doc.getElementsByTagName("cas:authenticationSuccess").getLength() == 0 ) { if (doc.getElementsByTagName("cas:authenticationSuccess").getLength() == 0) {
// TODO.impl: for unknown reasons, this results in a 403 FORBIDDEN // TODO.impl: for unknown reasons, this results in a 403 FORBIDDEN
// throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "CAS service ticket could not be validated"); // throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "CAS service ticket could not be validated");
throw new BadCredentialsException("CAS service ticket could not be validated"); throw new BadCredentialsException("CAS service ticket could not be validated");
} }
final var authentication = new UsernamePasswordAuthenticationToken("test-user-from-authenticate", null, null); // TODO final var userName = doc.getElementsByTagName("cas:user").item(0).getTextContent();
final var authentication = new UsernamePasswordAuthenticationToken(userName, null, null);
SecurityContextHolder.getContext().setAuthentication(authentication); SecurityContextHolder.getContext().setAuthentication(authentication);
return authentication.getName(); return authentication.getName();
} }

10
src/test/java/net/hostsharing/hsadminng/config/CasAuthenticationFilterIntegrationTest.java
View File

@ -13,7 +13,7 @@ import org.springframework.http.HttpStatus;
import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.TestPropertySource;
import static org.apache.commons.lang3.RandomStringUtils.randomAlphanumeric;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static com.github.tomakehurst.wiremock.client.WireMock.*; import static com.github.tomakehurst.wiremock.client.WireMock.*;
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
@ -33,16 +33,18 @@ class CasAuthenticationFilterIntegrationTest {
@Test @Test
public void shouldAcceptRequest() { public void shouldAcceptRequest() {
// given // given
final var username = "test-user-" + randomAlphanumeric(4);
wireMockServer.stubFor(get(urlEqualTo("/cas/p3/serviceValidate?service=http://localhost:8080/api&ticket=valid")) wireMockServer.stubFor(get(urlEqualTo("/cas/p3/serviceValidate?service=http://localhost:8080/api&ticket=valid"))
.willReturn(aResponse() .willReturn(aResponse()
.withStatus(200) .withStatus(200)
.withBody(""" .withBody("""
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess> <cas:authenticationSuccess>
<cas:user>test-user</cas:user> <cas:user>%{username}</cas:user>
</cas:authenticationSuccess> </cas:authenticationSuccess>
</cas:serviceResponse> </cas:serviceResponse>
"""))); """.replace("%{username}", username)
)));
// when // when
final var result = restTemplate.exchange( final var result = restTemplate.exchange(
@ -54,7 +56,7 @@ class CasAuthenticationFilterIntegrationTest {
// then // then
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(result.getBody()).isEqualTo("pong test-user-from-authenticate\n"); assertThat(result.getBody()).isEqualTo("pong " + username + "\n");
} }
@Test @Test