From 3d0f746719dab6a685c25e0e1034f83b46f66c6d Mon Sep 17 00:00:00 2001 From: Scott Battaglia Date: Tue, 14 Mar 2006 16:15:51 +0000 Subject: [PATCH] SEC-224 updated CasAuthenticationToken to be consistant with approach taken by other providers with regards to authentication.getPrincipal() --- .../cas/CasAuthenticationProvider.java | 2 +- .../providers/cas/CasAuthenticationToken.java | 20 +++---- .../cas/CasAuthenticationProviderTests.java | 18 ++++--- .../cas/CasAuthenticationTokenTests.java | 54 ++++++++++--------- .../cache/EhCacheBasedTicketCacheTests.java | 2 +- 5 files changed, 52 insertions(+), 44 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java index 9f4c8fa861..d571852cb5 100644 --- a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java +++ b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java @@ -154,7 +154,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, .getUser()); // Construct CasAuthenticationToken - return new CasAuthenticationToken(this.key, response.getUser(), + return new CasAuthenticationToken(this.key, userDetails, authentication.getCredentials(), userDetails.getAuthorities(), userDetails, response.getProxyList(), response.getProxyGrantingTicketIou()); diff --git a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java index d84f4d929c..639dfc35d5 100644 --- a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java @@ -36,12 +36,12 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implements Serializable { //~ Instance fields ======================================================== - private List proxyList; - private Object credentials; - private Object principal; - private String proxyGrantingTicketIou; - private UserDetails userDetails; - private int keyHash; + private final List proxyList; + private final Object credentials; + private final Object principal; + private final String proxyGrantingTicketIou; + private final UserDetails userDetails; + private final int keyHash; //~ Constructors =========================================================== @@ -65,9 +65,9 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken * * @throws IllegalArgumentException if a null was passed */ - public CasAuthenticationToken(String key, Object principal, - Object credentials, GrantedAuthority[] authorities, - UserDetails userDetails, List proxyList, String proxyGrantingTicketIou) { + public CasAuthenticationToken(final String key, final Object principal, + final Object credentials, final GrantedAuthority[] authorities, + final UserDetails userDetails, final List proxyList, final String proxyGrantingTicketIou) { super(authorities); if ((key == null) || ("".equals(key)) || (principal == null) @@ -90,7 +90,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken //~ Methods ================================================================ - public boolean equals(Object obj) { + public boolean equals(final Object obj) { if (!super.equals(obj)) { return false; } diff --git a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationProviderTests.java b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationProviderTests.java index 88b1fc942c..2e0fa05484 100644 --- a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationProviderTests.java +++ b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationProviderTests.java @@ -86,7 +86,7 @@ public class CasAuthenticationProviderTests extends TestCase { } CasAuthenticationToken casResult = (CasAuthenticationToken) result; - assertEquals("marissa", casResult.getPrincipal()); + assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal()); assertEquals("PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt", casResult.getProxyGrantingTicketIou()); assertEquals("https://localhost/portal/j_acegi_cas_security_check", @@ -129,7 +129,7 @@ public class CasAuthenticationProviderTests extends TestCase { fail("Should have returned a CasAuthenticationToken"); } - assertEquals("marissa", result.getPrincipal()); + assertEquals(makeUserDetailsFromAuthoritiesPopulator(), result.getPrincipal()); assertEquals("ST-456", result.getCredentials()); // Now try to authenticate again. To ensure TicketValidator not @@ -138,7 +138,7 @@ public class CasAuthenticationProviderTests extends TestCase { // Previously created UsernamePasswordAuthenticationToken is OK Authentication newResult = cap.authenticate(token); - assertEquals("marissa", newResult.getPrincipal()); + assertEquals(makeUserDetailsFromAuthoritiesPopulator(), newResult.getPrincipal()); assertEquals("ST-456", newResult.getCredentials()); } @@ -177,7 +177,7 @@ public class CasAuthenticationProviderTests extends TestCase { cap.afterPropertiesSet(); CasAuthenticationToken token = new CasAuthenticationToken("WRONG_KEY", - "test", "credentials", + makeUserDetails(), "credentials", new GrantedAuthority[] {new GrantedAuthorityImpl("XX")}, makeUserDetails(), new Vector(), "IOU-xxx"); @@ -331,15 +331,19 @@ public class CasAuthenticationProviderTests extends TestCase { new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}); } + + private UserDetails makeUserDetailsFromAuthoritiesPopulator() { + return new User("user", "password", true, true, true, true, + new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl( + "ROLE_B")}); + } //~ Inner Classes ========================================================== private class MockAuthoritiesPopulator implements CasAuthoritiesPopulator { public UserDetails getUserDetails(String casUserId) throws AuthenticationException { - return new User("user", "password", true, true, true, true, - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl( - "ROLE_B")}); + return makeUserDetailsFromAuthoritiesPopulator(); } } diff --git a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java index fc342ca986..631226bbb5 100644 --- a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java +++ b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java @@ -56,7 +56,7 @@ public class CasAuthenticationTokenTests extends TestCase { public void testConstructorRejectsNulls() { try { - new CasAuthenticationToken(null, "Test", "Password", + new CasAuthenticationToken(null, makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), new Vector(), "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -76,7 +76,7 @@ public class CasAuthenticationTokenTests extends TestCase { } try { - new CasAuthenticationToken("key", "Test", null, + new CasAuthenticationToken("key", makeUserDetails(), null, new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), new Vector(), "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -86,7 +86,7 @@ public class CasAuthenticationTokenTests extends TestCase { } try { - new CasAuthenticationToken("key", "Test", "Password", null, + new CasAuthenticationToken("key", makeUserDetails(), "Password", null, makeUserDetails(), new Vector(), "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); fail("Should have thrown IllegalArgumentException"); @@ -95,7 +95,7 @@ public class CasAuthenticationTokenTests extends TestCase { } try { - new CasAuthenticationToken("key", "Test", "Password", + new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), null, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -105,7 +105,7 @@ public class CasAuthenticationTokenTests extends TestCase { } try { - new CasAuthenticationToken("key", "Test", "Password", + new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, null, new Vector(), "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -115,7 +115,7 @@ public class CasAuthenticationTokenTests extends TestCase { } try { - new CasAuthenticationToken("key", "Test", "Password", + new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), new Vector(), null); fail("Should have thrown IllegalArgumentException"); @@ -124,7 +124,7 @@ public class CasAuthenticationTokenTests extends TestCase { } try { - new CasAuthenticationToken("key", "Test", "Password", + new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), null, new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), new Vector(), "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -139,7 +139,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -148,7 +148,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList2, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -162,12 +162,12 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); assertEquals("key".hashCode(), token.getKeyHash()); - assertEquals("Test", token.getPrincipal()); + assertEquals(makeUserDetails(), token.getPrincipal()); assertEquals("Password", token.getCredentials()); assertEquals("ROLE_ONE", token.getAuthorities()[0].getAuthority()); assertEquals("ROLE_TWO", token.getAuthorities()[1].getAuthority()); @@ -194,7 +194,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -203,7 +203,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", - "OTHER_VALUE", "Password", + makeUserDetails("OTHER_NAME"), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList2, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -216,7 +216,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -234,7 +234,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -243,7 +243,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("DIFFERENT_KEY", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList2, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -256,7 +256,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -265,7 +265,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList2, "PGTIOU-SOME_OTHER_VALUE"); @@ -278,7 +278,7 @@ public class CasAuthenticationTokenTests extends TestCase { proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -288,7 +288,7 @@ public class CasAuthenticationTokenTests extends TestCase { "https://localhost/SOME_OTHER_PORTAL/j_acegi_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), proxyList2, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -298,7 +298,7 @@ public class CasAuthenticationTokenTests extends TestCase { public void testSetAuthenticated() { CasAuthenticationToken token = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), new Vector(), "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -309,7 +309,7 @@ public class CasAuthenticationTokenTests extends TestCase { public void testToString() { CasAuthenticationToken token = new CasAuthenticationToken("key", - "Test", "Password", + makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, makeUserDetails(), new Vector(), "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); @@ -320,8 +320,12 @@ public class CasAuthenticationTokenTests extends TestCase { } private UserDetails makeUserDetails() { - return new User("user", "password", true, true, true, true, - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + return makeUserDetails("user"); + } + + private UserDetails makeUserDetails(final String name) { + return new User(name, "password", true, true, true, true, + new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( + "ROLE_TWO")}); } } diff --git a/core/src/test/java/org/acegisecurity/providers/cas/cache/EhCacheBasedTicketCacheTests.java b/core/src/test/java/org/acegisecurity/providers/cas/cache/EhCacheBasedTicketCacheTests.java index ae01599d1b..8643025f9d 100644 --- a/core/src/test/java/org/acegisecurity/providers/cas/cache/EhCacheBasedTicketCacheTests.java +++ b/core/src/test/java/org/acegisecurity/providers/cas/cache/EhCacheBasedTicketCacheTests.java @@ -106,7 +106,7 @@ public class EhCacheBasedTicketCacheTests extends TestCase { new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}); - return new CasAuthenticationToken("key", "marissa", + return new CasAuthenticationToken("key", user, "ST-0-ER94xMJmn6pha35CQRoZ", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( "ROLE_TWO")}, user, proxyList,