diff --git a/pom.xml b/pom.xml
index 1455f01..d5bac77 100644
--- a/pom.xml
+++ b/pom.xml
@@ -24,20 +24,16 @@
4.0.0
-
- edu.internet2.middleware.grouper
- grouper-parent
- 2.6.0-SNAPSHOT
- ../../grouper-parent
-
-
Grouper Authentication Plugin
Authentication Library Plugin
+ edu.internet2.middleware.grouper.plugins
grouper-authentication-plugin
0.0.1-SNAPSHOT
bundle
+ 1.8
+ 1.8
4.3.1
5.0.0
2.6.0-SNAPSHOT
@@ -45,7 +41,7 @@
- ${project.groupId}
+ edu.internet2.middleware.grouper
grouperClient
${grouper.version}
provided
@@ -113,14 +109,37 @@
provided
- ${project.groupId}
+ edu.internet2.middleware.grouper
grouper
${grouper.version}
test-jar
test
+
+ junit
+ junit
+ test
+
+
+ org.mockito
+ mockito-inline
+ 4.7.0
+ test
+
+
+
+
+ edu.internet2.middleware.grouper
+ grouper
+ 2.6.15
+ pom
+ import
+
+
+
+
diff --git a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/ConfigUtils.java b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/ConfigUtils.java
index 341cba7..fb0c971 100644
--- a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/ConfigUtils.java
+++ b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/ConfigUtils.java
@@ -1,6 +1,5 @@
package edu.internet2.middleware.grouper.authentication.plugin;
-import edu.internet2.middleware.grouper.cfg.GrouperHibernateConfig;
import edu.internet2.middleware.grouperClient.config.ConfigPropertiesCascadeBase;
import org.osgi.framework.BundleContext;
import org.osgi.framework.FrameworkUtil;
@@ -38,8 +37,8 @@ public static ConfigPropertiesCascadeBase getBestGrouperConfiguration() {
public static ConfigPropertiesCascadeBase getConfigPropertiesCascadeBase(String type) {
try {
- ServiceReference serviceReference = (ServiceReference) FrameworkUtil.getBundle(ConfigUtils.class.getClassLoader()).get().getBundleContext().getServiceReferences(ConfigPropertiesCascadeBase.class, "(type=" + type + ")").toArray()[0];
- return FrameworkUtil.getBundle(ConfigUtils.class.getClassLoader()).get().getBundleContext().getService(serviceReference);
+ ServiceReference serviceReference = (ServiceReference) bundleContext.getServiceReferences(ConfigPropertiesCascadeBase.class, "(type=" + type + ")").toArray()[0];
+ return bundleContext.getService(serviceReference);
} catch (InvalidSyntaxException e) {
throw new RuntimeException(e);
}
diff --git a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/Pac4jConfigFactory.java b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/Pac4jConfigFactory.java
index 793f2b5..42c4f74 100644
--- a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/Pac4jConfigFactory.java
+++ b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/Pac4jConfigFactory.java
@@ -21,7 +21,7 @@ public class Pac4jConfigFactory implements ConfigFactory {
private static final Log LOGGER;
static {
try {
- BundleContext bundleContext = FrameworkUtil.getBundle(Pac4jConfigFactory.class).getBundleContext();
+ BundleContext bundleContext = FrameworkUtil.getBundle(GrouperAuthentication.class).getBundleContext();
//TODO: figure out why this is weird
ServiceReference logfactoryReference = (ServiceReference) bundleContext.getAllServiceReferences("org.apache.commons.logging.LogFactory", null)[0];
LOGGER = bundleContext.getService(logfactoryReference).getInstance(ExternalAuthenticationServletContainerInitializer.class);
diff --git a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/config/OidcClientProvider.java b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/config/OidcClientProvider.java
index 2bb8558..8227173 100644
--- a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/config/OidcClientProvider.java
+++ b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/config/OidcClientProvider.java
@@ -2,6 +2,7 @@
import edu.internet2.middleware.grouper.authentication.plugin.ConfigUtils;
import edu.internet2.middleware.grouper.authentication.plugin.ExternalAuthenticationServletContainerInitializer;
+import edu.internet2.middleware.grouper.authentication.plugin.GrouperAuthentication;
import edu.internet2.middleware.grouper.authentication.plugin.Pac4jConfigFactory;
import edu.internet2.middleware.grouper.authentication.plugin.oidc.client.ClaimAsUsernameOidcClient;
import edu.internet2.middleware.grouper.authentication.plugin.oidc.config.ClaimAsUsernameOidcConfiguration;
@@ -20,7 +21,7 @@ public class OidcClientProvider implements ClientProvider {
private static final Log LOGGER;
static {
try {
- BundleContext bundleContext = FrameworkUtil.getBundle(Pac4jConfigFactory.class).getBundleContext();
+ BundleContext bundleContext = FrameworkUtil.getBundle(GrouperAuthentication.class).getBundleContext();
//TODO: figure out why this is weird
ServiceReference logfactoryReference = (ServiceReference) bundleContext.getAllServiceReferences("org.apache.commons.logging.LogFactory", null)[0];
LOGGER = bundleContext.getService(logfactoryReference).getInstance(ExternalAuthenticationServletContainerInitializer.class);
diff --git a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/filter/ReinitializingTimer.java b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/filter/ReinitializingTimer.java
index 9d98144..796686b 100644
--- a/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/filter/ReinitializingTimer.java
+++ b/src/main/java/edu/internet2/middleware/grouper/authentication/plugin/filter/ReinitializingTimer.java
@@ -2,6 +2,7 @@
import edu.internet2.middleware.grouper.authentication.plugin.ConfigUtils;
import edu.internet2.middleware.grouper.authentication.plugin.ExternalAuthenticationServletContainerInitializer;
+import edu.internet2.middleware.grouper.authentication.plugin.GrouperAuthentication;
import edu.internet2.middleware.grouper.authentication.plugin.Pac4jConfigFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -18,7 +19,7 @@ public class ReinitializingTimer extends TimerTask {
private static final Log LOGGER;
static {
try {
- BundleContext bundleContext = FrameworkUtil.getBundle(Pac4jConfigFactory.class).getBundleContext();
+ BundleContext bundleContext = FrameworkUtil.getBundle(GrouperAuthentication.class).getBundleContext();
//TODO: figure out why this is weird
ServiceReference logfactoryReference = (ServiceReference) bundleContext.getAllServiceReferences("org.apache.commons.logging.LogFactory", null)[0];
LOGGER = bundleContext.getService(logfactoryReference).getInstance(ExternalAuthenticationServletContainerInitializer.class);
diff --git a/src/test/java/edu/internet2/middleware/grouper/authentication/Pac4JConfigFactoryTest.java b/src/test/java/edu/internet2/middleware/grouper/authentication/Pac4JConfigFactoryTest.java
new file mode 100644
index 0000000..c094936
--- /dev/null
+++ b/src/test/java/edu/internet2/middleware/grouper/authentication/Pac4JConfigFactoryTest.java
@@ -0,0 +1,314 @@
+package edu.internet2.middleware.grouper.authentication;
+
+import edu.internet2.middleware.grouper.authentication.plugin.ConfigUtils;
+import edu.internet2.middleware.grouper.authentication.plugin.GrouperAuthentication;
+import edu.internet2.middleware.grouper.authentication.plugin.Pac4jConfigFactory;
+import edu.internet2.middleware.grouper.cfg.GrouperHibernateConfig;
+import edu.internet2.middleware.grouper.ui.util.GrouperUiConfig;
+import edu.internet2.middleware.grouper.ui.util.GrouperUiConfigInApi;
+import edu.internet2.middleware.grouperClient.config.ConfigPropertiesCascadeBase;
+import junit.framework.TestCase;
+import junit.textui.TestRunner;
+import org.apache.commons.logging.LogFactory;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.MockedStatic;
+import org.mockito.Mockito;
+import org.osgi.framework.Bundle;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
+import org.osgi.framework.ServiceReference;
+import org.pac4j.cas.client.CasClient;
+import org.pac4j.cas.config.CasConfiguration;
+import org.pac4j.core.config.Config;
+import org.pac4j.oidc.client.OidcClient;
+import org.pac4j.oidc.config.OidcConfiguration;
+import org.pac4j.saml.client.SAML2Client;
+import org.pac4j.saml.config.SAML2Configuration;
+
+import java.time.Period;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Map;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public class Pac4JConfigFactoryTest {
+ MockedStatic frameworkUtilMockedStatic;
+
+ @Before
+ public void setup() throws Exception {
+ this.frameworkUtilMockedStatic = Mockito.mockStatic(FrameworkUtil.class);
+
+ Bundle bundle = mock(Bundle.class);
+ this.frameworkUtilMockedStatic.when(() -> FrameworkUtil.getBundle(GrouperAuthentication.class)).thenReturn(bundle);
+
+ BundleContext bundleContext = mock(BundleContext.class);
+ when(bundle.getBundleContext()).thenReturn(bundleContext);
+
+
+ ServiceReference logFactoryServiceReference = mock(ServiceReference.class);
+ when(bundleContext.getAllServiceReferences("org.apache.commons.logging.LogFactory", null)).thenReturn(new ServiceReference[]{logFactoryServiceReference});
+ when(bundleContext.getService(logFactoryServiceReference)).thenReturn(LogFactory.getFactory());
+
+ ServiceReference UIConfigPropertiesCascadeBaseServiceReference = mock(ServiceReference.class);
+ when(bundleContext.getServiceReferences(ConfigPropertiesCascadeBase.class, "(type=ui)")).thenReturn(Collections.singletonList(UIConfigPropertiesCascadeBaseServiceReference));
+ when(bundleContext.getService(UIConfigPropertiesCascadeBaseServiceReference)).thenReturn(GrouperUiConfigInApi.retrieveConfig());
+
+ ServiceReference HibernateConfigPropertiesCascadeBaseServiceReference = mock(ServiceReference.class);
+ when(bundleContext.getServiceReferences(ConfigPropertiesCascadeBase.class, "(type=hibernate)")).thenReturn(Collections.singletonList(HibernateConfigPropertiesCascadeBaseServiceReference));
+ when(bundleContext.getService(HibernateConfigPropertiesCascadeBaseServiceReference)).thenReturn(GrouperHibernateConfig.retrieveConfig());
+ }
+
+ @After
+ public void tearDown() {
+ this.frameworkUtilMockedStatic.close();
+ }
+
+ /*
+ reads configuration from the `grouper-ui.properties` file in the test resources directory to verify that
+ elconfig still works
+ */
+ @Test
+ public void testElConfig() {
+ ConfigPropertiesCascadeBase grouperConfig = ConfigUtils.getConfigPropertiesCascadeBase("ui");
+ grouperConfig.propertiesOverrideMap().clear();
+ Map properties = grouperConfig.propertiesOverrideMap();
+
+ properties.put("external.authentication.provider.elConfig", "${\"cas\"}");
+ properties.put("external.authentication.cas.loginUrl.elConfig", "${\"login\"}");
+
+ Pac4jConfigFactory pac4jConfigFactory = new Pac4jConfigFactory();
+ Config config = pac4jConfigFactory.build();
+
+ Assert.assertTrue(config.getClients().getClients().get(0) instanceof CasClient);
+
+ CasConfiguration configuration = ((CasClient) config.getClients().getClients().get(0)).getConfiguration();
+ Assert.assertEquals(configuration.getLoginUrl(), "login");
+ }
+
+ /**
+ *
+ */
+ @Test
+ public void testPac4JConfigFactorCAS() {
+ ConfigPropertiesCascadeBase grouperConfig = ConfigUtils.getConfigPropertiesCascadeBase("ui");
+ grouperConfig.propertiesOverrideMap().clear();
+ Map properties = grouperConfig.propertiesOverrideMap();
+ properties.put("external.authentication.provider","cas");
+ properties.put("external.authentication.grouperContextUrl","localhost");
+ properties.put("external.authentication.callbackUrl","callback");
+ properties.put("external.authentication.cas.encoding","UTF-8");
+ properties.put("external.authentication.cas.loginUrl","login");
+ properties.put("external.authentication.cas.prefixUrl","localhost");
+ properties.put("external.authentication.cas.restUrl","rest");
+ properties.put("external.authentication.cas.timeTolerance","1000");
+ properties.put("external.authentication.cas.renew","true");
+ properties.put("external.authentication.cas.gateway","false");
+ properties.put("external.authentication.cas.acceptAnyProxy","true");
+ properties.put("external.authentication.cas.postLogoutUrlParameter","logout");
+ properties.put("external.authentication.cas.customParams","param1=value1,param2=value2,param3=value3");
+ properties.put("external.authentication.cas.method","post");
+ properties.put("external.authentication.cas.privateKeyPath","http://localhost/key");
+ properties.put("external.authentication.cas.privateKeyAlgorithm","AES");
+
+ Pac4jConfigFactory pac4jConfigFactory = new Pac4jConfigFactory();
+ Config config = pac4jConfigFactory.build();
+
+ Assert.assertTrue(config.getClients().getClients().get(0) instanceof CasClient);
+
+ CasConfiguration configuration = ((CasClient) config.getClients().getClients().get(0)).getConfiguration();
+
+ Assert.assertEquals(configuration.getEncoding(), properties.get("external.authentication.cas.encoding"));
+ Assert.assertEquals(configuration.getLoginUrl(), properties.get("external.authentication.cas.loginUrl"));
+ Assert.assertEquals(configuration.getPrefixUrl(), properties.get("external.authentication.cas.prefixUrl"));
+ Assert.assertEquals(configuration.getRestUrl(), properties.get("external.authentication.cas.restUrl"));
+ Assert.assertEquals(configuration.getTimeTolerance(), Integer.parseInt(properties.get("external.authentication.cas.timeTolerance")));
+ Assert.assertEquals(configuration.isRenew(), Boolean.parseBoolean(properties.get("external.authentication.cas.renew")));
+ Assert.assertEquals(configuration.isGateway(), Boolean.parseBoolean(properties.get("external.authentication.cas.gateway")));
+ Assert.assertEquals(configuration.isAcceptAnyProxy(), Boolean.parseBoolean(properties.get("external.authentication.cas.acceptAnyProxy")));
+ Assert.assertEquals(configuration.getPostLogoutUrlParameter(), properties.get("external.authentication.cas.postLogoutUrlParameter"));
+ Assert.assertEquals(configuration.getMethod(), properties.get("external.authentication.cas.method"));
+ Assert.assertEquals(configuration.getPrivateKeyPath(), properties.get("external.authentication.cas.privateKeyPath"));
+ Assert.assertEquals(configuration.getPrivateKeyAlgorithm(), properties.get("external.authentication.cas.privateKeyAlgorithm"));
+ Assert.assertEquals(configuration.getCustomParams().size(), Arrays.asList(properties.get("external.authentication.cas.customParams").split(",")).size());
+ }
+
+ /**
+ *
+ */
+ @Test
+ public void testPac4JConfigFactorSAML() {
+ ConfigPropertiesCascadeBase grouperConfig = ConfigUtils.getConfigPropertiesCascadeBase("ui");
+ grouperConfig.propertiesOverrideMap().clear();
+ Map properties = grouperConfig.propertiesOverrideMap();
+ properties.put("external.authentication.provider","saml");
+ properties.put("external.authentication.grouperContextUrl","localhost");
+ properties.put("external.authentication.callbackUrl","callback");
+ properties.put("external.authentication.saml.keystorePassword","changeme");
+ properties.put("external.authentication.saml.privateKeyPassword","secret");
+ properties.put("external.authentication.saml.certificateNameToAppend","cert");
+ properties.put("external.authentication.saml.identityProviderEntityId","idPid");
+ properties.put("external.authentication.saml.serviceProviderEntityId","sPEid");
+ properties.put("external.authentication.saml.maximumAuthenticationLifetime","500");
+ properties.put("external.authentication.saml.acceptedSkew","10");
+ properties.put("external.authentication.saml.forceAuth","true");
+ properties.put("external.authentication.saml.passive","false");
+ properties.put("external.authentication.saml.comparisonType","close");
+ properties.put("external.authentication.saml.authnRequestBindingType","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ properties.put("external.authentication.saml.responseBindingType","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ properties.put("external.authentication.saml.spLogoutRequestBindingType","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ properties.put("external.authentication.saml.spLogoutResponseBindingType","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ properties.put("external.authentication.saml.authnContextClassRefs","type1,type2,type3,type4");
+ properties.put("external.authentication.saml.nameIdPolicyFormat","####");
+ properties.put("external.authentication.saml.useNameQualifier","true");
+ properties.put("external.authentication.saml.signMetadata","false");
+ properties.put("external.authentication.saml.forceServiceProviderMetadataGeneration","true");
+ properties.put("external.authentication.saml.forceKeystoreGeneration","false");
+ properties.put("external.authentication.saml.authnRequestSigned","true");
+ properties.put("external.authentication.saml.spLogoutRequestSigned","false");
+ properties.put("external.authentication.saml.blackListedSignatureSigningAlgorithms","col1,col2,col3,col4");
+ properties.put("external.authentication.saml.signatureAlgorithms","RSA,ECDSA");
+ properties.put("external.authentication.saml.signatureReferenceDigestMethods","md5,sha256");
+ properties.put("external.authentication.saml.signatureCanonicalizationAlgorithm","qweafsdf");
+ properties.put("external.authentication.saml.wantsAssertionsSigned","true");
+ properties.put("external.authentication.saml.wantsResponsesSigned","false");
+ properties.put("external.authentication.saml.allSignatureValidationDisabled","true");
+ properties.put("external.authentication.saml.keyStoreAlias","fred");
+ properties.put("external.authentication.saml.keyStoreType","text");
+ properties.put("external.authentication.saml.assertionConsumerServiceIndex","5");
+ properties.put("external.authentication.saml.attributeConsumingServiceIndex","2");
+ properties.put("external.authentication.saml.providerName","paul");
+ properties.put("external.authentication.saml.attributeAsId","george");
+ properties.put("external.authentication.saml.mappedAttributes","key1=value1,key2=value2,key3=value3");
+ properties.put("external.authentication.saml.postLogoutURL","logout");
+ properties.put("external.authentication.saml.certificateExpirationPeriod","P2Y3M5D");
+ properties.put("external.authentication.saml.certificateSignatureAlg","SHA1WithRSA");
+ properties.put("external.authentication.saml.privateKeySize","15");
+ properties.put("external.authentication.saml.issuerFormat","urn:oasis:names:tc:SAML:2.0:nameid-format:entity");
+ properties.put("external.authentication.saml.nameIdPolicyAllowCreate","true");
+ properties.put("external.authentication.saml.supportedProtocols","urn:oasis:names:tc:SAML:2.0:protocol, urn:oasis:names:tc:SAML:1.0:protocol, urn:oasis:names:tc:SAML:1.1:protocol");
+ properties.put("external.authentication.saml.normalizedCertificateName","ringo");
+
+ Pac4jConfigFactory pac4jConfigFactory = new Pac4jConfigFactory();
+ Config config = pac4jConfigFactory.build();
+
+ Assert.assertTrue(config.getClients().getClients().get(0) instanceof SAML2Client);
+
+ SAML2Configuration configuration = ((SAML2Client) config.getClients().getClients().get(0)).getConfiguration();
+
+ Assert.assertEquals(configuration.getKeystorePassword(), properties.get("external.authentication.saml.keystorePassword"));
+ Assert.assertEquals(configuration.getPrivateKeyPassword(), properties.get("external.authentication.saml.privateKeyPassword"));
+ Assert.assertEquals(configuration.getCertificateNameToAppend(), properties.get("external.authentication.saml.certificateNameToAppend"));
+ Assert.assertEquals(configuration.getIdentityProviderEntityId(), properties.get("external.authentication.saml.identityProviderEntityId"));
+ Assert.assertEquals(configuration.getServiceProviderEntityId(), properties.get("external.authentication.saml.serviceProviderEntityId"));
+ Assert.assertEquals(configuration.getMaximumAuthenticationLifetime(), Integer.parseInt(properties.get("external.authentication.saml.maximumAuthenticationLifetime")));
+ Assert.assertEquals(configuration.getAcceptedSkew(), Integer.parseInt(properties.get("external.authentication.saml.acceptedSkew")));
+ Assert.assertEquals(configuration.isForceAuth(), Boolean.parseBoolean(properties.get("external.authentication.saml.forceAuth")));
+ Assert.assertEquals(configuration.isPassive(), Boolean.parseBoolean(properties.get("external.authentication.saml.passive")));
+ Assert.assertEquals(configuration.getComparisonType(), properties.get("external.authentication.saml.comparisonType"));
+ Assert.assertEquals(configuration.getAuthnRequestBindingType(), properties.get("external.authentication.saml.authnRequestBindingType"));
+ Assert.assertEquals(configuration.getResponseBindingType(), properties.get("external.authentication.saml.responseBindingType"));
+ Assert.assertEquals(configuration.getSpLogoutRequestBindingType(), properties.get("external.authentication.saml.spLogoutRequestBindingType"));
+ Assert.assertEquals(configuration.getSpLogoutResponseBindingType(), properties.get("external.authentication.saml.spLogoutResponseBindingType"));
+ Assert.assertEquals(configuration.getNameIdPolicyFormat(), properties.get("external.authentication.saml.nameIdPolicyFormat"));
+ Assert.assertEquals(configuration.isUseNameQualifier(), Boolean.parseBoolean(properties.get("external.authentication.saml.useNameQualifier")));
+ Assert.assertEquals(configuration.isSignMetadata(), Boolean.parseBoolean(properties.get("external.authentication.saml.signMetadata")));
+ Assert.assertEquals(configuration.isForceServiceProviderMetadataGeneration(), Boolean.parseBoolean(properties.get("external.authentication.saml.forceServiceProviderMetadataGeneration")));
+ Assert.assertEquals(configuration.isForceKeystoreGeneration(), Boolean.parseBoolean(properties.get("external.authentication.saml.forceKeystoreGeneration")));
+ Assert.assertEquals(configuration.isAuthnRequestSigned(), Boolean.parseBoolean(properties.get("external.authentication.saml.authnRequestSigned")));
+ Assert.assertEquals(configuration.isSpLogoutRequestSigned(), Boolean.parseBoolean(properties.get("external.authentication.saml.spLogoutRequestSigned")));
+ Assert.assertEquals(configuration.getSignatureCanonicalizationAlgorithm(), properties.get("external.authentication.saml.signatureCanonicalizationAlgorithm"));
+ Assert.assertEquals(configuration.isWantsAssertionsSigned(), Boolean.parseBoolean(properties.get("external.authentication.saml.wantsAssertionsSigned")));
+ Assert.assertEquals(configuration.isWantsResponsesSigned(), Boolean.parseBoolean(properties.get("external.authentication.saml.wantsResponsesSigned")));
+ Assert.assertEquals(configuration.isAllSignatureValidationDisabled(), Boolean.parseBoolean(properties.get("external.authentication.saml.allSignatureValidationDisabled")));
+ Assert.assertEquals(configuration.getKeyStoreAlias(), properties.get("external.authentication.saml.keyStoreAlias"));
+ Assert.assertEquals(configuration.getKeyStoreType(), properties.get("external.authentication.saml.keyStoreType"));
+ Assert.assertEquals(configuration.getAssertionConsumerServiceIndex(), Integer.parseInt(properties.get("external.authentication.saml.assertionConsumerServiceIndex")));
+ Assert.assertEquals(configuration.getAttributeConsumingServiceIndex(), Integer.parseInt(properties.get("external.authentication.saml.attributeConsumingServiceIndex")));
+ Assert.assertEquals(configuration.getProviderName(), properties.get("external.authentication.saml.providerName"));
+ Assert.assertEquals(configuration.getAttributeAsId(), properties.get("external.authentication.saml.attributeAsId"));
+ Assert.assertEquals(configuration.getPostLogoutURL(), properties.get("external.authentication.saml.postLogoutURL"));
+ Assert.assertEquals(configuration.getCertificateExpirationPeriod(), Period.parse(properties.get("external.authentication.saml.certificateExpirationPeriod")));
+ Assert.assertEquals(configuration.getCertificateSignatureAlg(), properties.get("external.authentication.saml.certificateSignatureAlg"));
+ Assert.assertEquals(configuration.getPrivateKeySize(), Integer.parseInt(properties.get("external.authentication.saml.privateKeySize")));
+ Assert.assertEquals(configuration.getIssuerFormat(), properties.get("external.authentication.saml.issuerFormat"));
+ Assert.assertEquals(configuration.isNameIdPolicyAllowCreate(), Boolean.parseBoolean(properties.get("external.authentication.saml.nameIdPolicyAllowCreate")));
+ Assert.assertEquals(configuration.getAuthnContextClassRefs().size(), Arrays.asList(properties.get("external.authentication.saml.authnContextClassRefs").split(",")).size());
+ Assert.assertEquals(configuration.getBlackListedSignatureSigningAlgorithms().size(), Arrays.asList(properties.get("external.authentication.saml.blackListedSignatureSigningAlgorithms").split(",")).size());
+ Assert.assertEquals(configuration.getSignatureReferenceDigestMethods().size(), Arrays.asList(properties.get("external.authentication.saml.signatureReferenceDigestMethods").split(",")).size());
+ Assert.assertEquals(configuration.getMappedAttributes().size(), Arrays.asList(properties.get("external.authentication.saml.mappedAttributes").split(",")).size());
+ Assert.assertEquals(configuration.getSupportedProtocols().size(), Arrays.asList(properties.get("external.authentication.saml.supportedProtocols").split(",")).size());
+ }
+
+ /**
+ *
+ */
+ @Test
+ public void testPac4JConfigFactorOidc() {
+ ConfigPropertiesCascadeBase grouperConfig = ConfigUtils.getConfigPropertiesCascadeBase("ui");
+ grouperConfig.propertiesOverrideMap().clear();
+ Map properties = grouperConfig.propertiesOverrideMap();
+ properties.put("external.authentication.provider","oidc");
+ properties.put("external.authentication.grouperContextUrl","localhost");
+ properties.put("external.authentication.callbackUrl","callback");
+ properties.put("external.authentication.oidc.clientId","myClientId");
+ properties.put("external.authentication.oidc.secret","secret");
+ properties.put("external.authentication.oidc.discoveryURI","https://localhost/oidc");
+ properties.put("external.authentication.oidc.scope","PUBLIC");
+ properties.put("external.authentication.oidc.customParams","key1=value1, key2=value2, key3=value3");
+ properties.put("external.authentication.oidc.useNonce","true");
+ properties.put("external.authentication.oidc.disablePkce","false");
+ properties.put("external.authentication.oidc.maxAge","60000");
+ properties.put("external.authentication.oidc.maxClockSkew","10000");
+ properties.put("external.authentication.oidc.responseMode","token");
+ properties.put("external.authentication.oidc.logoutUrl","logout");
+ properties.put("external.authentication.oidc.connectTimeout","30000");
+ properties.put("external.authentication.oidc.readTimeout","15000");
+ properties.put("external.authentication.oidc.withState","false");
+ properties.put("external.authentication.oidc.expireSessionWithToken","true");
+ properties.put("external.authentication.oidc.tokenExpirationAdvance","5000");
+
+ Pac4jConfigFactory pac4jConfigFactory = new Pac4jConfigFactory();
+ Config config = pac4jConfigFactory.build();
+
+ Assert.assertTrue(config.getClients().getClients().get(0) instanceof OidcClient);
+
+ OidcConfiguration configuration = ((OidcClient) config.getClients().getClients().get(0)).getConfiguration();
+
+ Assert.assertEquals(configuration.getClientId(), properties.get("external.authentication.oidc.clientId"));
+ Assert.assertEquals(configuration.getSecret(), properties.get("external.authentication.oidc.secret"));
+ Assert.assertEquals(configuration.getDiscoveryURI(), properties.get("external.authentication.oidc.discoveryURI"));
+ Assert.assertEquals(configuration.getScope(), properties.get("external.authentication.oidc.scope"));
+ Assert.assertEquals(configuration.isUseNonce(), Boolean.parseBoolean(properties.get("external.authentication.oidc.useNonce")));
+ Assert.assertEquals(configuration.isDisablePkce(), Boolean.parseBoolean(properties.get("external.authentication.oidc.disablePkce")));
+ Assert.assertEquals(configuration.getMaxAge().intValue(), Integer.parseInt(properties.get("external.authentication.oidc.maxAge")));
+ Assert.assertEquals(configuration.getMaxClockSkew(), Integer.parseInt(properties.get("external.authentication.oidc.maxClockSkew")));
+ Assert.assertEquals(configuration.getResponseMode(), properties.get("external.authentication.oidc.responseMode"));
+ Assert.assertEquals(configuration.getLogoutUrl(), properties.get("external.authentication.oidc.logoutUrl"));
+ Assert.assertEquals(configuration.getConnectTimeout(), Integer.parseInt(properties.get("external.authentication.oidc.connectTimeout")));
+ Assert.assertEquals(configuration.getReadTimeout(), Integer.parseInt(properties.get("external.authentication.oidc.readTimeout")));
+ Assert.assertEquals(configuration.isWithState(), Boolean.parseBoolean(properties.get("external.authentication.oidc.withState")));
+ Assert.assertEquals(configuration.isExpireSessionWithToken(), Boolean.parseBoolean(properties.get("external.authentication.oidc.expireSessionWithToken")));
+ Assert.assertEquals(configuration.getTokenExpirationAdvance(), Integer.parseInt(properties.get("external.authentication.oidc.tokenExpirationAdvance")));
+ Assert.assertEquals(configuration.getCustomParams().size(), Arrays.asList(properties.get("external.authentication.oidc.customParams").split(",")).size());
+ }
+
+ @Test
+ public void testPac4jForManualProvider() {
+ ConfigPropertiesCascadeBase grouperConfig = ConfigUtils.getConfigPropertiesCascadeBase("ui");
+ grouperConfig.propertiesOverrideMap().clear();
+ Map overrides = grouperConfig.propertiesOverrideMap();
+ overrides.put("external.authentication.provider", "edu.internet2.middleware.grouper.authentication.plugin.config.SAML2ClientProvider");
+
+ Pac4jConfigFactory pac4jConfigFactory = new Pac4jConfigFactory();
+ Config config = pac4jConfigFactory.build();
+
+ Assert.assertTrue(config.getClients().getClients().get(0) instanceof SAML2Client);
+
+ Assert.assertTrue(true);
+ }
+}
\ No newline at end of file
diff --git a/src/test/resources/grouper-ui.properties b/src/test/resources/grouper-ui.properties
index 63ad58d..e69de29 100644
--- a/src/test/resources/grouper-ui.properties
+++ b/src/test/resources/grouper-ui.properties
@@ -1,2 +0,0 @@
-external.authentication.mechanism.elConfig = ${"cas"}
-external.authentication.cas.loginUrl.elConfig = ${"login"}