Start adding CAS auth beans

616d7e6c · Khalid Ali · aa9bdeb8 · 616d7e6c · 616d7e6c
Commit 616d7e6c authored Dec 23, 2018 by Khalid Ali
--- a/build.gradle
+++ b/build.gradle
@@ -44,11 +44,11 @@ dependencies {
 	implementation('org.springframework.boot:spring-boot-starter-data-jpa')
 	implementation('org.springframework.boot:spring-boot-starter-data-rest')
 	implementation('org.springframework.boot:spring-boot-starter-web')
-	implementation('org.springframework.security:spring-security-cas')
 	implementation('org.springframework.boot:spring-boot-starter-actuator')
 	implementation('com.fasterxml.jackson.dataformat:jackson-dataformat-xml')
 	implementation('com.fasterxml.jackson.datatype:jackson-datatype-joda')
 	implementation('org.modelmapper:modelmapper:2.3.1')
+	compile('org.springframework.security:spring-security-cas')
    compile('org.postgresql:postgresql:42.2.5')
 	compileOnly('org.projectlombok:lombok')
 	testImplementation('org.springframework.boot:spring-boot-starter-test')

--- a/src/main/java/com/gmu/bookshare/BookshareApplication.java
+++ b/src/main/java/com/gmu/bookshare/BookshareApplication.java
 package com.gmu.bookshare;

+import org.jasig.cas.client.session.SingleSignOutFilter;
+import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
+import org.jasig.cas.client.validation.Cas30ServiceTicketValidator;
+import org.jasig.cas.client.validation.TicketValidator;
 import org.modelmapper.ModelMapper;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Primary;
+import org.springframework.context.event.EventListener;
+import org.springframework.security.cas.ServiceProperties;
+import org.springframework.security.cas.authentication.CasAuthenticationProvider;
+import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
+import org.springframework.security.core.authority.AuthorityUtils;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.security.web.authentication.logout.LogoutFilter;
+import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
+
+import javax.servlet.http.HttpSessionEvent;

 @SpringBootApplication
 public class BookshareApplication {
@@ -16,4 +32,77 @@ public class BookshareApplication {
    public ModelMapper modelMapper() {
        return new ModelMapper();
    }
+
+    @Bean
+    public ServiceProperties serviceProperties() {
+        ServiceProperties serviceProperties = new ServiceProperties();
+        serviceProperties.setService("http://localhost:9009/login/cas");
+        serviceProperties.setSendRenew(false);
+        return serviceProperties;
+    }
+
+    @Bean
+    @Primary
+    public AuthenticationEntryPoint authenticationEntryPoint(
+            ServiceProperties sP) {
+
+        // URL where user will be redirected to for authentication
+        CasAuthenticationEntryPoint entryPoint
+                = new CasAuthenticationEntryPoint();
+        entryPoint.setLoginUrl("https://localhost:6443/cas/login");
+        entryPoint.setServiceProperties(sP);
+        return entryPoint;
+    }
+
+    /**
+     * Validates service ticket given to user upon authentication.
+     *
+     * @return TicketValidator object
+     */
+    @Bean
+    public TicketValidator ticketValidator() {
+        return new Cas30ServiceTicketValidator(
+                "https://localhost:6443/cas");
+    }
+
+    @Bean
+    public CasAuthenticationProvider casAuthenticationProvider() {
+
+        CasAuthenticationProvider provider = new CasAuthenticationProvider();
+        provider.setServiceProperties(serviceProperties());
+        provider.setTicketValidator(ticketValidator());
+        provider.setUserDetailsService(
+                s -> new User("casuser", "Mellon", true, true, true, true,
+                        AuthorityUtils.createAuthorityList("ROLE_ADMIN")));
+        provider.setKey("CAS_PROVIDER_LOCALHOST_9000");
+        return provider;
+    }
+
+    @Bean
+    public SecurityContextLogoutHandler securityContextLogoutHandler() {
+        return new SecurityContextLogoutHandler();
+    }
+
+    @Bean
+    public LogoutFilter logoutFilter() {
+        LogoutFilter logoutFilter = new LogoutFilter(
+                "https://localhost:6443/cas/logout",
+                securityContextLogoutHandler());
+        logoutFilter.setFilterProcessesUrl("/logout/cas");
+        return logoutFilter;
+    }
+
+    @Bean
+    public SingleSignOutFilter singleSignOutFilter() {
+        SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
+        singleSignOutFilter.setCasServerUrlPrefix("https://localhost:6443/cas");
+        singleSignOutFilter.setIgnoreInitConfiguration(true);
+        return singleSignOutFilter;
+    }
+
+    @EventListener
+    public SingleSignOutHttpSessionListener singleSignOutHttpSessionListener(
+            HttpSessionEvent event) {
+        return new SingleSignOutHttpSessionListener();
+    }
 }