Merge pull request apereo#153 from serac/jetty

CAS Jetty Container Authentication Support

Author: battags

cas-client-core/src/main/java/org/jasig/cas/client/util/ReflectUtils.java

@@ -22,6 +22,7 @@
 import java.beans.IntrospectionException;
 import java.beans.Introspector;
 import java.beans.PropertyDescriptor;
+import java.lang.reflect.Field;
 import java.lang.reflect.InvocationTargetException;
 
 /**
@@ -148,4 +149,35 @@ public static void setProperty(final String propertyName, final Object value, fi
             throw new RuntimeException("Error setting property " + propertyName, e);
         }
     }
+
+    /**
+     * Gets the value of the given declared field on the target object or any of its superclasses.
+     *
+     * @param fieldName Name of field to get.
+     * @param target Target object that possesses field.
+     *
+     * @return Field value.
+     */
+    public static Object getField(final String fieldName, final Object target) {
+        Class<?> clazz = target.getClass();
+        Field field = null;
+        do {
+            try {
+                field = clazz.getDeclaredField(fieldName);
+            } catch (NoSuchFieldException e) {
+                clazz = clazz.getSuperclass();
+            }
+        } while (field == null && clazz != null);
+        if (field == null) {
+            throw new IllegalArgumentException(fieldName + " does not exist on " + target);
+        }
+        try {
+            if (!field.isAccessible()) {
+                field.setAccessible(true);
+            }
+            return field.get(target);
+        } catch (Exception e) {
+            throw new IllegalArgumentException("Error getting field " + fieldName, e);
+        }
+    }
 }

cas-client-core/src/test/java/org/jasig/cas/client/util/ReflectUtilsTests.java

@@ -54,6 +54,18 @@ public void testSetPropertyStringObjectObject() {
         assertTrue(bean.isFlag());
     }
 
+    public void testGetField() {
+        final TestBean bean = new TestBean();
+        bean.setName("bob");
+        assertEquals(bean.getName(), ReflectUtils.getField("name", bean));
+    }
+
+    public void testGetFieldSuperclass() {
+        final TestSubBean bean = new TestSubBean();
+        bean.setName("bob");
+        assertEquals(bean.getName(), ReflectUtils.getField("name", bean));
+    }
+
     static class TestBean {
         private int count;
         private boolean flag;
@@ -102,4 +114,16 @@ public void setFlag(boolean flag) {
         }
 
     }
+
+    static class TestSubBean extends TestBean {
+        private String state;
+
+        public String getState() {
+            return state;
+        }
+
+        public void setState(String state) {
+            this.state = state;
+        }
+    }
 }

cas-client-integration-jetty/pom.xml

@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>cas-client</artifactId>
+        <groupId>org.jasig.cas.client</groupId>
+        <version>3.4.2-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>org.jasig.cas.client</groupId>
+    <artifactId>cas-client-integration-jetty</artifactId>
+    <packaging>jar</packaging>
+    <name>Jasig CAS Client for Java - Jetty Container Integration</name>
+
+    <properties>
+        <!-- Note Jetty 9.2.x is the last version to support Java SE 7 -->
+        <jetty.version>9.2.14.v20151106</jetty.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.jasig.cas.client</groupId>
+            <artifactId>cas-client-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-security</artifactId>
+            <version>${jetty.version}</version>
+        </dependency>
+
+        <!-- Test dependencies -->
+        <dependency>
+            <groupId>org.jasig.cas.client</groupId>
+            <artifactId>cas-client-core</artifactId>
+            <version>${project.version}</version>
+            <type>test-jar</type>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-webapp</artifactId>
+            <version>${jetty.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-plus</artifactId>
+            <version>${jetty.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-annotations</artifactId>
+            <version>${jetty.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>apache-jsp</artifactId>
+            <version>${jetty.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+            <version>3.1.0</version>
+            <scope>provided</scope>
+        </dependency>
+    </dependencies>
+
+</project>
+

cas-client-integration-jetty/src/main/java/org/jasig/cas/client/jetty/CasAuthentication.java

@@ -0,0 +1,46 @@
+package org.jasig.cas.client.jetty;
+
+import org.eclipse.jetty.security.UserAuthentication;
+import org.jasig.cas.client.util.CommonUtils;
+import org.jasig.cas.client.validation.Assertion;
+
+/**
+ * CAS-specific user authentication.
+ *
+ * @author Marvin S. Addison
+ */
+public class CasAuthentication extends UserAuthentication {
+
+    /** CAS authenticator that produced this authentication. */
+    private final CasAuthenticator authenticator;
+
+    /** CAS ticket that was successfully validated to permit authentication. */
+    private final String ticket;
+
+
+    /**
+     * Creates a new instance.
+     *
+     * @param authenticator The authenticator that produced this authentication.
+     * @param ticket The CAS ticket that was successfully validated to permit authentication.
+     * @param assertion The CAS assertion produced from successful ticket validation.
+     */
+    public CasAuthentication(final CasAuthenticator authenticator, final String ticket, final Assertion assertion) {
+        super(authenticator.getAuthMethod(), new CasUserIdentity(assertion, authenticator.getRoleAttribute()));
+        CommonUtils.assertNotNull(ticket, "Ticket cannot be null");
+        CommonUtils.assertNotNull(authenticator, "CasAuthenticator cannot be null");
+        this.authenticator = authenticator;
+        this.ticket = ticket;
+    }
+
+    /** @return The CAS ticket that was successfully validated to permit authentication. */
+    public String getTicket() {
+        return ticket;
+    }
+
+    @Override
+    public void logout() {
+        super.logout();
+        this.authenticator.clearCachedAuthentication(ticket);
+    }
+}