Package org.apereo.cas.authentication.support

Class DefaultCasProtocolAttributeEncoder

  • All Implemented Interfaces:
    org.apereo.cas.authentication.ProtocolAttributeEncoder
    public class DefaultCasProtocolAttributeEncoder
extends AbstractProtocolAttributeEncoder
    The default implementation of the attribute encoder that will use a per-service key-pair to encrypt the credential password and PGT when available. All other attributes remain in place.
    Since:
    4.1

    • Field Summary

      • Fields inherited from interface org.apereo.cas.authentication.ProtocolAttributeEncoder

        ENCODED_ATTRIBUTE_PREFIX, LOGGER

    • Constructor Summary

      Constructors 
      Constructor Description
      DefaultCasProtocolAttributeEncoder​(org.apereo.cas.services.ServicesManager servicesManager, org.apereo.cas.services.RegisteredServiceCipherExecutor cipherExecutor, org.apereo.cas.util.crypto.CipherExecutor<java.lang.String,​java.lang.String> cacheCredentialCipherExecutor)
      Instantiates a new Default cas attribute encoder.
      DefaultCasProtocolAttributeEncoder​(org.apereo.cas.services.ServicesManager servicesManager, org.apereo.cas.util.crypto.CipherExecutor<java.lang.String,​java.lang.String> cacheCredentialCipherExecutor)
      Instantiates a new Default cas attribute encoder.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void encodeAndEncryptCredentialPassword​(java.util.Map<java.lang.String,​java.lang.Object> attributes, java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService)
      Encode and encrypt credential password using the public key supplied by the service.
      protected void encodeAndEncryptProxyGrantingTicket​(java.util.Map<java.lang.String,​java.lang.Object> attributes, java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService)
      Encode and encrypt pgt.
      protected void encodeAttributesInternal​(java.util.Map<java.lang.String,​java.lang.Object> attributes, java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService)
      Initialize the cipher with the public key and then start to encrypt select attributes.
      protected void encryptAndEncodeAndPutIntoAttributesMap​(java.util.Map<java.lang.String,​java.lang.Object> attributes, java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode, java.lang.String cachedAttributeName, org.apereo.cas.services.RegisteredServiceCipherExecutor cipher, org.apereo.cas.services.RegisteredService registeredService)
      Encrypt, encode and put the attribute into attributes map.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • DefaultCasProtocolAttributeEncoder

        public DefaultCasProtocolAttributeEncoder​(org.apereo.cas.services.ServicesManager servicesManager,
                                          org.apereo.cas.util.crypto.CipherExecutor<java.lang.String,​java.lang.String> cacheCredentialCipherExecutor)
        Instantiates a new Default cas attribute encoder.
        Parameters:
        servicesManager - the services manager
        cacheCredentialCipherExecutor - the cache credential cipher executor

      • DefaultCasProtocolAttributeEncoder

        public DefaultCasProtocolAttributeEncoder​(org.apereo.cas.services.ServicesManager servicesManager,
                                          org.apereo.cas.services.RegisteredServiceCipherExecutor cipherExecutor,
                                          org.apereo.cas.util.crypto.CipherExecutor<java.lang.String,​java.lang.String> cacheCredentialCipherExecutor)
        Instantiates a new Default cas attribute encoder.
        Parameters:
        servicesManager - the services manager
        cipherExecutor - the cipher executor
        cacheCredentialCipherExecutor - the cache credential cipher executor

    • Method Detail

      • encodeAndEncryptCredentialPassword

        protected void encodeAndEncryptCredentialPassword​(java.util.Map<java.lang.String,​java.lang.Object> attributes,
                                                  java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode,
                                                  org.apereo.cas.services.RegisteredServiceCipherExecutor cipher,
                                                  org.apereo.cas.services.RegisteredService registeredService)
        Encode and encrypt credential password using the public key supplied by the service. The result is base64 encoded and put into the attributes collection again, overwriting the previous value.
        Parameters:
        attributes - the attributes
        cachedAttributesToEncode - the cached attributes to encode
        cipher - the cipher
        registeredService - the registered service

      • encodeAndEncryptProxyGrantingTicket

        protected void encodeAndEncryptProxyGrantingTicket​(java.util.Map<java.lang.String,​java.lang.Object> attributes,
                                                   java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode,
                                                   org.apereo.cas.services.RegisteredServiceCipherExecutor cipher,
                                                   org.apereo.cas.services.RegisteredService registeredService)
        Encode and encrypt pgt.
        Parameters:
        attributes - the attributes
        cachedAttributesToEncode - the cached attributes to encode
        cipher - the cipher
        registeredService - the registered service

      • encryptAndEncodeAndPutIntoAttributesMap

        protected void encryptAndEncodeAndPutIntoAttributesMap​(java.util.Map<java.lang.String,​java.lang.Object> attributes,
                                                       java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode,
                                                       java.lang.String cachedAttributeName,
                                                       org.apereo.cas.services.RegisteredServiceCipherExecutor cipher,
                                                       org.apereo.cas.services.RegisteredService registeredService)
        Encrypt, encode and put the attribute into attributes map.
        Parameters:
        attributes - the attributes
        cachedAttributesToEncode - the cached attributes to encode
        cachedAttributeName - the cached attribute name
        cipher - the cipher
        registeredService - the registered service

      • encodeAttributesInternal

        protected void encodeAttributesInternal​(java.util.Map<java.lang.String,​java.lang.Object> attributes,
                                        java.util.Map<java.lang.String,​java.lang.String> cachedAttributesToEncode,
                                        org.apereo.cas.services.RegisteredServiceCipherExecutor cipher,
                                        org.apereo.cas.services.RegisteredService registeredService)
        Description copied from class: AbstractProtocolAttributeEncoder
        Initialize the cipher with the public key and then start to encrypt select attributes.
        Specified by:
        encodeAttributesInternal in class AbstractProtocolAttributeEncoder
        Parameters:
        attributes - the attributes
        cachedAttributesToEncode - the cached attributes to encode
        cipher - the cipher object initialized per service public key
        registeredService - the registered service