SEC-224

updated CasAuthenticationToken to be consistant with approach taken by other providers with regards to authentication.getPrincipal()

core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java

@@ -154,7 +154,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider,
                 .getUser());
 
         // Construct CasAuthenticationToken
-        return new CasAuthenticationToken(this.key, response.getUser(),
+        return new CasAuthenticationToken(this.key, userDetails,
             authentication.getCredentials(), userDetails.getAuthorities(),
             userDetails, response.getProxyList(),
             response.getProxyGrantingTicketIou());

core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java

@@ -36,12 +36,12 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
     implements Serializable {
     //~ Instance fields ========================================================
 
-    private List proxyList;
+    private final List proxyList;
-    private Object credentials;
+    private final Object credentials;
-    private Object principal;
+    private final Object principal;
-    private String proxyGrantingTicketIou;
+    private final String proxyGrantingTicketIou;
-    private UserDetails userDetails;
+    private final UserDetails userDetails;
-    private int keyHash;
+    private final int keyHash;
 
     //~ Constructors ===========================================================
 
@@ -65,9 +65,9 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
      *
      * @throws IllegalArgumentException if a <code>null</code> was passed
      */
-    public CasAuthenticationToken(String key, Object principal,
+    public CasAuthenticationToken(final String key, final Object principal,
-        Object credentials, GrantedAuthority[] authorities,
+    		final Object credentials, final GrantedAuthority[] authorities,
-        UserDetails userDetails, List proxyList, String proxyGrantingTicketIou) {
+    		final UserDetails userDetails, final List proxyList, final String proxyGrantingTicketIou) {
         super(authorities);
 
         if ((key == null) || ("".equals(key)) || (principal == null)
@@ -90,7 +90,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
 
     //~ Methods ================================================================
 
-    public boolean equals(Object obj) {
+    public boolean equals(final Object obj) {
         if (!super.equals(obj)) {
             return false;
         }

core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationProviderTests.java

@@ -86,7 +86,7 @@ public class CasAuthenticationProviderTests extends TestCase {
         }
 
         CasAuthenticationToken casResult = (CasAuthenticationToken) result;
-        assertEquals("marissa", casResult.getPrincipal());
+        assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal());
         assertEquals("PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt",
             casResult.getProxyGrantingTicketIou());
         assertEquals("https://localhost/portal/j_acegi_cas_security_check",
@@ -129,7 +129,7 @@ public class CasAuthenticationProviderTests extends TestCase {
             fail("Should have returned a CasAuthenticationToken");
         }
 
-        assertEquals("marissa", result.getPrincipal());
+        assertEquals(makeUserDetailsFromAuthoritiesPopulator(), result.getPrincipal());
         assertEquals("ST-456", result.getCredentials());
 
         // Now try to authenticate again. To ensure TicketValidator not
@@ -138,7 +138,7 @@ public class CasAuthenticationProviderTests extends TestCase {
 
         // Previously created UsernamePasswordAuthenticationToken is OK
         Authentication newResult = cap.authenticate(token);
-        assertEquals("marissa", newResult.getPrincipal());
+        assertEquals(makeUserDetailsFromAuthoritiesPopulator(), newResult.getPrincipal());
         assertEquals("ST-456", newResult.getCredentials());
     }
 
@@ -177,7 +177,7 @@ public class CasAuthenticationProviderTests extends TestCase {
         cap.afterPropertiesSet();
 
         CasAuthenticationToken token = new CasAuthenticationToken("WRONG_KEY",
-                "test", "credentials",
+               makeUserDetails(), "credentials",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("XX")},
                 makeUserDetails(), new Vector(), "IOU-xxx");
 
@@ -331,15 +331,19 @@ public class CasAuthenticationProviderTests extends TestCase {
             new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                     "ROLE_TWO")});
     }
+    
+    private UserDetails makeUserDetailsFromAuthoritiesPopulator() {
+    	return new User("user", "password", true, true, true, true,
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl(
+                "ROLE_B")});
+    }
 
     //~ Inner Classes ==========================================================
 
     private class MockAuthoritiesPopulator implements CasAuthoritiesPopulator {
         public UserDetails getUserDetails(String casUserId)
             throws AuthenticationException {
-            return new User("user", "password", true, true, true, true,
+            return makeUserDetailsFromAuthoritiesPopulator();
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl(
-                        "ROLE_B")});
         }
     }
 

core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java

@@ -56,7 +56,7 @@ public class CasAuthenticationTokenTests extends TestCase {
 
     public void testConstructorRejectsNulls() {
         try {
-            new CasAuthenticationToken(null, "Test", "Password",
+            new CasAuthenticationToken(null, makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), new Vector(),
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -76,7 +76,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         }
 
         try {
-            new CasAuthenticationToken("key", "Test", null,
+            new CasAuthenticationToken("key", makeUserDetails(), null,
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), new Vector(),
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -86,7 +86,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         }
 
         try {
-            new CasAuthenticationToken("key", "Test", "Password", null,
+            new CasAuthenticationToken("key", makeUserDetails(), "Password", null,
                 makeUserDetails(), new Vector(),
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
             fail("Should have thrown IllegalArgumentException");
@@ -95,7 +95,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         }
 
         try {
-            new CasAuthenticationToken("key", "Test", "Password",
+            new CasAuthenticationToken("key", makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), null,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -105,7 +105,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         }
 
         try {
-            new CasAuthenticationToken("key", "Test", "Password",
+            new CasAuthenticationToken("key", makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, null, new Vector(),
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -115,7 +115,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         }
 
         try {
-            new CasAuthenticationToken("key", "Test", "Password",
+            new CasAuthenticationToken("key", makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), new Vector(), null);
             fail("Should have thrown IllegalArgumentException");
@@ -124,7 +124,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         }
 
         try {
-            new CasAuthenticationToken("key", "Test", "Password",
+            new CasAuthenticationToken("key", makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), null, new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), new Vector(),
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -139,7 +139,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token1 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList1,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -148,7 +148,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token2 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList2,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -162,12 +162,12 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
         assertEquals("key".hashCode(), token.getKeyHash());
-        assertEquals("Test", token.getPrincipal());
+        assertEquals(makeUserDetails(), token.getPrincipal());
         assertEquals("Password", token.getCredentials());
         assertEquals("ROLE_ONE", token.getAuthorities()[0].getAuthority());
         assertEquals("ROLE_TWO", token.getAuthorities()[1].getAuthority());
@@ -194,7 +194,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token1 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList1,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -203,7 +203,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token2 = new CasAuthenticationToken("key",
-                "OTHER_VALUE", "Password",
+        		makeUserDetails("OTHER_NAME"), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList2,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -216,7 +216,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token1 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList1,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -234,7 +234,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token1 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList1,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -243,7 +243,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token2 = new CasAuthenticationToken("DIFFERENT_KEY",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList2,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -256,7 +256,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token1 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList1,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -265,7 +265,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token2 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList2,
                 "PGTIOU-SOME_OTHER_VALUE");
@@ -278,7 +278,7 @@ public class CasAuthenticationTokenTests extends TestCase {
         proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check");
 
         CasAuthenticationToken token1 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList1,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -288,7 +288,7 @@ public class CasAuthenticationTokenTests extends TestCase {
             "https://localhost/SOME_OTHER_PORTAL/j_acegi_cas_security_check");
 
         CasAuthenticationToken token2 = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), proxyList2,
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -298,7 +298,7 @@ public class CasAuthenticationTokenTests extends TestCase {
 
     public void testSetAuthenticated() {
         CasAuthenticationToken token = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), new Vector(),
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -309,7 +309,7 @@ public class CasAuthenticationTokenTests extends TestCase {
 
     public void testToString() {
         CasAuthenticationToken token = new CasAuthenticationToken("key",
-                "Test", "Password",
+        		makeUserDetails(), "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")}, makeUserDetails(), new Vector(),
                 "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt");
@@ -320,8 +320,12 @@ public class CasAuthenticationTokenTests extends TestCase {
     }
 
     private UserDetails makeUserDetails() {
-        return new User("user", "password", true, true, true, true,
+    	return makeUserDetails("user");
-            new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+    }
-                    "ROLE_TWO")});
+    
+    private UserDetails makeUserDetails(final String name) {
+        return new User(name, "password", true, true, true, true,
+                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
+                        "ROLE_TWO")});
     }
 }

core/src/test/java/org/acegisecurity/providers/cas/cache/EhCacheBasedTicketCacheTests.java

@@ -106,7 +106,7 @@ public class EhCacheBasedTicketCacheTests extends TestCase {
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                         "ROLE_TWO")});
 
-        return new CasAuthenticationToken("key", "marissa",
+        return new CasAuthenticationToken("key", user,
             "ST-0-ER94xMJmn6pha35CQRoZ",
             new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
                     "ROLE_TWO")}, user, proxyList,