Example 1 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class DefaultMultifactorAuthenticationProviderBypass method updateAuthenticationToRememberBypass.
private void updateAuthenticationToRememberBypass(final Authentication authentication, final MultifactorAuthenticationProvider provider, final Principal principal) {
LOGGER.debug("Bypass rules for service [{}] indicate the request may NOT be ignored", principal.getId());
final Authentication newAuthn = DefaultAuthenticationBuilder.newInstance(authentication).addAttribute(AUTHENTICATION_ATTRIBUTE_BYPASS_MFA, Boolean.TRUE).addAttribute(AUTHENTICATION_ATTRIBUTE_BYPASS_MFA_PROVIDER, provider.getId()).build();
LOGGER.debug("Updated authentication session to NOT remember bypass for [{}] via [{}]", provider.getId(), AUTHENTICATION_ATTRIBUTE_BYPASS_MFA);
authentication.updateAll(newAuthn);
}
Also used :
Authentication(org.apereo.cas.authentication.Authentication)
Example 2 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class DefaultMultifactorAuthenticationProviderBypass method updateAuthenticationToForgetBypass.
private void updateAuthenticationToForgetBypass(final Authentication authentication, final MultifactorAuthenticationProvider provider, final Principal principal) {
LOGGER.debug("Bypass rules for service [{}] indicate the request may be ignored", principal.getId());
final Authentication newAuthn = DefaultAuthenticationBuilder.newInstance(authentication).addAttribute(AUTHENTICATION_ATTRIBUTE_BYPASS_MFA, Boolean.FALSE).build();
LOGGER.debug("Updated authentication session to remember bypass for [{}] via [{}]", provider.getId(), AUTHENTICATION_ATTRIBUTE_BYPASS_MFA);
authentication.updateAll(newAuthn);
}
Also used :
Authentication(org.apereo.cas.authentication.Authentication)
Example 3 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class RememberMeDelegatingExpirationPolicyTests method verifyTicketExpirationWithRememberMe.
@Test
public void verifyTicketExpirationWithRememberMe() {
final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication(this.principalFactory.createPrincipal("test"), Collections.singletonMap(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME, true));
final TicketGrantingTicketImpl t = new TicketGrantingTicketImpl("111", authentication, this.p);
assertFalse(t.isExpired());
t.grantServiceTicket("55", RegisteredServiceTestUtils.getService(), this.p, false, true);
assertTrue(t.isExpired());
}
Also used :
Authentication(org.apereo.cas.authentication.Authentication)
TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl)
Test(org.junit.Test)
Example 4 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class AdaptiveMultifactorAuthenticationPolicyEventResolver method resolveInternal.
@Override
public Set<Event> resolveInternal(final RequestContext context) {
final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
final Authentication authentication = WebUtils.getAuthentication(context);
if (service == null || authentication == null) {
LOGGER.debug("No service or authentication is available to determine event for principal");
return null;
}
if (multifactorMap == null || multifactorMap.isEmpty()) {
LOGGER.debug("Adaptive authentication is not configured to require multifactor authentication");
return null;
}
final Map<String, MultifactorAuthenticationProvider> providerMap = WebUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
if (providerMap == null || providerMap.isEmpty()) {
LOGGER.error("No multifactor authentication providers are available in the application context");
throw new AuthenticationException();
}
final Set<Event> providerFound = checkRequireMultifactorProvidersForRequest(context, service, authentication);
if (providerFound != null && !providerFound.isEmpty()) {
LOGGER.warn("Found multifactor authentication providers [{}] required for this authentication event", providerFound);
return providerFound;
}
return null;
}
Also used :
RegisteredService(org.apereo.cas.services.RegisteredService)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
Authentication(org.apereo.cas.authentication.Authentication)
Event(org.springframework.webflow.execution.Event)
MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider)
Example 5 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class RegisteredServicePrincipalAttributeMultifactorAuthenticationPolicyEventResolver method resolveInternal.
@Override
public Set<Event> resolveInternal(final RequestContext context) {
final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
final Authentication authentication = WebUtils.getAuthentication(context);
final RegisteredServiceMultifactorPolicy policy = service != null ? service.getMultifactorPolicy() : null;
if (policy == null || service.getMultifactorPolicy().getMultifactorAuthenticationProviders().isEmpty()) {
LOGGER.debug("Authentication policy is absent or does not contain any multifactor authentication providers");
return null;
}
if (StringUtils.isBlank(policy.getPrincipalAttributeNameTrigger()) || StringUtils.isBlank(policy.getPrincipalAttributeValueToMatch())) {
LOGGER.debug("Authentication policy does not define a principal attribute and/or value to trigger multifactor authentication");
return null;
}
final Principal principal = authentication.getPrincipal();
final Collection<MultifactorAuthenticationProvider> providers = flattenProviders(getAuthenticationProviderForService(service));
return resolveEventViaPrincipalAttribute(principal, org.springframework.util.StringUtils.commaDelimitedListToSet(policy.getPrincipalAttributeNameTrigger()), service, context, providers, Pattern.compile(policy.getPrincipalAttributeValueToMatch()).asPredicate());
}
Also used :
RegisteredServiceMultifactorPolicy(org.apereo.cas.services.RegisteredServiceMultifactorPolicy)
RegisteredService(org.apereo.cas.services.RegisteredService)
Authentication(org.apereo.cas.authentication.Authentication)
MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider)
Principal(org.apereo.cas.authentication.principal.Principal)
Aggregations
Authentication (org.apereo.cas.authentication.Authentication)125
RegisteredService (org.apereo.cas.services.RegisteredService)58
Service (org.apereo.cas.authentication.principal.Service)44
lombok.val (lombok.val)38
HttpServletRequest (javax.servlet.http.HttpServletRequest)32
Slf4j (lombok.extern.slf4j.Slf4j)32
Principal (org.apereo.cas.authentication.principal.Principal)26
Event (org.springframework.webflow.execution.Event)25
Optional (java.util.Optional)23
TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)22
Test (org.junit.Test)21
MultifactorAuthenticationProvider (org.apereo.cas.services.MultifactorAuthenticationProvider)20
AuthenticationException (org.apereo.cas.authentication.AuthenticationException)19
CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)17
Collection (java.util.Collection)16
StringUtils (org.apache.commons.lang3.StringUtils)16
AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)15
ServiceTicket (org.apereo.cas.ticket.ServiceTicket)15
WebUtils (org.apereo.cas.web.support.WebUtils)14
RequestContext (org.springframework.webflow.execution.RequestContext)14
