Example 1 with GeoLocationResponse
use of org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse in project cas by apereo.
the class GoogleMapsGeoLocationService method locate.
@Override
public GeoLocationResponse locate(final Double latitude, final Double longitude) {
if (latitude == null || longitude == null) {
LOGGER.debug("latitude/longitude must not be null in order for geolocation to proceed");
return null;
}
final GeoLocationResponse r = new GeoLocationResponse();
r.setLatitude(latitude);
r.setLongitude(longitude);
final LatLng latlng = new LatLng(latitude, longitude);
try {
final GeocodingResult[] results = GeocodingApi.reverseGeocode(this.context, latlng).await();
if (results != null && results.length > 0) {
Arrays.stream(results).map(result -> result.formattedAddress).forEach(r::addAddress);
return r;
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return r;
}
Also used :
Arrays(java.util.Arrays)
GeocodingResult(com.google.maps.model.GeocodingResult)
Logger(org.slf4j.Logger)
GeoApiContext(com.google.maps.GeoApiContext)
LoggerFactory(org.slf4j.LoggerFactory)
UserInfo(io.userinfo.client.UserInfo)
StringUtils(org.apache.commons.lang3.StringUtils)
GaeRequestHandler(com.google.maps.GaeRequestHandler)
Info(io.userinfo.client.model.Info)
InetAddress(java.net.InetAddress)
TimeUnit(java.util.concurrent.TimeUnit)
GeocodingApi(com.google.maps.GeocodingApi)
GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)
AbstractGeoLocationService(org.apereo.cas.support.geo.AbstractGeoLocationService)
LatLng(com.google.maps.model.LatLng)
GoogleMapsProperties(org.apereo.cas.configuration.model.support.geo.googlemaps.GoogleMapsProperties)
Logger(org.slf4j.Logger)
GaeRequestHandler(com.google.maps.GaeRequestHandler)
GeocodingResult(com.google.maps.model.GeocodingResult)
GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)
LatLng(com.google.maps.model.LatLng)
Example 2 with GeoLocationResponse
use of org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse in project cas by apereo.
the class DefaultAdaptiveAuthenticationPolicy method apply.
@Override
public boolean apply(final String userAgent, final GeoLocationRequest location) {
final ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
if (clientInfo == null || StringUtils.isBlank(userAgent)) {
LOGGER.warn("No client IP or user-agent was provided. Skipping adaptive authentication policy...");
return true;
}
final String clientIp = clientInfo.getClientIpAddress();
LOGGER.debug("Located client IP address as [{}]", clientIp);
if (isClientIpAddressRejected(clientIp)) {
LOGGER.warn("Client IP [{}] is rejected for authentication", clientIp);
return false;
}
if (isUserAgentRejected(userAgent)) {
LOGGER.warn("User agent [{}] is rejected for authentication", userAgent);
return false;
}
LOGGER.debug("User agent [{}] is authorized to proceed", userAgent);
if (this.geoLocationService != null && location != null && StringUtils.isNotBlank(clientIp) && StringUtils.isNotBlank(this.adaptiveAuthenticationProperties.getRejectCountries())) {
final GeoLocationResponse loc = this.geoLocationService.locate(clientIp, location);
if (loc != null) {
LOGGER.debug("Determined geolocation to be [{}]", loc);
if (isGeoLocationCountryRejected(loc)) {
LOGGER.warn("Client [{}] is rejected for authentication", clientIp);
return false;
}
} else {
LOGGER.info("Could not determine geolocation for [{}]", clientIp);
}
}
LOGGER.debug("Adaptive authentication policy has authorized client [{}] to proceed.", clientIp);
return true;
}
Also used :
GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)
ClientInfo(org.apereo.inspektr.common.web.ClientInfo)
Example 3 with GeoLocationResponse
use of org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse in project cas by apereo.
the class MaxmindDatabaseGeoLocationService method locate.
@Override
public GeoLocationResponse locate(final InetAddress address) {
try {
final GeoLocationResponse location = new GeoLocationResponse();
if (this.cityDatabaseReader != null) {
final CityResponse response = this.cityDatabaseReader.city(address);
location.addAddress(response.getCity().getName());
location.setLatitude(response.getLocation().getLatitude());
location.setLongitude(response.getLocation().getLongitude());
}
if (this.countryDatabaseReader != null) {
final CountryResponse response = this.countryDatabaseReader.country(address);
location.addAddress(response.getCountry().getName());
}
LOGGER.debug("Geo location for [{}] is calculated as [{}]", address, location);
return location;
} catch (final AddressNotFoundException e) {
LOGGER.info(e.getMessage(), e);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}
Also used :
CityResponse(com.maxmind.geoip2.model.CityResponse)
GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)
AddressNotFoundException(com.maxmind.geoip2.exception.AddressNotFoundException)
CountryResponse(com.maxmind.geoip2.model.CountryResponse)
AddressNotFoundException(com.maxmind.geoip2.exception.AddressNotFoundException)
Example 4 with GeoLocationResponse
use of org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse in project cas by apereo.
the class AbstractGeoLocationService method locate.
@Override
public GeoLocationResponse locate(final String clientIp, final GeoLocationRequest location) {
LOGGER.debug("Attempting to find geolocation for [{}]", clientIp);
GeoLocationResponse loc = locate(clientIp);
if (loc == null && location != null) {
LOGGER.debug("Attempting to find geolocation for [{}]", location);
if (StringUtils.isNotBlank(location.getLatitude()) && StringUtils.isNotBlank(location.getLongitude())) {
loc = locate(Double.valueOf(location.getLatitude()), Double.valueOf(location.getLongitude()));
}
}
return loc;
}
Also used :
GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)
Example 5 with GeoLocationResponse
use of org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse in project cas by apereo.
the class GeoLocationAuthenticationRequestRiskCalculator method calculateScore.
@Override
protected BigDecimal calculateScore(final HttpServletRequest request, final Authentication authentication, final RegisteredService service, final Collection<CasEvent> events) {
final GeoLocationRequest loc = WebUtils.getHttpServletRequestGeoLocation();
if (loc.isValid()) {
LOGGER.debug("Filtering authentication events for geolocation [{}]", loc);
final long count = events.stream().filter(e -> e.getGeoLocation().equals(loc)).count();
LOGGER.debug("Total authentication events found for [{}]: [{}]", loc, count);
if (count == events.size()) {
LOGGER.debug("Principal [{}] has always authenticated from [{}]", authentication.getPrincipal(), loc);
return LOWEST_RISK_SCORE;
}
return getFinalAveragedScore(count, events.size());
} else {
final String remoteAddr = ClientInfoHolder.getClientInfo().getClientIpAddress();
LOGGER.debug("Filtering authentication events for location based on ip [{}]", remoteAddr);
final GeoLocationResponse response = this.geoLocationService.locate(remoteAddr);
if (response != null) {
final long count = events.stream().filter(e -> e.getGeoLocation().equals(new GeoLocationRequest(response.getLatitude(), response.getLongitude()))).count();
LOGGER.debug("Total authentication events found for location of [{}]: [{}]", remoteAddr, count);
if (count == events.size()) {
LOGGER.debug("Principal [{}] has always authenticated from [{}]", authentication.getPrincipal(), loc);
return LOWEST_RISK_SCORE;
}
return getFinalAveragedScore(count, events.size());
}
}
LOGGER.debug("Request does not contain enough geolocation data");
return HIGHEST_RISK_SCORE;
}
Also used :
CasEventRepository(org.apereo.cas.support.events.CasEventRepository)
Logger(org.slf4j.Logger)
Collection(java.util.Collection)
GeoLocationRequest(org.apereo.cas.authentication.adaptive.geo.GeoLocationRequest)
LoggerFactory(org.slf4j.LoggerFactory)
GeoLocationService(org.apereo.cas.authentication.adaptive.geo.GeoLocationService)
Autowired(org.springframework.beans.factory.annotation.Autowired)
RegisteredService(org.apereo.cas.services.RegisteredService)
BigDecimal(java.math.BigDecimal)
GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Authentication(org.apereo.cas.authentication.Authentication)
ClientInfoHolder(org.apereo.inspektr.common.web.ClientInfoHolder)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
WebUtils(org.apereo.cas.web.support.WebUtils)
CasEvent(org.apereo.cas.support.events.dao.CasEvent)
GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)
GeoLocationRequest(org.apereo.cas.authentication.adaptive.geo.GeoLocationRequest)
Aggregations
GeoLocationResponse (org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)6
GeoLocationRequest (org.apereo.cas.authentication.adaptive.geo.GeoLocationRequest)2
Logger (org.slf4j.Logger)2
LoggerFactory (org.slf4j.LoggerFactory)2
GaeRequestHandler (com.google.maps.GaeRequestHandler)1
GeoApiContext (com.google.maps.GeoApiContext)1
GeocodingApi (com.google.maps.GeocodingApi)1
GeocodingResult (com.google.maps.model.GeocodingResult)1
LatLng (com.google.maps.model.LatLng)1
AddressNotFoundException (com.maxmind.geoip2.exception.AddressNotFoundException)1
CityResponse (com.maxmind.geoip2.model.CityResponse)1
CountryResponse (com.maxmind.geoip2.model.CountryResponse)1
UserInfo (io.userinfo.client.UserInfo)1
Info (io.userinfo.client.model.Info)1
BigDecimal (java.math.BigDecimal)1
InetAddress (java.net.InetAddress)1
Arrays (java.util.Arrays)1
Collection (java.util.Collection)1
TimeUnit (java.util.concurrent.TimeUnit)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
