Examples with RegisteredService org.apereo.cas.services.RegisteredService used on opensource projects

Search in sources :

Example 51 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class OidcAuthenticationContextWebflowEventEventResolver method resolveInternal.

@Override
public Set<Event> resolveInternal(final RequestContext context) {
    final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
    final Authentication authentication = WebUtils.getAuthentication(context);
    final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
    if (service == null || authentication == null) {
        LOGGER.debug("No service or authentication is available to determine event for principal");
        return null;
    }
    String acr = request.getParameter(OAuth20Constants.ACR_VALUES);
    if (StringUtils.isBlank(acr)) {
        final URIBuilder builderContext = new URIBuilder(StringUtils.trimToEmpty(context.getFlowExecutionUrl()));
        final Optional<URIBuilder.BasicNameValuePair> parameter = builderContext.getQueryParams().stream().filter(p -> p.getName().equals(OAuth20Constants.ACR_VALUES)).findFirst();
        if (parameter.isPresent()) {
            acr = parameter.get().getValue();
        }
    }
    if (StringUtils.isBlank(acr)) {
        LOGGER.debug("No ACR provided in the authentication request");
        return null;
    }
    final Set<String> values = org.springframework.util.StringUtils.commaDelimitedListToSet(acr);
    if (values.isEmpty()) {
        LOGGER.debug("No ACR provided in the authentication request");
        return null;
    }
    final Map<String, MultifactorAuthenticationProvider> providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
    if (providerMap == null || providerMap.isEmpty()) {
        LOGGER.error("No multifactor authentication providers are available in the application context to handle [{}]", values);
        throw new AuthenticationException();
    }
    final Collection<MultifactorAuthenticationProvider> flattenedProviders = flattenProviders(providerMap.values());
    final Optional<MultifactorAuthenticationProvider> provider = flattenedProviders.stream().filter(v -> values.contains(v.getId())).findAny();
    if (provider.isPresent()) {
        return CollectionUtils.wrapSet(new Event(this, provider.get().getId()));
    }
    LOGGER.warn("The requested authentication class [{}] cannot be satisfied by any of the MFA providers available", values);
    throw new AuthenticationException();
}
Also used : MultifactorAuthenticationProviderSelector(org.apereo.cas.services.MultifactorAuthenticationProviderSelector) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) TicketRegistrySupport(org.apereo.cas.ticket.registry.TicketRegistrySupport) URIBuilder(org.jasig.cas.client.util.URIBuilder) StringUtils(org.apache.commons.lang3.StringUtils) RequestContext(org.springframework.webflow.execution.RequestContext) HttpServletRequest(javax.servlet.http.HttpServletRequest) Authentication(org.apereo.cas.authentication.Authentication) Map(java.util.Map) CollectionUtils(org.apereo.cas.util.CollectionUtils) AuthenticationSystemSupport(org.apereo.cas.authentication.AuthenticationSystemSupport) MultifactorAuthenticationUtils(org.apereo.cas.authentication.MultifactorAuthenticationUtils) CookieGenerator(org.springframework.web.util.CookieGenerator) ServicesManager(org.apereo.cas.services.ServicesManager) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider) OAuth20Constants(org.apereo.cas.support.oauth.OAuth20Constants) Collection(java.util.Collection) AuthenticationServiceSelectionPlan(org.apereo.cas.authentication.AuthenticationServiceSelectionPlan) Set(java.util.Set) RegisteredService(org.apereo.cas.services.RegisteredService) BaseMultifactorAuthenticationProviderEventResolver(org.apereo.cas.web.flow.authentication.BaseMultifactorAuthenticationProviderEventResolver) Slf4j(lombok.extern.slf4j.Slf4j) Optional(java.util.Optional) WebUtils(org.apereo.cas.web.support.WebUtils) Event(org.springframework.webflow.execution.Event) RegisteredService(org.apereo.cas.services.RegisteredService) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider) URIBuilder(org.jasig.cas.client.util.URIBuilder) HttpServletRequest(javax.servlet.http.HttpServletRequest) Authentication(org.apereo.cas.authentication.Authentication) Event(org.springframework.webflow.execution.Event)

Example 52 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class OidcRegisteredServiceUIAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    Service service = WebUtils.getService(requestContext);
    if (service != null) {
        service = serviceSelectionStrategy.resolveServiceFrom(service);
        final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
        RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService);
        if (registeredService instanceof OidcRegisteredService) {
            final OidcRegisteredService oauthService = OidcRegisteredService.class.cast(registeredService);
            WebUtils.putServiceUserInterfaceMetadata(requestContext, new DefaultRegisteredServiceUserInterfaceInfo(oauthService));
        }
    }
    return success();
}
Also used : RegisteredService(org.apereo.cas.services.RegisteredService) OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService) OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService) Service(org.apereo.cas.authentication.principal.Service) DefaultRegisteredServiceUserInterfaceInfo(org.apereo.cas.web.flow.services.DefaultRegisteredServiceUserInterfaceInfo)

Example 53 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class CasServerProfileRegistrar method locateRegisteredServiceTypesSupported.

private Map<String, Class> locateRegisteredServiceTypesSupported() {
    final Function<Class, Object> mapper = c -> {
        try {
            return (RegisteredService) c.getDeclaredConstructor().newInstance();
        } catch (final Exception e) {
            return null;
        }
    };
    final Collector collector = Collectors.toMap(RegisteredService::getFriendlyName, RegisteredService::getClass);
    return (Map) locateSubtypesByReflection(mapper, collector, AbstractRegisteredService.class, Predicates.alwaysTrue(), CentralAuthenticationService.NAMESPACE);
}
Also used : CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) Setter(lombok.Setter) RequiredArgsConstructor(lombok.RequiredArgsConstructor) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) Reflections(org.reflections.Reflections) Function(java.util.function.Function) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) Pair(org.apache.commons.lang3.tuple.Pair) Clients(org.pac4j.core.client.Clients) Client(org.pac4j.core.client.Client) Map(java.util.Map) Predicates(com.google.common.base.Predicates) Collector(java.util.stream.Collector) MultifactorAuthenticationUtils(org.apereo.cas.authentication.MultifactorAuthenticationUtils) IndirectClient(org.pac4j.core.client.IndirectClient) VariegatedMultifactorAuthenticationProvider(org.apereo.cas.services.VariegatedMultifactorAuthenticationProvider) ConfigurationBuilder(org.reflections.util.ConfigurationBuilder) LinkedHashSet(java.util.LinkedHashSet) ServicesManager(org.apereo.cas.services.ServicesManager) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider) Predicate(java.util.function.Predicate) Set(java.util.Set) ApplicationContext(org.springframework.context.ApplicationContext) Collectors(java.util.stream.Collectors) AbstractMultifactorAuthenticationProvider(org.apereo.cas.authentication.AbstractMultifactorAuthenticationProvider) RegisteredService(org.apereo.cas.services.RegisteredService) ClasspathHelper(org.reflections.util.ClasspathHelper) SubTypesScanner(org.reflections.scanners.SubTypesScanner) Objects(java.util.Objects) Slf4j(lombok.extern.slf4j.Slf4j) Modifier(java.lang.reflect.Modifier) ApplicationContextAware(org.springframework.context.ApplicationContextAware) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) Collector(java.util.stream.Collector) AbstractRegisteredService(org.apereo.cas.services.AbstractRegisteredService) Map(java.util.Map)

Example 54 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class DateTimeAuthenticationRequestRiskCalculator method calculateScore.

@Override
protected BigDecimal calculateScore(final HttpServletRequest request, final Authentication authentication, final RegisteredService service, final Collection<CasEvent> events) {
    final ZonedDateTime timestamp = ZonedDateTime.now(ZoneOffset.UTC);
    LOGGER.debug("Filtering authentication events for timestamp [{}]", timestamp);
    final int hoursFromNow = timestamp.plusHours(windowInHours).getHour();
    final int hoursBeforeNow = timestamp.minusHours(windowInHours).getHour();
    final long count = events.stream().map(time -> {
        final Instant instant = ChronoZonedDateTime.from(time.getCreationTime()).toInstant();
        final ZonedDateTime zdt = ZonedDateTime.ofInstant(instant, ZoneOffset.UTC);
        return zdt.getHour();
    }).filter(hour -> hour <= hoursFromNow && hour >= hoursBeforeNow).count();
    LOGGER.debug("Total authentication events found for [{}] in a [{}]h window: [{}]", timestamp, windowInHours, count);
    if (count == events.size()) {
        LOGGER.debug("Principal [{}] has always authenticated from [{}]", authentication.getPrincipal(), timestamp);
        return LOWEST_RISK_SCORE;
    }
    return getFinalAveragedScore(count, events.size());
}
Also used : CasEventRepository(org.apereo.cas.support.events.CasEventRepository) BigDecimal(java.math.BigDecimal) Slf4j(lombok.extern.slf4j.Slf4j) HttpServletRequest(javax.servlet.http.HttpServletRequest) ChronoZonedDateTime(java.time.chrono.ChronoZonedDateTime) Authentication(org.apereo.cas.authentication.Authentication) ZonedDateTime(java.time.ZonedDateTime) Collection(java.util.Collection) ZoneOffset(java.time.ZoneOffset) Instant(java.time.Instant) RegisteredService(org.apereo.cas.services.RegisteredService) CasEvent(org.apereo.cas.support.events.dao.CasEvent) ChronoZonedDateTime(java.time.chrono.ChronoZonedDateTime) ZonedDateTime(java.time.ZonedDateTime) Instant(java.time.Instant)

Example 55 with RegisteredService

use of org.apereo.cas.services.RegisteredService in project cas by apereo.

the class DateTimeAuthenticationRequestRiskCalculatorTests method verifyTestWhenAuthnEventsFoundForUser.

@Test
public void verifyTestWhenAuthnEventsFoundForUser() {
    final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication("casuser");
    final RegisteredService service = RegisteredServiceTestUtils.getRegisteredService("test");
    final MockHttpServletRequest request = new MockHttpServletRequest();
    final AuthenticationRiskScore score = authenticationRiskEvaluator.eval(authentication, service, request);
    assertTrue(score.isLowestRisk());
}
Also used : AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore) RegisteredService(org.apereo.cas.services.RegisteredService) Authentication(org.apereo.cas.authentication.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.Test)

Aggregations

RegisteredService (org.apereo.cas.services.RegisteredService)182 Authentication (org.apereo.cas.authentication.Authentication)59 Service (org.apereo.cas.authentication.principal.Service)55 Test (org.junit.Test)49 Principal (org.apereo.cas.authentication.principal.Principal)36 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)31 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)29 RegexRegisteredService (org.apereo.cas.services.RegexRegisteredService)23 AbstractRegisteredService (org.apereo.cas.services.AbstractRegisteredService)21 MultifactorAuthenticationProvider (org.apereo.cas.services.MultifactorAuthenticationProvider)20 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)20 Event (org.springframework.webflow.execution.Event)20 ServicesManager (org.apereo.cas.services.ServicesManager)17 CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)15 AuthenticationException (org.apereo.cas.authentication.AuthenticationException)15 Map (java.util.Map)14 HttpServletRequest (javax.servlet.http.HttpServletRequest)14 Slf4j (lombok.extern.slf4j.Slf4j)14 Collection (java.util.Collection)13 HashMap (java.util.HashMap)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial