Examples with Audit - org.apereo.inspektr.audit.annotation.Audit

Example 31 with Audit

use of org.apereo.inspektr.audit.annotation.Audit in project cas by apereo.

the class RegisteredServiceDelegatedAuthenticationPolicyAuditableEnforcer method execute.

@Audit(action = AuditableActions.DELEGATED_CLIENT, actionResolverName = AuditActionResolvers.DELEGATED_CLIENT_ACTION_RESOLVER, resourceResolverName = AuditResourceResolvers.DELEGATED_CLIENT_RESOURCE_RESOLVER)
@Override
public AuditableExecutionResult execute(final AuditableContext context) {
    val result = AuditableExecutionResult.of(context);
    if (context.getRegisteredService().isPresent() && context.getProperties().containsKey(Client.class.getSimpleName())) {
        val registeredService = context.getRegisteredService().orElseThrow();
        val clientName = context.getProperties().get(Client.class.getSimpleName()).toString();
        LOGGER.trace("Checking delegated access strategy of [{}] for client [{}]", registeredService, clientName);
        val policy = registeredService.getAccessStrategy().getDelegatedAuthenticationPolicy();
        if (policy != null) {
            if (!policy.isProviderAllowed(clientName, registeredService)) {
                LOGGER.debug("Delegated access strategy for [{}] does not permit client [{}]", registeredService, clientName);
                val e = new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, StringUtils.EMPTY);
                result.setException(e);
            }
        }
    }
    return result;
}

Also used : lombok.val(lombok.val) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) Audit(org.apereo.inspektr.audit.annotation.Audit)

Aggregations

Audit (org.apereo.inspektr.audit.annotation.Audit)31 lombok.val (lombok.val)21 Counted (com.codahale.metrics.annotation.Counted)4 Metered (com.codahale.metrics.annotation.Metered)4 Timed (com.codahale.metrics.annotation.Timed)4 Principal (org.apereo.cas.authentication.principal.Principal)4 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)4 HashMap (java.util.HashMap)3 AuditActionResolvers (org.apereo.cas.audit.AuditActionResolvers)3 AuditResourceResolvers (org.apereo.cas.audit.AuditResourceResolvers)3 AuditableActions (org.apereo.cas.audit.AuditableActions)3 UnresolvedPrincipalException (org.apereo.cas.authentication.exceptions.UnresolvedPrincipalException)3 NullPrincipal (org.apereo.cas.authentication.principal.NullPrincipal)3 ServiceContext (org.apereo.cas.services.ServiceContext)3 InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)3 RequiredArgsConstructor (lombok.RequiredArgsConstructor)2 AuditableContext (org.apereo.cas.audit.AuditableContext)2 AuditableExecutionResult (org.apereo.cas.audit.AuditableExecutionResult)2 UsernamePasswordCredential (org.apereo.cas.authentication.UsernamePasswordCredential)2 UnauthorizedProxyingException (org.apereo.cas.services.UnauthorizedProxyingException)2