Example 1 with Http
use of com.duosecurity.client.Http in project cas by apereo.
the class BaseDuoAuthenticationService method buildHttpPostUserPreAuthRequest.
/**
* Build http post get user auth request.
*
* @param username the username
* @return the http
*/
protected Http buildHttpPostUserPreAuthRequest(final String username) {
final Http usersRequest = new Http(HttpMethod.POST.name(), duoProperties.getDuoApiHost(), String.format("/auth/v%s/preauth", AUTH_API_VERSION));
usersRequest.addParam("username", username);
return usersRequest;
}
Also used :
Http(com.duosecurity.client.Http)
Example 2 with Http
use of com.duosecurity.client.Http in project cas by apereo.
the class BaseDuoSecurityAuthenticationService method getDuoUserAccount.
@Override
public DuoUserAccount getDuoUserAccount(final String username) {
final DuoUserAccount account = new DuoUserAccount(username);
account.setStatus(DuoUserAccountAuthStatus.AUTH);
try {
final Http userRequest = buildHttpPostUserPreAuthRequest(username);
signHttpUserPreAuthRequest(userRequest);
LOGGER.debug("Contacting Duo to inquire about username [{}]", username);
final String userResponse = userRequest.executeHttpRequest().body().string();
final String jsonResponse = URLDecoder.decode(userResponse, StandardCharsets.UTF_8.name());
LOGGER.debug("Received Duo admin response [{}]", jsonResponse);
final JsonNode result = MAPPER.readTree(jsonResponse);
if (result.has(RESULT_KEY_RESPONSE) && result.has(RESULT_KEY_STAT) && result.get(RESULT_KEY_STAT).asText().equalsIgnoreCase("OK")) {
final JsonNode response = result.get(RESULT_KEY_RESPONSE);
final String authResult = response.get(RESULT_KEY_RESULT).asText().toUpperCase();
final DuoUserAccountAuthStatus status = DuoUserAccountAuthStatus.valueOf(authResult);
account.setStatus(status);
account.setMessage(response.get(RESULT_KEY_STATUS_MESSAGE).asText());
if (status == DuoUserAccountAuthStatus.ENROLL) {
final String enrollUrl = response.get(RESULT_KEY_ENROLL_PORTAL_URL).asText();
account.setEnrollPortalUrl(enrollUrl);
}
}
} catch (final Exception e) {
LOGGER.warn("Reaching Duo has failed with error: [{}]", e.getMessage(), e);
}
return account;
}
Also used :
DuoUserAccount(org.apereo.cas.adaptors.duo.DuoUserAccount)
Http(com.duosecurity.client.Http)
JsonNode(com.fasterxml.jackson.databind.JsonNode)
DuoUserAccountAuthStatus(org.apereo.cas.adaptors.duo.DuoUserAccountAuthStatus)
Example 3 with Http
use of com.duosecurity.client.Http in project cas by apereo.
the class BasicDuoSecurityAuthenticationService method authenticateDuoCredentialDirect.
private Pair<Boolean, String> authenticateDuoCredentialDirect(final Credential crds) {
try {
final DuoDirectCredential credential = DuoDirectCredential.class.cast(crds);
final Principal p = credential.getAuthentication().getPrincipal();
final Http request = buildHttpPostAuthRequest();
signHttpAuthRequest(request, p.getId());
final JSONObject result = (JSONObject) request.executeRequest();
LOGGER.debug("Duo authentication response: [{}]", result);
if ("allow".equalsIgnoreCase(result.getString("result"))) {
return Pair.of(Boolean.TRUE, crds.getId());
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return Pair.of(Boolean.FALSE, crds.getId());
}
Also used :
JSONObject(org.json.JSONObject)
Http(com.duosecurity.client.Http)
Principal(org.apereo.cas.authentication.principal.Principal)
Example 4 with Http
use of com.duosecurity.client.Http in project cas by apereo.
the class BaseDuoSecurityAuthenticationService method buildHttpRequest.
private Http buildHttpRequest(final String format) throws Exception {
val originalHost = SpringExpressionLanguageValueResolver.getInstance().resolve(properties.getDuoApiHost());
val request = new Http.HttpBuilder(HttpMethod.POST.name(), new URI("https://" + originalHost).getHost(), String.format(format, AUTH_API_VERSION)).build();
val hostField = ReflectionUtils.findField(request.getClass(), "host");
ReflectionUtils.makeAccessible(Objects.requireNonNull(hostField));
ReflectionUtils.setField(hostField, request, originalHost);
return request;
}Example 5 with Http
use of com.duosecurity.client.Http in project cas by apereo.
the class BasicDuoSecurityAuthenticationServiceTests method verifyGetAccountAuth.
@Test
public void verifyGetAccountAuth() {
val props = casProperties.getAuthn().getMfa().getDuo().get(0);
val service = new BasicDuoSecurityAuthenticationService(props, httpClient, List.of(MultifactorAuthenticationPrincipalResolver.identical()), Caffeine.newBuilder().build()) {
private static final long serialVersionUID = 6245462449489284549L;
@Override
protected String getHttpResponse(final Http userRequest) throws Exception {
return MAPPER.writeValueAsString(Map.of("stat", "FAIL", "code", "1000"));
}
};
assertEquals(DuoSecurityUserAccountStatus.AUTH, service.getUserAccount("casuser").getStatus());
}
Also used :
lombok.val(lombok.val)
Http(com.duosecurity.client.Http)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Aggregations
Http (com.duosecurity.client.Http)11
lombok.val (lombok.val)6
Test (org.junit.jupiter.api.Test)5
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)5
JSONObject (org.json.JSONObject)3
JsonNode (com.fasterxml.jackson.databind.JsonNode)2
Principal (org.apereo.cas.authentication.principal.Principal)2
URI (java.net.URI)1
DuoUserAccount (org.apereo.cas.adaptors.duo.DuoUserAccount)1
DuoUserAccountAuthStatus (org.apereo.cas.adaptors.duo.DuoUserAccountAuthStatus)1
DuoSecurityMultifactorAuthenticationProperties (org.apereo.cas.configuration.model.support.mfa.DuoSecurityMultifactorAuthenticationProperties)1
MockWebServer (org.apereo.cas.util.MockWebServer)1
