use of com.duosecurity.client.Http in project cas by apereo.
the class BaseDuoAuthenticationService method buildHttpPostUserPreAuthRequest.
/**
* Build http post get user auth request.
*
* @param username the username
* @return the http
*/
protected Http buildHttpPostUserPreAuthRequest(final String username) {
final Http usersRequest = new Http(HttpMethod.POST.name(), duoProperties.getDuoApiHost(), String.format("/auth/v%s/preauth", AUTH_API_VERSION));
usersRequest.addParam("username", username);
return usersRequest;
}
use of com.duosecurity.client.Http in project cas by apereo.
the class BaseDuoSecurityAuthenticationService method getDuoUserAccount.
@Override
public DuoUserAccount getDuoUserAccount(final String username) {
final DuoUserAccount account = new DuoUserAccount(username);
account.setStatus(DuoUserAccountAuthStatus.AUTH);
try {
final Http userRequest = buildHttpPostUserPreAuthRequest(username);
signHttpUserPreAuthRequest(userRequest);
LOGGER.debug("Contacting Duo to inquire about username [{}]", username);
final String userResponse = userRequest.executeHttpRequest().body().string();
final String jsonResponse = URLDecoder.decode(userResponse, StandardCharsets.UTF_8.name());
LOGGER.debug("Received Duo admin response [{}]", jsonResponse);
final JsonNode result = MAPPER.readTree(jsonResponse);
if (result.has(RESULT_KEY_RESPONSE) && result.has(RESULT_KEY_STAT) && result.get(RESULT_KEY_STAT).asText().equalsIgnoreCase("OK")) {
final JsonNode response = result.get(RESULT_KEY_RESPONSE);
final String authResult = response.get(RESULT_KEY_RESULT).asText().toUpperCase();
final DuoUserAccountAuthStatus status = DuoUserAccountAuthStatus.valueOf(authResult);
account.setStatus(status);
account.setMessage(response.get(RESULT_KEY_STATUS_MESSAGE).asText());
if (status == DuoUserAccountAuthStatus.ENROLL) {
final String enrollUrl = response.get(RESULT_KEY_ENROLL_PORTAL_URL).asText();
account.setEnrollPortalUrl(enrollUrl);
}
}
} catch (final Exception e) {
LOGGER.warn("Reaching Duo has failed with error: [{}]", e.getMessage(), e);
}
return account;
}
use of com.duosecurity.client.Http in project cas by apereo.
the class BasicDuoSecurityAuthenticationService method authenticateDuoCredentialDirect.
private Pair<Boolean, String> authenticateDuoCredentialDirect(final Credential crds) {
try {
final DuoDirectCredential credential = DuoDirectCredential.class.cast(crds);
final Principal p = credential.getAuthentication().getPrincipal();
final Http request = buildHttpPostAuthRequest();
signHttpAuthRequest(request, p.getId());
final JSONObject result = (JSONObject) request.executeRequest();
LOGGER.debug("Duo authentication response: [{}]", result);
if ("allow".equalsIgnoreCase(result.getString("result"))) {
return Pair.of(Boolean.TRUE, crds.getId());
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return Pair.of(Boolean.FALSE, crds.getId());
}
use of com.duosecurity.client.Http in project cas by apereo.
the class BaseDuoSecurityAuthenticationService method buildHttpRequest.
private Http buildHttpRequest(final String format) throws Exception {
val originalHost = SpringExpressionLanguageValueResolver.getInstance().resolve(properties.getDuoApiHost());
val request = new Http.HttpBuilder(HttpMethod.POST.name(), new URI("https://" + originalHost).getHost(), String.format(format, AUTH_API_VERSION)).build();
val hostField = ReflectionUtils.findField(request.getClass(), "host");
ReflectionUtils.makeAccessible(Objects.requireNonNull(hostField));
ReflectionUtils.setField(hostField, request, originalHost);
return request;
}
use of com.duosecurity.client.Http in project cas by apereo.
the class BasicDuoSecurityAuthenticationServiceTests method verifyGetAccountAuth.
@Test
public void verifyGetAccountAuth() {
val props = casProperties.getAuthn().getMfa().getDuo().get(0);
val service = new BasicDuoSecurityAuthenticationService(props, httpClient, List.of(MultifactorAuthenticationPrincipalResolver.identical()), Caffeine.newBuilder().build()) {
private static final long serialVersionUID = 6245462449489284549L;
@Override
protected String getHttpResponse(final Http userRequest) throws Exception {
return MAPPER.writeValueAsString(Map.of("stat", "FAIL", "code", "1000"));
}
};
assertEquals(DuoSecurityUserAccountStatus.AUTH, service.getUserAccount("casuser").getStatus());
}
Aggregations