Example 1 with VerificationResponse
use of com.yubico.client.v2.VerificationResponse in project cas by apereo.
the class YubiKeyAuthenticationHandler method doAuthentication.
@Override
protected HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
final YubiKeyCredential yubiKeyCredential = (YubiKeyCredential) credential;
final String otp = yubiKeyCredential.getToken();
if (!YubicoClient.isValidOTPFormat(otp)) {
LOGGER.debug("Invalid OTP format [{}]", otp);
throw new AccountNotFoundException("OTP format is invalid");
}
final RequestContext context = RequestContextHolder.getRequestContext();
final String uid = WebUtils.getAuthentication(context).getPrincipal().getId();
final String publicId = YubicoClient.getPublicId(otp);
if (this.registry != null && !this.registry.isYubiKeyRegisteredFor(uid, publicId)) {
LOGGER.debug("YubiKey public id [{}] is not registered for user [{}]", publicId, uid);
throw new AccountNotFoundException("YubiKey id is not recognized in registry");
}
try {
final VerificationResponse response = this.client.verify(otp);
final ResponseStatus status = response.getStatus();
if (status.compareTo(ResponseStatus.OK) == 0) {
LOGGER.debug("YubiKey response status [{}] at [{}]", status, response.getTimestamp());
return createHandlerResult(yubiKeyCredential, this.principalFactory.createPrincipal(uid), null);
}
throw new FailedLoginException("Authentication failed with status: " + status);
} catch (final YubicoVerificationException | YubicoValidationFailure e) {
LOGGER.error(e.getMessage(), e);
throw new FailedLoginException("YubiKey validation failed: " + e.getMessage());
}
}
Also used :
VerificationResponse(com.yubico.client.v2.VerificationResponse)
FailedLoginException(javax.security.auth.login.FailedLoginException)
ResponseStatus(com.yubico.client.v2.ResponseStatus)
RequestContext(org.springframework.webflow.execution.RequestContext)
AccountNotFoundException(javax.security.auth.login.AccountNotFoundException)
YubicoValidationFailure(com.yubico.client.v2.exceptions.YubicoValidationFailure)
YubicoVerificationException(com.yubico.client.v2.exceptions.YubicoVerificationException)
Aggregations
ResponseStatus (com.yubico.client.v2.ResponseStatus)1
VerificationResponse (com.yubico.client.v2.VerificationResponse)1
YubicoValidationFailure (com.yubico.client.v2.exceptions.YubicoValidationFailure)1
YubicoVerificationException (com.yubico.client.v2.exceptions.YubicoVerificationException)1
AccountNotFoundException (javax.security.auth.login.AccountNotFoundException)1
FailedLoginException (javax.security.auth.login.FailedLoginException)1
RequestContext (org.springframework.webflow.execution.RequestContext)1
