Search in sources :

Example 1 with DuoSecurityPasscodeCredential

use of org.apereo.cas.adaptors.duo.authn.DuoSecurityPasscodeCredential in project cas by apereo.

the class DuoSecurityRestHttpRequestCredentialFactory method fromRequest.

@Override
public List<Credential> fromRequest(final HttpServletRequest request, final MultiValueMap<String, String> requestBody) {
    if (requestBody == null || requestBody.isEmpty()) {
        LOGGER.debug("Skipping [{}] because the request body is null or empty", getClass().getSimpleName());
        return new ArrayList<>(0);
    }
    if (!requestBody.containsKey(RestHttpRequestCredentialFactory.PARAMETER_USERNAME) || !requestBody.containsKey(PARAMETER_NAME_PASSCODE)) {
        LOGGER.debug("No username or passcode provided");
        return new ArrayList<>(0);
    }
    val username = FunctionUtils.throwIfBlank(requestBody.getFirst(RestHttpRequestCredentialFactory.PARAMETER_USERNAME));
    val token = FunctionUtils.throwIfBlank(requestBody.getFirst(PARAMETER_NAME_PASSCODE));
    val providerId = StringUtils.defaultString(requestBody.getFirst(PARAMETER_NAME_PROVIDER), DuoSecurityMultifactorAuthenticationProperties.DEFAULT_IDENTIFIER);
    return CollectionUtils.wrap(new DuoSecurityPasscodeCredential(username, token, providerId));
}
Also used : lombok.val(lombok.val) ArrayList(java.util.ArrayList) DuoSecurityPasscodeCredential(org.apereo.cas.adaptors.duo.authn.DuoSecurityPasscodeCredential)

Example 2 with DuoSecurityPasscodeCredential

use of org.apereo.cas.adaptors.duo.authn.DuoSecurityPasscodeCredential in project cas by apereo.

the class DuoSecurityRestHttpRequestCredentialFactoryTests method verifyOperation.

@Test
public void verifyOperation() {
    val factory = new DuoSecurityRestHttpRequestCredentialFactory();
    val request = new MockHttpServletRequest();
    val body = new LinkedMultiValueMap<String, String>();
    assertTrue(factory.fromRequest(request, body).isEmpty());
    body.put(RestHttpRequestCredentialFactory.PARAMETER_USERNAME, List.of("user"));
    assertTrue(factory.fromRequest(request, body).isEmpty());
    body.put(DuoSecurityRestHttpRequestCredentialFactory.PARAMETER_NAME_PASSCODE, List.of("123456"));
    body.put(DuoSecurityRestHttpRequestCredentialFactory.PARAMETER_NAME_PROVIDER, List.of("custom-duo"));
    var credentials = factory.fromRequest(request, body);
    assertFalse(credentials.isEmpty());
    var credential = (DuoSecurityPasscodeCredential) credentials.get(0);
    assertEquals(credential.getProviderId(), "custom-duo");
    credentials = factory.fromAuthentication(request, body, CoreAuthenticationTestUtils.getAuthentication(), new TestMultifactorAuthenticationProvider());
    val directCredential = (DuoSecurityDirectCredential) credentials.get(0);
    assertEquals(TestMultifactorAuthenticationProvider.ID, directCredential.getProviderId());
    assertNotNull(directCredential.getPrincipal());
}
Also used : lombok.val(lombok.val) TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) DuoSecurityDirectCredential(org.apereo.cas.adaptors.duo.authn.DuoSecurityDirectCredential) DuoSecurityPasscodeCredential(org.apereo.cas.adaptors.duo.authn.DuoSecurityPasscodeCredential) Test(org.junit.jupiter.api.Test)

Aggregations

lombok.val (lombok.val)2 DuoSecurityPasscodeCredential (org.apereo.cas.adaptors.duo.authn.DuoSecurityPasscodeCredential)2 ArrayList (java.util.ArrayList)1 DuoSecurityDirectCredential (org.apereo.cas.adaptors.duo.authn.DuoSecurityDirectCredential)1 TestMultifactorAuthenticationProvider (org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider)1 Test (org.junit.jupiter.api.Test)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)1