use of org.apereo.cas.adaptors.gauth.repository.token.GoogleAuthenticatorToken in project cas by apereo.
the class GoogleAuthenticatorAuthenticationHandler method doAuthentication.
@Override
protected HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
final GoogleAuthenticatorTokenCredential tokenCredential = (GoogleAuthenticatorTokenCredential) credential;
if (!NumberUtils.isCreatable(tokenCredential.getToken())) {
throw new PreventedException("Invalid non-numeric OTP format specified.", new IllegalArgumentException("Invalid token " + tokenCredential.getToken()));
}
final int otp = Integer.parseInt(tokenCredential.getToken());
LOGGER.debug("Received OTP [{}]", otp);
final RequestContext context = RequestContextHolder.getRequestContext();
if (context == null) {
new IllegalArgumentException("No request context could be found to locate an authentication event");
}
final Authentication authentication = WebUtils.getAuthentication(context);
if (authentication == null) {
new IllegalArgumentException("Request context has no reference to an authentication event to locate a principal");
}
final String uid = authentication.getPrincipal().getId();
LOGGER.debug("Received principal id [{}]", uid);
final String secKey = this.credentialRepository.getSecret(uid);
if (StringUtils.isBlank(secKey)) {
throw new AccountNotFoundException(uid + " cannot be found in the registry");
}
if (this.tokenRepository.exists(uid, otp)) {
throw new AccountExpiredException(uid + " cannot reuse OTP " + otp + " as it may be expired/invalid");
}
final boolean isCodeValid = this.googleAuthenticatorInstance.authorize(secKey, otp);
if (isCodeValid) {
this.tokenRepository.store(new GoogleAuthenticatorToken(otp, uid));
return createHandlerResult(tokenCredential, this.principalFactory.createPrincipal(uid), null);
}
throw new FailedLoginException("Failed to authenticate code " + otp);
}
use of org.apereo.cas.adaptors.gauth.repository.token.GoogleAuthenticatorToken in project cas by apereo.
the class MongoDbGoogleAuthenticatorTokenRepository method exists.
@Override
public boolean exists(final String uid, final Integer otp) {
try {
final Query query = new Query();
query.addCriteria(Criteria.where("userId").is(uid).and("token").is(otp));
final GoogleAuthenticatorToken r = this.mongoTemplate.findOne(query, GoogleAuthenticatorToken.class, this.collectionName);
return r != null;
} catch (final NoResultException e) {
LOGGER.debug("No record could be found for google authenticator id [{}]", uid);
}
return false;
}
Aggregations