Search in sources :

Example 1 with DefaultYubiKeyAccountValidator

use of org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator in project cas by apereo.

the class YubiKeyAuthenticationEventExecutionPlanConfiguration method yubiKeyAccountRegistry.

@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "yubiKeyAccountRegistry")
public YubiKeyAccountRegistry yubiKeyAccountRegistry() {
    final YubiKeyMultifactorProperties yubi = casProperties.getAuthn().getMfa().getYubikey();
    if (yubi.getJsonFile() != null) {
        LOGGER.debug("Using JSON resource [{}] as the YubiKey account registry", yubi.getJsonFile());
        final JsonYubiKeyAccountRegistry registry = new JsonYubiKeyAccountRegistry(yubi.getJsonFile(), yubiKeyAccountValidator());
        registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
        return registry;
    }
    if (yubi.getAllowedDevices() != null) {
        LOGGER.debug("Using statically-defined devices for [{}] as the YubiKey account registry", yubi.getAllowedDevices().keySet());
        final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(yubi.getAllowedDevices(), yubiKeyAccountValidator());
        registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
        return registry;
    }
    LOGGER.warn("All credentials are considered eligible for YubiKey authentication. " + "Consider providing an account registry implementation via [{}]", YubiKeyAccountRegistry.class.getName());
    final OpenYubiKeyAccountRegistry registry = new OpenYubiKeyAccountRegistry(new DefaultYubiKeyAccountValidator(yubicoClient()));
    registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
    return registry;
}
Also used : OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry) YubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry) OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry) WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry) JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry) YubiKeyMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties) WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry) DefaultYubiKeyAccountValidator(org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator) JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

DefaultYubiKeyAccountValidator (org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator)1 YubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry)1 JsonYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)1 OpenYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)1 WhitelistYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)1 YubiKeyMultifactorProperties (org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)1 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)1 RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)1 Bean (org.springframework.context.annotation.Bean)1