Search in sources :

Example 1 with WhitelistYubiKeyAccountRegistry

use of org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry in project cas by apereo.

the class YubiKeyAuthenticationHandlerTests method checkEncryptedAccount.

@Test
public void checkEncryptedAccount() {
    final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(new HashMap<>(), (uid, token) -> true);
    registry.setCipherExecutor(new YubikeyAccountCipherExecutor("1PbwSbnHeinpkZOSZjuSJ8yYpUrInm5aaV18J2Ar4rM", "szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dWxsOVGutZWgvmY3l5oVPO3w"));
    assertTrue(registry.registerAccountFor("encrypteduser", OTP));
    assertTrue(registry.isYubiKeyRegisteredFor("encrypteduser", registry.getAccountValidator().getTokenPublicId(OTP)));
}
Also used : WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry) Test(org.junit.Test)

Example 2 with WhitelistYubiKeyAccountRegistry

use of org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry in project cas by apereo.

the class YubiKeyAuthenticationHandlerTests method checkAccountNotFound.

@Test
public void checkAccountNotFound() throws Exception {
    final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(new HashMap<>(), new DefaultYubiKeyAccountValidator(YubicoClient.getClient(CLIENT_ID, SECRET_KEY)));
    registry.setCipherExecutor(CipherExecutor.noOpOfSerializableToString());
    final YubiKeyAuthenticationHandler handler = new YubiKeyAuthenticationHandler(StringUtils.EMPTY, null, new DefaultPrincipalFactory(), YubicoClient.getClient(CLIENT_ID, SECRET_KEY), registry);
    this.thrown.expect(AccountNotFoundException.class);
    handler.authenticate(new YubiKeyCredential(OTP));
}
Also used : WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry) DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory) Test(org.junit.Test)

Example 3 with WhitelistYubiKeyAccountRegistry

use of org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry in project cas by apereo.

the class YubiKeyAuthenticationEventExecutionPlanConfiguration method yubiKeyAccountRegistry.

@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "yubiKeyAccountRegistry")
public YubiKeyAccountRegistry yubiKeyAccountRegistry() {
    final YubiKeyMultifactorProperties yubi = casProperties.getAuthn().getMfa().getYubikey();
    if (yubi.getJsonFile() != null) {
        LOGGER.debug("Using JSON resource [{}] as the YubiKey account registry", yubi.getJsonFile());
        final JsonYubiKeyAccountRegistry registry = new JsonYubiKeyAccountRegistry(yubi.getJsonFile(), yubiKeyAccountValidator());
        registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
        return registry;
    }
    if (yubi.getAllowedDevices() != null) {
        LOGGER.debug("Using statically-defined devices for [{}] as the YubiKey account registry", yubi.getAllowedDevices().keySet());
        final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(yubi.getAllowedDevices(), yubiKeyAccountValidator());
        registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
        return registry;
    }
    LOGGER.warn("All credentials are considered eligible for YubiKey authentication. " + "Consider providing an account registry implementation via [{}]", YubiKeyAccountRegistry.class.getName());
    final OpenYubiKeyAccountRegistry registry = new OpenYubiKeyAccountRegistry(new DefaultYubiKeyAccountValidator(yubicoClient()));
    registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
    return registry;
}
Also used : OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry) YubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry) OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry) WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry) JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry) YubiKeyMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties) WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry) DefaultYubiKeyAccountValidator(org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator) JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

WhitelistYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)3 Test (org.junit.Test)2 DefaultYubiKeyAccountValidator (org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator)1 YubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry)1 JsonYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)1 OpenYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)1 DefaultPrincipalFactory (org.apereo.cas.authentication.principal.DefaultPrincipalFactory)1 YubiKeyMultifactorProperties (org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)1 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)1 RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)1 Bean (org.springframework.context.annotation.Bean)1