Example 1 with WhitelistYubiKeyAccountRegistry
use of org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry in project cas by apereo.
the class YubiKeyAuthenticationHandlerTests method checkEncryptedAccount.
@Test
public void checkEncryptedAccount() {
final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(new HashMap<>(), (uid, token) -> true);
registry.setCipherExecutor(new YubikeyAccountCipherExecutor("1PbwSbnHeinpkZOSZjuSJ8yYpUrInm5aaV18J2Ar4rM", "szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dWxsOVGutZWgvmY3l5oVPO3w"));
assertTrue(registry.registerAccountFor("encrypteduser", OTP));
assertTrue(registry.isYubiKeyRegisteredFor("encrypteduser", registry.getAccountValidator().getTokenPublicId(OTP)));
}
Also used :
WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)
Test(org.junit.Test)
Example 2 with WhitelistYubiKeyAccountRegistry
use of org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry in project cas by apereo.
the class YubiKeyAuthenticationHandlerTests method checkAccountNotFound.
@Test
public void checkAccountNotFound() throws Exception {
final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(new HashMap<>(), new DefaultYubiKeyAccountValidator(YubicoClient.getClient(CLIENT_ID, SECRET_KEY)));
registry.setCipherExecutor(CipherExecutor.noOpOfSerializableToString());
final YubiKeyAuthenticationHandler handler = new YubiKeyAuthenticationHandler(StringUtils.EMPTY, null, new DefaultPrincipalFactory(), YubicoClient.getClient(CLIENT_ID, SECRET_KEY), registry);
this.thrown.expect(AccountNotFoundException.class);
handler.authenticate(new YubiKeyCredential(OTP));
}
Also used :
WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)
DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory)
Test(org.junit.Test)
Example 3 with WhitelistYubiKeyAccountRegistry
use of org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry in project cas by apereo.
the class YubiKeyAuthenticationEventExecutionPlanConfiguration method yubiKeyAccountRegistry.
@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "yubiKeyAccountRegistry")
public YubiKeyAccountRegistry yubiKeyAccountRegistry() {
final YubiKeyMultifactorProperties yubi = casProperties.getAuthn().getMfa().getYubikey();
if (yubi.getJsonFile() != null) {
LOGGER.debug("Using JSON resource [{}] as the YubiKey account registry", yubi.getJsonFile());
final JsonYubiKeyAccountRegistry registry = new JsonYubiKeyAccountRegistry(yubi.getJsonFile(), yubiKeyAccountValidator());
registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
return registry;
}
if (yubi.getAllowedDevices() != null) {
LOGGER.debug("Using statically-defined devices for [{}] as the YubiKey account registry", yubi.getAllowedDevices().keySet());
final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(yubi.getAllowedDevices(), yubiKeyAccountValidator());
registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
return registry;
}
LOGGER.warn("All credentials are considered eligible for YubiKey authentication. " + "Consider providing an account registry implementation via [{}]", YubiKeyAccountRegistry.class.getName());
final OpenYubiKeyAccountRegistry registry = new OpenYubiKeyAccountRegistry(new DefaultYubiKeyAccountValidator(yubicoClient()));
registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
return registry;
}
Also used :
OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)
YubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry)
OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)
WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)
JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)
YubiKeyMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)
WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)
DefaultYubiKeyAccountValidator(org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator)
JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Aggregations
WhitelistYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)3
Test (org.junit.Test)2
DefaultYubiKeyAccountValidator (org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator)1
YubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry)1
JsonYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)1
OpenYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)1
DefaultPrincipalFactory (org.apereo.cas.authentication.principal.DefaultPrincipalFactory)1
YubiKeyMultifactorProperties (org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)1
ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)1
RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)1
Bean (org.springframework.context.annotation.Bean)1
