Search in sources :

Example 6 with AuthenticationRiskScore

use of org.apereo.cas.api.AuthenticationRiskScore in project cas by apereo.

the class IpAddressAuthenticationRequestRiskCalculatorTests method verifyTestWhenAuthnEventsFoundForUser.

@Test
public void verifyTestWhenAuthnEventsFoundForUser() {
    final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication("casuser");
    final RegisteredService service = RegisteredServiceTestUtils.getRegisteredService("test");
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("107.181.69.221");
    request.setLocalAddr("127.0.0.1");
    ClientInfoHolder.setClientInfo(new ClientInfo(request));
    final AuthenticationRiskScore score = authenticationRiskEvaluator.eval(authentication, service, request);
    assertTrue(score.isRiskGreaterThan(casProperties.getAuthn().getAdaptive().getRisk().getThreshold()));
}
Also used : AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore) RegisteredService(org.apereo.cas.services.RegisteredService) Authentication(org.apereo.cas.authentication.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ClientInfo(org.apereo.inspektr.common.web.ClientInfo) Test(org.junit.Test)

Example 7 with AuthenticationRiskScore

use of org.apereo.cas.api.AuthenticationRiskScore in project cas by apereo.

the class UserAgentAuthenticationRequestRiskCalculatorTests method verifyTestWhenAuthnEventsFoundForUser.

@Test
public void verifyTestWhenAuthnEventsFoundForUser() {
    final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication("casuser");
    final RegisteredService service = RegisteredServiceTestUtils.getRegisteredService("test");
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.addHeader(HttpRequestUtils.USER_AGENT_HEADER, "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)");
    request.setRemoteAddr("107.181.69.221");
    request.setLocalAddr("127.0.0.1");
    ClientInfoHolder.setClientInfo(new ClientInfo(request));
    final AuthenticationRiskScore score = authenticationRiskEvaluator.eval(authentication, service, request);
    assertTrue(score.isRiskGreaterThan(casProperties.getAuthn().getAdaptive().getRisk().getThreshold()));
}
Also used : AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore) RegisteredService(org.apereo.cas.services.RegisteredService) Authentication(org.apereo.cas.authentication.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ClientInfo(org.apereo.inspektr.common.web.ClientInfo) Test(org.junit.Test)

Example 8 with AuthenticationRiskScore

use of org.apereo.cas.api.AuthenticationRiskScore in project cas by apereo.

the class BaseAuthenticationRequestRiskCalculator method calculate.

@Override
public final AuthenticationRiskScore calculate(final Authentication authentication, final RegisteredService service, final HttpServletRequest request) {
    final Principal principal = authentication.getPrincipal();
    final Collection<CasEvent> events = getCasTicketGrantingTicketCreatedEventsFor(principal.getId());
    if (events.isEmpty()) {
        return new AuthenticationRiskScore(HIGHEST_RISK_SCORE);
    }
    final AuthenticationRiskScore score = new AuthenticationRiskScore(calculateScore(request, authentication, service, events));
    LOGGER.debug("Calculated authentication risk score by [{}] is [{}]", getClass().getSimpleName(), score);
    return score;
}
Also used : AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore) CasEvent(org.apereo.cas.support.events.dao.CasEvent) Principal(org.apereo.cas.authentication.principal.Principal)

Example 9 with AuthenticationRiskScore

use of org.apereo.cas.api.AuthenticationRiskScore in project cas by apereo.

the class DefaultAuthenticationRiskEvaluator method eval.

@Audit(action = "EVALUATE_RISKY_AUTHENTICATION", actionResolverName = "ADAPTIVE_RISKY_AUTHENTICATION_ACTION_RESOLVER", resourceResolverName = "ADAPTIVE_RISKY_AUTHENTICATION_RESOURCE_RESOLVER")
@Override
public AuthenticationRiskScore eval(final Authentication authentication, final RegisteredService service, final HttpServletRequest request) {
    if (this.calculators.isEmpty()) {
        return new AuthenticationRiskScore(AuthenticationRequestRiskCalculator.HIGHEST_RISK_SCORE);
    }
    final List<AuthenticationRiskScore> scores = new ArrayList<>();
    this.calculators.stream().forEach(r -> scores.add(r.calculate(authentication, service, request)));
    final BigDecimal sum = scores.stream().map(AuthenticationRiskScore::getScore).reduce(BigDecimal.ZERO, BigDecimal::add);
    final BigDecimal score = sum.divide(BigDecimal.valueOf(this.calculators.size()), 2, BigDecimal.ROUND_UP);
    return new AuthenticationRiskScore(score);
}
Also used : AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore) ArrayList(java.util.ArrayList) BigDecimal(java.math.BigDecimal) Audit(org.apereo.inspektr.audit.annotation.Audit)

Example 10 with AuthenticationRiskScore

use of org.apereo.cas.api.AuthenticationRiskScore in project cas by apereo.

the class GeoLocationAuthenticationRequestRiskCalculatorTests method verifyTestWhenNoAuthnEventsFoundForUser.

@Test
public void verifyTestWhenNoAuthnEventsFoundForUser() {
    final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication("geoperson");
    final RegisteredService service = RegisteredServiceTestUtils.getRegisteredService("test");
    final MockHttpServletRequest request = new MockHttpServletRequest();
    final AuthenticationRiskScore score = authenticationRiskEvaluator.eval(authentication, service, request);
    assertTrue(score.isHighestRisk());
}
Also used : AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore) RegisteredService(org.apereo.cas.services.RegisteredService) Authentication(org.apereo.cas.authentication.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.Test)

Aggregations

AuthenticationRiskScore (org.apereo.cas.api.AuthenticationRiskScore)11 Authentication (org.apereo.cas.authentication.Authentication)8 RegisteredService (org.apereo.cas.services.RegisteredService)8 Test (org.junit.Test)8 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)8 ClientInfo (org.apereo.inspektr.common.web.ClientInfo)3 BigDecimal (java.math.BigDecimal)1 ArrayList (java.util.ArrayList)1 AuthenticationRiskContingencyResponse (org.apereo.cas.api.AuthenticationRiskContingencyResponse)1 Principal (org.apereo.cas.authentication.principal.Principal)1 CasRiskBasedAuthenticationEvaluationStartedEvent (org.apereo.cas.support.events.authentication.adaptive.CasRiskBasedAuthenticationEvaluationStartedEvent)1 CasRiskBasedAuthenticationMitigationStartedEvent (org.apereo.cas.support.events.authentication.adaptive.CasRiskBasedAuthenticationMitigationStartedEvent)1 CasRiskyAuthenticationDetectedEvent (org.apereo.cas.support.events.authentication.adaptive.CasRiskyAuthenticationDetectedEvent)1 CasRiskyAuthenticationMitigatedEvent (org.apereo.cas.support.events.authentication.adaptive.CasRiskyAuthenticationMitigatedEvent)1 CasEvent (org.apereo.cas.support.events.dao.CasEvent)1 Audit (org.apereo.inspektr.audit.annotation.Audit)1