Example 46 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class OpenIdSingleSignOnActionTests method verifySuccessfulServiceTicket.
@Test
public void verifySuccessfulServiceTicket() throws Exception {
final MockRequestContext context = new MockRequestContext();
final MockHttpServletRequest request = new MockHttpServletRequest();
final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication("scootman28");
final TicketGrantingTicket t = new TicketGrantingTicketImpl("TGT-11", authentication, new NeverExpiresExpirationPolicy());
this.ticketRegistry.addTicket(t);
request.setParameter(OpenIdProtocolConstants.OPENID_IDENTITY, "http://openid.aol.com/scootman28");
request.setParameter(OpenIdProtocolConstants.OPENID_RETURNTO, "http://www.cnn.com");
final OpenIdService service = new OpenIdServiceFactory("").createService(request);
context.getFlowScope().put("service", service);
context.getFlowScope().put(WebUtils.PARAMETER_TICKET_GRANTING_TICKET_ID, t.getId());
context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, new MockHttpServletResponse()));
assertEquals("success", this.action.execute(context).getId());
}
Also used :
NeverExpiresExpirationPolicy(org.apereo.cas.ticket.support.NeverExpiresExpirationPolicy)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.apereo.cas.authentication.Authentication)
TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket)
OpenIdService(org.apereo.cas.support.openid.authentication.principal.OpenIdService)
ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext)
TicketGrantingTicketImpl(org.apereo.cas.ticket.TicketGrantingTicketImpl)
MockRequestContext(org.springframework.webflow.test.MockRequestContext)
OpenIdServiceFactory(org.apereo.cas.support.openid.authentication.principal.OpenIdServiceFactory)
MockServletContext(org.springframework.mock.web.MockServletContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Example 47 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class DetermineDuoUserAccountAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
final Authentication authentication = WebUtils.getAuthentication(requestContext);
final Principal p = authentication.getPrincipal();
final Collection<MultifactorAuthenticationProvider> providers = WebUtils.getResolvedMultifactorAuthenticationProviders(requestContext);
for (final MultifactorAuthenticationProvider pr : providers) {
final DuoMultifactorAuthenticationProvider duoProvider = this.provider.findProvider(pr.getId(), DuoMultifactorAuthenticationProvider.class);
final DuoSecurityAuthenticationService duoAuthenticationService = duoProvider.getDuoAuthenticationService();
final DuoUserAccount account = duoAuthenticationService.getDuoUserAccount(p.getId());
if (account.getStatus() == DuoUserAccountAuthStatus.ENROLL && StringUtils.isNotBlank(duoProvider.getRegistrationUrl())) {
requestContext.getFlowScope().put("duoRegistrationUrl", duoProvider.getRegistrationUrl());
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_ENROLL);
}
}
return success();
}
Also used :
DuoUserAccount(org.apereo.cas.adaptors.duo.DuoUserAccount)
Authentication(org.apereo.cas.authentication.Authentication)
DuoMultifactorAuthenticationProvider(org.apereo.cas.adaptors.duo.authn.DuoMultifactorAuthenticationProvider)
MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider)
DuoMultifactorAuthenticationProvider(org.apereo.cas.adaptors.duo.authn.DuoMultifactorAuthenticationProvider)
VariegatedMultifactorAuthenticationProvider(org.apereo.cas.services.VariegatedMultifactorAuthenticationProvider)
DuoSecurityAuthenticationService(org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)
Principal(org.apereo.cas.authentication.principal.Principal)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 48 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class DateTimeAuthenticationRequestRiskCalculator method calculateScore.
@Override
protected BigDecimal calculateScore(final HttpServletRequest request, final Authentication authentication, final RegisteredService service, final Collection<CasEvent> events) {
final ZonedDateTime timestamp = ZonedDateTime.now(ZoneOffset.UTC);
LOGGER.debug("Filtering authentication events for timestamp [{}]", timestamp);
final int hoursFromNow = timestamp.plusHours(windowInHours).getHour();
final int hoursBeforeNow = timestamp.minusHours(windowInHours).getHour();
final long count = events.stream().map(time -> {
final Instant instant = ChronoZonedDateTime.from(time.getCreationTime()).toInstant();
final ZonedDateTime zdt = ZonedDateTime.ofInstant(instant, ZoneOffset.UTC);
return zdt.getHour();
}).filter(hour -> hour <= hoursFromNow && hour >= hoursBeforeNow).count();
LOGGER.debug("Total authentication events found for [{}] in a [{}]h window: [{}]", timestamp, windowInHours, count);
if (count == events.size()) {
LOGGER.debug("Principal [{}] has always authenticated from [{}]", authentication.getPrincipal(), timestamp);
return LOWEST_RISK_SCORE;
}
return getFinalAveragedScore(count, events.size());
}
Also used :
CasEventRepository(org.apereo.cas.support.events.CasEventRepository)
BigDecimal(java.math.BigDecimal)
Slf4j(lombok.extern.slf4j.Slf4j)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ChronoZonedDateTime(java.time.chrono.ChronoZonedDateTime)
Authentication(org.apereo.cas.authentication.Authentication)
ZonedDateTime(java.time.ZonedDateTime)
Collection(java.util.Collection)
ZoneOffset(java.time.ZoneOffset)
Instant(java.time.Instant)
RegisteredService(org.apereo.cas.services.RegisteredService)
CasEvent(org.apereo.cas.support.events.dao.CasEvent)
ChronoZonedDateTime(java.time.chrono.ChronoZonedDateTime)
ZonedDateTime(java.time.ZonedDateTime)
Instant(java.time.Instant)
Example 49 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class DateTimeAuthenticationRequestRiskCalculatorTests method verifyTestWhenAuthnEventsFoundForUser.
@Test
public void verifyTestWhenAuthnEventsFoundForUser() {
final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication("casuser");
final RegisteredService service = RegisteredServiceTestUtils.getRegisteredService("test");
final MockHttpServletRequest request = new MockHttpServletRequest();
final AuthenticationRiskScore score = authenticationRiskEvaluator.eval(authentication, service, request);
assertTrue(score.isLowestRisk());
}
Also used :
AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore)
RegisteredService(org.apereo.cas.services.RegisteredService)
Authentication(org.apereo.cas.authentication.Authentication)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Test(org.junit.Test)
Example 50 with Authentication
use of org.apereo.cas.authentication.Authentication in project cas by apereo.
the class DateTimeAuthenticationRequestRiskCalculatorTests method verifyTestWhenNoAuthnEventsFoundForUser.
@Test
public void verifyTestWhenNoAuthnEventsFoundForUser() {
final Authentication authentication = CoreAuthenticationTestUtils.getAuthentication("datetimeperson");
final RegisteredService service = RegisteredServiceTestUtils.getRegisteredService("test");
final MockHttpServletRequest request = new MockHttpServletRequest();
final AuthenticationRiskScore score = authenticationRiskEvaluator.eval(authentication, service, request);
assertTrue(score.isHighestRisk());
}
Also used :
AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore)
RegisteredService(org.apereo.cas.services.RegisteredService)
Authentication(org.apereo.cas.authentication.Authentication)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Test(org.junit.Test)
Aggregations
Authentication (org.apereo.cas.authentication.Authentication)144
RegisteredService (org.apereo.cas.services.RegisteredService)61
Test (org.junit.Test)48
Service (org.apereo.cas.authentication.principal.Service)44
Principal (org.apereo.cas.authentication.principal.Principal)38
TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)24
MultifactorAuthenticationProvider (org.apereo.cas.services.MultifactorAuthenticationProvider)21
ServiceTicket (org.apereo.cas.ticket.ServiceTicket)21
Event (org.springframework.webflow.execution.Event)20
AuthenticationException (org.apereo.cas.authentication.AuthenticationException)18
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)18
AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)17
HttpServletRequest (javax.servlet.http.HttpServletRequest)15
CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)15
HashMap (java.util.HashMap)14
Assertion (org.apereo.cas.validation.Assertion)14
NeverExpiresExpirationPolicy (org.apereo.cas.ticket.support.NeverExpiresExpirationPolicy)13
MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)12
Collection (java.util.Collection)11
AuditableExecutionResult (org.apereo.cas.audit.AuditableExecutionResult)11
