Examples with Authentication org.apereo.cas.authentication.Authentication used on opensource projects

Example 76 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class ImmutableAssertionTests method verifyGetService.

@Test
public void verifyGetService() {
    final Service service = RegisteredServiceTestUtils.getService();
    final List<Authentication> list = new ArrayList<>();
    list.add(CoreAuthenticationTestUtils.getAuthentication());
    final Assertion assertion = new ImmutableAssertion(CoreAuthenticationTestUtils.getAuthentication(), list, false, service);
    assertEquals(service, assertion.getService());
}

Example 77 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class AbstractCasView method getChainedAuthentications.

/**
 * Gets chained authentications.
 * Note that the last index in the list always describes the primary authentication
 * event. All others in the chain should denote proxies. Per the CAS protocol,
 * when authentication has proceeded through multiple proxies,
 * the order in which the proxies were traversed MUST be reflected in the response.
 * The most recently-visited proxy MUST be the first proxy listed, and all the
 * other proxies MUST be shifted down as new proxies are added.
 *
 * @param model the model
 * @return the chained authentications
 */
protected Collection<Authentication> getChainedAuthentications(final Map<String, Object> model) {
    final Assertion assertion = getAssertionFrom(model);
    final List<Authentication> chainedAuthentications = assertion.getChainedAuthentications();
    return chainedAuthentications.stream().limit(chainedAuthentications.size() - 1).collect(Collectors.toList());
}

Example 78 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class WebUtils method getInProgressAuthentication.

/**
 * Gets in progress authentication.
 *
 * @return the in progress authentication
 */
public static Authentication getInProgressAuthentication() {
    Authentication authentication = null;
    final RequestContext context = RequestContextHolder.getRequestContext();
    if (context != null) {
        authentication = WebUtils.getAuthentication(context);
    }
    if (authentication == null) {
        authentication = AuthenticationCredentialsThreadLocalBinder.getInProgressAuthentication();
    }
    return authentication;
}

Example 79 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class GrouperMultifactorAuthenticationPolicyEventResolver method resolveInternal.

@Override
public Set<Event> resolveInternal(final RequestContext context) {
    final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
    final Authentication authentication = WebUtils.getAuthentication(context);
    if (StringUtils.isBlank(grouperField)) {
        LOGGER.debug("No group field is defined to process for Grouper multifactor trigger");
        return null;
    }
    if (authentication == null || service == null) {
        LOGGER.debug("No authentication or service is available to determine event for principal");
        return null;
    }
    final Principal principal = authentication.getPrincipal();
    final Collection<WsGetGroupsResult> results = GrouperFacade.getGroupsForSubjectId(principal.getId());
    if (results.isEmpty()) {
        LOGGER.debug("No groups could be found for [{}] to resolve events for MFA", principal);
        return null;
    }
    final Map<String, MultifactorAuthenticationProvider> providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
    if (providerMap == null || providerMap.isEmpty()) {
        LOGGER.error("No multifactor authentication providers are available in the application context");
        throw new AuthenticationException();
    }
    final GrouperGroupField groupField = GrouperGroupField.valueOf(grouperField);
    final Set<String> values = results.stream().map(wsGetGroupsResult -> Stream.of(wsGetGroupsResult.getWsGroups())).flatMap(Function.identity()).map(g -> GrouperFacade.getGrouperGroupAttribute(groupField, g)).collect(Collectors.toSet());
    final Optional<MultifactorAuthenticationProvider> providerFound = resolveProvider(providerMap, values);
    if (providerFound.isPresent()) {
        final MultifactorAuthenticationProvider provider = providerFound.get();
        if (provider.isAvailable(service)) {
            LOGGER.debug("Attempting to build event based on the authentication provider [{}] and service [{}]", provider, service.getName());
            final Event event = validateEventIdForMatchingTransitionInContext(provider.getId(), context, buildEventAttributeMap(authentication.getPrincipal(), service, provider));
            return CollectionUtils.wrapSet(event);
        }
        LOGGER.warn("Located multifactor provider [{}], yet the provider cannot be reached or verified", providerFound.get());
        return null;
    }
    LOGGER.debug("No multifactor provider could be found based on [{}]'s Grouper groups", principal.getId());
    return null;
}

Example 80 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class PersonDirectoryAttributeResolutionController method releasePrincipalAttributes.

/**
 * Release principal attributes map.
 *
 * @param username the username
 * @param password the password
 * @param service  the service
 * @param request  the request
 * @param response the response
 * @return the map
 * @throws Exception the exception
 */
@PostMapping(value = "/releaseattrs")
@ResponseBody
public Map<String, Object> releasePrincipalAttributes(@RequestParam final String username, @RequestParam final String password, @RequestParam final String service, final HttpServletRequest request, final HttpServletResponse response) throws Exception {
    ensureEndpointAccessIsAuthorized(request, response);
    final Map<String, Object> resValidation = new HashMap<>();
    final Service selectedService = this.serviceFactory.createService(service);
    final RegisteredService registeredService = this.servicesManager.findServiceBy(selectedService);
    final UsernamePasswordCredential credential = new UsernamePasswordCredential(username, password);
    final AuthenticationResult result = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(selectedService, credential);
    final Authentication authentication = result.getAuthentication();
    final Principal principal = authentication.getPrincipal();
    final Map<String, Object> attributesToRelease = registeredService.getAttributeReleasePolicy().getAttributes(principal, selectedService, registeredService);
    final String principalId = registeredService.getUsernameAttributeProvider().resolveUsername(principal, selectedService, registeredService);
    final Principal modifiedPrincipal = this.principalFactory.createPrincipal(principalId, attributesToRelease);
    final AuthenticationBuilder builder = DefaultAuthenticationBuilder.newInstance(authentication);
    builder.setPrincipal(modifiedPrincipal);
    final Authentication finalAuthentication = builder.build();
    final Assertion assertion = new DefaultAssertionBuilder(finalAuthentication).with(selectedService).with(CollectionUtils.wrap(finalAuthentication)).build();
    final Map<String, Object> model = new LinkedHashMap<>();
    model.put(CasViewConstants.MODEL_ATTRIBUTE_NAME_ASSERTION, assertion);
    model.put(CasViewConstants.MODEL_ATTRIBUTE_NAME_SERVICE, selectedService);
    resValidation.put("registeredService", registeredService);
    String copy = renderViewAndGetResult(this.cas1ServiceSuccessView, model, request, response).getKey().getCopy();
    resValidation.put("cas1Response", StringEscapeUtils.escapeXml11(copy));
    if (casProperties.getView().getCas2().isV3ForwardCompatible()) {
        copy = renderViewAndGetResult(this.cas3ServiceSuccessView, model, request, response).getKey().getCopy();
    } else {
        copy = renderViewAndGetResult(this.cas2ServiceSuccessView, model, request, response).getKey().getCopy();
    }
    resValidation.put("cas2Response", StringEscapeUtils.escapeXml11(copy));
    copy = renderViewAndGetResult(this.cas3ServiceSuccessView, model, request, response).getKey().getCopy();
    resValidation.put("cas3XmlResponse", StringEscapeUtils.escapeXml11(copy));
    copy = renderViewAndGetResult(this.cas3ServiceJsonView, model, request, response).getValue().getStringCopy();
    resValidation.put("cas3JsonResponse", copy);
    response.reset();
    return resValidation;
}