Examples with Authentication org.apereo.cas.authentication.Authentication used on opensource projects

Example 16 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class TicketValidationResourceResolver method resolveFrom.

@Override
public String[] resolveFrom(final JoinPoint joinPoint, final Object object) {
    final List<String> auditResourceResults = new ArrayList<>();
    final String ticketId = AopUtils.unWrapJoinPoint(joinPoint).getArgs()[0].toString();
    auditResourceResults.add(ticketId);
    if (object instanceof Assertion) {
        final Assertion assertion = Assertion.class.cast(object);
        final Authentication authn = assertion.getPrimaryAuthentication();
        try (StringWriter writer = new StringWriter()) {
            final ObjectWriter objectWriter = mapper.writer();
            final Map<String, Object> results = new LinkedHashMap<>();
            results.put("principal", authn.getPrincipal().getId());
            final Map<String, Object> attributes = new LinkedHashMap<>(authn.getAttributes());
            attributes.putAll(authn.getPrincipal().getAttributes());
            results.put("attributes", attributes);
            objectWriter.writeValue(writer, results);
            auditResourceResults.add(writer.toString());
        } catch (final Exception e) {
            LOGGER.error(e.getMessage(), e);
        }
    }
    return auditResourceResults.toArray(new String[] {});
}

Example 17 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class UniquePrincipalAuthenticationPolicy method isSatisfiedBy.

@Override
public boolean isSatisfiedBy(final Authentication authentication) throws Exception {
    try {
        final Principal authPrincipal = authentication.getPrincipal();
        final long count = this.ticketRegistry.getTickets(t -> {
            boolean pass = TicketGrantingTicket.class.isInstance(t) && !t.isExpired();
            if (pass) {
                final Principal principal = TicketGrantingTicket.class.cast(t).getAuthentication().getPrincipal();
                pass = principal.getId().equalsIgnoreCase(authPrincipal.getId());
            }
            return pass;
        }).count();
        if (count == 0) {
            LOGGER.debug("Authentication policy is satisfied with [{}]", authPrincipal.getId());
            return true;
        }
        LOGGER.warn("Authentication policy cannot be satisfied for principal [{}] because [{}] sessions currently exist", authPrincipal.getId(), count);
        return false;
    } catch (final Exception e) {
        throw new GeneralSecurityException(e);
    }
}

Example 18 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class AbstractServiceValidateController method validateAuthenticationContext.

/**
 * Validate authentication context pair.
 *
 * @param assertion the assertion
 * @param request   the request
 * @return the pair
 */
protected Pair<Boolean, Optional<MultifactorAuthenticationProvider>> validateAuthenticationContext(final Assertion assertion, final HttpServletRequest request) {
    LOGGER.debug("Locating the primary authentication associated with this service request [{}]", assertion.getService());
    final RegisteredService service = this.servicesManager.findServiceBy(assertion.getService());
    RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(assertion.getService(), service);
    final Map<String, MultifactorAuthenticationProvider> providers = this.applicationContext.getBeansOfType(MultifactorAuthenticationProvider.class, false, true);
    final Authentication authentication = assertion.getPrimaryAuthentication();
    final Optional<String> requestedContext = this.multifactorTriggerSelectionStrategy.resolve(providers.values(), request, service, authentication);
    if (!requestedContext.isPresent()) {
        LOGGER.debug("No particular authentication context is required for this request");
        return Pair.of(Boolean.TRUE, Optional.empty());
    }
    return this.authenticationContextValidator.validate(authentication, requestedContext.get(), service);
}

Example 19 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class Cas10ResponseViewTests method setUp.

@Before
public void setUp() {
    this.model = new HashMap<>();
    final List<Authentication> list = new ArrayList<>();
    list.add(CoreAuthenticationTestUtils.getAuthentication("someothername"));
    this.model.put("assertion", new DefaultAssertionBuilder(CoreAuthenticationTestUtils.getAuthentication()).with(list).with(CoreAuthenticationTestUtils.getService("TestService")).with(true).build());
}

Example 20 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class DetermineDuoUserAccountAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    final Authentication authentication = WebUtils.getAuthentication(requestContext);
    final Principal p = authentication.getPrincipal();
    final Collection<MultifactorAuthenticationProvider> providers = WebUtils.getResolvedMultifactorAuthenticationProviders(requestContext);
    for (final MultifactorAuthenticationProvider pr : providers) {
        final DuoMultifactorAuthenticationProvider duoProvider = this.provider.findProvider(pr.getId(), DuoMultifactorAuthenticationProvider.class);
        final DuoSecurityAuthenticationService duoAuthenticationService = duoProvider.getDuoAuthenticationService();
        final DuoUserAccount account = duoAuthenticationService.getDuoUserAccount(p.getId());
        if (account.getStatus() == DuoUserAccountAuthStatus.ENROLL && StringUtils.isNotBlank(duoProvider.getRegistrationUrl())) {
            requestContext.getFlowScope().put("duoRegistrationUrl", duoProvider.getRegistrationUrl());
            return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_ENROLL);
        }
    }
    return success();
}