Examples with Authentication org.apereo.cas.authentication.Authentication used on opensource projects

Search in sources :

Example 31 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class BaseRequestMultifactorAuthenticationPolicyEventResolver method resolveInternal.

@Override
public Set<Event> resolveInternal(final RequestContext context) {
    final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
    final Authentication authentication = WebUtils.getAuthentication(context);
    if (service == null || authentication == null) {
        LOGGER.debug("No service or authentication is available to determine event for principal");
        return null;
    }
    final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
    final List<String> values = resolveEventFromHttpRequest(request);
    if (values != null && !values.isEmpty()) {
        LOGGER.debug("Received request as [{}]", values);
        final Map<String, MultifactorAuthenticationProvider> providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
        if (providerMap == null || providerMap.isEmpty()) {
            LOGGER.error("No multifactor authentication providers are available in the application context to satisfy [{}]", values);
            throw new AuthenticationException();
        }
        final Optional<MultifactorAuthenticationProvider> providerFound = resolveProvider(providerMap, values.get(0));
        if (providerFound.isPresent()) {
            final MultifactorAuthenticationProvider provider = providerFound.get();
            if (provider.isAvailable(service)) {
                LOGGER.debug("Attempting to build an event based on the authentication provider [{}] and service [{}]", provider, service.getName());
                final Event event = validateEventIdForMatchingTransitionInContext(provider.getId(), context, buildEventAttributeMap(authentication.getPrincipal(), service, provider));
                return CollectionUtils.wrapSet(event);
            }
            LOGGER.warn("Located multifactor provider [{}], yet the provider cannot be reached or verified", providerFound.get());
            return null;
        }
        LOGGER.warn("No multifactor provider could be found for request parameter [{}]", values);
        throw new AuthenticationException();
    }
    return null;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) RegisteredService(org.apereo.cas.services.RegisteredService) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) Authentication(org.apereo.cas.authentication.Authentication) Event(org.springframework.webflow.execution.Event) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider)

Example 32 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class DefaultCentralAuthenticationService method grantServiceTicket.

@Audit(action = "SERVICE_TICKET", actionResolverName = "GRANT_SERVICE_TICKET_RESOLVER", resourceResolverName = "GRANT_SERVICE_TICKET_RESOURCE_RESOLVER")
@Timed(name = "GRANT_SERVICE_TICKET_TIMER")
@Metered(name = "GRANT_SERVICE_TICKET_METER")
@Counted(name = "GRANT_SERVICE_TICKET_COUNTER", monotonic = true)
@Override
public ServiceTicket grantServiceTicket(final String ticketGrantingTicketId, final Service service, final AuthenticationResult authenticationResult) throws AuthenticationException, AbstractTicketException {
    final boolean credentialProvided = authenticationResult != null && authenticationResult.isCredentialProvided();
    final TicketGrantingTicket ticketGrantingTicket = getTicket(ticketGrantingTicketId, TicketGrantingTicket.class);
    final Service selectedService = resolveServiceFromAuthenticationRequest(service);
    final RegisteredService registeredService = this.servicesManager.findServiceBy(selectedService);
    final AuditableContext audit = AuditableContext.builder().service(selectedService).ticketGrantingTicket(ticketGrantingTicket).registeredService(registeredService).retrievePrincipalAttributesFromReleasePolicy(Boolean.FALSE).build();
    final AuditableExecutionResult accessResult = this.registeredServiceAccessStrategyEnforcer.execute(audit);
    accessResult.throwExceptionIfNeeded();
    final Authentication currentAuthentication = evaluatePossibilityOfMixedPrincipals(authenticationResult, ticketGrantingTicket);
    RegisteredServiceAccessStrategyUtils.ensureServiceSsoAccessIsAllowed(registeredService, selectedService, ticketGrantingTicket, credentialProvided);
    evaluateProxiedServiceIfNeeded(selectedService, ticketGrantingTicket, registeredService);
    // Perform security policy check by getting the authentication that satisfies the configured policy
    getAuthenticationSatisfiedByPolicy(currentAuthentication, new ServiceContext(selectedService, registeredService));
    final Authentication latestAuthentication = ticketGrantingTicket.getRoot().getAuthentication();
    AuthenticationCredentialsThreadLocalBinder.bindCurrent(latestAuthentication);
    final Principal principal = latestAuthentication.getPrincipal();
    final ServiceTicketFactory factory = (ServiceTicketFactory) this.ticketFactory.get(ServiceTicket.class);
    final ServiceTicket serviceTicket = factory.create(ticketGrantingTicket, service, credentialProvided, ServiceTicket.class);
    this.ticketRegistry.updateTicket(ticketGrantingTicket);
    this.ticketRegistry.addTicket(serviceTicket);
    LOGGER.info("Granted ticket [{}] for service [{}] and principal [{}]", serviceTicket.getId(), DigestUtils.abbreviate(service.getId()), principal.getId());
    doPublishEvent(new CasServiceTicketGrantedEvent(this, ticketGrantingTicket, serviceTicket));
    return serviceTicket;
}
Also used : AuditableContext(org.apereo.cas.audit.AuditableContext) RegisteredService(org.apereo.cas.services.RegisteredService) ServiceTicketFactory(org.apereo.cas.ticket.ServiceTicketFactory) CasServiceTicketGrantedEvent(org.apereo.cas.support.events.ticket.CasServiceTicketGrantedEvent) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) ServiceContext(org.apereo.cas.services.ServiceContext) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) AuditableExecutionResult(org.apereo.cas.audit.AuditableExecutionResult) Principal(org.apereo.cas.authentication.principal.Principal) Audit(org.apereo.inspektr.audit.annotation.Audit) Counted(com.codahale.metrics.annotation.Counted) Metered(com.codahale.metrics.annotation.Metered) Timed(com.codahale.metrics.annotation.Timed)

Example 33 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyValidateServiceTicketWithInvalidUsernameAttribute.

@Test
public void verifyValidateServiceTicketWithInvalidUsernameAttribute() {
    final Service svc = getService("eduPersonTestInvalid");
    final UsernamePasswordCredential cred = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
    final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc, ctx);
    final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc);
    final Authentication auth = assertion.getPrimaryAuthentication();
    /*
         * The attribute specified for this service does not resolve.
         * Therefore, we expect the default to be returned.
         */
    assertEquals(auth.getPrincipal().getId(), cred.getUsername());
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) Assertion(org.apereo.cas.validation.Assertion) AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 34 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyValidateServiceTicketNoAttributesReturned.

@Test
public void verifyValidateServiceTicketNoAttributesReturned() {
    final Service service = getService();
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
    final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), service, ctx);
    final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), service);
    final Authentication auth = assertion.getPrimaryAuthentication();
    assertEquals(0, auth.getPrincipal().getAttributes().size());
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) Assertion(org.apereo.cas.validation.Assertion) AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Example 35 with Authentication

use of org.apereo.cas.authentication.Authentication in project cas by apereo.

the class CentralAuthenticationServiceImplTests method verifyValidateServiceTicketWithDefaultUsernameAttribute.

@Test
public void verifyValidateServiceTicketWithDefaultUsernameAttribute() {
    final Service svc = getService("testDefault");
    final UsernamePasswordCredential cred = CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword();
    final AuthenticationResult ctx = CoreAuthenticationTestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), svc);
    final TicketGrantingTicket ticketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(ctx);
    final ServiceTicket serviceTicket = getCentralAuthenticationService().grantServiceTicket(ticketGrantingTicket.getId(), svc, ctx);
    final Assertion assertion = getCentralAuthenticationService().validateServiceTicket(serviceTicket.getId(), svc);
    final Authentication auth = assertion.getPrimaryAuthentication();
    assertEquals(auth.getPrincipal().getId(), cred.getUsername());
}
Also used : TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) Authentication(org.apereo.cas.authentication.Authentication) Assertion(org.apereo.cas.validation.Assertion) AbstractWebApplicationService(org.apereo.cas.authentication.principal.AbstractWebApplicationService) Service(org.apereo.cas.authentication.principal.Service) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) AuthenticationResult(org.apereo.cas.authentication.AuthenticationResult) Test(org.junit.Test)

Aggregations

Authentication (org.apereo.cas.authentication.Authentication)125 RegisteredService (org.apereo.cas.services.RegisteredService)58 Service (org.apereo.cas.authentication.principal.Service)44 lombok.val (lombok.val)38 HttpServletRequest (javax.servlet.http.HttpServletRequest)32 Slf4j (lombok.extern.slf4j.Slf4j)32 Principal (org.apereo.cas.authentication.principal.Principal)26 Event (org.springframework.webflow.execution.Event)25 Optional (java.util.Optional)23 TicketGrantingTicket (org.apereo.cas.ticket.TicketGrantingTicket)22 Test (org.junit.Test)21 MultifactorAuthenticationProvider (org.apereo.cas.services.MultifactorAuthenticationProvider)20 AuthenticationException (org.apereo.cas.authentication.AuthenticationException)19 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)17 Collection (java.util.Collection)16 StringUtils (org.apache.commons.lang3.StringUtils)16 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)15 ServiceTicket (org.apereo.cas.ticket.ServiceTicket)15 WebUtils (org.apereo.cas.web.support.WebUtils)14 RequestContext (org.springframework.webflow.execution.RequestContext)14
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial