Example 1 with ChainingMultifactorAuthenticationProvider
use of org.apereo.cas.authentication.ChainingMultifactorAuthenticationProvider in project cas by apereo.
the class PrepareMultifactorProviderSelectionAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
val attributes = requestContext.getCurrentEvent().getAttributes();
val registeredService = (RegisteredService) attributes.get(RegisteredService.class.getName());
WebUtils.putRegisteredService(requestContext, registeredService);
val mfaProvider = (ChainingMultifactorAuthenticationProvider) attributes.get(MultifactorAuthenticationProvider.class.getName());
val authn = WebUtils.getAuthentication(requestContext);
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val mfaProviders = mfaProvider.getMultifactorAuthenticationProviders().stream().filter(p -> p.isAvailable(registeredService) && p.getBypassEvaluator().shouldMultifactorAuthenticationProviderExecute(authn, registeredService, p, request)).map(MultifactorAuthenticationProvider::getId).collect(Collectors.toList());
WebUtils.putSelectableMultifactorAuthenticationProviders(requestContext, mfaProviders);
return null;
}
Also used :
lombok.val(lombok.val)
RegisteredService(org.apereo.cas.services.RegisteredService)
ChainingMultifactorAuthenticationProvider(org.apereo.cas.authentication.ChainingMultifactorAuthenticationProvider)
Example 2 with ChainingMultifactorAuthenticationProvider
use of org.apereo.cas.authentication.ChainingMultifactorAuthenticationProvider in project cas by apereo.
the class CompositeProviderSelectionMultifactorWebflowEventResolver method filterEventsByMultifactorAuthenticationProvider.
@Override
protected Optional<Pair<Collection<Event>, Collection<MultifactorAuthenticationProvider>>> filterEventsByMultifactorAuthenticationProvider(final Collection<Event> resolveEvents, final Authentication authentication, final RegisteredService registeredService, final HttpServletRequest request) {
val composite = resolveEvents.stream().allMatch(event -> event.getId().equalsIgnoreCase(ChainingMultifactorAuthenticationProvider.DEFAULT_IDENTIFIER));
if (!composite) {
return super.filterEventsByMultifactorAuthenticationProvider(resolveEvents, authentication, registeredService, request);
}
val event = resolveEvents.iterator().next();
val chainingProvider = (ChainingMultifactorAuthenticationProvider) event.getAttributes().get(MultifactorAuthenticationProvider.class.getName());
return chainingProvider.getMultifactorAuthenticationProviders().stream().map(provider -> getConfigurationContext().getAuthenticationContextValidator().validate(authentication, provider.getId(), Optional.ofNullable(registeredService))).filter(MultifactorAuthenticationContextValidationResult::isSuccess).map(result -> {
val validatedProvider = result.getProvider().orElseThrow();
val validatedEvent = CollectionUtils.wrapCollection(new Event(this, validatedProvider.getId(), event.getAttributes()));
val validatedProviders = CollectionUtils.wrapCollection(validatedProvider);
return Optional.of(Pair.of(validatedEvent, validatedProviders));
}).findAny().orElseGet(() -> {
val activeProviders = chainingProvider.getMultifactorAuthenticationProviders().stream().filter(provider -> {
val bypass = provider.getBypassEvaluator();
return bypass == null || bypass.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, request);
}).collect(Collectors.toList());
LOGGER.debug("Finalized set of resolved events are [{}] with providers [{}]", resolveEvents, activeProviders);
return activeProviders.isEmpty() ? Optional.empty() : Optional.of(Pair.of(resolveEvents, activeProviders));
});
}
Also used :
lombok.val(lombok.val)
Collection(java.util.Collection)
lombok.val(lombok.val)
MultifactorAuthenticationProvider(org.apereo.cas.authentication.MultifactorAuthenticationProvider)
Collectors(java.util.stream.Collectors)
RegisteredService(org.apereo.cas.services.RegisteredService)
Slf4j(lombok.extern.slf4j.Slf4j)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ChainingMultifactorAuthenticationProvider(org.apereo.cas.authentication.ChainingMultifactorAuthenticationProvider)
Pair(org.apache.commons.lang3.tuple.Pair)
Authentication(org.apereo.cas.authentication.Authentication)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
Optional(java.util.Optional)
MultifactorAuthenticationContextValidationResult(org.apereo.cas.authentication.MultifactorAuthenticationContextValidationResult)
Event(org.springframework.webflow.execution.Event)
ChainingMultifactorAuthenticationProvider(org.apereo.cas.authentication.ChainingMultifactorAuthenticationProvider)
Event(org.springframework.webflow.execution.Event)
Aggregations
lombok.val (lombok.val)2
ChainingMultifactorAuthenticationProvider (org.apereo.cas.authentication.ChainingMultifactorAuthenticationProvider)2
RegisteredService (org.apereo.cas.services.RegisteredService)2
Collection (java.util.Collection)1
Optional (java.util.Optional)1
Collectors (java.util.stream.Collectors)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
Slf4j (lombok.extern.slf4j.Slf4j)1
Pair (org.apache.commons.lang3.tuple.Pair)1
Authentication (org.apereo.cas.authentication.Authentication)1
MultifactorAuthenticationContextValidationResult (org.apereo.cas.authentication.MultifactorAuthenticationContextValidationResult)1
MultifactorAuthenticationProvider (org.apereo.cas.authentication.MultifactorAuthenticationProvider)1
CollectionUtils (org.apereo.cas.util.CollectionUtils)1
Event (org.springframework.webflow.execution.Event)1
