use of org.apereo.cas.authentication.MultifactorAuthenticationHandler in project cas by apereo.
the class RegisteredServiceAuthenticationHandlerResolver method filterRequiredAuthenticationHandlers.
private static Set<AuthenticationHandler> filterRequiredAuthenticationHandlers(final Set<AuthenticationHandler> candidateHandlers, final Service service, final RegisteredService registeredService) {
val authenticationPolicy = registeredService.getAuthenticationPolicy();
val requiredHandlers = authenticationPolicy.getRequiredAuthenticationHandlers();
LOGGER.debug("Authentication transaction requires [{}] for service [{}]", requiredHandlers, service);
val handlerSet = new LinkedHashSet<>(candidateHandlers);
LOGGER.debug("Candidate authentication handlers examined for this transaction are [{}]", handlerSet);
if (!requiredHandlers.isEmpty()) {
val it = handlerSet.iterator();
while (it.hasNext()) {
val handler = it.next();
val handlerName = handler.getName();
val removeHandler = !(handler instanceof MultifactorAuthenticationHandler) && !(handler instanceof HttpBasedServiceCredentialsAuthenticationHandler) && !requiredHandlers.contains(handlerName);
if (removeHandler) {
it.remove();
LOGGER.debug("Authentication handler [{}] is removed", handlerName);
}
}
}
LOGGER.info("Final authentication handlers after inclusion rules are [{}]", handlerSet);
return handlerSet;
}
Aggregations