Example 6 with AuthenticationMultifactorAuthenticationProviderBypassEvaluator
use of org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.
the class MultifactorAuthenticationProviderBypassTests method verifyMultifactorAuthenticationBypassByAuthenticationHandler.
@Test
public void verifyMultifactorAuthenticationBypassByAuthenticationHandler() {
val applicationContext = new StaticApplicationContext();
applicationContext.refresh();
ApplicationContextProvider.holdApplicationContext(applicationContext);
ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
val request = new MockHttpServletRequest();
val props = new MultifactorAuthenticationProviderBypassProperties();
props.setAuthenticationHandlerName("SimpleAuthenticationHandler");
val principal = MultifactorAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("givenName", "CAS"));
val authentication = MultifactorAuthenticationTestUtils.getAuthentication(principal, CollectionUtils.wrap(AuthenticationHandler.SUCCESSFUL_AUTHENTICATION_HANDLERS, "SimpleAuthenticationHandler"));
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
val service = MultifactorAuthenticationTestUtils.getRegisteredService();
assertFalse(bypass.shouldMultifactorAuthenticationProviderExecute(authentication, service, provider, request));
}
Also used :
lombok.val(lombok.val)
MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)
StaticApplicationContext(org.springframework.context.support.StaticApplicationContext)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)
Test(org.junit.jupiter.api.Test)
Example 7 with AuthenticationMultifactorAuthenticationProviderBypassEvaluator
use of org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.
the class DefaultRequestedAuthenticationContextValidatorTests method verifyRequestedAuthenticationContextBypassed.
@Test
public void verifyRequestedAuthenticationContextBypassed() {
val applicationContext = buildApplicationContext();
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val props = MultifactorAuthenticationTestUtils.getAuthenticationBypassProperties();
val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
provider.setBypassEvaluator(bypass);
val servicesManager = mock(ServicesManager.class);
val validator = MultifactorAuthenticationTestUtils.mockRequestAuthnContextValidator(servicesManager, Optional.of(provider), applicationContext, BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.UNDEFINED.toString());
val assertion = mock(Assertion.class);
val principal = MultifactorAuthenticationTestUtils.getPrincipal(CASUSER, CollectionUtils.wrap(CASUSER, AUTH_ATTRIBUTES));
val auth = MultifactorAuthenticationTestUtils.getAuthentication(principal, AUTH_ATTRIBUTES);
when(assertion.getPrimaryAuthentication()).thenReturn(auth);
val result = validator.validateAuthenticationContext(assertion, new MockHttpServletRequest(), new MockHttpServletResponse());
assertTrue(result.isSuccess());
}
Also used :
lombok.val(lombok.val)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 8 with AuthenticationMultifactorAuthenticationProviderBypassEvaluator
use of org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.
the class DefaultRequestedAuthenticationContextValidatorTests method verifyRequestedAuthenticationIsAlreadyBypass.
@Test
public void verifyRequestedAuthenticationIsAlreadyBypass() {
val applicationContext = buildApplicationContext();
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val props = new MultifactorAuthenticationProviderBypassProperties();
props.setAuthenticationAttributeName("givenName");
props.setAuthenticationAttributeValue("Not Bypassed");
val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, TestMultifactorAuthenticationProvider.ID);
provider.setBypassEvaluator(bypass);
val servicesManager = mock(ServicesManager.class);
val validator = MultifactorAuthenticationTestUtils.mockRequestAuthnContextValidator(servicesManager, Optional.of(provider), applicationContext, BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.UNDEFINED.toString());
val assertion = mock(Assertion.class);
val principal = MultifactorAuthenticationTestUtils.getPrincipal(CASUSER);
val attrs = new HashMap<String, List<Object>>();
attrs.put(MultifactorAuthenticationProviderBypassEvaluator.AUTHENTICATION_ATTRIBUTE_BYPASS_MFA, List.of(true));
attrs.put(MultifactorAuthenticationProviderBypassEvaluator.AUTHENTICATION_ATTRIBUTE_BYPASS_MFA_PROVIDER, List.of(TestMultifactorAuthenticationProvider.ID));
val auth = MultifactorAuthenticationTestUtils.getAuthentication(principal, attrs);
when(assertion.getPrimaryAuthentication()).thenReturn(auth);
val result = validator.validateAuthenticationContext(assertion, new MockHttpServletRequest(), new MockHttpServletResponse());
assertTrue(result.isSuccess());
}
Also used :
lombok.val(lombok.val)
MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 9 with AuthenticationMultifactorAuthenticationProviderBypassEvaluator
use of org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.
the class DefaultRequestedAuthenticationContextValidatorTests method verifyExecutionIgnoredPerService.
@Test
public void verifyExecutionIgnoredPerService() {
val applicationContext = buildApplicationContext();
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val props = MultifactorAuthenticationTestUtils.getAuthenticationBypassProperties();
val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
provider.setBypassEvaluator(bypass);
val servicesManager = mock(ServicesManager.class);
val validator = MultifactorAuthenticationTestUtils.mockRequestAuthnContextValidator(servicesManager, Optional.of(provider), applicationContext, BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.UNDEFINED.toString());
val mfaPolicy = mock(RegisteredServiceMultifactorPolicy.class);
when(mfaPolicy.isBypassEnabled()).thenReturn(true);
val service = MultifactorAuthenticationTestUtils.getService(UUID.randomUUID().toString());
val registeredService = MultifactorAuthenticationTestUtils.getRegisteredService(service.getId(), BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.UNDEFINED.toString());
when(registeredService.getMultifactorPolicy()).thenReturn(mfaPolicy);
when(servicesManager.findServiceBy(any(Service.class))).thenReturn(registeredService);
val assertion = mock(Assertion.class);
when(assertion.getService()).thenReturn(service);
val principal = MultifactorAuthenticationTestUtils.getPrincipal(CASUSER, CollectionUtils.wrap(CASUSER, AUTH_ATTRIBUTES));
val auth = MultifactorAuthenticationTestUtils.getAuthentication(principal, AUTH_ATTRIBUTES);
when(assertion.getPrimaryAuthentication()).thenReturn(auth);
val result = validator.validateAuthenticationContext(assertion, new MockHttpServletRequest(), new MockHttpServletResponse());
assertTrue(result.isSuccess());
assertTrue(result.getContextId().isEmpty());
}
Also used :
lombok.val(lombok.val)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Service(org.apereo.cas.authentication.principal.Service)
AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 10 with AuthenticationMultifactorAuthenticationProviderBypassEvaluator
use of org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.
the class DefaultRequestedAuthenticationContextValidatorTests method verifyRequestedAuthenticationContextNotBypassed.
@Test
public void verifyRequestedAuthenticationContextNotBypassed() {
val applicationContext = buildApplicationContext();
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val props = new MultifactorAuthenticationProviderBypassProperties();
props.setAuthenticationAttributeName("givenName");
props.setAuthenticationAttributeValue("Not Bypassed");
val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, TestMultifactorAuthenticationProvider.ID);
provider.setBypassEvaluator(bypass);
val servicesManager = mock(ServicesManager.class);
val validator = MultifactorAuthenticationTestUtils.mockRequestAuthnContextValidator(servicesManager, Optional.of(provider), applicationContext, BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.UNDEFINED.toString());
val assertion = mock(Assertion.class);
val principal = MultifactorAuthenticationTestUtils.getPrincipal(CASUSER);
val auth = MultifactorAuthenticationTestUtils.getAuthentication(principal, AUTH_ATTRIBUTES);
when(assertion.getPrimaryAuthentication()).thenReturn(auth);
val result = validator.validateAuthenticationContext(assertion, new MockHttpServletRequest(), new MockHttpServletResponse());
assertFalse(result.isSuccess());
}
Also used :
lombok.val(lombok.val)
MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Aggregations
lombok.val (lombok.val)18
AuthenticationMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)18
ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)11
RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)11
Bean (org.springframework.context.annotation.Bean)11
Test (org.junit.jupiter.api.Test)7
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)7
MultifactorAuthenticationProviderBypassProperties (org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)5
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)4
StaticApplicationContext (org.springframework.context.support.StaticApplicationContext)3
HashMap (java.util.HashMap)1
StringUtils (org.apache.commons.lang3.StringUtils)1
DuoSecurityAuthenticationService (org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)1
ChainingMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator)1
CredentialMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)1
DefaultChainingMultifactorAuthenticationBypassProvider (org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)1
GroovyMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator)1
HttpRequestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator)1
MultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator)1
NeverAllowMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator)1
