use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityBypassEvaluator.
@ConditionalOnMissingBean(name = "duoSecurityBypassEvaluator")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public ChainingMultifactorAuthenticationProviderBypassEvaluator duoSecurityBypassEvaluator(final ConfigurableApplicationContext applicationContext, @Qualifier("duoSecurityRegisteredServiceMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityRegisteredServiceMultifactorAuthenticationProviderBypass, @Qualifier("duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator, @Qualifier("duoSecurityPrincipalMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityPrincipalMultifactorAuthenticationProviderBypass, @Qualifier("duoSecurityAuthenticationMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityAuthenticationMultifactorAuthenticationProviderBypass, @Qualifier("duoSecurityCredentialMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityCredentialMultifactorAuthenticationProviderBypass, @Qualifier("duoSecurityHttpRequestMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityHttpRequestMultifactorAuthenticationProviderBypass, @Qualifier("duoSecurityGroovyMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityGroovyMultifactorAuthenticationProviderBypass, @Qualifier("duoSecurityRestMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator duoSecurityRestMultifactorAuthenticationProviderBypass) {
return BeanSupplier.of(ChainingMultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityRegisteredServiceMultifactorAuthenticationProviderBypass);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityPrincipalMultifactorAuthenticationProviderBypass);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityAuthenticationMultifactorAuthenticationProviderBypass);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityCredentialMultifactorAuthenticationProviderBypass);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityHttpRequestMultifactorAuthenticationProviderBypass);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityGroovyMultifactorAuthenticationProviderBypass);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(duoSecurityRestMultifactorAuthenticationProviderBypass);
return bypass;
}).otherwise(DefaultChainingMultifactorAuthenticationBypassProvider::new).get();
}
use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityGroovyMultifactorAuthenticationProviderBypass.
@ConditionalOnMissingBean(name = "duoSecurityGroovyMultifactorAuthenticationProviderBypass")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityGroovyMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val duoProps = casProperties.getAuthn().getMfa().getDuo();
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
duoProps.stream().filter(duo -> duo.getBypass().getGroovy().getLocation() != null).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new GroovyMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
if (bypass.isEmpty()) {
return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
}
return bypass;
}).otherwiseProxy().get();
}
use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityRestMultifactorAuthenticationProviderBypass.
@ConditionalOnMissingBean(name = "duoSecurityRestMultifactorAuthenticationProviderBypass")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityRestMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val duoProps = casProperties.getAuthn().getMfa().getDuo();
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getRest().getUrl())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new RestMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
if (bypass.isEmpty()) {
return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
}
return bypass;
}).otherwiseProxy().get();
}
use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityHttpRequestMultifactorAuthenticationProviderBypass.
@ConditionalOnMissingBean(name = "duoSecurityHttpRequestMultifactorAuthenticationProviderBypass")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityHttpRequestMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val duoProps = casProperties.getAuthn().getMfa().getDuo();
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
duoProps.stream().filter(duo -> {
val props = duo.getBypass();
return StringUtils.isNotBlank(props.getHttpRequestHeaders()) || StringUtils.isNotBlank(props.getHttpRequestRemoteAddress());
}).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new HttpRequestMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
if (bypass.isEmpty()) {
return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
}
return bypass;
}).otherwiseProxy().get();
}
use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator.
@ConditionalOnMissingBean(name = "duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val duoProps = casProperties.getAuthn().getMfa().getDuo();
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getCredentialClassType())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(duo.getId())));
if (bypass.isEmpty()) {
return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
}
return bypass;
}).otherwiseProxy().get();
}
Aggregations