Example 21 with DefaultChainingMultifactorAuthenticationBypassProvider
use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityCredentialMultifactorAuthenticationProviderBypass.
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
@ConditionalOnMissingBean(name = "duoSecurityCredentialMultifactorAuthenticationProviderBypass")
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityCredentialMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val duoProps = casProperties.getAuthn().getMfa().getDuo();
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getCredentialClassType())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new CredentialMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
if (bypass.isEmpty()) {
return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
}
return bypass;
}).otherwiseProxy().get();
}
Also used :
lombok.val(lombok.val)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator)
MultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator)
GroovyMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator)
DuoSecurityAuthenticationService(org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)
StringUtils(org.apache.commons.lang3.StringUtils)
BeanSupplier(org.apereo.cas.util.spring.beans.BeanSupplier)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
RestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator)
RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator)
EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties)
ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
ChainingMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator)
lombok.val(lombok.val)
ScopedProxyMode(org.springframework.context.annotation.ScopedProxyMode)
ConditionalOnFeature(org.apereo.cas.util.spring.boot.ConditionalOnFeature)
AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)
Configuration(org.springframework.context.annotation.Configuration)
CasFeatureModule(org.apereo.cas.configuration.support.CasFeatureModule)
DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)
PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator)
Bean(org.springframework.context.annotation.Bean)
NeverAllowMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator)
CredentialMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)
CredentialMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)
DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Example 22 with DefaultChainingMultifactorAuthenticationBypassProvider
use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityPrincipalMultifactorAuthenticationProviderBypass.
@Bean
@ConditionalOnMissingBean(name = "duoSecurityPrincipalMultifactorAuthenticationProviderBypass")
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityPrincipalMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val duoProps = casProperties.getAuthn().getMfa().getDuo();
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getPrincipalAttributeName())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new PrincipalMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
if (bypass.isEmpty()) {
return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
}
return bypass;
}).otherwiseProxy().get();
}
Also used :
lombok.val(lombok.val)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator)
MultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator)
GroovyMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator)
DuoSecurityAuthenticationService(org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)
StringUtils(org.apache.commons.lang3.StringUtils)
BeanSupplier(org.apereo.cas.util.spring.beans.BeanSupplier)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
RestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator)
RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator)
EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties)
ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
ChainingMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator)
lombok.val(lombok.val)
ScopedProxyMode(org.springframework.context.annotation.ScopedProxyMode)
ConditionalOnFeature(org.apereo.cas.util.spring.boot.ConditionalOnFeature)
AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)
Configuration(org.springframework.context.annotation.Configuration)
CasFeatureModule(org.apereo.cas.configuration.support.CasFeatureModule)
DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)
PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator)
Bean(org.springframework.context.annotation.Bean)
NeverAllowMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator)
CredentialMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)
DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)
PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Example 23 with DefaultChainingMultifactorAuthenticationBypassProvider
use of org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider in project cas by apereo.
the class SwivelAuthenticationMultifactorProviderBypassConfiguration method swivelBypassEvaluator.
@ConditionalOnMissingBean(name = "swivelBypassEvaluator")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator swivelBypassEvaluator(final CasConfigurationProperties casProperties, @Qualifier("swivelPrincipalMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator swivelPrincipalMultifactorAuthenticationProviderBypass, @Qualifier("swivelRegisteredServiceMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator swivelRegisteredServiceMultifactorAuthenticationProviderBypass, @Qualifier("swivelRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator") final MultifactorAuthenticationProviderBypassEvaluator swivelRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator, @Qualifier("swivelAuthenticationMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator swivelAuthenticationMultifactorAuthenticationProviderBypass, @Qualifier("swivelCredentialMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator swivelCredentialMultifactorAuthenticationProviderBypass, @Qualifier("swivelHttpRequestMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator swivelHttpRequestMultifactorAuthenticationProviderBypass, @Qualifier("swivelGroovyMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator swivelGroovyMultifactorAuthenticationProviderBypass, @Qualifier("swivelRestMultifactorAuthenticationProviderBypass") final MultifactorAuthenticationProviderBypassEvaluator swivelRestMultifactorAuthenticationProviderBypass) {
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
val props = casProperties.getAuthn().getMfa().getSwivel().getBypass();
if (StringUtils.isNotBlank(props.getPrincipalAttributeName())) {
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelPrincipalMultifactorAuthenticationProviderBypass);
}
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelRegisteredServiceMultifactorAuthenticationProviderBypass);
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator);
if (StringUtils.isNotBlank(props.getAuthenticationAttributeName()) || StringUtils.isNotBlank(props.getAuthenticationHandlerName()) || StringUtils.isNotBlank(props.getAuthenticationMethodName())) {
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelAuthenticationMultifactorAuthenticationProviderBypass);
}
if (StringUtils.isNotBlank(props.getCredentialClassType())) {
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelCredentialMultifactorAuthenticationProviderBypass);
}
if (StringUtils.isNotBlank(props.getHttpRequestHeaders()) || StringUtils.isNotBlank(props.getHttpRequestRemoteAddress())) {
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelHttpRequestMultifactorAuthenticationProviderBypass);
}
if (props.getGroovy().getLocation() != null) {
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelGroovyMultifactorAuthenticationProviderBypass);
}
if (StringUtils.isNotBlank(props.getRest().getUrl())) {
bypass.addMultifactorAuthenticationProviderBypassEvaluator(swivelRestMultifactorAuthenticationProviderBypass);
}
return bypass;
}
Also used :
lombok.val(lombok.val)
DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Aggregations
lombok.val (lombok.val)23
DefaultChainingMultifactorAuthenticationBypassProvider (org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)23
ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)19
RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)19
Bean (org.springframework.context.annotation.Bean)19
HttpRequestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator)8
RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator)8
StringUtils (org.apache.commons.lang3.StringUtils)7
DuoSecurityAuthenticationService (org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)7
AuthenticationMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)7
ChainingMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator)7
CredentialMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)7
GroovyMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator)7
MultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator)7
NeverAllowMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator)7
PrincipalMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator)7
RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator)7
RestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator)7
CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)7
CasFeatureModule (org.apereo.cas.configuration.support.CasFeatureModule)7
