Search in sources :

Example 6 with MultifactorAuthenticationProviderBypassEvaluator

use of org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.

the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityCredentialMultifactorAuthenticationProviderBypass.

@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
@ConditionalOnMissingBean(name = "duoSecurityCredentialMultifactorAuthenticationProviderBypass")
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityCredentialMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
    return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
        val duoProps = casProperties.getAuthn().getMfa().getDuo();
        val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
        duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getCredentialClassType())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new CredentialMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
        if (bypass.isEmpty()) {
            return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
        }
        return bypass;
    }).otherwiseProxy().get();
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator) MultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator) GroovyMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator) DuoSecurityAuthenticationService(org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService) StringUtils(org.apache.commons.lang3.StringUtils) BeanSupplier(org.apereo.cas.util.spring.beans.BeanSupplier) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) RestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator) RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator) EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Qualifier(org.springframework.beans.factory.annotation.Qualifier) ChainingMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator) lombok.val(lombok.val) ScopedProxyMode(org.springframework.context.annotation.ScopedProxyMode) ConditionalOnFeature(org.apereo.cas.util.spring.boot.ConditionalOnFeature) AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator) Configuration(org.springframework.context.annotation.Configuration) CasFeatureModule(org.apereo.cas.configuration.support.CasFeatureModule) DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider) PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator) Bean(org.springframework.context.annotation.Bean) NeverAllowMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator) CredentialMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator) CredentialMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator) DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Example 7 with MultifactorAuthenticationProviderBypassEvaluator

use of org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.

the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityPrincipalMultifactorAuthenticationProviderBypass.

@Bean
@ConditionalOnMissingBean(name = "duoSecurityPrincipalMultifactorAuthenticationProviderBypass")
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityPrincipalMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
    return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
        val duoProps = casProperties.getAuthn().getMfa().getDuo();
        val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
        duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getPrincipalAttributeName())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new PrincipalMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
        if (bypass.isEmpty()) {
            return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
        }
        return bypass;
    }).otherwiseProxy().get();
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator) MultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator) GroovyMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator) DuoSecurityAuthenticationService(org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService) StringUtils(org.apache.commons.lang3.StringUtils) BeanSupplier(org.apereo.cas.util.spring.beans.BeanSupplier) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) RestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator) RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator) EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Qualifier(org.springframework.beans.factory.annotation.Qualifier) ChainingMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator) lombok.val(lombok.val) ScopedProxyMode(org.springframework.context.annotation.ScopedProxyMode) ConditionalOnFeature(org.apereo.cas.util.spring.boot.ConditionalOnFeature) AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator) Configuration(org.springframework.context.annotation.Configuration) CasFeatureModule(org.apereo.cas.configuration.support.CasFeatureModule) DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider) PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator) Bean(org.springframework.context.annotation.Bean) NeverAllowMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator) CredentialMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator) DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider) PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

lombok.val (lombok.val)7 StringUtils (org.apache.commons.lang3.StringUtils)7 DuoSecurityAuthenticationService (org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)7 AuthenticationMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)7 ChainingMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator)7 CredentialMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)7 DefaultChainingMultifactorAuthenticationBypassProvider (org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)7 GroovyMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator)7 HttpRequestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator)7 MultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator)7 NeverAllowMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator)7 PrincipalMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator)7 RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator)7 RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator)7 RestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator)7 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)7 CasFeatureModule (org.apereo.cas.configuration.support.CasFeatureModule)7 BeanSupplier (org.apereo.cas.util.spring.beans.BeanSupplier)7 ConditionalOnFeature (org.apereo.cas.util.spring.boot.ConditionalOnFeature)7 Qualifier (org.springframework.beans.factory.annotation.Qualifier)7