Search in sources :

Example 11 with PrincipalMultifactorAuthenticationProviderBypassEvaluator

use of org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.

the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityPrincipalMultifactorAuthenticationProviderBypass.

@Bean
@ConditionalOnMissingBean(name = "duoSecurityPrincipalMultifactorAuthenticationProviderBypass")
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityPrincipalMultifactorAuthenticationProviderBypass(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
    return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
        val duoProps = casProperties.getAuthn().getMfa().getDuo();
        val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
        duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getPrincipalAttributeName())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new PrincipalMultifactorAuthenticationProviderBypassEvaluator(duo.getBypass(), duo.getId())));
        if (bypass.isEmpty()) {
            return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
        }
        return bypass;
    }).otherwiseProxy().get();
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) HttpRequestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator) MultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator) GroovyMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator) DuoSecurityAuthenticationService(org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService) StringUtils(org.apache.commons.lang3.StringUtils) BeanSupplier(org.apereo.cas.util.spring.beans.BeanSupplier) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) RestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator) RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator) EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) Qualifier(org.springframework.beans.factory.annotation.Qualifier) ChainingMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator) lombok.val(lombok.val) ScopedProxyMode(org.springframework.context.annotation.ScopedProxyMode) ConditionalOnFeature(org.apereo.cas.util.spring.boot.ConditionalOnFeature) AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator) Configuration(org.springframework.context.annotation.Configuration) CasFeatureModule(org.apereo.cas.configuration.support.CasFeatureModule) DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider) PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator) Bean(org.springframework.context.annotation.Bean) NeverAllowMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator) CredentialMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator) DefaultChainingMultifactorAuthenticationBypassProvider(org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider) PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Example 12 with PrincipalMultifactorAuthenticationProviderBypassEvaluator

use of org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.

the class YubiKeyAuthenticationMultifactorProviderBypassConfiguration method yubikeyPrincipalMultifactorAuthenticationProviderBypass.

@Bean
@ConditionalOnMissingBean(name = "yubikeyPrincipalMultifactorAuthenticationProviderBypass")
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator yubikeyPrincipalMultifactorAuthenticationProviderBypass(final CasConfigurationProperties casProperties) {
    val yubikey = casProperties.getAuthn().getMfa().getYubikey();
    val props = yubikey.getBypass();
    return new PrincipalMultifactorAuthenticationProviderBypassEvaluator(props, yubikey.getId());
}
Also used : lombok.val(lombok.val) PrincipalMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

lombok.val (lombok.val)12 PrincipalMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator)12 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)11 RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)11 Bean (org.springframework.context.annotation.Bean)11 StringUtils (org.apache.commons.lang3.StringUtils)1 DuoSecurityAuthenticationService (org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)1 AuthenticationMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)1 ChainingMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.ChainingMultifactorAuthenticationProviderBypassEvaluator)1 CredentialMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)1 DefaultChainingMultifactorAuthenticationBypassProvider (org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)1 GroovyMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator)1 HttpRequestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator)1 MultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator)1 NeverAllowMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.NeverAllowMultifactorAuthenticationProviderBypassEvaluator)1 RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator)1 RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator)1 RestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator)1 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)1 MultifactorAuthenticationProviderBypassProperties (org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)1