use of org.apereo.cas.authentication.bypass.RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator in project cas by apereo.
the class DuoSecurityMultifactorProviderBypassConfiguration method duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator.
@ConditionalOnMissingBean(name = "duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MultifactorAuthenticationProviderBypassEvaluator duoSecurityRegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(final ConfigurableApplicationContext applicationContext, final CasConfigurationProperties casProperties) {
return BeanSupplier.of(MultifactorAuthenticationProviderBypassEvaluator.class).when(DuoSecurityAuthenticationService.CONDITION.given(applicationContext.getEnvironment())).supply(() -> {
val duoProps = casProperties.getAuthn().getMfa().getDuo();
val bypass = new DefaultChainingMultifactorAuthenticationBypassProvider();
duoProps.stream().filter(duo -> StringUtils.isNotBlank(duo.getBypass().getCredentialClassType())).forEach(duo -> bypass.addMultifactorAuthenticationProviderBypassEvaluator(new RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator(duo.getId())));
if (bypass.isEmpty()) {
return NeverAllowMultifactorAuthenticationProviderBypassEvaluator.getInstance();
}
return bypass;
}).otherwiseProxy().get();
}
Aggregations