Examples with OneTimePasswordCredential org.apereo.cas.authentication.credential.OneTimePasswordCredential used on opensource projects

Search in sources :

Example 1 with OneTimePasswordCredential

use of org.apereo.cas.authentication.credential.OneTimePasswordCredential in project cas by apereo.

the class PasswordlessTokenAuthenticationHandlerTests method verifyAction.

@Test
public void verifyAction() throws Exception {
    val repository = new InMemoryPasswordlessTokenRepository(60);
    repository.saveToken("casuser", "123456");
    val h = new PasswordlessTokenAuthenticationHandler(null, mock(ServicesManager.class), PrincipalFactoryUtils.newPrincipalFactory(), 0, repository);
    val c = new OneTimePasswordCredential("casuser", "123456");
    assertNotNull(h.authenticate(c));
    assertThrows(FailedLoginException.class, () -> h.authenticate(new OneTimePasswordCredential("1", "2")));
    assertTrue(h.supports(c));
    assertTrue(h.supports(c.getCredentialClass()));
    assertFalse(h.supports(new UsernamePasswordCredential()));
}
Also used : lombok.val(lombok.val) ServicesManager(org.apereo.cas.services.ServicesManager) OneTimePasswordCredential(org.apereo.cas.authentication.credential.OneTimePasswordCredential) InMemoryPasswordlessTokenRepository(org.apereo.cas.impl.token.InMemoryPasswordlessTokenRepository) UsernamePasswordCredential(org.apereo.cas.authentication.credential.UsernamePasswordCredential) Test(org.junit.jupiter.api.Test)

Example 2 with OneTimePasswordCredential

use of org.apereo.cas.authentication.credential.OneTimePasswordCredential in project cas by apereo.

the class AcceptPasswordlessAuthenticationAction method doExecute.

@Override
protected Event doExecute(final RequestContext requestContext) {
    val principal = WebUtils.getPasswordlessAuthenticationAccount(requestContext, PasswordlessUserAccount.class);
    try {
        val token = requestContext.getRequestParameters().getRequired("token");
        val currentToken = passwordlessTokenRepository.findToken(principal.getUsername());
        if (currentToken.isPresent() && token.equalsIgnoreCase(currentToken.get())) {
            val credential = new OneTimePasswordCredential(principal.getUsername(), token);
            val service = WebUtils.getService(requestContext);
            val authenticationResult = authenticationSystemSupport.finalizeAuthenticationTransaction(service, credential);
            WebUtils.putAuthenticationResult(authenticationResult, requestContext);
            WebUtils.putAuthentication(authenticationResult.getAuthentication(), requestContext);
            WebUtils.putCredential(requestContext, credential);
            val finalEvent = super.doExecute(requestContext);
            passwordlessTokenRepository.deleteToken(principal.getUsername(), currentToken.get());
            return finalEvent;
        }
    } catch (final Exception e) {
        LoggingUtils.error(LOGGER, e);
        val attributes = new LocalAttributeMap<>();
        attributes.put("error", e);
        var account = principal != null ? passwordlessUserAccountStore.findUser(principal.getUsername()) : Optional.empty();
        if (account.isPresent()) {
            attributes.put("passwordlessAccount", account.get());
            return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, attributes);
        }
    }
    LOGGER.error("Unable to locate token for user [{}]", principal.getUsername());
    val attributes = new LocalAttributeMap<>();
    attributes.put("error", new AuthenticationException("Invalid token"));
    return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, attributes);
}
Also used : lombok.val(lombok.val) LocalAttributeMap(org.springframework.webflow.core.collection.LocalAttributeMap) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) OneTimePasswordCredential(org.apereo.cas.authentication.credential.OneTimePasswordCredential) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)

Example 3 with OneTimePasswordCredential

use of org.apereo.cas.authentication.credential.OneTimePasswordCredential in project cas by apereo.

the class OneTimePasswordCredentialTests method verifySerializeAnOneTimePasswordCredentialToJson.

@Test
public void verifySerializeAnOneTimePasswordCredentialToJson() throws Exception {
    val credentialWritten = new OneTimePasswordCredential("id", "password");
    MAPPER.writeValue(JSON_FILE, credentialWritten);
    val credentialRead = MAPPER.readValue(JSON_FILE, OneTimePasswordCredential.class);
    assertEquals(credentialWritten, credentialRead);
}
Also used : lombok.val(lombok.val) OneTimePasswordCredential(org.apereo.cas.authentication.credential.OneTimePasswordCredential) Test(org.junit.jupiter.api.Test)

Example 4 with OneTimePasswordCredential

use of org.apereo.cas.authentication.credential.OneTimePasswordCredential in project cas by apereo.

the class MultifactorAuthenticationTests method verifyAllowsAccessToNormalSecurityServiceWithOTP.

@Test
public void verifyAllowsAccessToNormalSecurityServiceWithOTP() {
    val ctx = processAuthenticationAttempt(NORMAL_SERVICE, new OneTimePasswordCredential(ALICE, PASSWORD_31415));
    val tgt = cas.createTicketGrantingTicket(ctx);
    assertNotNull(tgt);
    val st = cas.grantServiceTicket(tgt.getId(), NORMAL_SERVICE, ctx);
    assertNotNull(st);
}
Also used : lombok.val(lombok.val) OneTimePasswordCredential(org.apereo.cas.authentication.credential.OneTimePasswordCredential) Test(org.junit.jupiter.api.Test)

Example 5 with OneTimePasswordCredential

use of org.apereo.cas.authentication.credential.OneTimePasswordCredential in project cas by apereo.

the class MultifactorAuthenticationTests method verifyDeniesAccessToHighSecurityServiceWithOTP.

@Test
public void verifyDeniesAccessToHighSecurityServiceWithOTP() {
    val ctx = processAuthenticationAttempt(HIGH_SERVICE, new OneTimePasswordCredential(ALICE, PASSWORD_31415));
    val tgt = cas.createTicketGrantingTicket(ctx);
    assertNotNull(tgt);
    assertThrows(UnsatisfiedAuthenticationPolicyException.class, () -> cas.grantServiceTicket(tgt.getId(), HIGH_SERVICE, ctx));
}
Also used : lombok.val(lombok.val) OneTimePasswordCredential(org.apereo.cas.authentication.credential.OneTimePasswordCredential) Test(org.junit.jupiter.api.Test)

Aggregations

lombok.val (lombok.val)9 OneTimePasswordCredential (org.apereo.cas.authentication.credential.OneTimePasswordCredential)9 Test (org.junit.jupiter.api.Test)6 FailedLoginException (javax.security.auth.login.FailedLoginException)2 AuthenticationException (org.apereo.cas.authentication.AuthenticationException)1 DefaultAuthenticationHandlerExecutionResult (org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult)1 UsernamePasswordCredential (org.apereo.cas.authentication.credential.UsernamePasswordCredential)1 BasicCredentialMetaData (org.apereo.cas.authentication.metadata.BasicCredentialMetaData)1 InMemoryPasswordlessTokenRepository (org.apereo.cas.impl.token.InMemoryPasswordlessTokenRepository)1 ServicesManager (org.apereo.cas.services.ServicesManager)1 EventFactorySupport (org.springframework.webflow.action.EventFactorySupport)1 LocalAttributeMap (org.springframework.webflow.core.collection.LocalAttributeMap)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial