Examples with HttpBasedServiceCredentialsAuthenticationHandler - org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler

Example 1 with HttpBasedServiceCredentialsAuthenticationHandler

use of org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler in project cas by apereo.

the class RegisteredServiceAuthenticationHandlerResolver method resolve.

@Override
public Set<AuthenticationHandler> resolve(final Set<AuthenticationHandler> candidateHandlers, final AuthenticationTransaction transaction) {
    final Service service = transaction.getService();
    if (service != null && this.servicesManager != null) {
        final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
        if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
            LOGGER.warn("Service [{}] is not allowed to use SSO.", registeredService);
            throw new UnauthorizedSsoServiceException();
        }
        if (!registeredService.getRequiredHandlers().isEmpty()) {
            LOGGER.debug("Authentication transaction requires [{}] for service [{}]", registeredService.getRequiredHandlers(), service);
            final Set<AuthenticationHandler> handlerSet = new LinkedHashSet<>(candidateHandlers);
            LOGGER.info("Candidate authentication handlers examined this transaction are [{}]", handlerSet);
            final Iterator<AuthenticationHandler> it = handlerSet.iterator();
            while (it.hasNext()) {
                final AuthenticationHandler handler = it.next();
                if (!(handler instanceof HttpBasedServiceCredentialsAuthenticationHandler) && !registeredService.getRequiredHandlers().contains(handler.getName())) {
                    LOGGER.debug("Authentication handler [{}] is not required for this transaction and is removed", handler.getName());
                    it.remove();
                }
            }
            LOGGER.debug("Authentication handlers for this transaction are [{}]", handlerSet);
            return handlerSet;
        } else {
            LOGGER.debug("No specific authentication handlers are required for this transaction");
        }
    }
    final String handlers = candidateHandlers.stream().map(AuthenticationHandler::getName).collect(Collectors.joining());
    LOGGER.debug("Authentication handlers used for this transaction are [{}]", handlers);
    return candidateHandlers;
}

Also used : LinkedHashSet(java.util.LinkedHashSet) RegisteredService(org.apereo.cas.services.RegisteredService) UnauthorizedSsoServiceException(org.apereo.cas.services.UnauthorizedSsoServiceException) HttpBasedServiceCredentialsAuthenticationHandler(org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler) Service(org.apereo.cas.authentication.principal.Service) RegisteredService(org.apereo.cas.services.RegisteredService) HttpBasedServiceCredentialsAuthenticationHandler(org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler)

Aggregations

LinkedHashSet (java.util.LinkedHashSet)1 HttpBasedServiceCredentialsAuthenticationHandler (org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler)1 Service (org.apereo.cas.authentication.principal.Service)1 RegisteredService (org.apereo.cas.services.RegisteredService)1 UnauthorizedSsoServiceException (org.apereo.cas.services.UnauthorizedSsoServiceException)1