Search in sources :

Example 11 with TestMultifactorAuthenticationProvider

use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.

the class DuoSecurityRestHttpRequestCredentialFactoryTests method verifyOperation.

@Test
public void verifyOperation() {
    val factory = new DuoSecurityRestHttpRequestCredentialFactory();
    val request = new MockHttpServletRequest();
    val body = new LinkedMultiValueMap<String, String>();
    assertTrue(factory.fromRequest(request, body).isEmpty());
    body.put(RestHttpRequestCredentialFactory.PARAMETER_USERNAME, List.of("user"));
    assertTrue(factory.fromRequest(request, body).isEmpty());
    body.put(DuoSecurityRestHttpRequestCredentialFactory.PARAMETER_NAME_PASSCODE, List.of("123456"));
    body.put(DuoSecurityRestHttpRequestCredentialFactory.PARAMETER_NAME_PROVIDER, List.of("custom-duo"));
    var credentials = factory.fromRequest(request, body);
    assertFalse(credentials.isEmpty());
    var credential = (DuoSecurityPasscodeCredential) credentials.get(0);
    assertEquals(credential.getProviderId(), "custom-duo");
    credentials = factory.fromAuthentication(request, body, CoreAuthenticationTestUtils.getAuthentication(), new TestMultifactorAuthenticationProvider());
    val directCredential = (DuoSecurityDirectCredential) credentials.get(0);
    assertEquals(TestMultifactorAuthenticationProvider.ID, directCredential.getProviderId());
    assertNotNull(directCredential.getPrincipal());
}
Also used : lombok.val(lombok.val) TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) DuoSecurityDirectCredential(org.apereo.cas.adaptors.duo.authn.DuoSecurityDirectCredential) DuoSecurityPasscodeCredential(org.apereo.cas.adaptors.duo.authn.DuoSecurityPasscodeCredential) Test(org.junit.jupiter.api.Test)

Example 12 with TestMultifactorAuthenticationProvider

use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.

the class TicketGrantingTicketResourceTests method verifyCreateTgtWithMfa.

@Test
public void verifyCreateTgtWithMfa() throws Exception {
    when(requestedContextValidator.validateAuthenticationContext(any(), any(), any(), any(), any())).thenReturn(AuthenticationContextValidationResult.builder().success(false).build());
    when(multifactorTriggerSelectionStrategy.resolve(any(), any(), any(), any(), any())).thenReturn(Optional.of(new TestMultifactorAuthenticationProvider()));
    val expectedReturnEntityBody = "TGT-1";
    configureCasMockToCreateValidTGT();
    this.mockMvc.perform(post(TICKETS_RESOURCE_URL).param(USERNAME, TEST_VALUE).param(PASSWORD, TEST_VALUE).accept(MediaType.APPLICATION_JSON)).andExpect(status().isCreated()).andExpect(header().string("Location", "http://localhost/cas/v1/tickets/TGT-1")).andExpect(content().contentType(MediaType.APPLICATION_JSON)).andExpect(content().string(expectedReturnEntityBody));
}
Also used : TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) lombok.val(lombok.val) Test(org.junit.jupiter.api.Test)

Example 13 with TestMultifactorAuthenticationProvider

use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.

the class UserAuthenticationResourceTests method verifyAuthWithMfa.

@Test
public void verifyAuthWithMfa() throws Exception {
    val builder = new DefaultAuthenticationResultBuilder().collect(CoreAuthenticationTestUtils.getAuthentication());
    val result = builder.build(new DefaultPrincipalElectionStrategy());
    when(authenticationSupport.finalizeAuthenticationTransaction(any(), anyCollection())).thenReturn(result);
    when(authenticationSupport.handleInitialAuthenticationTransaction(any(), any())).thenReturn(builder);
    when(requestedContextValidator.validateAuthenticationContext(any(), any(), any(), any(), any())).thenReturn(AuthenticationContextValidationResult.builder().success(false).build());
    when(multifactorTriggerSelectionStrategy.resolve(any(), any(), any(), any(), any())).thenReturn(Optional.of(new TestMultifactorAuthenticationProvider()));
    this.mockMvc.perform(post(TICKETS_RESOURCE_URL).param("username", "casuser").param("password", "Mellon")).andExpect(status().isOk());
}
Also used : lombok.val(lombok.val) TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) DefaultPrincipalElectionStrategy(org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy) DefaultAuthenticationResultBuilder(org.apereo.cas.authentication.DefaultAuthenticationResultBuilder) Test(org.junit.jupiter.api.Test)

Example 14 with TestMultifactorAuthenticationProvider

use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.

the class DuoSecurityUniversalPromptValidateLoginActionTests method verifyPass.

@Test
public void verifyPass() throws Exception {
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    RequestContextHolder.setRequestContext(context);
    ExternalContextHolder.setExternalContext(context.getExternalContext());
    val identifier = casProperties.getAuthn().getMfa().getDuo().get(0).getId();
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext, new TestMultifactorAuthenticationProvider(identifier));
    configurableApplicationContext.getBeansOfType(MultifactorAuthenticationPrincipalResolver.class).forEach((key, value) -> ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, value, key));
    val authentication = RegisteredServiceTestUtils.getAuthentication();
    WebUtils.putAuthentication(authentication, context);
    WebUtils.putRegisteredService(context, RegisteredServiceTestUtils.getRegisteredService());
    WebUtils.putMultifactorAuthenticationProviderIdIntoFlowScope(context, provider);
    val builder = mock(AuthenticationResultBuilder.class);
    when(builder.getInitialAuthentication()).thenReturn(Optional.of(authentication));
    when(builder.collect(any(Authentication.class))).thenReturn(builder);
    val authnResult = mock(AuthenticationResult.class);
    when(authnResult.getAuthentication()).thenReturn(authentication);
    when(builder.build(any(PrincipalElectionStrategy.class))).thenReturn(authnResult);
    WebUtils.putAuthenticationResultBuilder(builder, context);
    val prepResult = duoUniversalPromptPrepareLoginAction.execute(context);
    val ticket = (TransientSessionTicket) prepResult.getAttributes().get("result");
    val code = UUID.randomUUID().toString();
    request.addParameter(DuoSecurityUniversalPromptValidateLoginAction.REQUEST_PARAMETER_CODE, code);
    request.addParameter(DuoSecurityUniversalPromptValidateLoginAction.REQUEST_PARAMETER_STATE, ticket.getId());
    val result = duoUniversalPromptValidateLoginAction.execute(context);
    assertNotNull(result);
    assertEquals(CasWebflowConstants.TRANSITION_ID_SUCCESS, result.getId());
    assertNotNull(WebUtils.getAuthentication(context));
    assertNotNull(WebUtils.getRegisteredService(context));
    assertNotNull(WebUtils.getAuthenticationResult(context));
}
Also used : lombok.val(lombok.val) TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) TransientSessionTicket(org.apereo.cas.ticket.TransientSessionTicket) PrincipalElectionStrategy(org.apereo.cas.authentication.PrincipalElectionStrategy) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) Authentication(org.apereo.cas.authentication.Authentication) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) MultifactorAuthenticationPrincipalResolver(org.apereo.cas.authentication.MultifactorAuthenticationPrincipalResolver) Test(org.junit.jupiter.api.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 15 with TestMultifactorAuthenticationProvider

use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.

the class MultifactorAuthenticationContingencyPlanTests method verifyManyProviders.

@Test
public void verifyManyProviders() {
    val appCtx = new StaticApplicationContext();
    appCtx.refresh();
    val props = new CasConfigurationProperties();
    TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(appCtx, new TestMultifactorAuthenticationProvider());
    TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(appCtx, new TestMultifactorAuthenticationProvider("mfa-two"));
    val plan = new MultifactorAuthenticationContingencyPlan(props, appCtx);
    val principal = CoreAuthenticationTestUtils.getPrincipal(CollectionUtils.wrap("mail", List.of("cas@example.org")));
    val authentication = CoreAuthenticationTestUtils.getAuthentication(principal);
    val registeredService = CoreAuthenticationTestUtils.getRegisteredService();
    assertThrows(AuthenticationException.class, () -> plan.execute(authentication, registeredService, new AuthenticationRiskScore(BigDecimal.ONE), new MockHttpServletRequest()));
}
Also used : lombok.val(lombok.val) TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) AuthenticationRiskScore(org.apereo.cas.api.AuthenticationRiskScore) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) Test(org.junit.jupiter.api.Test)

Aggregations

lombok.val (lombok.val)20 TestMultifactorAuthenticationProvider (org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider)20 Test (org.junit.jupiter.api.Test)15 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)11 StaticApplicationContext (org.springframework.context.support.StaticApplicationContext)6 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)6 MockServletContext (org.springframework.mock.web.MockServletContext)6 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)6 MockRequestContext (org.springframework.webflow.test.MockRequestContext)6 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)5 Service (org.apereo.cas.authentication.principal.Service)3 MultifactorAuthenticationProviderBypassProperties (org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)3 DefaultAuthenticationResultBuilder (org.apereo.cas.authentication.DefaultAuthenticationResultBuilder)2 DefaultMultifactorAuthenticationProviderResolver (org.apereo.cas.authentication.DefaultMultifactorAuthenticationProviderResolver)2 MultifactorAuthenticationPrincipalResolver (org.apereo.cas.authentication.MultifactorAuthenticationPrincipalResolver)2 RestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator)2 MockWebServer (org.apereo.cas.util.MockWebServer)2 Order (org.junit.jupiter.api.Order)2 TestMethodOrder (org.junit.jupiter.api.TestMethodOrder)2 LiteralExpression (org.springframework.binding.expression.support.LiteralExpression)2