use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.
the class DuoSecurityRestHttpRequestCredentialFactoryTests method verifyOperation.
@Test
public void verifyOperation() {
val factory = new DuoSecurityRestHttpRequestCredentialFactory();
val request = new MockHttpServletRequest();
val body = new LinkedMultiValueMap<String, String>();
assertTrue(factory.fromRequest(request, body).isEmpty());
body.put(RestHttpRequestCredentialFactory.PARAMETER_USERNAME, List.of("user"));
assertTrue(factory.fromRequest(request, body).isEmpty());
body.put(DuoSecurityRestHttpRequestCredentialFactory.PARAMETER_NAME_PASSCODE, List.of("123456"));
body.put(DuoSecurityRestHttpRequestCredentialFactory.PARAMETER_NAME_PROVIDER, List.of("custom-duo"));
var credentials = factory.fromRequest(request, body);
assertFalse(credentials.isEmpty());
var credential = (DuoSecurityPasscodeCredential) credentials.get(0);
assertEquals(credential.getProviderId(), "custom-duo");
credentials = factory.fromAuthentication(request, body, CoreAuthenticationTestUtils.getAuthentication(), new TestMultifactorAuthenticationProvider());
val directCredential = (DuoSecurityDirectCredential) credentials.get(0);
assertEquals(TestMultifactorAuthenticationProvider.ID, directCredential.getProviderId());
assertNotNull(directCredential.getPrincipal());
}
use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.
the class TicketGrantingTicketResourceTests method verifyCreateTgtWithMfa.
@Test
public void verifyCreateTgtWithMfa() throws Exception {
when(requestedContextValidator.validateAuthenticationContext(any(), any(), any(), any(), any())).thenReturn(AuthenticationContextValidationResult.builder().success(false).build());
when(multifactorTriggerSelectionStrategy.resolve(any(), any(), any(), any(), any())).thenReturn(Optional.of(new TestMultifactorAuthenticationProvider()));
val expectedReturnEntityBody = "TGT-1";
configureCasMockToCreateValidTGT();
this.mockMvc.perform(post(TICKETS_RESOURCE_URL).param(USERNAME, TEST_VALUE).param(PASSWORD, TEST_VALUE).accept(MediaType.APPLICATION_JSON)).andExpect(status().isCreated()).andExpect(header().string("Location", "http://localhost/cas/v1/tickets/TGT-1")).andExpect(content().contentType(MediaType.APPLICATION_JSON)).andExpect(content().string(expectedReturnEntityBody));
}
use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.
the class UserAuthenticationResourceTests method verifyAuthWithMfa.
@Test
public void verifyAuthWithMfa() throws Exception {
val builder = new DefaultAuthenticationResultBuilder().collect(CoreAuthenticationTestUtils.getAuthentication());
val result = builder.build(new DefaultPrincipalElectionStrategy());
when(authenticationSupport.finalizeAuthenticationTransaction(any(), anyCollection())).thenReturn(result);
when(authenticationSupport.handleInitialAuthenticationTransaction(any(), any())).thenReturn(builder);
when(requestedContextValidator.validateAuthenticationContext(any(), any(), any(), any(), any())).thenReturn(AuthenticationContextValidationResult.builder().success(false).build());
when(multifactorTriggerSelectionStrategy.resolve(any(), any(), any(), any(), any())).thenReturn(Optional.of(new TestMultifactorAuthenticationProvider()));
this.mockMvc.perform(post(TICKETS_RESOURCE_URL).param("username", "casuser").param("password", "Mellon")).andExpect(status().isOk());
}
use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.
the class DuoSecurityUniversalPromptValidateLoginActionTests method verifyPass.
@Test
public void verifyPass() throws Exception {
val context = new MockRequestContext();
val request = new MockHttpServletRequest();
val response = new MockHttpServletResponse();
context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
RequestContextHolder.setRequestContext(context);
ExternalContextHolder.setExternalContext(context.getExternalContext());
val identifier = casProperties.getAuthn().getMfa().getDuo().get(0).getId();
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext, new TestMultifactorAuthenticationProvider(identifier));
configurableApplicationContext.getBeansOfType(MultifactorAuthenticationPrincipalResolver.class).forEach((key, value) -> ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, value, key));
val authentication = RegisteredServiceTestUtils.getAuthentication();
WebUtils.putAuthentication(authentication, context);
WebUtils.putRegisteredService(context, RegisteredServiceTestUtils.getRegisteredService());
WebUtils.putMultifactorAuthenticationProviderIdIntoFlowScope(context, provider);
val builder = mock(AuthenticationResultBuilder.class);
when(builder.getInitialAuthentication()).thenReturn(Optional.of(authentication));
when(builder.collect(any(Authentication.class))).thenReturn(builder);
val authnResult = mock(AuthenticationResult.class);
when(authnResult.getAuthentication()).thenReturn(authentication);
when(builder.build(any(PrincipalElectionStrategy.class))).thenReturn(authnResult);
WebUtils.putAuthenticationResultBuilder(builder, context);
val prepResult = duoUniversalPromptPrepareLoginAction.execute(context);
val ticket = (TransientSessionTicket) prepResult.getAttributes().get("result");
val code = UUID.randomUUID().toString();
request.addParameter(DuoSecurityUniversalPromptValidateLoginAction.REQUEST_PARAMETER_CODE, code);
request.addParameter(DuoSecurityUniversalPromptValidateLoginAction.REQUEST_PARAMETER_STATE, ticket.getId());
val result = duoUniversalPromptValidateLoginAction.execute(context);
assertNotNull(result);
assertEquals(CasWebflowConstants.TRANSITION_ID_SUCCESS, result.getId());
assertNotNull(WebUtils.getAuthentication(context));
assertNotNull(WebUtils.getRegisteredService(context));
assertNotNull(WebUtils.getAuthenticationResult(context));
}
use of org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider in project cas by apereo.
the class MultifactorAuthenticationContingencyPlanTests method verifyManyProviders.
@Test
public void verifyManyProviders() {
val appCtx = new StaticApplicationContext();
appCtx.refresh();
val props = new CasConfigurationProperties();
TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(appCtx, new TestMultifactorAuthenticationProvider());
TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(appCtx, new TestMultifactorAuthenticationProvider("mfa-two"));
val plan = new MultifactorAuthenticationContingencyPlan(props, appCtx);
val principal = CoreAuthenticationTestUtils.getPrincipal(CollectionUtils.wrap("mail", List.of("cas@example.org")));
val authentication = CoreAuthenticationTestUtils.getAuthentication(principal);
val registeredService = CoreAuthenticationTestUtils.getRegisteredService();
assertThrows(AuthenticationException.class, () -> plan.execute(authentication, registeredService, new AuthenticationRiskScore(BigDecimal.ONE), new MockHttpServletRequest()));
}
Aggregations