use of org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy in project cas by apereo.
the class CoreAuthenticationUtils method newAuthenticationPolicy.
/**
* New authentication policy collection.
*
* @param policyProps the policy props
* @return the collection
*/
public static Collection<AuthenticationPolicy> newAuthenticationPolicy(final AuthenticationPolicyProperties policyProps) {
if (policyProps.getReq().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", RequiredAuthenticationHandlerAuthenticationPolicy.class.getSimpleName());
val requiredHandlerNames = org.springframework.util.StringUtils.commaDelimitedListToSet(policyProps.getReq().getHandlerName());
var policy = new RequiredAuthenticationHandlerAuthenticationPolicy(requiredHandlerNames, policyProps.getReq().isTryAll());
return CollectionUtils.wrapList(policy);
}
if (policyProps.getAllHandlers().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AllAuthenticationHandlersSucceededAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AllAuthenticationHandlersSucceededAuthenticationPolicy());
}
if (policyProps.getAll().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AllCredentialsValidatedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AllCredentialsValidatedAuthenticationPolicy());
}
if (policyProps.getNotPrevented().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", NotPreventedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new NotPreventedAuthenticationPolicy());
}
if (!policyProps.getGroovy().isEmpty()) {
LOGGER.trace("Activating authentication policy [{}]", GroovyScriptAuthenticationPolicy.class.getSimpleName());
return policyProps.getGroovy().stream().map(groovy -> new GroovyScriptAuthenticationPolicy(groovy.getScript())).collect(Collectors.toList());
}
if (!policyProps.getRest().isEmpty()) {
LOGGER.trace("Activating authentication policy [{}]", RestfulAuthenticationPolicy.class.getSimpleName());
return policyProps.getRest().stream().map(RestfulAuthenticationPolicy::new).collect(Collectors.toList());
}
if (policyProps.getAny().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AtLeastOneCredentialValidatedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AtLeastOneCredentialValidatedAuthenticationPolicy(policyProps.getAny().isTryAll()));
}
return new ArrayList<>();
}
use of org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy in project cas by apereo.
the class AuthenticationPolicyAwareServiceTicketValidationAuthorizerTests method verifyAllCredentialsValidatedAuthenticationPolicy.
@Test
public void verifyAllCredentialsValidatedAuthenticationPolicy() {
val handlers = List.of(getTestOtpAuthenticationHandler(), getAcceptUsersAuthenticationHandler(), getSimpleTestAuthenticationHandler());
val service = CoreAuthenticationTestUtils.getService("https://example.com/high/");
val authz = getAuthorizer(new AllCredentialsValidatedAuthenticationPolicy(), handlers);
val map = (Map) Map.of(new UsernamePasswordCredential(), getAcceptUsersAuthenticationHandler(), getOtpCredential(), getTestOtpAuthenticationHandler());
val assertion = getAssertion(map);
assertDoesNotThrow(new Executable() {
@Override
public void execute() {
authz.authorize(new MockHttpServletRequest(), service, assertion);
}
});
}
use of org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy in project cas by apereo.
the class DefaultAuthenticationManagerTests method verifyAuthenticateAllFailure.
@Test
public void verifyAuthenticateAllFailure() {
val map = new LinkedHashMap<AuthenticationHandler, PrincipalResolver>();
map.put(newMockHandler(false), null);
map.put(newMockHandler(false), null);
val authenticationExecutionPlan = getAuthenticationExecutionPlan(map);
authenticationExecutionPlan.registerAuthenticationPolicy(new AllCredentialsValidatedAuthenticationPolicy());
val manager = new DefaultAuthenticationManager(authenticationExecutionPlan, false, applicationContext);
assertThrows(AuthenticationException.class, () -> manager.authenticate(transaction));
}
use of org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy in project cas by apereo.
the class DefaultAuthenticationEventExecutionPlanTests method verifyOperation.
@Test
public void verifyOperation() {
val context = PrincipalResolutionContext.builder().attributeRepository(CoreAuthenticationTestUtils.getAttributeRepository()).principalFactory(PrincipalFactoryUtils.newPrincipalFactory()).returnNullIfNoAttributes(false).principalNameTransformer(formUserId -> formUserId).useCurrentPrincipalId(false).resolveAttributes(true).attributeMerger(CoreAuthenticationUtils.getAttributeMerger(PrincipalAttributesCoreProperties.MergingStrategyTypes.REPLACE)).activeAttributeRepositoryIdentifiers(CollectionUtils.wrapSet(IPersonAttributeDao.WILDCARD)).build();
val plan = new DefaultAuthenticationEventExecutionPlan();
plan.registerAuthenticationPreProcessor(transaction -> false);
plan.registerAuthenticationMetadataPopulators(Set.of(new RememberMeAuthenticationMetaDataPopulator(new RememberMeAuthenticationProperties())));
plan.registerAuthenticationHandlerWithPrincipalResolvers(Set.of(new SimpleTestUsernamePasswordAuthenticationHandler()), new PersonDirectoryPrincipalResolver(context));
plan.registerAuthenticationPolicy(new AllCredentialsValidatedAuthenticationPolicy());
plan.registerAuthenticationPolicyResolver(transaction -> Set.of(new AllCredentialsValidatedAuthenticationPolicy()));
assertFalse(plan.getAuthenticationPolicies(new DefaultAuthenticationTransactionFactory().newTransaction(CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword())).isEmpty());
}
use of org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy in project cas by apereo.
the class DefaultAuthenticationManagerTests method verifyAuthenticateAllSuccess.
@Test
public void verifyAuthenticateAllSuccess() {
val map = new LinkedHashMap<AuthenticationHandler, PrincipalResolver>();
map.put(newMockHandler(true), null);
map.put(newMockHandler(true), null);
val authenticationExecutionPlan = getAuthenticationExecutionPlan(map);
authenticationExecutionPlan.registerAuthenticationPolicy(new AllCredentialsValidatedAuthenticationPolicy());
val manager = new DefaultAuthenticationManager(authenticationExecutionPlan, false, applicationContext);
val auth = manager.authenticate(transaction);
assertEquals(2, auth.getSuccesses().size());
assertEquals(0, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
Aggregations