Search in sources :

Example 56 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class AbstractPac4jAuthenticationHandler method createResult.

/**
 * Build the handler result.
 *
 * @param credentials the provided credentials
 * @param profile     the retrieved user profile
 * @return the built handler result
 * @throws GeneralSecurityException On authentication failure.
 */
protected AuthenticationHandlerExecutionResult createResult(final ClientCredential credentials, final UserProfile profile) throws GeneralSecurityException {
    if (profile == null) {
        throw new FailedLoginException("Authentication did not produce a user profile for: " + credentials);
    }
    final String id;
    if (isTypedIdUsed) {
        id = profile.getTypedId();
        LOGGER.debug("Delegated authentication indicates usage of typed profile id [{}]", id);
    } else {
        id = profile.getId();
    }
    if (StringUtils.isBlank(id)) {
        throw new FailedLoginException("No identifier found for this user profile: " + profile);
    }
    credentials.setUserProfile(profile);
    credentials.setTypedIdUsed(isTypedIdUsed);
    final Principal principal = this.principalFactory.createPrincipal(id, new LinkedHashMap<>(profile.getAttributes()));
    LOGGER.debug("Constructed authenticated principal [{}] based on user profile [{}]", principal, profile);
    return createHandlerResult(credentials, principal, new ArrayList<>(0));
}
Also used : FailedLoginException(javax.security.auth.login.FailedLoginException) Principal(org.apereo.cas.authentication.principal.Principal)

Example 57 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class ClientAuthenticationHandlerTests method verifyOkWithSimpleIdentifier.

@Test
public void verifyOkWithSimpleIdentifier() throws GeneralSecurityException, PreventedException {
    this.handler.setTypedIdUsed(false);
    final FacebookProfile facebookProfile = new FacebookProfile();
    facebookProfile.setId(ID);
    this.fbClient.setProfileCreator((oAuth20Credentials, webContext) -> facebookProfile);
    final AuthenticationHandlerExecutionResult result = this.handler.authenticate(this.clientCredential);
    final Principal principal = result.getPrincipal();
    assertEquals(ID, principal.getId());
}
Also used : AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) FacebookProfile(org.pac4j.oauth.profile.facebook.FacebookProfile) Principal(org.apereo.cas.authentication.principal.Principal) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 58 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class ClientAuthenticationHandlerTests method verifyOk.

@Test
public void verifyOk() throws GeneralSecurityException, PreventedException {
    final FacebookProfile facebookProfile = new FacebookProfile();
    facebookProfile.setId(ID);
    this.fbClient.setProfileCreator((oAuth20Credentials, webContext) -> facebookProfile);
    final AuthenticationHandlerExecutionResult result = this.handler.authenticate(this.clientCredential);
    final Principal principal = result.getPrincipal();
    assertEquals(FacebookProfile.class.getName() + '#' + ID, principal.getId());
}
Also used : AuthenticationHandlerExecutionResult(org.apereo.cas.authentication.AuthenticationHandlerExecutionResult) FacebookProfile(org.pac4j.oauth.profile.facebook.FacebookProfile) Principal(org.apereo.cas.authentication.principal.Principal) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 59 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class ChainingPrincipalResolver method resolve.

@Override
public Principal resolve(final Credential credential, final Optional<Principal> principal, final Optional<AuthenticationHandler> handler) {
    val principals = new ArrayList<Principal>(chain.size());
    chain.stream().filter(resolver -> resolver.supports(credential)).forEach(resolver -> {
        LOGGER.debug("Invoking principal resolver [{}]", resolver.getName());
        val p = resolver.resolve(credential, principal, handler);
        if (p != null) {
            LOGGER.debug("Resolved principal [{}]", p);
            principals.add(p);
        }
    });
    if (principals.isEmpty()) {
        LOGGER.warn("None of the principal resolvers in the chain were able to produce a principal");
        return NullPrincipal.getInstance();
    }
    val attributes = new HashMap<String, List<Object>>();
    val merger = CoreAuthenticationUtils.getAttributeMerger(casProperties.getAuthn().getAttributeRepository().getCore().getMerger());
    principals.forEach(p -> {
        if (p != null) {
            LOGGER.debug("Resolved principal [{}]", p);
            val principalAttributes = p.getAttributes();
            if (principalAttributes != null && !principalAttributes.isEmpty()) {
                LOGGER.debug("Adding attributes [{}] for the final principal", principalAttributes);
                attributes.putAll(CoreAuthenticationUtils.mergeAttributes(attributes, principalAttributes, merger));
            }
        }
    });
    return principalElectionStrategy.nominate(principals, attributes);
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) Setter(lombok.Setter) NullPrincipal(org.apereo.cas.authentication.principal.NullPrincipal) PrincipalFactoryUtils(org.apereo.cas.authentication.principal.PrincipalFactoryUtils) PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver) RequiredArgsConstructor(lombok.RequiredArgsConstructor) lombok.val(lombok.val) HashMap(java.util.HashMap) Collectors(java.util.stream.Collectors) IPersonAttributeDao(org.apereo.services.persondir.IPersonAttributeDao) ArrayList(java.util.ArrayList) PrincipalElectionStrategy(org.apereo.cas.authentication.PrincipalElectionStrategy) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) AuthenticationHandler(org.apereo.cas.authentication.AuthenticationHandler) PrincipalFactory(org.apereo.cas.authentication.principal.PrincipalFactory) ToString(lombok.ToString) Optional(java.util.Optional) Principal(org.apereo.cas.authentication.principal.Principal) CoreAuthenticationUtils(org.apereo.cas.authentication.CoreAuthenticationUtils) Credential(org.apereo.cas.authentication.Credential) MergingPersonAttributeDaoImpl(org.apereo.services.persondir.support.MergingPersonAttributeDaoImpl) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList)

Example 60 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class CasSimpleMultifactorSendTokenAction method getOrCreateToken.

/**
 * Get or create a token.
 *
 * @param requestContext the request context
 * @param principal      the principal
 * @return the token
 */
protected CasSimpleMultifactorAuthenticationTicket getOrCreateToken(final RequestContext requestContext, final Principal principal) {
    val currentToken = WebUtils.getSimpleMultifactorAuthenticationToken(requestContext, CasSimpleMultifactorAuthenticationTicket.class);
    return Optional.ofNullable(currentToken).filter(token -> !token.isExpired()).orElseGet(() -> {
        WebUtils.removeSimpleMultifactorAuthenticationToken(requestContext);
        val service = WebUtils.getService(requestContext);
        val mfaFactory = (CasSimpleMultifactorAuthenticationTicketFactory) ticketFactory.get(CasSimpleMultifactorAuthenticationTicket.class);
        val token = mfaFactory.create(service, CollectionUtils.wrap(CasSimpleMultifactorAuthenticationConstants.PROPERTY_PRINCIPAL, principal));
        LOGGER.debug("Created multifactor authentication token [{}] for service [{}]", token.getId(), service);
        return token;
    });
}
Also used : lombok.val(lombok.val) BucketConsumer(org.apereo.cas.bucket4j.consumer.BucketConsumer) RequiredArgsConstructor(lombok.RequiredArgsConstructor) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) LocalAttributeMap(org.springframework.webflow.core.collection.LocalAttributeMap) StringUtils(org.apache.commons.lang3.StringUtils) RequestContext(org.springframework.webflow.execution.RequestContext) CasSimpleMultifactorAuthenticationTicketFactory(org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketFactory) CommunicationsManager(org.apereo.cas.notifications.CommunicationsManager) CasSimpleMultifactorAuthenticationConstants(org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationConstants) FunctionUtils(org.apereo.cas.util.function.FunctionUtils) AbstractMultifactorAuthenticationAction(org.apereo.cas.web.flow.actions.AbstractMultifactorAuthenticationAction) CasWebflowConstants(org.apereo.cas.web.flow.CasWebflowConstants) CasSimpleMultifactorAuthenticationTicket(org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicket) Map(java.util.Map) CollectionUtils(org.apereo.cas.util.CollectionUtils) TicketFactory(org.apereo.cas.ticket.TicketFactory) CasSimpleMultifactorTokenCommunicationStrategy(org.apereo.cas.mfa.simple.CasSimpleMultifactorTokenCommunicationStrategy) lombok.val(lombok.val) EventFactorySupport(org.springframework.webflow.action.EventFactorySupport) Slf4j(lombok.extern.slf4j.Slf4j) CasSimpleMultifactorAuthenticationProperties(org.apereo.cas.configuration.model.support.mfa.simple.CasSimpleMultifactorAuthenticationProperties) CasSimpleMultifactorAuthenticationProvider(org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationProvider) EmailMessageBodyBuilder(org.apereo.cas.notifications.mail.EmailMessageBodyBuilder) Optional(java.util.Optional) Principal(org.apereo.cas.authentication.principal.Principal) WebUtils(org.apereo.cas.web.support.WebUtils) Event(org.springframework.webflow.execution.Event) Ticket(org.apereo.cas.ticket.Ticket) CasSimpleMultifactorAuthenticationTicket(org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicket) CasSimpleMultifactorAuthenticationTicketFactory(org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketFactory)

Aggregations

Principal (org.apereo.cas.authentication.principal.Principal)114 HashMap (java.util.HashMap)33 RegisteredService (org.apereo.cas.services.RegisteredService)31 Test (org.junit.Test)29 Authentication (org.apereo.cas.authentication.Authentication)26 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)25 Map (java.util.Map)23 Slf4j (lombok.extern.slf4j.Slf4j)23 lombok.val (lombok.val)19 List (java.util.List)15 StringUtils (org.apache.commons.lang3.StringUtils)15 OAuthCode (org.apereo.cas.ticket.code.OAuthCode)15 CollectionUtils (org.apereo.cas.util.CollectionUtils)15 ArrayList (java.util.ArrayList)14 Optional (java.util.Optional)14 Service (org.apereo.cas.authentication.principal.Service)14 Collection (java.util.Collection)11 Collectors (java.util.stream.Collectors)10