Examples with Principal org.apereo.cas.authentication.principal.Principal used on opensource projects

Search in sources :

Example 61 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class AbstractX509PrincipalResolver method getAlternatePrincipal.

/**
 * Get alternate principal if alternate attribute configured.
 *
 * @param certificate X509 Certificate of user
 * @return principal using alternate attribute or null if none configured
 */
protected String getAlternatePrincipal(final X509Certificate certificate) {
    if (StringUtils.isBlank(alternatePrincipalAttribute)) {
        return null;
    }
    val attributes = extractPersonAttributes(certificate);
    val attribute = attributes.get(alternatePrincipalAttribute);
    if (attribute == null) {
        LOGGER.debug("Attempt to get alternate principal with attribute [{}] was unsuccessful.", alternatePrincipalAttribute);
        return null;
    }
    val optionalAttribute = CollectionUtils.firstElement(attribute);
    return optionalAttribute.map(Object::toString).filter(StringUtils::isNotEmpty).map(alternatePrincipal -> {
        LOGGER.debug("Using alternate principal attribute [{}]", alternatePrincipal);
        return alternatePrincipal;
    }).orElseGet(() -> {
        LOGGER.trace("Returning null principal id...");
        return null;
    });
}
Also used : lombok.val(lombok.val) X509Certificate(java.security.cert.X509Certificate) PersonDirectoryPrincipalResolver(org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver) Setter(lombok.Setter) lombok.val(lombok.val) StringUtils(org.apache.commons.lang3.StringUtils) LinkedHashMap(java.util.LinkedHashMap) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) Map(java.util.Map) CollectionUtils(org.apereo.cas.util.CollectionUtils) ToString(lombok.ToString) Optional(java.util.Optional) Principal(org.apereo.cas.authentication.principal.Principal) PrincipalResolutionContext(org.apereo.cas.authentication.principal.resolvers.PrincipalResolutionContext) Credential(org.apereo.cas.authentication.Credential) StringUtils(org.apache.commons.lang3.StringUtils)

Example 62 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class CoreAuthenticationUtils method buildPrincipalResolutionContext.

/**
 * New PrincipalResolutionContext.
 *
 * @param principalFactory    the principal factory
 * @param attributeRepository the attribute repository
 * @param attributeMerger     the attribute merger
 * @param personDirectory     the person directory properties
 * @return the resolver
 */
public static PrincipalResolutionContext buildPrincipalResolutionContext(final PrincipalFactory principalFactory, final IPersonAttributeDao attributeRepository, final IAttributeMerger attributeMerger, final PersonDirectoryPrincipalResolverProperties... personDirectory) {
    val transformers = Arrays.stream(personDirectory).map(p -> PrincipalNameTransformerUtils.newPrincipalNameTransformer(p.getPrincipalTransformation())).collect(Collectors.toList());
    val transformer = new ChainingPrincipalNameTransformer(transformers);
    return PrincipalResolutionContext.builder().attributeRepository(attributeRepository).attributeMerger(attributeMerger).principalFactory(principalFactory).returnNullIfNoAttributes(Arrays.stream(personDirectory).filter(p -> p.getReturnNull() != TriStateBoolean.UNDEFINED).map(p -> p.getReturnNull().toBoolean()).findFirst().orElse(Boolean.FALSE)).principalAttributeNames(Arrays.stream(personDirectory).map(PersonDirectoryPrincipalResolverProperties::getPrincipalAttribute).filter(StringUtils::isNotBlank).findFirst().orElse(StringUtils.EMPTY)).principalNameTransformer(transformer).useCurrentPrincipalId(Arrays.stream(personDirectory).filter(p -> p.getUseExistingPrincipalId() != TriStateBoolean.UNDEFINED).map(p -> p.getUseExistingPrincipalId().toBoolean()).findFirst().orElse(Boolean.FALSE)).resolveAttributes(Arrays.stream(personDirectory).filter(p -> p.getAttributeResolutionEnabled() != TriStateBoolean.UNDEFINED).map(p -> p.getAttributeResolutionEnabled().toBoolean()).findFirst().orElse(Boolean.TRUE)).activeAttributeRepositoryIdentifiers(Arrays.stream(personDirectory).filter(p -> StringUtils.isNotBlank(p.getActiveAttributeRepositoryIds())).map(p -> org.springframework.util.StringUtils.commaDelimitedListToSet(p.getActiveAttributeRepositoryIds())).filter(p -> !p.isEmpty()).findFirst().orElse(Collections.EMPTY_SET)).build();
}
Also used : lombok.val(lombok.val) ArrayListMultimap(com.google.common.collect.ArrayListMultimap) Arrays(java.util.Arrays) ReplacingAttributeAdder(org.apereo.services.persondir.support.merger.ReplacingAttributeAdder) GroovyPasswordPolicyHandlingStrategy(org.apereo.cas.authentication.support.password.GroovyPasswordPolicyHandlingStrategy) Assertion(org.apereo.cas.validation.Assertion) GroovyIPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.GroovyIPAddressIntelligenceService) Beans(org.apereo.cas.configuration.support.Beans) StringUtils(org.apache.commons.lang3.StringUtils) IPersonAttributeDao(org.apereo.services.persondir.IPersonAttributeDao) ClassUtils(org.apache.commons.lang3.ClassUtils) PrincipalFactory(org.apereo.cas.authentication.principal.PrincipalFactory) Pair(org.apache.commons.lang3.tuple.Pair) Map(java.util.Map) Splitter(com.google.common.base.Splitter) DefaultIPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.DefaultIPAddressIntelligenceService) Unchecked(org.jooq.lambda.Unchecked) Predicate(java.util.function.Predicate) Collection(java.util.Collection) PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver) IAttributeMerger(org.apereo.services.persondir.support.merger.IAttributeMerger) Set(java.util.Set) MultivaluedAttributeMerger(org.apereo.services.persondir.support.merger.MultivaluedAttributeMerger) AuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties) Collectors(java.util.stream.Collectors) PasswordPolicyProperties(org.apereo.cas.configuration.model.core.authentication.PasswordPolicyProperties) IPersonAttributeDaoFilter(org.apereo.services.persondir.IPersonAttributeDaoFilter) StandardCharsets(java.nio.charset.StandardCharsets) RejectResultCodePasswordPolicyHandlingStrategy(org.apereo.cas.authentication.support.password.RejectResultCodePasswordPolicyHandlingStrategy) IOUtils(org.apache.commons.io.IOUtils) AllCredentialsValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) IPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.IPAddressIntelligenceService) Optional(java.util.Optional) Principal(org.apereo.cas.authentication.principal.Principal) PrincipalResolutionContext(org.apereo.cas.authentication.principal.resolvers.PrincipalResolutionContext) Pattern(java.util.regex.Pattern) GroovyClassLoader(groovy.lang.GroovyClassLoader) AtLeastOneCredentialValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy) RequiredAuthenticationHandlerAuthenticationPolicy(org.apereo.cas.authentication.policy.RequiredAuthenticationHandlerAuthenticationPolicy) AllAuthenticationHandlersSucceededAuthenticationPolicy(org.apereo.cas.authentication.policy.AllAuthenticationHandlersSucceededAuthenticationPolicy) ArrayUtils(org.apache.commons.lang3.ArrayUtils) HashMap(java.util.HashMap) RestfulIPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.RestfulIPAddressIntelligenceService) Multimap(com.google.common.collect.Multimap) PersonDirectoryPrincipalResolverProperties(org.apereo.cas.configuration.model.core.authentication.PersonDirectoryPrincipalResolverProperties) NoncollidingAttributeAdder(org.apereo.services.persondir.support.merger.NoncollidingAttributeAdder) ArrayList(java.util.ArrayList) UtilityClass(lombok.experimental.UtilityClass) LinkedHashMap(java.util.LinkedHashMap) NotPreventedAuthenticationPolicy(org.apereo.cas.authentication.policy.NotPreventedAuthenticationPolicy) DefaultResourceLoader(org.springframework.core.io.DefaultResourceLoader) CollectionUtils(org.apereo.cas.util.CollectionUtils) ChainingPrincipalNameTransformer(org.apereo.cas.util.transforms.ChainingPrincipalNameTransformer) PersonDirectoryPrincipalResolver(org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver) BaseAdditiveAttributeMerger(org.apereo.services.persondir.support.merger.BaseAdditiveAttributeMerger) lombok.val(lombok.val) GroovyScriptAuthenticationPolicy(org.apereo.cas.authentication.policy.GroovyScriptAuthenticationPolicy) CompilerConfiguration(org.codehaus.groovy.control.CompilerConfiguration) ApplicationContext(org.springframework.context.ApplicationContext) AdaptiveAuthenticationProperties(org.apereo.cas.configuration.model.core.authentication.AdaptiveAuthenticationProperties) TriStateBoolean(org.apereo.cas.util.model.TriStateBoolean) PrincipalNameTransformerUtils(org.apereo.cas.authentication.principal.PrincipalNameTransformerUtils) DefaultPasswordPolicyHandlingStrategy(org.apereo.cas.authentication.support.password.DefaultPasswordPolicyHandlingStrategy) PrincipalAttributesCoreProperties(org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesCoreProperties) RestfulAuthenticationPolicy(org.apereo.cas.authentication.policy.RestfulAuthenticationPolicy) Collections(java.util.Collections) StringUtils(org.apache.commons.lang3.StringUtils) ChainingPrincipalNameTransformer(org.apereo.cas.util.transforms.ChainingPrincipalNameTransformer)

Example 63 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class MultifactorAuthenticationUtils method buildEventAttributeMap.

/**
 * Build event attribute map map.
 *
 * @param principal the principal
 * @param service   the service
 * @param provider  the provider
 * @return the map
 */
public static Map<String, Object> buildEventAttributeMap(final Principal principal, final Optional<RegisteredService> service, final MultifactorAuthenticationProvider provider) {
    val map = new HashMap<String, Object>();
    map.put(Principal.class.getName(), principal);
    service.ifPresent(svc -> map.put(RegisteredService.class.getName(), svc));
    map.put(MultifactorAuthenticationProvider.class.getName(), provider);
    return map;
}
Also used : lombok.val(lombok.val) HashMap(java.util.HashMap) Principal(org.apereo.cas.authentication.principal.Principal)

Example 64 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class AbstractRegisteredServiceAttributeReleasePolicy method resolveAttributesFromPrincipalAttributeRepository.

/**
 * Resolve attributes from principal attribute repository.
 *
 * @param principal         the principal
 * @param registeredService the registered service
 * @return the map
 */
protected Map<String, List<Object>> resolveAttributesFromPrincipalAttributeRepository(final Principal principal, final RegisteredService registeredService) {
    val attributes = getRegisteredServicePrincipalAttributesRepository().map(repository -> {
        LOGGER.debug("Using principal attribute repository [{}] to retrieve attributes", repository);
        return repository.getAttributes(principal, registeredService);
    }).orElseGet(principal::getAttributes);
    LOGGER.debug("Attributes retrieved from principal attribute repository for [{}] are [{}]", principal.getId(), attributes);
    return attributes;
}
Also used : lombok.val(lombok.val) Setter(lombok.Setter) Getter(lombok.Getter) lombok.val(lombok.val) EqualsAndHashCode(lombok.EqualsAndHashCode) DefaultPrincipalAttributesRepository(org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository) StringUtils(org.apache.commons.lang3.StringUtils) ArrayList(java.util.ArrayList) LinkedHashMap(java.util.LinkedHashMap) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) AccessLevel(lombok.AccessLevel) TreeMap(java.util.TreeMap) DefaultRegisteredServiceConsentPolicy(org.apereo.cas.services.consent.DefaultRegisteredServiceConsentPolicy) PostLoad(javax.persistence.PostLoad) Service(org.apereo.cas.authentication.principal.Service) Map(java.util.Map) RegisteredServicePrincipalAttributesRepository(org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository) CollectionUtils(org.apereo.cas.util.CollectionUtils) ToString(lombok.ToString) JsonInclude(com.fasterxml.jackson.annotation.JsonInclude) Optional(java.util.Optional) Principal(org.apereo.cas.authentication.principal.Principal) ApplicationContextProvider(org.apereo.cas.util.spring.ApplicationContextProvider) NoArgsConstructor(lombok.NoArgsConstructor)

Example 65 with Principal

use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.

the class RegisteredServicePrincipalAttributeMultifactorAuthenticationTrigger method isActivated.

@Override
public Optional<MultifactorAuthenticationProvider> isActivated(final Authentication authentication, final RegisteredService registeredService, final HttpServletRequest httpServletRequest, final HttpServletResponse response, final Service service) {
    if (authentication == null || registeredService == null) {
        LOGGER.debug("No authentication or service is available to determine event for principal");
        return Optional.empty();
    }
    val policy = registeredService.getMultifactorPolicy();
    if (policy == null || registeredService.getMultifactorPolicy().getMultifactorAuthenticationProviders().isEmpty()) {
        LOGGER.trace("Authentication policy is absent or does not contain any multifactor authentication providers");
        return Optional.empty();
    }
    if (StringUtils.isBlank(policy.getPrincipalAttributeNameTrigger()) || StringUtils.isBlank(policy.getPrincipalAttributeValueToMatch())) {
        LOGGER.debug("Authentication policy does not define a principal attribute and/or value to trigger multifactor authentication");
        return Optional.empty();
    }
    val principal = multifactorAuthenticationProviderResolver.resolvePrincipal(authentication.getPrincipal());
    val providers = MultifactorAuthenticationUtils.getMultifactorAuthenticationProviderForService(registeredService, applicationContext);
    if (providers.size() > 1) {
        val resolvedProvider = multifactorAuthenticationProviderSelector.resolve(providers, registeredService, principal);
        providers.clear();
        providers.add(resolvedProvider);
    }
    LOGGER.debug("Resolved multifactor providers are [{}]", providers);
    val result = multifactorAuthenticationProviderResolver.resolveEventViaPrincipalAttribute(principal, org.springframework.util.StringUtils.commaDelimitedListToSet(policy.getPrincipalAttributeNameTrigger()), registeredService, Optional.empty(), providers, (attributeValue, mfaProvider) -> attributeValue != null && RegexUtils.matches(Pattern.compile(policy.getPrincipalAttributeValueToMatch()), attributeValue));
    if (result != null && !result.isEmpty()) {
        return CollectionUtils.firstElement(result).map(value -> MultifactorAuthenticationUtils.getMultifactorAuthenticationProviderById(value.toString(), this.applicationContext)).orElseGet(() -> unmatchedMultifactorAuthenticationTrigger(principal, registeredService));
    }
    return unmatchedMultifactorAuthenticationTrigger(principal, registeredService);
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) Ordered(org.springframework.core.Ordered) Setter(lombok.Setter) Getter(lombok.Getter) RequiredArgsConstructor(lombok.RequiredArgsConstructor) MultifactorAuthenticationProvider(org.apereo.cas.authentication.MultifactorAuthenticationProvider) MultifactorAuthenticationTrigger(org.apereo.cas.authentication.MultifactorAuthenticationTrigger) StringUtils(org.apache.commons.lang3.StringUtils) HttpServletRequest(javax.servlet.http.HttpServletRequest) MultifactorAuthenticationProviderSelector(org.apereo.cas.authentication.MultifactorAuthenticationProviderSelector) MultifactorAuthenticationRequiredException(org.apereo.cas.authentication.MultifactorAuthenticationRequiredException) Authentication(org.apereo.cas.authentication.Authentication) CollectionUtils(org.apereo.cas.util.CollectionUtils) MultifactorAuthenticationUtils(org.apereo.cas.authentication.MultifactorAuthenticationUtils) MultifactorAuthenticationProviderResolver(org.apereo.cas.authentication.MultifactorAuthenticationProviderResolver) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) lombok.val(lombok.val) HttpServletResponse(javax.servlet.http.HttpServletResponse) ApplicationContext(org.springframework.context.ApplicationContext) RegisteredService(org.apereo.cas.services.RegisteredService) RegexUtils(org.apereo.cas.util.RegexUtils) Slf4j(lombok.extern.slf4j.Slf4j) Service(org.apereo.cas.authentication.principal.Service) Optional(java.util.Optional) Principal(org.apereo.cas.authentication.principal.Principal) Pattern(java.util.regex.Pattern)

Aggregations

Principal (org.apereo.cas.authentication.principal.Principal)114 HashMap (java.util.HashMap)33 RegisteredService (org.apereo.cas.services.RegisteredService)31 Test (org.junit.Test)29 Authentication (org.apereo.cas.authentication.Authentication)26 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)25 Map (java.util.Map)23 Slf4j (lombok.extern.slf4j.Slf4j)23 lombok.val (lombok.val)19 List (java.util.List)15 StringUtils (org.apache.commons.lang3.StringUtils)15 OAuthCode (org.apereo.cas.ticket.code.OAuthCode)15 CollectionUtils (org.apereo.cas.util.CollectionUtils)15 ArrayList (java.util.ArrayList)14 Optional (java.util.Optional)14 Service (org.apereo.cas.authentication.principal.Service)14 Collection (java.util.Collection)11 Collectors (java.util.stream.Collectors)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial