Example 71 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OidcProfileScopeToAttributesFilter method filterAttributesByScope.
private void filterAttributesByScope(final Collection<String> stream, final Map<String, Object> attributes, final Principal principal, final RegisteredService registeredService) {
stream.stream().distinct().filter(s -> this.filters.containsKey(s)).forEach(s -> {
final BaseOidcScopeAttributeReleasePolicy policy = filters.get(s);
attributes.putAll(policy.getAttributes(principal, registeredService));
});
}
Also used :
OidcProfileScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy)
LoggerFactory(org.slf4j.LoggerFactory)
OAuthUtils(org.apereo.cas.support.oauth.util.OAuthUtils)
OidcCustomScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcCustomScopeAttributeReleasePolicy)
HashMap(java.util.HashMap)
Reflections(org.reflections.Reflections)
OidcEmailScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcEmailScopeAttributeReleasePolicy)
ArrayList(java.util.ArrayList)
BaseOidcScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy)
PrincipalFactory(org.apereo.cas.authentication.principal.PrincipalFactory)
DefaultOAuth20ProfileScopeToAttributesFilter(org.apereo.cas.support.oauth.profile.DefaultOAuth20ProfileScopeToAttributesFilter)
FilterBuilder(org.reflections.util.FilterBuilder)
Map(java.util.Map)
OidcAddressScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcAddressScopeAttributeReleasePolicy)
ConfigurationBuilder(org.reflections.util.ConfigurationBuilder)
ChainingAttributeReleasePolicy(org.apereo.cas.services.ChainingAttributeReleasePolicy)
ServicesManager(org.apereo.cas.services.ServicesManager)
Unchecked(org.jooq.lambda.Unchecked)
Logger(org.slf4j.Logger)
OidcConstants(org.apereo.cas.oidc.OidcConstants)
Collection(java.util.Collection)
OidcPhoneScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcPhoneScopeAttributeReleasePolicy)
Set(java.util.Set)
DenyAllAttributeReleasePolicy(org.apereo.cas.services.DenyAllAttributeReleasePolicy)
RegisteredService(org.apereo.cas.services.RegisteredService)
ClasspathHelper(org.reflections.util.ClasspathHelper)
SubTypesScanner(org.reflections.scanners.SubTypesScanner)
List(java.util.List)
OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
J2EContext(org.pac4j.core.context.J2EContext)
Principal(org.apereo.cas.authentication.principal.Principal)
BaseOidcScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy)
Example 72 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OidcProfileScopeToAttributesFilter method filter.
@Override
public Principal filter(final Service service, final Principal profile, final RegisteredService registeredService, final J2EContext context) {
final Principal principal = super.filter(service, profile, registeredService, context);
final OidcRegisteredService oidcService = (OidcRegisteredService) registeredService;
final Collection<String> scopes = new ArrayList<>(OAuthUtils.getRequestedScopes(context));
scopes.addAll(oidcService.getScopes());
if (!scopes.contains(OidcConstants.OPENID)) {
LOGGER.debug("Request does not indicate a scope [{}] that can identify OpenID Connect", scopes);
return principal;
}
final Map<String, Object> attributes = new HashMap<>();
filterAttributesByScope(scopes, attributes, principal, oidcService);
return this.principalFactory.createPrincipal(profile.getId(), attributes);
}
Also used :
HashMap(java.util.HashMap)
OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService)
ArrayList(java.util.ArrayList)
Principal(org.apereo.cas.authentication.principal.Principal)
Example 73 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class AuthenticationRiskTwilioSmsNotifier method publish.
@Override
public void publish() {
final SmsProperties sms = casProperties.getAuthn().getAdaptive().getRisk().getResponse().getSms();
final Principal principal = authentication.getPrincipal();
if (StringUtils.isBlank(sms.getText()) || StringUtils.isBlank(sms.getFrom()) || !principal.getAttributes().containsKey(sms.getAttributeName())) {
LOGGER.debug("Could not send sms [{}] because either no phones could be found or sms settings are not configured.", principal.getId());
return;
}
communicationsManager.sms(sms.getFrom(), principal.getAttributes().get(sms.getAttributeName()).toString(), sms.getText());
}
Also used :
SmsProperties(org.apereo.cas.configuration.model.support.sms.SmsProperties)
Principal(org.apereo.cas.authentication.principal.Principal)
Example 74 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class BasicDuoAuthenticationService method authenticateDuoCredentialDirect.
private Pair<Boolean, String> authenticateDuoCredentialDirect(final Credential crds) {
try {
final DuoDirectCredential credential = DuoDirectCredential.class.cast(crds);
final Principal p = credential.getAuthentication().getPrincipal();
final Http request = buildHttpPostAuthRequest();
signHttpAuthRequest(request, p.getId());
final JSONObject result = (JSONObject) request.executeRequest();
LOGGER.debug("Duo authentication response: [{}]", result);
if ("allow".equalsIgnoreCase(result.getString("result"))) {
return Pair.of(Boolean.TRUE, crds.getId());
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return Pair.of(Boolean.FALSE, crds.getId());
}
Also used :
JSONObject(org.json.JSONObject)
Http(com.duosecurity.client.Http)
Principal(org.apereo.cas.authentication.principal.Principal)
Example 75 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class AbstractAuthenticationManager method resolvePrincipal.
/**
* Resolve principal.
*
* @param handler the handler name
* @param resolver the resolver
* @param credential the credential
* @param principal the current authenticated principal from a handler, if any.
* @return the principal
*/
protected Principal resolvePrincipal(final AuthenticationHandler handler, final PrincipalResolver resolver, final Credential credential, final Principal principal) {
if (resolver.supports(credential)) {
try {
final Principal p = resolver.resolve(credential, principal, handler);
LOGGER.debug("[{}] resolved [{}] from [{}]", resolver, p, credential);
return p;
} catch (final Exception e) {
LOGGER.error("[{}] failed to resolve principal from [{}]", resolver, credential, e);
}
} else {
LOGGER.warn("[{}] is configured to use [{}] but it does not support [{}], which suggests a configuration problem.", handler.getName(), resolver, credential);
}
return null;
}
Also used :
NullPrincipal(org.apereo.cas.authentication.principal.NullPrincipal)
Principal(org.apereo.cas.authentication.principal.Principal)
UnresolvedPrincipalException(org.apereo.cas.authentication.exceptions.UnresolvedPrincipalException)
GeneralSecurityException(java.security.GeneralSecurityException)
Aggregations
Principal (org.apereo.cas.authentication.principal.Principal)114
HashMap (java.util.HashMap)33
RegisteredService (org.apereo.cas.services.RegisteredService)31
Test (org.junit.Test)29
Authentication (org.apereo.cas.authentication.Authentication)26
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26
OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)25
Map (java.util.Map)23
Slf4j (lombok.extern.slf4j.Slf4j)23
lombok.val (lombok.val)19
List (java.util.List)15
StringUtils (org.apache.commons.lang3.StringUtils)15
OAuthCode (org.apereo.cas.ticket.code.OAuthCode)15
CollectionUtils (org.apereo.cas.util.CollectionUtils)15
ArrayList (java.util.ArrayList)14
Optional (java.util.Optional)14
Service (org.apereo.cas.authentication.principal.Service)14
Collection (java.util.Collection)11
Collectors (java.util.stream.Collectors)10
