use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OidcProfileScopeToAttributesFilter method filterAttributesByScope.
private void filterAttributesByScope(final Collection<String> stream, final Map<String, Object> attributes, final Principal principal, final RegisteredService registeredService) {
stream.stream().distinct().filter(s -> this.filters.containsKey(s)).forEach(s -> {
final BaseOidcScopeAttributeReleasePolicy policy = filters.get(s);
attributes.putAll(policy.getAttributes(principal, registeredService));
});
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class OidcProfileScopeToAttributesFilter method filter.
@Override
public Principal filter(final Service service, final Principal profile, final RegisteredService registeredService, final J2EContext context) {
final Principal principal = super.filter(service, profile, registeredService, context);
final OidcRegisteredService oidcService = (OidcRegisteredService) registeredService;
final Collection<String> scopes = new ArrayList<>(OAuthUtils.getRequestedScopes(context));
scopes.addAll(oidcService.getScopes());
if (!scopes.contains(OidcConstants.OPENID)) {
LOGGER.debug("Request does not indicate a scope [{}] that can identify OpenID Connect", scopes);
return principal;
}
final Map<String, Object> attributes = new HashMap<>();
filterAttributesByScope(scopes, attributes, principal, oidcService);
return this.principalFactory.createPrincipal(profile.getId(), attributes);
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class AuthenticationRiskTwilioSmsNotifier method publish.
@Override
public void publish() {
final SmsProperties sms = casProperties.getAuthn().getAdaptive().getRisk().getResponse().getSms();
final Principal principal = authentication.getPrincipal();
if (StringUtils.isBlank(sms.getText()) || StringUtils.isBlank(sms.getFrom()) || !principal.getAttributes().containsKey(sms.getAttributeName())) {
LOGGER.debug("Could not send sms [{}] because either no phones could be found or sms settings are not configured.", principal.getId());
return;
}
communicationsManager.sms(sms.getFrom(), principal.getAttributes().get(sms.getAttributeName()).toString(), sms.getText());
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class BasicDuoAuthenticationService method authenticateDuoCredentialDirect.
private Pair<Boolean, String> authenticateDuoCredentialDirect(final Credential crds) {
try {
final DuoDirectCredential credential = DuoDirectCredential.class.cast(crds);
final Principal p = credential.getAuthentication().getPrincipal();
final Http request = buildHttpPostAuthRequest();
signHttpAuthRequest(request, p.getId());
final JSONObject result = (JSONObject) request.executeRequest();
LOGGER.debug("Duo authentication response: [{}]", result);
if ("allow".equalsIgnoreCase(result.getString("result"))) {
return Pair.of(Boolean.TRUE, crds.getId());
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return Pair.of(Boolean.FALSE, crds.getId());
}
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class AbstractAuthenticationManager method resolvePrincipal.
/**
* Resolve principal.
*
* @param handler the handler name
* @param resolver the resolver
* @param credential the credential
* @param principal the current authenticated principal from a handler, if any.
* @return the principal
*/
protected Principal resolvePrincipal(final AuthenticationHandler handler, final PrincipalResolver resolver, final Credential credential, final Principal principal) {
if (resolver.supports(credential)) {
try {
final Principal p = resolver.resolve(credential, principal, handler);
LOGGER.debug("[{}] resolved [{}] from [{}]", resolver, p, credential);
return p;
} catch (final Exception e) {
LOGGER.error("[{}] failed to resolve principal from [{}]", resolver, credential, e);
}
} else {
LOGGER.warn("[{}] is configured to use [{}] but it does not support [{}], which suggests a configuration problem.", handler.getName(), resolver, credential);
}
return null;
}
Aggregations