Example 86 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class RestMultifactorAuthenticationProviderBypass method shouldMultifactorAuthenticationProviderExecute.
@Override
public boolean shouldMultifactorAuthenticationProviderExecute(final Authentication authentication, final RegisteredService registeredService, final MultifactorAuthenticationProvider provider, final HttpServletRequest request) {
try {
final Principal principal = authentication.getPrincipal();
final MultifactorAuthenticationProviderBypassProperties.Rest rest = bypassProperties.getRest();
LOGGER.debug("Evaluating multifactor authentication bypass properties for principal [{}], " + "service [{}] and provider [{}] via REST endpoint [{}]", principal.getId(), registeredService, provider, rest.getUrl());
final Map<String, String> parameters = CollectionUtils.wrap("principal", principal.getId(), "provider", provider.getId());
if (registeredService != null) {
parameters.put("service", registeredService.getServiceId());
}
final HttpResponse response = HttpUtils.execute(rest.getUrl(), rest.getMethod(), rest.getBasicAuthUsername(), rest.getBasicAuthPassword(), parameters, new HashMap<>());
return response.getStatusLine().getStatusCode() == HttpStatus.ACCEPTED.value();
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return super.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, request);
}
Also used :
MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)
HttpResponse(org.apache.http.HttpResponse)
Principal(org.apereo.cas.authentication.principal.Principal)
Example 87 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class AzureAuthenticatorAuthenticationHandler method doAuthentication.
@Override
protected AuthenticationHandlerExecutionResult doAuthentication(final Credential credential) throws GeneralSecurityException {
try {
final AzureAuthenticatorTokenCredential c = (AzureAuthenticatorTokenCredential) credential;
final Authentication authentication = WebUtils.getInProgressAuthentication();
if (authentication == null) {
throw new IllegalArgumentException("CAS has no reference to an authentication event to locate a principal");
}
final Principal principal = authentication.getPrincipal();
LOGGER.debug("Received principal id [{}]", principal.getId());
final PFAuthParams params = authenticationRequestBuilder.build(principal, c);
final PFAuthResult r = azureAuthenticatorInstance.authenticate(params);
if (r.getAuthenticated()) {
return createHandlerResult(c, principalFactory.createPrincipal(principal.getId()));
}
LOGGER.error("Authentication failed. Call status: [{}]-[{}]. Error: [{}]", r.getCallStatus(), r.getCallStatusString(), r.getMessageError());
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
throw new FailedLoginException("Failed to authenticate user");
}
Also used :
FailedLoginException(javax.security.auth.login.FailedLoginException)
Authentication(org.apereo.cas.authentication.Authentication)
PFAuthResult(net.phonefactor.pfsdk.PFAuthResult)
PFAuthParams(net.phonefactor.pfsdk.PFAuthParams)
Principal(org.apereo.cas.authentication.principal.Principal)
GeneralSecurityException(java.security.GeneralSecurityException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
Example 88 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class DefaultAcceptableUsagePolicyRepository method verify.
@Override
public Pair<Boolean, Principal> verify(final RequestContext requestContext, final Credential credential) {
final String key = credential.getId();
final Principal principal = WebUtils.getPrincipalFromRequestContext(requestContext, this.ticketRegistrySupport);
if (this.policyMap.containsKey(key)) {
return Pair.of(this.policyMap.get(key), principal);
}
return Pair.of(Boolean.FALSE, principal);
}
Also used :
Principal(org.apereo.cas.authentication.principal.Principal)
Example 89 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class PrincipalAttributeMultifactorAuthenticationPolicyEventResolver method resolveInternal.
@Override
public Set<Event> resolveInternal(final RequestContext context) {
final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
final Authentication authentication = WebUtils.getAuthentication(context);
if (authentication == null) {
LOGGER.debug("No authentication is available to determine event for principal");
return null;
}
final Principal principal = authentication.getPrincipal();
return resolveMultifactorAuthenticationProvider(context, service, principal);
}
Also used :
RegisteredService(org.apereo.cas.services.RegisteredService)
Authentication(org.apereo.cas.authentication.Authentication)
Principal(org.apereo.cas.authentication.principal.Principal)
Example 90 with Principal
use of org.apereo.cas.authentication.principal.Principal in project cas by apereo.
the class RegisteredServicePrincipalAttributeMultifactorAuthenticationPolicyEventResolver method resolveInternal.
@Override
public Set<Event> resolveInternal(final RequestContext context) {
final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
final Authentication authentication = WebUtils.getAuthentication(context);
if (authentication == null || service == null) {
LOGGER.debug("No authentication or service is available to determine event for principal");
return null;
}
final RegisteredServiceMultifactorPolicy policy = service.getMultifactorPolicy();
if (policy == null || service.getMultifactorPolicy().getMultifactorAuthenticationProviders().isEmpty()) {
LOGGER.debug("Authentication policy is absent or does not contain any multifactor authentication providers");
return null;
}
if (StringUtils.isBlank(policy.getPrincipalAttributeNameTrigger()) || StringUtils.isBlank(policy.getPrincipalAttributeValueToMatch())) {
LOGGER.debug("Authentication policy does not define a principal attribute and/or value to trigger multifactor authentication");
return null;
}
final Principal principal = authentication.getPrincipal();
final Collection<MultifactorAuthenticationProvider> providers = flattenProviders(getAuthenticationProviderForService(service));
return resolveEventViaPrincipalAttribute(principal, org.springframework.util.StringUtils.commaDelimitedListToSet(policy.getPrincipalAttributeNameTrigger()), service, context, providers, Pattern.compile(policy.getPrincipalAttributeValueToMatch()).asPredicate());
}
Also used :
RegisteredServiceMultifactorPolicy(org.apereo.cas.services.RegisteredServiceMultifactorPolicy)
RegisteredService(org.apereo.cas.services.RegisteredService)
Authentication(org.apereo.cas.authentication.Authentication)
MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider)
Principal(org.apereo.cas.authentication.principal.Principal)
Aggregations
Principal (org.apereo.cas.authentication.principal.Principal)114
HashMap (java.util.HashMap)33
RegisteredService (org.apereo.cas.services.RegisteredService)31
Test (org.junit.Test)29
Authentication (org.apereo.cas.authentication.Authentication)26
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26
OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)25
Map (java.util.Map)23
Slf4j (lombok.extern.slf4j.Slf4j)23
lombok.val (lombok.val)19
List (java.util.List)15
StringUtils (org.apache.commons.lang3.StringUtils)15
OAuthCode (org.apereo.cas.ticket.code.OAuthCode)15
CollectionUtils (org.apereo.cas.util.CollectionUtils)15
ArrayList (java.util.ArrayList)14
Optional (java.util.Optional)14
Service (org.apereo.cas.authentication.principal.Service)14
Collection (java.util.Collection)11
Collectors (java.util.stream.Collectors)10
