use of org.apereo.cas.authentication.support.password.PasswordPolicyContext in project cas by apereo.
the class JsonResourceAuthenticationEventExecutionPlanConfiguration method jsonResourceAuthenticationHandler.
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
@Bean
public AuthenticationHandler jsonResourceAuthenticationHandler(final CasConfigurationProperties casProperties, final ConfigurableApplicationContext applicationContext, @Qualifier("jsonPrincipalFactory") final PrincipalFactory jsonPrincipalFactory, @Qualifier(ServicesManager.BEAN_NAME) final ServicesManager servicesManager) {
val jsonProps = casProperties.getAuthn().getJson();
val h = new JsonResourceAuthenticationHandler(jsonProps.getName(), servicesManager, jsonPrincipalFactory, null, jsonProps.getLocation());
h.setPasswordEncoder(PasswordEncoderUtils.newPasswordEncoder(jsonProps.getPasswordEncoder(), applicationContext));
if (jsonProps.getPasswordPolicy().isEnabled()) {
h.setPasswordPolicyConfiguration(new PasswordPolicyContext(jsonProps.getPasswordPolicy()));
}
h.setPrincipalNameTransformer(PrincipalNameTransformerUtils.newPrincipalNameTransformer(jsonProps.getPrincipalTransformation()));
h.setState(jsonProps.getState());
return h;
}
use of org.apereo.cas.authentication.support.password.PasswordPolicyContext in project cas by apereo.
the class DefaultLdapAccountStateHandlerTests method verifyNoWarning.
@Test
public void verifyNoWarning() {
val handler = new DefaultLdapAccountStateHandler();
val response = mock(AuthenticationResponse.class);
handler.setAttributesToErrorMap(Map.of("attr1", AccountLockedException.class));
val entry = new LdapEntry();
val accountState = mock(AccountState.class);
when(response.getAccountState()).thenReturn(accountState);
when(response.getLdapEntry()).thenReturn(entry);
when(response.isSuccess()).thenReturn(Boolean.TRUE);
assertDoesNotThrow(new Executable() {
@Override
public void execute() throws Throwable {
handler.handle(response, new PasswordPolicyContext());
}
});
val warning = mock(AccountState.Warning.class);
when(accountState.getWarning()).thenReturn(warning);
when(response.getAccountState()).thenReturn(accountState);
assertDoesNotThrow(new Executable() {
@Override
public void execute() throws Throwable {
handler.handle(response, new PasswordPolicyContext());
}
});
}
use of org.apereo.cas.authentication.support.password.PasswordPolicyContext in project cas by apereo.
the class DefaultLdapAccountStateHandlerTests method verifyActiveDirectoryErrors.
@Test
public void verifyActiveDirectoryErrors() {
val handler = new DefaultLdapAccountStateHandler();
val response = mock(AuthenticationResponse.class);
when(response.isSuccess()).thenReturn(false);
when(response.getDiagnosticMessage()).thenReturn("error data 533");
assertThrows(AccountDisabledException.class, () -> handler.handle(response, new PasswordPolicyContext()));
when(response.getDiagnosticMessage()).thenReturn("error data 532");
assertThrows(CredentialExpiredException.class, () -> handler.handle(response, new PasswordPolicyContext()));
when(response.getDiagnosticMessage()).thenReturn("error data 530");
assertThrows(InvalidLoginTimeException.class, () -> handler.handle(response, new PasswordPolicyContext()));
when(response.getDiagnosticMessage()).thenReturn("error data 701");
assertThrows(AccountExpiredException.class, () -> handler.handle(response, new PasswordPolicyContext()));
when(response.getDiagnosticMessage()).thenReturn("error data 773");
assertThrows(AccountPasswordMustChangeException.class, () -> handler.handle(response, new PasswordPolicyContext()));
when(response.getDiagnosticMessage()).thenReturn("error data 775");
assertThrows(AccountLockedException.class, () -> handler.handle(response, new PasswordPolicyContext()));
when(response.getDiagnosticMessage()).thenReturn("error unknown");
assertDoesNotThrow(() -> {
handler.handle(response, new PasswordPolicyContext());
});
}
use of org.apereo.cas.authentication.support.password.PasswordPolicyContext in project cas by apereo.
the class OptionalWarningLdapAccountStateHandlerTests method verifyNoWarningOnMatch.
@Test
public void verifyNoWarningOnMatch() {
val h = new OptionalWarningLdapAccountStateHandler();
h.setWarnAttributeName("attribute");
h.setWarningAttributeValue("value");
h.setDisplayWarningOnMatch(false);
val response = mock(AuthenticationResponse.class);
val entry = mock(LdapEntry.class);
when(response.getLdapEntry()).thenReturn(entry);
when(entry.getAttribute(anyString())).thenReturn(new LdapAttribute("attribute", "value"));
val messages = new ArrayList<MessageDescriptor>();
val config = new PasswordPolicyContext();
config.setPasswordWarningNumberOfDays(5);
h.handleWarning(new AccountState.DefaultWarning(ZonedDateTime.now(ZoneId.systemDefault()), 1), response, config, messages);
assertEquals(0, messages.size());
}
use of org.apereo.cas.authentication.support.password.PasswordPolicyContext in project cas by apereo.
the class OktaAuthenticationStateHandlerAdapterTests method handlePasswordWarning.
@Test
public void handlePasswordWarning() {
val adapter = new OktaAuthenticationStateHandlerAdapter(new DefaultPasswordPolicyHandlingStrategy<>(), new PasswordPolicyContext());
val response = mock(AuthenticationResponse.class);
when(response.getSessionToken()).thenReturn("token");
adapter.handlePasswordWarning(response);
assertThrows(AccountNotFoundException.class, adapter::throwExceptionIfNecessary);
assertTrue(adapter.getWarnings().isEmpty());
}
Aggregations