use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CasCoreAuthenticationPolicyConfiguration method authenticationPolicyExecutionPlanConfigurer.
@ConditionalOnMissingBean(name = "authenticationPolicyExecutionPlanConfigurer")
@Bean
public AuthenticationEventExecutionPlanConfigurer authenticationPolicyExecutionPlanConfigurer() {
return plan -> {
final AuthenticationPolicyProperties police = casProperties.getAuthn().getPolicy();
if (police.getReq().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", RequiredHandlerAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new RequiredHandlerAuthenticationPolicy(police.getReq().getHandlerName(), police.getReq().isTryAll()));
} else if (police.getAll().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", AllAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new AllAuthenticationPolicy());
} else if (police.getNotPrevented().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", NotPreventedAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(notPreventedAuthenticationPolicy());
} else if (police.getUniquePrincipal().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", UniquePrincipalAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new UniquePrincipalAuthenticationPolicy(ticketRegistry.getIfAvailable()));
} else if (!police.getGroovy().isEmpty()) {
LOGGER.debug("Activating authentication policy [{}]", GroovyScriptAuthenticationPolicy.class.getSimpleName());
police.getGroovy().forEach(groovy -> plan.registerAuthenticationPolicy(new GroovyScriptAuthenticationPolicy(resourceLoader, groovy.getScript())));
} else if (!police.getRest().isEmpty()) {
LOGGER.debug("Activating authentication policy [{}]", RestfulAuthenticationPolicy.class.getSimpleName());
police.getRest().forEach(r -> plan.registerAuthenticationPolicy(new RestfulAuthenticationPolicy(new RestTemplate(), r.getEndpoint())));
} else if (police.getAny().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", AnyAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new AnyAuthenticationPolicy(police.getAny().isTryAll()));
}
};
}
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtils method newAuthenticationPolicy.
/**
* New authentication policy collection.
*
* @param policyProps the policy props
* @return the collection
*/
public static Collection<AuthenticationPolicy> newAuthenticationPolicy(final AuthenticationPolicyProperties policyProps) {
if (policyProps.getReq().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", RequiredAuthenticationHandlerAuthenticationPolicy.class.getSimpleName());
val requiredHandlerNames = org.springframework.util.StringUtils.commaDelimitedListToSet(policyProps.getReq().getHandlerName());
var policy = new RequiredAuthenticationHandlerAuthenticationPolicy(requiredHandlerNames, policyProps.getReq().isTryAll());
return CollectionUtils.wrapList(policy);
}
if (policyProps.getAllHandlers().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AllAuthenticationHandlersSucceededAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AllAuthenticationHandlersSucceededAuthenticationPolicy());
}
if (policyProps.getAll().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AllCredentialsValidatedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AllCredentialsValidatedAuthenticationPolicy());
}
if (policyProps.getNotPrevented().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", NotPreventedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new NotPreventedAuthenticationPolicy());
}
if (!policyProps.getGroovy().isEmpty()) {
LOGGER.trace("Activating authentication policy [{}]", GroovyScriptAuthenticationPolicy.class.getSimpleName());
return policyProps.getGroovy().stream().map(groovy -> new GroovyScriptAuthenticationPolicy(groovy.getScript())).collect(Collectors.toList());
}
if (!policyProps.getRest().isEmpty()) {
LOGGER.trace("Activating authentication policy [{}]", RestfulAuthenticationPolicy.class.getSimpleName());
return policyProps.getRest().stream().map(RestfulAuthenticationPolicy::new).collect(Collectors.toList());
}
if (policyProps.getAny().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AtLeastOneCredentialValidatedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AtLeastOneCredentialValidatedAuthenticationPolicy(policyProps.getAny().isTryAll()));
}
return new ArrayList<>();
}
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtilsTests method verifyAuthnPolicyGroovy.
@Test
public void verifyAuthnPolicyGroovy() throws Exception {
val props = new AuthenticationPolicyProperties();
props.getGroovy().add(new GroovyAuthenticationPolicyProperties().setScript("classpath:example.groovy"));
val policy = CoreAuthenticationUtils.newAuthenticationPolicy(props);
verifySerialization(policy);
}
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtilsTests method verifyAuthnPolicyAny.
@Test
public void verifyAuthnPolicyAny() throws Exception {
val props = new AuthenticationPolicyProperties();
props.getAny().setEnabled(true);
val policy = CoreAuthenticationUtils.newAuthenticationPolicy(props);
verifySerialization(policy);
}
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtilsTests method verifyAuthnPolicyAll.
@Test
public void verifyAuthnPolicyAll() throws Exception {
val props = new AuthenticationPolicyProperties();
props.getAll().setEnabled(true);
val policy = CoreAuthenticationUtils.newAuthenticationPolicy(props);
verifySerialization(policy);
}
Aggregations