Example 1 with AuthenticationPolicyProperties
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CasCoreAuthenticationPolicyConfiguration method authenticationPolicyExecutionPlanConfigurer.
@ConditionalOnMissingBean(name = "authenticationPolicyExecutionPlanConfigurer")
@Bean
public AuthenticationEventExecutionPlanConfigurer authenticationPolicyExecutionPlanConfigurer() {
return plan -> {
final AuthenticationPolicyProperties police = casProperties.getAuthn().getPolicy();
if (police.getReq().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", RequiredHandlerAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new RequiredHandlerAuthenticationPolicy(police.getReq().getHandlerName(), police.getReq().isTryAll()));
} else if (police.getAll().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", AllAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new AllAuthenticationPolicy());
} else if (police.getNotPrevented().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", NotPreventedAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(notPreventedAuthenticationPolicy());
} else if (police.getUniquePrincipal().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", UniquePrincipalAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new UniquePrincipalAuthenticationPolicy(ticketRegistry.getIfAvailable()));
} else if (!police.getGroovy().isEmpty()) {
LOGGER.debug("Activating authentication policy [{}]", GroovyScriptAuthenticationPolicy.class.getSimpleName());
police.getGroovy().forEach(groovy -> plan.registerAuthenticationPolicy(new GroovyScriptAuthenticationPolicy(resourceLoader, groovy.getScript())));
} else if (!police.getRest().isEmpty()) {
LOGGER.debug("Activating authentication policy [{}]", RestfulAuthenticationPolicy.class.getSimpleName());
police.getRest().forEach(r -> plan.registerAuthenticationPolicy(new RestfulAuthenticationPolicy(new RestTemplate(), r.getEndpoint())));
} else if (police.getAny().isEnabled()) {
LOGGER.debug("Activating authentication policy [{}]", AnyAuthenticationPolicy.class.getSimpleName());
plan.registerAuthenticationPolicy(new AnyAuthenticationPolicy(police.getAny().isTryAll()));
}
};
}
Also used :
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
AuthenticationPolicy(org.apereo.cas.authentication.AuthenticationPolicy)
GeoLocationService(org.apereo.cas.authentication.adaptive.geo.GeoLocationService)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ObjectProvider(org.springframework.beans.factory.ObjectProvider)
TicketRegistry(org.apereo.cas.ticket.registry.TicketRegistry)
NotPreventedAuthenticationPolicy(org.apereo.cas.authentication.policy.NotPreventedAuthenticationPolicy)
EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
DefaultAdaptiveAuthenticationPolicy(org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy)
RestTemplate(org.springframework.web.client.RestTemplate)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
UniquePrincipalAuthenticationPolicy(org.apereo.cas.authentication.policy.UniquePrincipalAuthenticationPolicy)
ResourceLoader(org.springframework.core.io.ResourceLoader)
RequiredHandlerAuthenticationPolicyFactory(org.apereo.cas.authentication.policy.RequiredHandlerAuthenticationPolicyFactory)
AnyAuthenticationPolicy(org.apereo.cas.authentication.policy.AnyAuthenticationPolicy)
GroovyScriptAuthenticationPolicy(org.apereo.cas.authentication.policy.GroovyScriptAuthenticationPolicy)
AuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties)
ApplicationContext(org.springframework.context.ApplicationContext)
AllAuthenticationPolicy(org.apereo.cas.authentication.policy.AllAuthenticationPolicy)
Configuration(org.springframework.context.annotation.Configuration)
Slf4j(lombok.extern.slf4j.Slf4j)
ContextualAuthenticationPolicyFactory(org.apereo.cas.authentication.ContextualAuthenticationPolicyFactory)
RequiredHandlerAuthenticationPolicy(org.apereo.cas.authentication.policy.RequiredHandlerAuthenticationPolicy)
Bean(org.springframework.context.annotation.Bean)
AuthenticationEventExecutionPlanConfigurer(org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer)
RestfulAuthenticationPolicy(org.apereo.cas.authentication.policy.RestfulAuthenticationPolicy)
AdaptiveAuthenticationPolicy(org.apereo.cas.authentication.adaptive.AdaptiveAuthenticationPolicy)
AnyAuthenticationPolicy(org.apereo.cas.authentication.policy.AnyAuthenticationPolicy)
RequiredHandlerAuthenticationPolicy(org.apereo.cas.authentication.policy.RequiredHandlerAuthenticationPolicy)
RestTemplate(org.springframework.web.client.RestTemplate)
GroovyScriptAuthenticationPolicy(org.apereo.cas.authentication.policy.GroovyScriptAuthenticationPolicy)
RestfulAuthenticationPolicy(org.apereo.cas.authentication.policy.RestfulAuthenticationPolicy)
AuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties)
UniquePrincipalAuthenticationPolicy(org.apereo.cas.authentication.policy.UniquePrincipalAuthenticationPolicy)
AllAuthenticationPolicy(org.apereo.cas.authentication.policy.AllAuthenticationPolicy)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Example 2 with AuthenticationPolicyProperties
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtils method newAuthenticationPolicy.
/**
* New authentication policy collection.
*
* @param policyProps the policy props
* @return the collection
*/
public static Collection<AuthenticationPolicy> newAuthenticationPolicy(final AuthenticationPolicyProperties policyProps) {
if (policyProps.getReq().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", RequiredAuthenticationHandlerAuthenticationPolicy.class.getSimpleName());
val requiredHandlerNames = org.springframework.util.StringUtils.commaDelimitedListToSet(policyProps.getReq().getHandlerName());
var policy = new RequiredAuthenticationHandlerAuthenticationPolicy(requiredHandlerNames, policyProps.getReq().isTryAll());
return CollectionUtils.wrapList(policy);
}
if (policyProps.getAllHandlers().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AllAuthenticationHandlersSucceededAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AllAuthenticationHandlersSucceededAuthenticationPolicy());
}
if (policyProps.getAll().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AllCredentialsValidatedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AllCredentialsValidatedAuthenticationPolicy());
}
if (policyProps.getNotPrevented().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", NotPreventedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new NotPreventedAuthenticationPolicy());
}
if (!policyProps.getGroovy().isEmpty()) {
LOGGER.trace("Activating authentication policy [{}]", GroovyScriptAuthenticationPolicy.class.getSimpleName());
return policyProps.getGroovy().stream().map(groovy -> new GroovyScriptAuthenticationPolicy(groovy.getScript())).collect(Collectors.toList());
}
if (!policyProps.getRest().isEmpty()) {
LOGGER.trace("Activating authentication policy [{}]", RestfulAuthenticationPolicy.class.getSimpleName());
return policyProps.getRest().stream().map(RestfulAuthenticationPolicy::new).collect(Collectors.toList());
}
if (policyProps.getAny().isEnabled()) {
LOGGER.trace("Activating authentication policy [{}]", AtLeastOneCredentialValidatedAuthenticationPolicy.class.getSimpleName());
return CollectionUtils.wrapList(new AtLeastOneCredentialValidatedAuthenticationPolicy(policyProps.getAny().isTryAll()));
}
return new ArrayList<>();
}
Also used :
RequiredAuthenticationHandlerAuthenticationPolicy(org.apereo.cas.authentication.policy.RequiredAuthenticationHandlerAuthenticationPolicy)
lombok.val(lombok.val)
ArrayListMultimap(com.google.common.collect.ArrayListMultimap)
Arrays(java.util.Arrays)
ReplacingAttributeAdder(org.apereo.services.persondir.support.merger.ReplacingAttributeAdder)
GroovyPasswordPolicyHandlingStrategy(org.apereo.cas.authentication.support.password.GroovyPasswordPolicyHandlingStrategy)
Assertion(org.apereo.cas.validation.Assertion)
GroovyIPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.GroovyIPAddressIntelligenceService)
Beans(org.apereo.cas.configuration.support.Beans)
StringUtils(org.apache.commons.lang3.StringUtils)
IPersonAttributeDao(org.apereo.services.persondir.IPersonAttributeDao)
ClassUtils(org.apache.commons.lang3.ClassUtils)
PrincipalFactory(org.apereo.cas.authentication.principal.PrincipalFactory)
Pair(org.apache.commons.lang3.tuple.Pair)
Map(java.util.Map)
Splitter(com.google.common.base.Splitter)
DefaultIPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.DefaultIPAddressIntelligenceService)
Unchecked(org.jooq.lambda.Unchecked)
Predicate(java.util.function.Predicate)
Collection(java.util.Collection)
PrincipalResolver(org.apereo.cas.authentication.principal.PrincipalResolver)
IAttributeMerger(org.apereo.services.persondir.support.merger.IAttributeMerger)
Set(java.util.Set)
MultivaluedAttributeMerger(org.apereo.services.persondir.support.merger.MultivaluedAttributeMerger)
AuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties)
Collectors(java.util.stream.Collectors)
PasswordPolicyProperties(org.apereo.cas.configuration.model.core.authentication.PasswordPolicyProperties)
IPersonAttributeDaoFilter(org.apereo.services.persondir.IPersonAttributeDaoFilter)
StandardCharsets(java.nio.charset.StandardCharsets)
RejectResultCodePasswordPolicyHandlingStrategy(org.apereo.cas.authentication.support.password.RejectResultCodePasswordPolicyHandlingStrategy)
IOUtils(org.apache.commons.io.IOUtils)
AllCredentialsValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
IPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.IPAddressIntelligenceService)
Optional(java.util.Optional)
Principal(org.apereo.cas.authentication.principal.Principal)
PrincipalResolutionContext(org.apereo.cas.authentication.principal.resolvers.PrincipalResolutionContext)
Pattern(java.util.regex.Pattern)
GroovyClassLoader(groovy.lang.GroovyClassLoader)
AtLeastOneCredentialValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy)
RequiredAuthenticationHandlerAuthenticationPolicy(org.apereo.cas.authentication.policy.RequiredAuthenticationHandlerAuthenticationPolicy)
AllAuthenticationHandlersSucceededAuthenticationPolicy(org.apereo.cas.authentication.policy.AllAuthenticationHandlersSucceededAuthenticationPolicy)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
HashMap(java.util.HashMap)
RestfulIPAddressIntelligenceService(org.apereo.cas.authentication.adaptive.intel.RestfulIPAddressIntelligenceService)
Multimap(com.google.common.collect.Multimap)
PersonDirectoryPrincipalResolverProperties(org.apereo.cas.configuration.model.core.authentication.PersonDirectoryPrincipalResolverProperties)
NoncollidingAttributeAdder(org.apereo.services.persondir.support.merger.NoncollidingAttributeAdder)
ArrayList(java.util.ArrayList)
UtilityClass(lombok.experimental.UtilityClass)
LinkedHashMap(java.util.LinkedHashMap)
NotPreventedAuthenticationPolicy(org.apereo.cas.authentication.policy.NotPreventedAuthenticationPolicy)
DefaultResourceLoader(org.springframework.core.io.DefaultResourceLoader)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
ChainingPrincipalNameTransformer(org.apereo.cas.util.transforms.ChainingPrincipalNameTransformer)
PersonDirectoryPrincipalResolver(org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver)
BaseAdditiveAttributeMerger(org.apereo.services.persondir.support.merger.BaseAdditiveAttributeMerger)
lombok.val(lombok.val)
GroovyScriptAuthenticationPolicy(org.apereo.cas.authentication.policy.GroovyScriptAuthenticationPolicy)
CompilerConfiguration(org.codehaus.groovy.control.CompilerConfiguration)
ApplicationContext(org.springframework.context.ApplicationContext)
AdaptiveAuthenticationProperties(org.apereo.cas.configuration.model.core.authentication.AdaptiveAuthenticationProperties)
TriStateBoolean(org.apereo.cas.util.model.TriStateBoolean)
PrincipalNameTransformerUtils(org.apereo.cas.authentication.principal.PrincipalNameTransformerUtils)
DefaultPasswordPolicyHandlingStrategy(org.apereo.cas.authentication.support.password.DefaultPasswordPolicyHandlingStrategy)
PrincipalAttributesCoreProperties(org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesCoreProperties)
RestfulAuthenticationPolicy(org.apereo.cas.authentication.policy.RestfulAuthenticationPolicy)
Collections(java.util.Collections)
AtLeastOneCredentialValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy)
AllAuthenticationHandlersSucceededAuthenticationPolicy(org.apereo.cas.authentication.policy.AllAuthenticationHandlersSucceededAuthenticationPolicy)
AllCredentialsValidatedAuthenticationPolicy(org.apereo.cas.authentication.policy.AllCredentialsValidatedAuthenticationPolicy)
ArrayList(java.util.ArrayList)
NotPreventedAuthenticationPolicy(org.apereo.cas.authentication.policy.NotPreventedAuthenticationPolicy)
GroovyScriptAuthenticationPolicy(org.apereo.cas.authentication.policy.GroovyScriptAuthenticationPolicy)
RestfulAuthenticationPolicy(org.apereo.cas.authentication.policy.RestfulAuthenticationPolicy)
Example 3 with AuthenticationPolicyProperties
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtilsTests method verifyAuthnPolicyGroovy.
@Test
public void verifyAuthnPolicyGroovy() throws Exception {
val props = new AuthenticationPolicyProperties();
props.getGroovy().add(new GroovyAuthenticationPolicyProperties().setScript("classpath:example.groovy"));
val policy = CoreAuthenticationUtils.newAuthenticationPolicy(props);
verifySerialization(policy);
}
Also used :
lombok.val(lombok.val)
GroovyAuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.GroovyAuthenticationPolicyProperties)
RestAuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.RestAuthenticationPolicyProperties)
AuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties)
GroovyAuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.GroovyAuthenticationPolicyProperties)
Test(org.junit.jupiter.api.Test)
Example 4 with AuthenticationPolicyProperties
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtilsTests method verifyAuthnPolicyAny.
@Test
public void verifyAuthnPolicyAny() throws Exception {
val props = new AuthenticationPolicyProperties();
props.getAny().setEnabled(true);
val policy = CoreAuthenticationUtils.newAuthenticationPolicy(props);
verifySerialization(policy);
}
Also used :
lombok.val(lombok.val)
RestAuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.RestAuthenticationPolicyProperties)
AuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties)
GroovyAuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.GroovyAuthenticationPolicyProperties)
Test(org.junit.jupiter.api.Test)
Example 5 with AuthenticationPolicyProperties
use of org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties in project cas by apereo.
the class CoreAuthenticationUtilsTests method verifyAuthnPolicyAll.
@Test
public void verifyAuthnPolicyAll() throws Exception {
val props = new AuthenticationPolicyProperties();
props.getAll().setEnabled(true);
val policy = CoreAuthenticationUtils.newAuthenticationPolicy(props);
verifySerialization(policy);
}
Also used :
lombok.val(lombok.val)
RestAuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.RestAuthenticationPolicyProperties)
AuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties)
GroovyAuthenticationPolicyProperties(org.apereo.cas.configuration.model.core.authentication.GroovyAuthenticationPolicyProperties)
Test(org.junit.jupiter.api.Test)
Aggregations
AuthenticationPolicyProperties (org.apereo.cas.configuration.model.core.authentication.AuthenticationPolicyProperties)10
lombok.val (lombok.val)9
GroovyAuthenticationPolicyProperties (org.apereo.cas.configuration.model.core.authentication.GroovyAuthenticationPolicyProperties)8
RestAuthenticationPolicyProperties (org.apereo.cas.configuration.model.core.authentication.RestAuthenticationPolicyProperties)8
Test (org.junit.jupiter.api.Test)8
Slf4j (lombok.extern.slf4j.Slf4j)2
GroovyScriptAuthenticationPolicy (org.apereo.cas.authentication.policy.GroovyScriptAuthenticationPolicy)2
NotPreventedAuthenticationPolicy (org.apereo.cas.authentication.policy.NotPreventedAuthenticationPolicy)2
RestfulAuthenticationPolicy (org.apereo.cas.authentication.policy.RestfulAuthenticationPolicy)2
ApplicationContext (org.springframework.context.ApplicationContext)2
Splitter (com.google.common.base.Splitter)1
ArrayListMultimap (com.google.common.collect.ArrayListMultimap)1
Multimap (com.google.common.collect.Multimap)1
GroovyClassLoader (groovy.lang.GroovyClassLoader)1
StandardCharsets (java.nio.charset.StandardCharsets)1
ArrayList (java.util.ArrayList)1
Arrays (java.util.Arrays)1
Collection (java.util.Collection)1
Collections (java.util.Collections)1
HashMap (java.util.HashMap)1
