use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.
the class DefaultRequestedAuthenticationContextValidatorTests method verifyRequestedAuthenticationContextNotBypassed.
@Test
public void verifyRequestedAuthenticationContextNotBypassed() {
val applicationContext = buildApplicationContext();
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val props = new MultifactorAuthenticationProviderBypassProperties();
props.setAuthenticationAttributeName("givenName");
props.setAuthenticationAttributeValue("Not Bypassed");
val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, TestMultifactorAuthenticationProvider.ID);
provider.setBypassEvaluator(bypass);
val servicesManager = mock(ServicesManager.class);
val validator = MultifactorAuthenticationTestUtils.mockRequestAuthnContextValidator(servicesManager, Optional.of(provider), applicationContext, BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.UNDEFINED.toString());
val assertion = mock(Assertion.class);
val principal = MultifactorAuthenticationTestUtils.getPrincipal(CASUSER);
val auth = MultifactorAuthenticationTestUtils.getAuthentication(principal, AUTH_ATTRIBUTES);
when(assertion.getPrimaryAuthentication()).thenReturn(auth);
val result = validator.validateAuthenticationContext(assertion, new MockHttpServletRequest(), new MockHttpServletResponse());
assertFalse(result.isSuccess());
}
use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.
the class AuthenticationMultifactorAuthenticationProviderBypassEvaluatorTests method verifyOperation.
@Test
public void verifyOperation() {
val applicationContext = new StaticApplicationContext();
applicationContext.refresh();
ApplicationContextProvider.holdApplicationContext(applicationContext);
ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val eval = new DefaultChainingMultifactorAuthenticationBypassProvider();
val bypassProps = new MultifactorAuthenticationProviderBypassProperties();
bypassProps.setAuthenticationAttributeName("cn");
bypassProps.setAuthenticationAttributeValue("ex.+");
eval.addMultifactorAuthenticationProviderBypassEvaluator(new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(bypassProps, TestMultifactorAuthenticationProvider.ID));
val authentication = CoreAuthenticationTestUtils.getAuthentication("casuser", Map.of("cn", List.of("example")));
val registeredService = CoreAuthenticationTestUtils.getRegisteredService();
val policy = new DefaultRegisteredServiceMultifactorPolicy();
when(registeredService.getMultifactorPolicy()).thenReturn(policy);
assertFalse(eval.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, new MockHttpServletRequest()));
}
use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.
the class HttpRequestMultifactorAuthenticationProviderBypassEvaluatorTests method verifyShouldProceed.
@Test
public void verifyShouldProceed() {
val properties = new MultifactorAuthenticationProviderBypassProperties();
val applicationContext = new StaticApplicationContext();
applicationContext.refresh();
val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
val eval = new HttpRequestMultifactorAuthenticationProviderBypassEvaluator(properties, provider.getId());
val principal = CoreAuthenticationTestUtils.getPrincipal(Map.of("cn", List.of("example")));
val authentication = CoreAuthenticationTestUtils.getAuthentication(principal);
val registeredService = CoreAuthenticationTestUtils.getRegisteredService();
val request = new MockHttpServletRequest();
assertTrue(eval.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, request));
}
use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.
the class GroovyMultifactorAuthenticationProviderBypassEvaluatorTests method runGroovyBypassFor.
private static boolean runGroovyBypassFor(final Authentication authentication) {
val request = new MockHttpServletRequest();
val properties = new MultifactorAuthenticationProviderBypassProperties();
properties.getGroovy().setLocation(new ClassPathResource("GroovyBypass.groovy"));
val provider = new TestMultifactorAuthenticationProvider();
val groovy = new GroovyMultifactorAuthenticationProviderBypassEvaluator(properties, provider.getId());
val registeredService = mock(RegisteredService.class);
when(registeredService.getName()).thenReturn("Service");
when(registeredService.getServiceId()).thenReturn("http://app.org");
when(registeredService.getId()).thenReturn(1000L);
val applicationContext = new StaticApplicationContext();
applicationContext.refresh();
ApplicationContextProvider.holdApplicationContext(applicationContext);
ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
return groovy.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, request);
}
use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.
the class RestMultifactorAuthenticationProviderBypassEvaluatorTests method verifyOperationFailsWithNoProvider.
@Test
public void verifyOperationFailsWithNoProvider() {
try (val webServer = new MockWebServer(9316, new ByteArrayResource("Y".getBytes(StandardCharsets.UTF_8), "REST Output"), HttpStatus.ACCEPTED)) {
webServer.start();
val props = new MultifactorAuthenticationProviderBypassProperties();
props.getRest().setUrl("http://localhost:9316");
val provider = new TestMultifactorAuthenticationProvider();
val r = new RestMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
val res = r.shouldMultifactorAuthenticationProviderExecute(MultifactorAuthenticationTestUtils.getAuthentication("casuser"), MultifactorAuthenticationTestUtils.getRegisteredService(), null, new MockHttpServletRequest());
assertTrue(res);
}
}
Aggregations