Search in sources :

Example 11 with MultifactorAuthenticationProviderBypassProperties

use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.

the class DefaultRequestedAuthenticationContextValidatorTests method verifyRequestedAuthenticationContextNotBypassed.

@Test
public void verifyRequestedAuthenticationContextNotBypassed() {
    val applicationContext = buildApplicationContext();
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val props = new MultifactorAuthenticationProviderBypassProperties();
    props.setAuthenticationAttributeName("givenName");
    props.setAuthenticationAttributeValue("Not Bypassed");
    val bypass = new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(props, TestMultifactorAuthenticationProvider.ID);
    provider.setBypassEvaluator(bypass);
    val servicesManager = mock(ServicesManager.class);
    val validator = MultifactorAuthenticationTestUtils.mockRequestAuthnContextValidator(servicesManager, Optional.of(provider), applicationContext, BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.UNDEFINED.toString());
    val assertion = mock(Assertion.class);
    val principal = MultifactorAuthenticationTestUtils.getPrincipal(CASUSER);
    val auth = MultifactorAuthenticationTestUtils.getAuthentication(principal, AUTH_ATTRIBUTES);
    when(assertion.getPrimaryAuthentication()).thenReturn(auth);
    val result = validator.validateAuthenticationContext(assertion, new MockHttpServletRequest(), new MockHttpServletResponse());
    assertFalse(result.isSuccess());
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AuthenticationMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 12 with MultifactorAuthenticationProviderBypassProperties

use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.

the class AuthenticationMultifactorAuthenticationProviderBypassEvaluatorTests method verifyOperation.

@Test
public void verifyOperation() {
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    ApplicationContextProvider.holdApplicationContext(applicationContext);
    ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val eval = new DefaultChainingMultifactorAuthenticationBypassProvider();
    val bypassProps = new MultifactorAuthenticationProviderBypassProperties();
    bypassProps.setAuthenticationAttributeName("cn");
    bypassProps.setAuthenticationAttributeValue("ex.+");
    eval.addMultifactorAuthenticationProviderBypassEvaluator(new AuthenticationMultifactorAuthenticationProviderBypassEvaluator(bypassProps, TestMultifactorAuthenticationProvider.ID));
    val authentication = CoreAuthenticationTestUtils.getAuthentication("casuser", Map.of("cn", List.of("example")));
    val registeredService = CoreAuthenticationTestUtils.getRegisteredService();
    val policy = new DefaultRegisteredServiceMultifactorPolicy();
    when(registeredService.getMultifactorPolicy()).thenReturn(policy);
    assertFalse(eval.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, new MockHttpServletRequest()));
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) DefaultRegisteredServiceMultifactorPolicy(org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.jupiter.api.Test)

Example 13 with MultifactorAuthenticationProviderBypassProperties

use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.

the class HttpRequestMultifactorAuthenticationProviderBypassEvaluatorTests method verifyShouldProceed.

@Test
public void verifyShouldProceed() {
    val properties = new MultifactorAuthenticationProviderBypassProperties();
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    val provider = TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val eval = new HttpRequestMultifactorAuthenticationProviderBypassEvaluator(properties, provider.getId());
    val principal = CoreAuthenticationTestUtils.getPrincipal(Map.of("cn", List.of("example")));
    val authentication = CoreAuthenticationTestUtils.getAuthentication(principal);
    val registeredService = CoreAuthenticationTestUtils.getRegisteredService();
    val request = new MockHttpServletRequest();
    assertTrue(eval.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, request));
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.jupiter.api.Test)

Example 14 with MultifactorAuthenticationProviderBypassProperties

use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.

the class GroovyMultifactorAuthenticationProviderBypassEvaluatorTests method runGroovyBypassFor.

private static boolean runGroovyBypassFor(final Authentication authentication) {
    val request = new MockHttpServletRequest();
    val properties = new MultifactorAuthenticationProviderBypassProperties();
    properties.getGroovy().setLocation(new ClassPathResource("GroovyBypass.groovy"));
    val provider = new TestMultifactorAuthenticationProvider();
    val groovy = new GroovyMultifactorAuthenticationProviderBypassEvaluator(properties, provider.getId());
    val registeredService = mock(RegisteredService.class);
    when(registeredService.getName()).thenReturn("Service");
    when(registeredService.getServiceId()).thenReturn("http://app.org");
    when(registeredService.getId()).thenReturn(1000L);
    val applicationContext = new StaticApplicationContext();
    applicationContext.refresh();
    ApplicationContextProvider.holdApplicationContext(applicationContext);
    ApplicationContextProvider.registerBeanIntoApplicationContext(applicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    return groovy.shouldMultifactorAuthenticationProviderExecute(authentication, registeredService, provider, request);
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) StaticApplicationContext(org.springframework.context.support.StaticApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) GroovyMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator) ClassPathResource(org.springframework.core.io.ClassPathResource)

Example 15 with MultifactorAuthenticationProviderBypassProperties

use of org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties in project cas by apereo.

the class RestMultifactorAuthenticationProviderBypassEvaluatorTests method verifyOperationFailsWithNoProvider.

@Test
public void verifyOperationFailsWithNoProvider() {
    try (val webServer = new MockWebServer(9316, new ByteArrayResource("Y".getBytes(StandardCharsets.UTF_8), "REST Output"), HttpStatus.ACCEPTED)) {
        webServer.start();
        val props = new MultifactorAuthenticationProviderBypassProperties();
        props.getRest().setUrl("http://localhost:9316");
        val provider = new TestMultifactorAuthenticationProvider();
        val r = new RestMultifactorAuthenticationProviderBypassEvaluator(props, provider.getId());
        val res = r.shouldMultifactorAuthenticationProviderExecute(MultifactorAuthenticationTestUtils.getAuthentication("casuser"), MultifactorAuthenticationTestUtils.getRegisteredService(), null, new MockHttpServletRequest());
        assertTrue(res);
    }
}
Also used : lombok.val(lombok.val) MultifactorAuthenticationProviderBypassProperties(org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties) TestMultifactorAuthenticationProvider(org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider) RestMultifactorAuthenticationProviderBypassEvaluator(org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockWebServer(org.apereo.cas.util.MockWebServer) ByteArrayResource(org.springframework.core.io.ByteArrayResource) Test(org.junit.jupiter.api.Test)

Aggregations

lombok.val (lombok.val)20 MultifactorAuthenticationProviderBypassProperties (org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties)20 Test (org.junit.jupiter.api.Test)18 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)18 StaticApplicationContext (org.springframework.context.support.StaticApplicationContext)15 AuthenticationMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypassEvaluator)5 HttpRequestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypassEvaluator)5 TestMultifactorAuthenticationProvider (org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider)3 DefaultRegisteredServiceMultifactorPolicy (org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy)3 RestMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator)2 MockWebServer (org.apereo.cas.util.MockWebServer)2 ByteArrayResource (org.springframework.core.io.ByteArrayResource)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 HashMap (java.util.HashMap)1 Credential (org.apereo.cas.authentication.Credential)1 DefaultChainingMultifactorAuthenticationProvider (org.apereo.cas.authentication.DefaultChainingMultifactorAuthenticationProvider)1 DefaultMultifactorAuthenticationFailureModeEvaluator (org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator)1 CredentialMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypassEvaluator)1 DefaultChainingMultifactorAuthenticationBypassProvider (org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider)1 GroovyMultifactorAuthenticationProviderBypassEvaluator (org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypassEvaluator)1