Example 1 with YubiKeyMultifactorProperties
use of org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties in project cas by apereo.
the class YubiKeyAuthenticationEventExecutionPlanConfiguration method yubicoClient.
@RefreshScope
@Bean
@ConditionalOnMissingBean(name = "yubicoClient")
public YubicoClient yubicoClient() {
final YubiKeyMultifactorProperties yubi = this.casProperties.getAuthn().getMfa().getYubikey();
if (StringUtils.isBlank(yubi.getSecretKey())) {
throw new IllegalArgumentException("Yubikey secret key cannot be blank");
}
if (yubi.getClientId() <= 0) {
throw new IllegalArgumentException("Yubikey client id is undefined");
}
final YubicoClient client = YubicoClient.getClient(yubi.getClientId(), yubi.getSecretKey());
if (!yubi.getApiUrls().isEmpty()) {
final String[] urls = yubi.getApiUrls().toArray(new String[] {});
client.setWsapiUrls(urls);
}
return client;
}
Also used :
YubiKeyMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)
YubicoClient(com.yubico.client.v2.YubicoClient)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Example 2 with YubiKeyMultifactorProperties
use of org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties in project cas by apereo.
the class YubiKeyAuthenticationEventExecutionPlanConfiguration method yubikeyAuthenticationHandler.
@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "yubikeyAuthenticationHandler")
public AuthenticationHandler yubikeyAuthenticationHandler() {
final YubiKeyMultifactorProperties yubi = this.casProperties.getAuthn().getMfa().getYubikey();
final YubiKeyAuthenticationHandler handler = new YubiKeyAuthenticationHandler(yubi.getName(), servicesManager, yubikeyPrincipalFactory(), yubicoClient(), yubiKeyAccountRegistry());
return handler;
}
Also used :
YubiKeyMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)
YubiKeyAuthenticationHandler(org.apereo.cas.adaptors.yubikey.YubiKeyAuthenticationHandler)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Example 3 with YubiKeyMultifactorProperties
use of org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties in project cas by apereo.
the class MongoDbYubiKeyConfiguration method yubiKeyAccountRegistry.
@RefreshScope
@Bean
public YubiKeyAccountRegistry yubiKeyAccountRegistry() {
final YubiKeyMultifactorProperties yubi = casProperties.getAuthn().getMfa().getYubikey();
final MongoDbYubiKeyAccountRegistry registry = new MongoDbYubiKeyAccountRegistry(yubiKeyAccountValidator, mongoYubiKeyTemplate(), yubi.getMongo().getCollection());
registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
return registry;
}
Also used :
MongoDbYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.dao.MongoDbYubiKeyAccountRegistry)
YubiKeyMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
Bean(org.springframework.context.annotation.Bean)
Example 4 with YubiKeyMultifactorProperties
use of org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties in project cas by apereo.
the class YubiKeyAuthenticationEventExecutionPlanConfiguration method yubiKeyAccountRegistry.
@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "yubiKeyAccountRegistry")
public YubiKeyAccountRegistry yubiKeyAccountRegistry() {
final YubiKeyMultifactorProperties yubi = casProperties.getAuthn().getMfa().getYubikey();
if (yubi.getJsonFile() != null) {
LOGGER.debug("Using JSON resource [{}] as the YubiKey account registry", yubi.getJsonFile());
final JsonYubiKeyAccountRegistry registry = new JsonYubiKeyAccountRegistry(yubi.getJsonFile(), yubiKeyAccountValidator());
registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
return registry;
}
if (yubi.getAllowedDevices() != null) {
LOGGER.debug("Using statically-defined devices for [{}] as the YubiKey account registry", yubi.getAllowedDevices().keySet());
final WhitelistYubiKeyAccountRegistry registry = new WhitelistYubiKeyAccountRegistry(yubi.getAllowedDevices(), yubiKeyAccountValidator());
registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
return registry;
}
LOGGER.warn("All credentials are considered eligible for YubiKey authentication. " + "Consider providing an account registry implementation via [{}]", YubiKeyAccountRegistry.class.getName());
final OpenYubiKeyAccountRegistry registry = new OpenYubiKeyAccountRegistry(new DefaultYubiKeyAccountValidator(yubicoClient()));
registry.setCipherExecutor(this.yubikeyAccountCipherExecutor);
return registry;
}
Also used :
OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)
YubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry)
OpenYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)
WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)
JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)
YubiKeyMultifactorProperties(org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)
WhitelistYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)
DefaultYubiKeyAccountValidator(org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator)
JsonYubiKeyAccountRegistry(org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)
RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)
Bean(org.springframework.context.annotation.Bean)
Aggregations
YubiKeyMultifactorProperties (org.apereo.cas.configuration.model.support.mfa.YubiKeyMultifactorProperties)4
RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)4
Bean (org.springframework.context.annotation.Bean)4
ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)3
YubicoClient (com.yubico.client.v2.YubicoClient)1
DefaultYubiKeyAccountValidator (org.apereo.cas.adaptors.yubikey.DefaultYubiKeyAccountValidator)1
YubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry)1
YubiKeyAuthenticationHandler (org.apereo.cas.adaptors.yubikey.YubiKeyAuthenticationHandler)1
MongoDbYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.dao.MongoDbYubiKeyAccountRegistry)1
JsonYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.JsonYubiKeyAccountRegistry)1
OpenYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.OpenYubiKeyAccountRegistry)1
WhitelistYubiKeyAccountRegistry (org.apereo.cas.adaptors.yubikey.registry.WhitelistYubiKeyAccountRegistry)1
