use of org.apereo.cas.services.VariegatedMultifactorAuthenticationProvider in project cas by apereo.
the class DuoSecurityAuthenticationEventExecutionPlanConfiguration method duoMultifactorAuthenticationProvider.
@ConditionalOnMissingBean(name = "duoMultifactorAuthenticationProvider")
@Bean
@RefreshScope
public VariegatedMultifactorAuthenticationProvider duoMultifactorAuthenticationProvider() {
final DefaultVariegatedMultifactorAuthenticationProvider provider = new DefaultVariegatedMultifactorAuthenticationProvider();
casProperties.getAuthn().getMfa().getDuo().stream().filter(duo -> StringUtils.isNotBlank(duo.getDuoApiHost()) && StringUtils.isNotBlank(duo.getDuoIntegrationKey()) && StringUtils.isNotBlank(duo.getDuoSecretKey()) && StringUtils.isNotBlank(duo.getDuoApplicationKey())).forEach(duo -> {
final BasicDuoSecurityAuthenticationService s = new BasicDuoSecurityAuthenticationService(duo, httpClient);
final DefaultDuoMultifactorAuthenticationProvider duoP = new DefaultDuoMultifactorAuthenticationProvider(duo.getRegistrationUrl(), s);
duoP.setGlobalFailureMode(casProperties.getAuthn().getMfa().getGlobalFailureMode());
duoP.setBypassEvaluator(MultifactorAuthenticationUtils.newMultifactorAuthenticationProviderBypass(duo.getBypass()));
duoP.setOrder(duo.getRank());
duoP.setId(duo.getId());
provider.addProvider(duoP);
});
if (provider.getProviders().isEmpty()) {
throw new IllegalArgumentException("At least one Duo instance must be defined");
}
return provider;
}
Aggregations