Examples with CasEvent org.apereo.cas.support.events.dao.CasEvent used on opensource projects

Example 16 with CasEvent

use of org.apereo.cas.support.events.dao.CasEvent in project cas by apereo.

the class DateTimeAuthenticationRequestRiskCalculator method calculateScore.

@Override
protected BigDecimal calculateScore(final HttpServletRequest request, final Authentication authentication, final RegisteredService service, final Supplier<Stream<? extends CasEvent>> events) {
    val windowInHours = casProperties.getAuthn().getAdaptive().getRisk().getDateTime().getWindowInHours();
    val timestamp = ZonedDateTime.now(ZoneOffset.UTC);
    LOGGER.debug("Filtering authentication events for timestamp [{}]", timestamp);
    val hoursFromNow = timestamp.plusHours(windowInHours).getHour();
    val hoursBeforeNow = timestamp.minusHours(windowInHours).getHour();
    val count = events.get().map(time -> {
        val dt = DateTimeUtils.convertToZonedDateTime(time.getCreationTime());
        val instant = ChronoZonedDateTime.from(dt).toInstant();
        val zdt = ZonedDateTime.ofInstant(instant, ZoneOffset.UTC);
        return zdt.getHour();
    }).filter(hour -> hoursBeforeNow <= hoursFromNow ? (hour >= hoursBeforeNow && hour <= hoursFromNow) : (hour >= hoursBeforeNow || hour <= hoursFromNow)).count();
    LOGGER.debug("Total authentication events found for [{}] in a [{}]h window: [{}]", timestamp, windowInHours, count);
    return calculateScoreBasedOnEventsCount(authentication, events, count);
}

Example 17 with CasEvent

use of org.apereo.cas.support.events.dao.CasEvent in project cas by apereo.

the class DefaultCasEventListener method handleCasAuthenticationPolicyFailureEvent.

/**
 * Handle cas authentication policy failure event.
 *
 * @param event the event
 */
@EventListener
public void handleCasAuthenticationPolicyFailureEvent(final CasAuthenticationPolicyFailureEvent event) {
    if (this.casEventRepository != null) {
        final CasEvent dto = prepareCasEvent(event);
        dto.setPrincipalId(event.getAuthentication().getPrincipal().getId());
        dto.putId(CasAuthenticationPolicyFailureEvent.class.getSimpleName());
        this.casEventRepository.save(dto);
    }
}

Example 18 with CasEvent

use of org.apereo.cas.support.events.dao.CasEvent in project cas by apereo.

the class DefaultCasEventListener method handleCasTicketGrantingTicketCreatedEvent.

/**
 * Handle TGT creation event.
 *
 * @param event the event
 */
@EventListener
public void handleCasTicketGrantingTicketCreatedEvent(final CasTicketGrantingTicketCreatedEvent event) {
    if (this.casEventRepository != null) {
        final CasEvent dto = prepareCasEvent(event);
        dto.setCreationTime(event.getTicketGrantingTicket().getCreationTime().toString());
        dto.putId(TicketIdSanitizationUtils.sanitize(event.getTicketGrantingTicket().getId()));
        dto.setPrincipalId(event.getTicketGrantingTicket().getAuthentication().getPrincipal().getId());
        this.casEventRepository.save(dto);
    }
}

Example 19 with CasEvent

use of org.apereo.cas.support.events.dao.CasEvent in project cas by apereo.

the class AbstractCasEventRepositoryTests method getCasEvent.

private CasEvent getCasEvent() {
    final TicketGrantingTicket ticket = new MockTicketGrantingTicket("casuser");
    final CasTicketGrantingTicketCreatedEvent event = new CasTicketGrantingTicketCreatedEvent(this, ticket);
    final CasEvent dto = new CasEvent();
    dto.setType(event.getClass().getCanonicalName());
    dto.putTimestamp(event.getTimestamp());
    dto.setCreationTime(event.getTicketGrantingTicket().getCreationTime().toString());
    dto.putId(event.getTicketGrantingTicket().getId());
    dto.setPrincipalId(event.getTicketGrantingTicket().getAuthentication().getPrincipal().getId());
    return dto;
}

Example 20 with CasEvent

use of org.apereo.cas.support.events.dao.CasEvent in project cas by apereo.

the class GeoLocationAuthenticationRequestRiskCalculator method calculateScore.

@Override
protected BigDecimal calculateScore(final HttpServletRequest request, final Authentication authentication, final RegisteredService service, final Collection<CasEvent> events) {
    final GeoLocationRequest loc = WebUtils.getHttpServletRequestGeoLocation(request);
    if (loc != null && loc.isValid()) {
        LOGGER.debug("Filtering authentication events for geolocation [{}]", loc);
        final long count = events.stream().filter(e -> e.getGeoLocation().equals(loc)).count();
        LOGGER.debug("Total authentication events found for [{}]: [{}]", loc, count);
        if (count == events.size()) {
            LOGGER.debug("Principal [{}] has always authenticated from [{}]", authentication.getPrincipal(), loc);
            return LOWEST_RISK_SCORE;
        }
        return getFinalAveragedScore(count, events.size());
    }
    final String remoteAddr = ClientInfoHolder.getClientInfo().getClientIpAddress();
    LOGGER.debug("Filtering authentication events for location based on ip [{}]", remoteAddr);
    final GeoLocationResponse response = this.geoLocationService.locate(remoteAddr);
    if (response != null) {
        final long count = events.stream().filter(e -> e.getGeoLocation().equals(new GeoLocationRequest(response.getLatitude(), response.getLongitude()))).count();
        LOGGER.debug("Total authentication events found for location of [{}]: [{}]", remoteAddr, count);
        if (count == events.size()) {
            LOGGER.debug("Principal [{}] has always authenticated from [{}]", authentication.getPrincipal(), loc);
            return LOWEST_RISK_SCORE;
        }
        return getFinalAveragedScore(count, events.size());
    }
    LOGGER.debug("Request does not contain enough geolocation data");
    return HIGHEST_RISK_SCORE;
}