Search in sources :

Example 1 with GroovyShellScript

use of org.apereo.cas.util.scripting.GroovyShellScript in project cas by apereo.

the class RegisteredServiceScriptedAttributeFilter method initializeWatchableScriptIfNeeded.

@PostLoad
@SneakyThrows
private void initializeWatchableScriptIfNeeded() {
    if (this.executableScript == null) {
        val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(script);
        val matcherFile = ScriptingUtils.getMatcherForExternalGroovyScript(script);
        if (matcherFile.find()) {
            val resource = ResourceUtils.getRawResourceFrom(matcherFile.group(2));
            this.executableScript = new WatchableGroovyScriptResource(resource);
        } else if (matcherInline.find()) {
            this.executableScript = new GroovyShellScript(matcherInline.group(1));
        }
    }
}
Also used : lombok.val(lombok.val) WatchableGroovyScriptResource(org.apereo.cas.util.scripting.WatchableGroovyScriptResource) GroovyShellScript(org.apereo.cas.util.scripting.GroovyShellScript) PostLoad(javax.persistence.PostLoad) SneakyThrows(lombok.SneakyThrows)

Example 2 with GroovyShellScript

use of org.apereo.cas.util.scripting.GroovyShellScript in project cas by apereo.

the class GroovyRegisteredServiceUsernameProvider method initializeWatchableScriptIfNeeded.

@PostLoad
@SneakyThrows
private void initializeWatchableScriptIfNeeded() {
    if (this.executableScript == null) {
        val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(groovyScript);
        val matcherFile = ScriptingUtils.getMatcherForExternalGroovyScript(groovyScript);
        if (matcherFile.find()) {
            val script = SpringExpressionLanguageValueResolver.getInstance().resolve(matcherFile.group());
            val resource = ResourceUtils.getRawResourceFrom(script);
            this.executableScript = new WatchableGroovyScriptResource(resource);
        } else if (matcherInline.find()) {
            this.executableScript = new GroovyShellScript(matcherInline.group(1));
        }
    }
}
Also used : lombok.val(lombok.val) WatchableGroovyScriptResource(org.apereo.cas.util.scripting.WatchableGroovyScriptResource) GroovyShellScript(org.apereo.cas.util.scripting.GroovyShellScript) PostLoad(javax.persistence.PostLoad) SneakyThrows(lombok.SneakyThrows)

Example 3 with GroovyShellScript

use of org.apereo.cas.util.scripting.GroovyShellScript in project cas by apereo.

the class ScriptedRegisteredServiceMultifactorAuthenticationTrigger method isActivated.

@Override
public Optional<MultifactorAuthenticationProvider> isActivated(final Authentication authentication, final RegisteredService registeredService, final HttpServletRequest httpServletRequest, final HttpServletResponse response, final Service service) {
    if (authentication == null || registeredService == null) {
        LOGGER.debug("No authentication or service is available to determine event for principal");
        return Optional.empty();
    }
    val policy = registeredService.getMultifactorPolicy();
    if (policy == null || StringUtils.isBlank(policy.getScript())) {
        LOGGER.trace("Multifactor authentication policy is absent or does not define a script to trigger multifactor authentication");
        return Optional.empty();
    }
    val mfaScript = policy.getScript();
    val providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
    if (providerMap.isEmpty()) {
        LOGGER.error("No multifactor authentication providers are available in the application context");
        throw new AuthenticationException(new MultifactorAuthenticationProviderAbsentException());
    }
    LOGGER.trace("Locating multifactor authentication trigger script [{}] in script cache...", mfaScript);
    if (!scriptCache.containsKey(mfaScript)) {
        val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(mfaScript);
        val matcherFile = ScriptingUtils.getMatcherForExternalGroovyScript(mfaScript);
        if (matcherInline.find()) {
            val script = new GroovyShellScript(matcherInline.group(1));
            scriptCache.put(mfaScript, script);
            LOGGER.trace("Caching multifactor authentication trigger script as an executable shell script");
        } else if (matcherFile.find()) {
            try {
                val scriptPath = SpringExpressionLanguageValueResolver.getInstance().resolve(matcherFile.group());
                val resource = ResourceUtils.getResourceFrom(scriptPath);
                val script = new WatchableGroovyScriptResource(resource);
                scriptCache.put(mfaScript, script);
                LOGGER.trace("Caching multifactor authentication trigger script as script resource [{}]", resource);
            } catch (final Exception e) {
                LoggingUtils.error(LOGGER, e);
            }
        }
    }
    if (scriptCache.containsKey(mfaScript)) {
        val executableScript = scriptCache.get(mfaScript);
        LOGGER.debug("Executing multifactor authentication trigger script [{}]", executableScript);
        val result = executableScript.execute(new Object[] { authentication, registeredService, httpServletRequest, service, applicationContext, LOGGER }, String.class);
        LOGGER.debug("Multifactor authentication provider delivered by trigger script is [{}]", result);
        if (StringUtils.isBlank(result)) {
            LOGGER.debug("No multifactor authentication is returned from trigger script");
            return Optional.empty();
        }
        val providerResult = providerMap.values().stream().filter(provider -> provider.getId().equalsIgnoreCase(result)).findFirst();
        if (providerResult.isEmpty()) {
            LOGGER.error("Unable to locate multifactor authentication provider [{}] in the application context", result);
            throw new AuthenticationException(new MultifactorAuthenticationProviderAbsentException());
        }
        return providerResult;
    }
    return Optional.empty();
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) Ordered(org.springframework.core.Ordered) Setter(lombok.Setter) Getter(lombok.Getter) RequiredArgsConstructor(lombok.RequiredArgsConstructor) MultifactorAuthenticationProvider(org.apereo.cas.authentication.MultifactorAuthenticationProvider) MultifactorAuthenticationTrigger(org.apereo.cas.authentication.MultifactorAuthenticationTrigger) StringUtils(org.apache.commons.lang3.StringUtils) MultifactorAuthenticationProviderAbsentException(org.apereo.cas.authentication.MultifactorAuthenticationProviderAbsentException) LoggingUtils(org.apereo.cas.util.LoggingUtils) ScriptingUtils(org.apereo.cas.util.scripting.ScriptingUtils) HttpServletRequest(javax.servlet.http.HttpServletRequest) Authentication(org.apereo.cas.authentication.Authentication) Map(java.util.Map) JsonIgnore(com.fasterxml.jackson.annotation.JsonIgnore) MultifactorAuthenticationUtils(org.apereo.cas.authentication.MultifactorAuthenticationUtils) GroovyShellScript(org.apereo.cas.util.scripting.GroovyShellScript) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) ResourceUtils(org.apereo.cas.util.ResourceUtils) lombok.val(lombok.val) HttpServletResponse(javax.servlet.http.HttpServletResponse) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) WatchableGroovyScriptResource(org.apereo.cas.util.scripting.WatchableGroovyScriptResource) ApplicationContext(org.springframework.context.ApplicationContext) RegisteredService(org.apereo.cas.services.RegisteredService) Slf4j(lombok.extern.slf4j.Slf4j) SpringExpressionLanguageValueResolver(org.apereo.cas.util.spring.SpringExpressionLanguageValueResolver) Transient(javax.persistence.Transient) Service(org.apereo.cas.authentication.principal.Service) Optional(java.util.Optional) ExecutableCompiledGroovyScript(org.apereo.cas.util.scripting.ExecutableCompiledGroovyScript) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) MultifactorAuthenticationProviderAbsentException(org.apereo.cas.authentication.MultifactorAuthenticationProviderAbsentException) WatchableGroovyScriptResource(org.apereo.cas.util.scripting.WatchableGroovyScriptResource) GroovyShellScript(org.apereo.cas.util.scripting.GroovyShellScript) MultifactorAuthenticationProviderAbsentException(org.apereo.cas.authentication.MultifactorAuthenticationProviderAbsentException) AuthenticationException(org.apereo.cas.authentication.AuthenticationException)

Aggregations

lombok.val (lombok.val)3 GroovyShellScript (org.apereo.cas.util.scripting.GroovyShellScript)3 WatchableGroovyScriptResource (org.apereo.cas.util.scripting.WatchableGroovyScriptResource)3 PostLoad (javax.persistence.PostLoad)2 SneakyThrows (lombok.SneakyThrows)2 JsonIgnore (com.fasterxml.jackson.annotation.JsonIgnore)1 Map (java.util.Map)1 Optional (java.util.Optional)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 Transient (javax.persistence.Transient)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 Getter (lombok.Getter)1 RequiredArgsConstructor (lombok.RequiredArgsConstructor)1 Setter (lombok.Setter)1 Slf4j (lombok.extern.slf4j.Slf4j)1 StringUtils (org.apache.commons.lang3.StringUtils)1 Authentication (org.apereo.cas.authentication.Authentication)1 AuthenticationException (org.apereo.cas.authentication.AuthenticationException)1 MultifactorAuthenticationProvider (org.apereo.cas.authentication.MultifactorAuthenticationProvider)1