Examples with WatchableGroovyScriptResource org.apereo.cas.util.scripting.WatchableGroovyScriptResource used on opensource projects

Search in sources :

Example 6 with WatchableGroovyScriptResource

use of org.apereo.cas.util.scripting.WatchableGroovyScriptResource in project cas by apereo.

the class ScriptedRegisteredServiceMultifactorAuthenticationTrigger method isActivated.

@Override
public Optional<MultifactorAuthenticationProvider> isActivated(final Authentication authentication, final RegisteredService registeredService, final HttpServletRequest httpServletRequest, final HttpServletResponse response, final Service service) {
    if (authentication == null || registeredService == null) {
        LOGGER.debug("No authentication or service is available to determine event for principal");
        return Optional.empty();
    }
    val policy = registeredService.getMultifactorPolicy();
    if (policy == null || StringUtils.isBlank(policy.getScript())) {
        LOGGER.trace("Multifactor authentication policy is absent or does not define a script to trigger multifactor authentication");
        return Optional.empty();
    }
    val mfaScript = policy.getScript();
    val providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
    if (providerMap.isEmpty()) {
        LOGGER.error("No multifactor authentication providers are available in the application context");
        throw new AuthenticationException(new MultifactorAuthenticationProviderAbsentException());
    }
    LOGGER.trace("Locating multifactor authentication trigger script [{}] in script cache...", mfaScript);
    if (!scriptCache.containsKey(mfaScript)) {
        val matcherInline = ScriptingUtils.getMatcherForInlineGroovyScript(mfaScript);
        val matcherFile = ScriptingUtils.getMatcherForExternalGroovyScript(mfaScript);
        if (matcherInline.find()) {
            val script = new GroovyShellScript(matcherInline.group(1));
            scriptCache.put(mfaScript, script);
            LOGGER.trace("Caching multifactor authentication trigger script as an executable shell script");
        } else if (matcherFile.find()) {
            try {
                val scriptPath = SpringExpressionLanguageValueResolver.getInstance().resolve(matcherFile.group());
                val resource = ResourceUtils.getResourceFrom(scriptPath);
                val script = new WatchableGroovyScriptResource(resource);
                scriptCache.put(mfaScript, script);
                LOGGER.trace("Caching multifactor authentication trigger script as script resource [{}]", resource);
            } catch (final Exception e) {
                LoggingUtils.error(LOGGER, e);
            }
        }
    }
    if (scriptCache.containsKey(mfaScript)) {
        val executableScript = scriptCache.get(mfaScript);
        LOGGER.debug("Executing multifactor authentication trigger script [{}]", executableScript);
        val result = executableScript.execute(new Object[] { authentication, registeredService, httpServletRequest, service, applicationContext, LOGGER }, String.class);
        LOGGER.debug("Multifactor authentication provider delivered by trigger script is [{}]", result);
        if (StringUtils.isBlank(result)) {
            LOGGER.debug("No multifactor authentication is returned from trigger script");
            return Optional.empty();
        }
        val providerResult = providerMap.values().stream().filter(provider -> provider.getId().equalsIgnoreCase(result)).findFirst();
        if (providerResult.isEmpty()) {
            LOGGER.error("Unable to locate multifactor authentication provider [{}] in the application context", result);
            throw new AuthenticationException(new MultifactorAuthenticationProviderAbsentException());
        }
        return providerResult;
    }
    return Optional.empty();
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) Ordered(org.springframework.core.Ordered) Setter(lombok.Setter) Getter(lombok.Getter) RequiredArgsConstructor(lombok.RequiredArgsConstructor) MultifactorAuthenticationProvider(org.apereo.cas.authentication.MultifactorAuthenticationProvider) MultifactorAuthenticationTrigger(org.apereo.cas.authentication.MultifactorAuthenticationTrigger) StringUtils(org.apache.commons.lang3.StringUtils) MultifactorAuthenticationProviderAbsentException(org.apereo.cas.authentication.MultifactorAuthenticationProviderAbsentException) LoggingUtils(org.apereo.cas.util.LoggingUtils) ScriptingUtils(org.apereo.cas.util.scripting.ScriptingUtils) HttpServletRequest(javax.servlet.http.HttpServletRequest) Authentication(org.apereo.cas.authentication.Authentication) Map(java.util.Map) JsonIgnore(com.fasterxml.jackson.annotation.JsonIgnore) MultifactorAuthenticationUtils(org.apereo.cas.authentication.MultifactorAuthenticationUtils) GroovyShellScript(org.apereo.cas.util.scripting.GroovyShellScript) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) ResourceUtils(org.apereo.cas.util.ResourceUtils) lombok.val(lombok.val) HttpServletResponse(javax.servlet.http.HttpServletResponse) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) WatchableGroovyScriptResource(org.apereo.cas.util.scripting.WatchableGroovyScriptResource) ApplicationContext(org.springframework.context.ApplicationContext) RegisteredService(org.apereo.cas.services.RegisteredService) Slf4j(lombok.extern.slf4j.Slf4j) SpringExpressionLanguageValueResolver(org.apereo.cas.util.spring.SpringExpressionLanguageValueResolver) Transient(javax.persistence.Transient) Service(org.apereo.cas.authentication.principal.Service) Optional(java.util.Optional) ExecutableCompiledGroovyScript(org.apereo.cas.util.scripting.ExecutableCompiledGroovyScript) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) MultifactorAuthenticationProviderAbsentException(org.apereo.cas.authentication.MultifactorAuthenticationProviderAbsentException) WatchableGroovyScriptResource(org.apereo.cas.util.scripting.WatchableGroovyScriptResource) GroovyShellScript(org.apereo.cas.util.scripting.GroovyShellScript) MultifactorAuthenticationProviderAbsentException(org.apereo.cas.authentication.MultifactorAuthenticationProviderAbsentException) AuthenticationException(org.apereo.cas.authentication.AuthenticationException)

Aggregations

lombok.val (lombok.val)6 WatchableGroovyScriptResource (org.apereo.cas.util.scripting.WatchableGroovyScriptResource)6 GroovyShellScript (org.apereo.cas.util.scripting.GroovyShellScript)3 PostLoad (javax.persistence.PostLoad)2 SneakyThrows (lombok.SneakyThrows)2 ExecutableCompiledGroovyScript (org.apereo.cas.util.scripting.ExecutableCompiledGroovyScript)2 JsonIgnore (com.fasterxml.jackson.annotation.JsonIgnore)1 LinkedHashMap (java.util.LinkedHashMap)1 Map (java.util.Map)1 Optional (java.util.Optional)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 Transient (javax.persistence.Transient)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 Getter (lombok.Getter)1 RequiredArgsConstructor (lombok.RequiredArgsConstructor)1 Setter (lombok.Setter)1 Slf4j (lombok.extern.slf4j.Slf4j)1 StringUtils (org.apache.commons.lang3.StringUtils)1 Authentication (org.apereo.cas.authentication.Authentication)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial