Search in sources :

Example 6 with ClientInfo

use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.

the class DefaultCasEventListener method prepareCasEvent.

private static CasEvent prepareCasEvent(final AbstractCasEvent event) {
    final CasEvent dto = new CasEvent();
    dto.setType(event.getClass().getCanonicalName());
    dto.putTimestamp(event.getTimestamp());
    dto.setCreationTime(DateTimeUtils.zonedDateTimeOf(event.getTimestamp()).toString());
    final ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
    dto.putClientIpAddress(clientInfo.getClientIpAddress());
    dto.putServerIpAddress(clientInfo.getServerIpAddress());
    dto.putAgent(WebUtils.getHttpServletRequestUserAgentFromRequestContext());
    final GeoLocationRequest location = WebUtils.getHttpServletRequestGeoLocationFromRequestContext();
    if (location != null) {
        dto.putGeoLocation(location);
    }
    return dto;
}
Also used : AbstractCasEvent(org.apereo.cas.support.events.AbstractCasEvent) CasEvent(org.apereo.cas.support.events.dao.CasEvent) ClientInfo(org.apereo.inspektr.common.web.ClientInfo) GeoLocationRequest(org.apereo.cas.authentication.adaptive.geo.GeoLocationRequest)

Example 7 with ClientInfo

use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.

the class AdaptiveMultifactorAuthenticationPolicyEventResolver method checkRequireMultifactorProvidersForRequest.

private Set<Event> checkRequireMultifactorProvidersForRequest(final RequestContext context, final RegisteredService service, final Authentication authentication) {
    final ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
    final String clientIp = clientInfo.getClientIpAddress();
    LOGGER.debug("Located client IP address as [{}]", clientIp);
    final String agent = WebUtils.getHttpServletRequestUserAgentFromRequestContext();
    final Map<String, MultifactorAuthenticationProvider> providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
    final Set<Map.Entry<String, String>> entries = multifactorMap.entrySet();
    for (final Map.Entry entry : entries) {
        final String mfaMethod = entry.getKey().toString();
        final String pattern = entry.getValue().toString();
        final Optional<MultifactorAuthenticationProvider> providerFound = resolveProvider(providerMap, mfaMethod);
        if (!providerFound.isPresent()) {
            LOGGER.error("Adaptive authentication is configured to require [{}] for [{}], yet [{}] is absent in the configuration.", mfaMethod, pattern, mfaMethod);
            throw new AuthenticationException();
        }
        if (checkUserAgentOrClientIp(clientIp, agent, mfaMethod, pattern)) {
            return buildEvent(context, service, authentication, providerFound.get());
        }
        if (checkRequestGeoLocation(clientIp, mfaMethod, pattern)) {
            return buildEvent(context, service, authentication, providerFound.get());
        }
    }
    return null;
}
Also used : AuthenticationException(org.apereo.cas.authentication.AuthenticationException) ClientInfo(org.apereo.inspektr.common.web.ClientInfo) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider) Map(java.util.Map)

Example 8 with ClientInfo

use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.

the class SendTicketGrantingTicketActionSsoTests method verifySsoSessionCookieOnRenewAsParameter.

@Test
public void verifySsoSessionCookieOnRenewAsParameter() throws Exception {
    final MockHttpServletResponse response = new MockHttpServletResponse();
    final MockHttpServletRequest request = new MockHttpServletRequest();
    request.addParameter(CasProtocolConstants.PARAMETER_RENEW, "true");
    request.setRemoteAddr(LOCALHOST_IP);
    request.setLocalAddr(LOCALHOST_IP);
    request.addHeader(HttpRequestUtils.USER_AGENT_HEADER, "test");
    ClientInfoHolder.setClientInfo(new ClientInfo(request));
    final TicketGrantingTicket tgt = mock(TicketGrantingTicket.class);
    when(tgt.getId()).thenReturn(TEST_STRING);
    request.setCookies(new Cookie("TGT", "test5"));
    WebUtils.putTicketGrantingTicketInScopes(this.context, tgt);
    this.context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    assertEquals(SUCCESS, action.execute(this.context).getId());
    assertEquals(0, response.getCookies().length);
}
Also used : Cookie(javax.servlet.http.Cookie) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TicketGrantingTicket(org.apereo.cas.ticket.TicketGrantingTicket) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) ClientInfo(org.apereo.inspektr.common.web.ClientInfo) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) Test(org.junit.Test)

Example 9 with ClientInfo

use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.

the class MultifactorAuthenticationTrustUtils method generateGeography.

/**
 * Generate geography.
 *
 * @return the geography
 */
public static String generateGeography() {
    final ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
    final String geography = clientInfo.getClientIpAddress().concat("@").concat(WebUtils.getHttpServletRequestUserAgentFromRequestContext());
    return geography;
}
Also used : ClientInfo(org.apereo.inspektr.common.web.ClientInfo)

Example 10 with ClientInfo

use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.

the class DefaultAdaptiveAuthenticationPolicyTests method verifyActionGeoLocationRejected.

@Test
public void verifyActionGeoLocationRejected() {
    val request = new MockHttpServletRequest();
    request.setRemoteAddr("185.86.151.11");
    request.setLocalAddr("185.88.151.11");
    request.addHeader(HttpRequestUtils.USER_AGENT_HEADER, USER_AGENT);
    ClientInfoHolder.setClientInfo(new ClientInfo(request));
    val geoRequest = new GeoLocationRequest(51.5, -0.118);
    val props = new AdaptiveAuthenticationProperties();
    props.getPolicy().setRejectCountries("UK");
    val service = mock(GeoLocationService.class);
    val response = new GeoLocationResponse();
    response.addAddress("UK");
    response.setLatitude(Double.parseDouble(geoRequest.getLatitude()));
    response.setLongitude(Double.parseDouble(geoRequest.getLongitude()));
    when(service.locate(anyString(), any())).thenReturn(response);
    val p = new DefaultAdaptiveAuthenticationPolicy(service, IPAddressIntelligenceService.allowed(), props);
    assertFalse(p.apply(new MockRequestContext(), USER_AGENT, geoRequest));
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) GeoLocationResponse(org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse) AdaptiveAuthenticationProperties(org.apereo.cas.configuration.model.core.authentication.AdaptiveAuthenticationProperties) ClientInfo(org.apereo.inspektr.common.web.ClientInfo) MockRequestContext(org.springframework.webflow.test.MockRequestContext) GeoLocationRequest(org.apereo.cas.authentication.adaptive.geo.GeoLocationRequest) Test(org.junit.jupiter.api.Test)

Aggregations

ClientInfo (org.apereo.inspektr.common.web.ClientInfo)82 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)69 lombok.val (lombok.val)65 Test (org.junit.jupiter.api.Test)42 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)36 MockRequestContext (org.springframework.webflow.test.MockRequestContext)35 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)31 MockServletContext (org.springframework.mock.web.MockServletContext)29 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)14 MockWebServer (org.apereo.cas.util.MockWebServer)13 ByteArrayResource (org.springframework.core.io.ByteArrayResource)13 BeforeEach (org.junit.jupiter.api.BeforeEach)12 BeforeAll (org.junit.jupiter.api.BeforeAll)6 AuthenticationException (org.apereo.cas.authentication.AuthenticationException)5 GeoLocationRequest (org.apereo.cas.authentication.adaptive.geo.GeoLocationRequest)5 ClassPathResource (org.springframework.core.io.ClassPathResource)5 LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)4 Cookie (javax.servlet.http.Cookie)4 GeoLocationResponse (org.apereo.cas.authentication.adaptive.geo.GeoLocationResponse)4 AdaptiveAuthenticationProperties (org.apereo.cas.configuration.model.core.authentication.AdaptiveAuthenticationProperties)4