use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.
the class DefaultCasEventListener method prepareCasEvent.
private static CasEvent prepareCasEvent(final AbstractCasEvent event) {
final CasEvent dto = new CasEvent();
dto.setType(event.getClass().getCanonicalName());
dto.putTimestamp(event.getTimestamp());
dto.setCreationTime(DateTimeUtils.zonedDateTimeOf(event.getTimestamp()).toString());
final ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
dto.putClientIpAddress(clientInfo.getClientIpAddress());
dto.putServerIpAddress(clientInfo.getServerIpAddress());
dto.putAgent(WebUtils.getHttpServletRequestUserAgentFromRequestContext());
final GeoLocationRequest location = WebUtils.getHttpServletRequestGeoLocationFromRequestContext();
if (location != null) {
dto.putGeoLocation(location);
}
return dto;
}
use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.
the class AdaptiveMultifactorAuthenticationPolicyEventResolver method checkRequireMultifactorProvidersForRequest.
private Set<Event> checkRequireMultifactorProvidersForRequest(final RequestContext context, final RegisteredService service, final Authentication authentication) {
final ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
final String clientIp = clientInfo.getClientIpAddress();
LOGGER.debug("Located client IP address as [{}]", clientIp);
final String agent = WebUtils.getHttpServletRequestUserAgentFromRequestContext();
final Map<String, MultifactorAuthenticationProvider> providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
final Set<Map.Entry<String, String>> entries = multifactorMap.entrySet();
for (final Map.Entry entry : entries) {
final String mfaMethod = entry.getKey().toString();
final String pattern = entry.getValue().toString();
final Optional<MultifactorAuthenticationProvider> providerFound = resolveProvider(providerMap, mfaMethod);
if (!providerFound.isPresent()) {
LOGGER.error("Adaptive authentication is configured to require [{}] for [{}], yet [{}] is absent in the configuration.", mfaMethod, pattern, mfaMethod);
throw new AuthenticationException();
}
if (checkUserAgentOrClientIp(clientIp, agent, mfaMethod, pattern)) {
return buildEvent(context, service, authentication, providerFound.get());
}
if (checkRequestGeoLocation(clientIp, mfaMethod, pattern)) {
return buildEvent(context, service, authentication, providerFound.get());
}
}
return null;
}
use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.
the class SendTicketGrantingTicketActionSsoTests method verifySsoSessionCookieOnRenewAsParameter.
@Test
public void verifySsoSessionCookieOnRenewAsParameter() throws Exception {
final MockHttpServletResponse response = new MockHttpServletResponse();
final MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(CasProtocolConstants.PARAMETER_RENEW, "true");
request.setRemoteAddr(LOCALHOST_IP);
request.setLocalAddr(LOCALHOST_IP);
request.addHeader(HttpRequestUtils.USER_AGENT_HEADER, "test");
ClientInfoHolder.setClientInfo(new ClientInfo(request));
final TicketGrantingTicket tgt = mock(TicketGrantingTicket.class);
when(tgt.getId()).thenReturn(TEST_STRING);
request.setCookies(new Cookie("TGT", "test5"));
WebUtils.putTicketGrantingTicketInScopes(this.context, tgt);
this.context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
assertEquals(SUCCESS, action.execute(this.context).getId());
assertEquals(0, response.getCookies().length);
}
use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.
the class MultifactorAuthenticationTrustUtils method generateGeography.
/**
* Generate geography.
*
* @return the geography
*/
public static String generateGeography() {
final ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
final String geography = clientInfo.getClientIpAddress().concat("@").concat(WebUtils.getHttpServletRequestUserAgentFromRequestContext());
return geography;
}
use of org.apereo.inspektr.common.web.ClientInfo in project cas by apereo.
the class DefaultAdaptiveAuthenticationPolicyTests method verifyActionGeoLocationRejected.
@Test
public void verifyActionGeoLocationRejected() {
val request = new MockHttpServletRequest();
request.setRemoteAddr("185.86.151.11");
request.setLocalAddr("185.88.151.11");
request.addHeader(HttpRequestUtils.USER_AGENT_HEADER, USER_AGENT);
ClientInfoHolder.setClientInfo(new ClientInfo(request));
val geoRequest = new GeoLocationRequest(51.5, -0.118);
val props = new AdaptiveAuthenticationProperties();
props.getPolicy().setRejectCountries("UK");
val service = mock(GeoLocationService.class);
val response = new GeoLocationResponse();
response.addAddress("UK");
response.setLatitude(Double.parseDouble(geoRequest.getLatitude()));
response.setLongitude(Double.parseDouble(geoRequest.getLongitude()));
when(service.locate(anyString(), any())).thenReturn(response);
val p = new DefaultAdaptiveAuthenticationPolicy(service, IPAddressIntelligenceService.allowed(), props);
assertFalse(p.apply(new MockRequestContext(), USER_AGENT, geoRequest));
}
Aggregations