Example 6 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class DetermineDuoUserAccountAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
final Authentication authentication = WebUtils.getAuthentication(requestContext);
final Principal p = authentication.getPrincipal();
final Collection<MultifactorAuthenticationProvider> providers = WebUtils.getResolvedMultifactorAuthenticationProviders(requestContext);
for (final MultifactorAuthenticationProvider pr : providers) {
final DuoMultifactorAuthenticationProvider duoProvider = this.provider.findProvider(pr.getId(), DuoMultifactorAuthenticationProvider.class);
final DuoSecurityAuthenticationService duoAuthenticationService = duoProvider.getDuoAuthenticationService();
final DuoUserAccount account = duoAuthenticationService.getDuoUserAccount(p.getId());
if (account.getStatus() == DuoUserAccountAuthStatus.ENROLL && StringUtils.isNotBlank(duoProvider.getRegistrationUrl())) {
requestContext.getFlowScope().put("duoRegistrationUrl", duoProvider.getRegistrationUrl());
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_ENROLL);
}
}
return success();
}
Also used :
DuoUserAccount(org.apereo.cas.adaptors.duo.DuoUserAccount)
Authentication(org.apereo.cas.authentication.Authentication)
DuoMultifactorAuthenticationProvider(org.apereo.cas.adaptors.duo.authn.DuoMultifactorAuthenticationProvider)
MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider)
DuoMultifactorAuthenticationProvider(org.apereo.cas.adaptors.duo.authn.DuoMultifactorAuthenticationProvider)
VariegatedMultifactorAuthenticationProvider(org.apereo.cas.services.VariegatedMultifactorAuthenticationProvider)
DuoSecurityAuthenticationService(org.apereo.cas.adaptors.duo.authn.DuoSecurityAuthenticationService)
Principal(org.apereo.cas.authentication.principal.Principal)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 7 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class CasSimpleMultifactorSendTokenAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
val authentication = WebUtils.getInProgressAuthentication();
val principal = resolvePrincipal(authentication.getPrincipal());
val token = getOrCreateToken(requestContext, principal);
LOGGER.debug("Using token [{}] created at [{}]", token.getId(), token.getCreationTime());
val strategy = tokenCommunicationStrategy.determineStrategy(token);
val smsSent = strategy.contains(CasSimpleMultifactorTokenCommunicationStrategy.TokenSharingStrategyOptions.SMS) && isSmsSent(communicationsManager, properties, principal, token);
val emailSent = strategy.contains(CasSimpleMultifactorTokenCommunicationStrategy.TokenSharingStrategyOptions.EMAIL) && isMailSent(communicationsManager, properties, principal, token, requestContext);
val notificationSent = strategy.contains(CasSimpleMultifactorTokenCommunicationStrategy.TokenSharingStrategyOptions.NOTIFICATION) && isNotificationSent(communicationsManager, principal, token);
if (smsSent || emailSent || notificationSent) {
addOrUpdateToken(token);
LOGGER.debug("Successfully submitted token via strategy option [{}] to [{}]", strategy, principal.getId());
WebUtils.addInfoMessageToContext(requestContext, MESSAGE_MFA_TOKEN_SENT);
val attributes = new LocalAttributeMap<Object>("token", token.getId());
WebUtils.putSimpleMultifactorAuthenticationToken(requestContext, token);
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_SUCCESS, attributes);
}
LOGGER.error("Communication strategies failed to submit token [{}] to user", token.getId());
return error();
}
Also used :
lombok.val(lombok.val)
LocalAttributeMap(org.springframework.webflow.core.collection.LocalAttributeMap)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 8 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class AccepttoMultifactorValidateChannelAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
val eventAttributes = new LocalAttributeMap<>();
try {
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
val webContext = new JEEContext(request, response);
val channel = AccepttoWebflowUtils.getChannel(webContext, sessionStore);
if (channel.isEmpty()) {
LOGGER.debug("Unable to determine channel from session store; not a validation attempt");
return null;
}
val authentication = AccepttoWebflowUtils.getAuthentication(webContext, sessionStore);
if (authentication == null) {
LOGGER.debug("Unable to determine the original authentication attempt the session store");
throw new AuthenticationException("Unable to determine authentication from session store");
}
WebUtils.putAuthentication(authentication, requestContext);
val credential = new AccepttoMultifactorTokenCredential(channel.toString());
val service = WebUtils.getService(requestContext);
LOGGER.debug("Cleaning up session store to remove [{}]", credential);
AccepttoWebflowUtils.resetChannelAndAuthentication(webContext, sessionStore);
AccepttoWebflowUtils.setChannel(requestContext, null);
LOGGER.debug("Attempting to authenticate channel [{}] with authentication [{}] and service [{}]", credential, authentication, service);
var resultBuilder = authenticationSystemSupport.establishAuthenticationContextFromInitial(authentication);
resultBuilder = authenticationSystemSupport.handleAuthenticationTransaction(service, resultBuilder, credential);
WebUtils.putAuthenticationResultBuilder(resultBuilder, requestContext);
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_FINALIZE);
} catch (final Exception e) {
eventAttributes.put("error", e);
LoggingUtils.error(LOGGER, e);
}
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, eventAttributes);
}
Also used :
lombok.val(lombok.val)
LocalAttributeMap(org.springframework.webflow.core.collection.LocalAttributeMap)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
JEEContext(org.pac4j.core.context.JEEContext)
AccepttoMultifactorTokenCredential(org.apereo.cas.mfa.accepto.AccepttoMultifactorTokenCredential)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
Example 9 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class AccepttoMultifactorDetermineUserAccountStatusAction method doExecute.
@Override
public Event doExecute(final RequestContext requestContext) {
val eventFactorySupport = new EventFactorySupport();
val acceptto = casProperties.getAuthn().getMfa().getAcceptto();
val authentication = WebUtils.getInProgressAuthentication();
val email = AccepttoApiUtils.getUserEmail(authentication, acceptto);
try {
LOGGER.trace("Contacting authentication API to inquire for account status of [{}]", email);
val results = AccepttoApiUtils.authenticate(authentication, acceptto, requestContext, this.apiPublicKey);
val responseCode = ObjectUtils.defaultIfNull(results.get("response_code"), StringUtils.EMPTY).toString();
val isApproved = results.containsKey("status") && responseCode.equalsIgnoreCase("approved");
if (isApproved) {
LOGGER.trace("Account status is approved for [{}]. Moving on...", email);
val credential = new AccepttoEmailCredential(email);
WebUtils.putCredential(requestContext, credential);
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_APPROVE);
}
if (results.isEmpty()) {
LOGGER.warn("No API response could be found for [{}]. Denying access...", email);
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_DENY);
}
val success = BooleanUtils.toBoolean(results.get("success").toString());
if (!success) {
LOGGER.warn("API response did not return successfully for [{}]. Denying access...", email);
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_DENY);
}
val shouldPairDevice = responseCode.equalsIgnoreCase("pair_device");
if (shouldPairDevice && results.containsKey("invite_token")) {
val originalToken = results.get("invite_token").toString();
LOGGER.trace("Located invitation token as [{}] for [{}].", originalToken, email);
val invitationToken = AccepttoApiUtils.decodeInvitationToken(originalToken);
LOGGER.trace("Decoded invitation token as [{}] for [{}].", invitationToken, email);
AccepttoWebflowUtils.setApplicationId(requestContext, acceptto.getApplicationId());
AccepttoWebflowUtils.setInvitationToken(requestContext, invitationToken);
if (results.containsKey("eguardian_user_id")) {
val eguardianUserId = CollectionUtils.firstElement(results.get("eguardian_user_id")).get();
AccepttoWebflowUtils.setEGuardianUserId(requestContext, eguardianUserId.toString());
}
val qrHash = AccepttoApiUtils.generateQRCodeHash(authentication, acceptto, invitationToken);
LOGGER.trace("Generated QR hash [{}] for [{}] to register/pair device.", qrHash, email);
AccepttoWebflowUtils.setInvitationTokenQRCode(requestContext, qrHash);
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_REGISTER);
}
val isSuccessResponseCode = responseCode.equalsIgnoreCase("success");
if (isSuccessResponseCode && results.containsKey("channel")) {
val channel = results.get("channel").toString();
AccepttoWebflowUtils.setChannel(requestContext, channel);
if (results.containsKey("eguardian_user_id")) {
val eguardianUserId = CollectionUtils.firstElement(results.get("eguardian_user_id")).get();
AccepttoWebflowUtils.setEGuardianUserId(requestContext, eguardianUserId.toString());
}
}
} catch (final Exception e) {
LoggingUtils.error(LOGGER, e);
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_DENY);
}
LOGGER.trace("Account status is verified for [{}]. Proceeding to MFA flow...", email);
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_SUCCESS);
}
Also used :
lombok.val(lombok.val)
AccepttoEmailCredential(org.apereo.cas.mfa.accepto.AccepttoEmailCredential)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 10 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class YubiKeyAuthenticationWebflowActionTests method verifyOperation.
@Test
public void verifyOperation() throws Exception {
val context = new MockRequestContext();
val request = new MockHttpServletRequest();
context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, new MockHttpServletResponse()));
WebUtils.putAuthentication(CoreAuthenticationTestUtils.getAuthentication(), context);
val resolver = mock(CasWebflowEventResolver.class);
when(resolver.resolve(any())).thenReturn(Set.of(new EventFactorySupport().success(this)));
when(resolver.resolveSingle(any())).thenReturn(new EventFactorySupport().success(this));
val action = new YubiKeyAuthenticationWebflowAction(resolver);
assertEquals(CasWebflowConstants.TRANSITION_ID_SUCCESS, action.execute(context).getId());
}
Also used :
lombok.val(lombok.val)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext)
MockRequestContext(org.springframework.webflow.test.MockRequestContext)
MockServletContext(org.springframework.mock.web.MockServletContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Test(org.junit.jupiter.api.Test)
Aggregations
EventFactorySupport (org.springframework.webflow.action.EventFactorySupport)78
lombok.val (lombok.val)61
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26
ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)26
MockServletContext (org.springframework.mock.web.MockServletContext)25
MockRequestContext (org.springframework.webflow.test.MockRequestContext)23
Test (org.junit.jupiter.api.Test)21
Event (org.springframework.webflow.execution.Event)12
Test (org.junit.Test)7
LocalAttributeMap (org.springframework.webflow.core.collection.LocalAttributeMap)7
HttpServletRequest (javax.servlet.http.HttpServletRequest)5
HashMap (java.util.HashMap)4
Authentication (org.apereo.cas.authentication.Authentication)4
AuthenticationException (org.apereo.cas.authentication.AuthenticationException)4
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4
WebUtils (org.apereo.cas.web.support.WebUtils)3
LiteralExpression (org.springframework.binding.expression.support.LiteralExpression)3
MessageContext (org.springframework.binding.message.MessageContext)3
Transition (org.springframework.webflow.engine.Transition)3
