Example 16 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class OneTimeTokenAccountCheckRegistrationAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
val principal = resolvePrincipal(WebUtils.getAuthentication(requestContext).getPrincipal());
val uid = principal.getId();
val accounts = repository.get(uid);
if (accounts == null || accounts.isEmpty()) {
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_REGISTER);
}
if (accounts.size() > 1) {
WebUtils.putOneTimeTokenAccounts(requestContext, accounts);
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_CONFIRM);
}
WebUtils.putOneTimeTokenAccount(requestContext, accounts.iterator().next());
return success();
}
Also used :
lombok.val(lombok.val)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 17 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class DuoSecurityDetermineUserAccountAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
val authentication = WebUtils.getAuthentication(requestContext);
val principal = resolvePrincipal(authentication.getPrincipal());
val duoAuthenticationService = provider.getDuoAuthenticationService();
val account = duoAuthenticationService.getUserAccount(principal.getId());
val eventFactorySupport = new EventFactorySupport();
if (account.getStatus() == DuoSecurityUserAccountStatus.ENROLL) {
if (StringUtils.isNotBlank(provider.getRegistrationUrl())) {
requestContext.getFlowScope().put("duoRegistrationUrl", provider.getRegistrationUrl());
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_ENROLL);
}
}
if (account.getStatus() == DuoSecurityUserAccountStatus.ALLOW) {
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_BYPASS);
}
if (account.getStatus() == DuoSecurityUserAccountStatus.DENY) {
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_DENY);
}
if (account.getStatus() == DuoSecurityUserAccountStatus.UNAVAILABLE) {
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_UNAVAILABLE);
}
return success();
}
Also used :
lombok.val(lombok.val)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 18 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class InquireInterruptAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
if (WebUtils.isInterruptAuthenticationFlowFinalized(requestContext)) {
WebUtils.removeInterruptAuthenticationFlowFinalized(requestContext);
return getInterruptSkippedEvent();
}
val httpRequest = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val authentication = WebUtils.getAuthentication(requestContext);
val service = WebUtils.getService(requestContext);
val registeredService = WebUtils.getRegisteredService(requestContext);
val credential = WebUtils.getCredential(requestContext);
val eventFactorySupport = new EventFactorySupport();
val forceInquiry = casProperties.getInterrupt().getCore().isForceExecution() || (registeredService != null && registeredService.getWebflowInterruptPolicy().getForceExecution().isTrue());
if (!forceInquiry && isAuthenticationFlowInterruptedAlready(authentication, httpRequest)) {
LOGGER.debug("Authentication event has already finalized interrupt. Skipping...");
return getInterruptSkippedEvent();
}
for (val inquirer : this.interruptInquirers) {
LOGGER.debug("Invoking interrupt inquirer using [{}]", inquirer.getName());
val response = inquirer.inquire(authentication, registeredService, service, credential, requestContext);
if (response != null && response.isInterrupt()) {
LOGGER.debug("Interrupt inquiry is required since inquirer produced a response [{}]", response);
InterruptUtils.putInterruptIn(requestContext, response);
InterruptUtils.putInterruptTriggerMode(requestContext, casProperties.getInterrupt().getCore().getTriggerMode());
WebUtils.putPrincipal(requestContext, authentication.getPrincipal());
return eventFactorySupport.event(this, CasWebflowConstants.TRANSITION_ID_INTERRUPT_REQUIRED);
}
}
LOGGER.debug("Webflow interrupt is skipped since no inquirer produced a response");
return getInterruptSkippedEvent();
}
Also used :
lombok.val(lombok.val)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 19 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class FinalizeInterruptFlowAction method doExecute.
/**
* An authentication attempt can only contain {@link InquireInterruptAction#AUTHENTICATION_ATTRIBUTE_FINALIZED_INTERRUPT}
* if the attribute was added to the authentication object prior to creating the SSO session.
* If interrupt checking is set to execute after SSO sessions, then this attribute cannot be retrieved.
*
* @param requestContext request context
* @return the final event
* @throws Exception the exception
*/
@Override
protected Event doExecute(final RequestContext requestContext) throws Exception {
val response = InterruptUtils.getInterruptFrom(requestContext);
if (response.isBlock()) {
val registeredService = WebUtils.getRegisteredService(requestContext);
val accessUrl = Optional.ofNullable(registeredService).map(service -> service.getAccessStrategy().getUnauthorizedRedirectUrl()).orElse(null);
if (accessUrl != null) {
val url = accessUrl.toURL().toExternalForm();
val externalContext = requestContext.getExternalContext();
externalContext.requestExternalRedirect(url);
externalContext.recordResponseComplete();
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_STOP);
}
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Denied");
}
val authentication = WebUtils.getAuthentication(requestContext);
authentication.addAttribute(InquireInterruptAction.AUTHENTICATION_ATTRIBUTE_FINALIZED_INTERRUPT, Boolean.TRUE);
WebUtils.putAuthentication(authentication, requestContext);
WebUtils.putInterruptAuthenticationFlowFinalized(requestContext);
val httpRequest = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val httpResponse = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
casCookieBuilder.addCookie(httpRequest, httpResponse, Boolean.TRUE.toString());
return success();
}
Also used :
lombok.val(lombok.val)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
CasCookieBuilder(org.apereo.cas.web.cookie.CasCookieBuilder)
CasWebflowConstants(org.apereo.cas.web.flow.CasWebflowConstants)
RequiredArgsConstructor(lombok.RequiredArgsConstructor)
lombok.val(lombok.val)
InterruptUtils(org.apereo.cas.interrupt.webflow.InterruptUtils)
Optional(java.util.Optional)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
WebUtils(org.apereo.cas.web.support.WebUtils)
RequestContext(org.springframework.webflow.execution.RequestContext)
BaseCasWebflowAction(org.apereo.cas.web.flow.actions.BaseCasWebflowAction)
Event(org.springframework.webflow.execution.Event)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Example 20 with EventFactorySupport
use of org.springframework.webflow.action.EventFactorySupport in project cas by apereo.
the class AcceptPasswordlessAuthenticationAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
val principal = WebUtils.getPasswordlessAuthenticationAccount(requestContext, PasswordlessUserAccount.class);
try {
val token = requestContext.getRequestParameters().getRequired("token");
val currentToken = passwordlessTokenRepository.findToken(principal.getUsername());
if (currentToken.isPresent() && token.equalsIgnoreCase(currentToken.get())) {
val credential = new OneTimePasswordCredential(principal.getUsername(), token);
val service = WebUtils.getService(requestContext);
val authenticationResult = authenticationSystemSupport.finalizeAuthenticationTransaction(service, credential);
WebUtils.putAuthenticationResult(authenticationResult, requestContext);
WebUtils.putAuthentication(authenticationResult.getAuthentication(), requestContext);
WebUtils.putCredential(requestContext, credential);
val finalEvent = super.doExecute(requestContext);
passwordlessTokenRepository.deleteToken(principal.getUsername(), currentToken.get());
return finalEvent;
}
} catch (final Exception e) {
LoggingUtils.error(LOGGER, e);
val attributes = new LocalAttributeMap<>();
attributes.put("error", e);
var account = principal != null ? passwordlessUserAccountStore.findUser(principal.getUsername()) : Optional.empty();
if (account.isPresent()) {
attributes.put("passwordlessAccount", account.get());
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, attributes);
}
}
LOGGER.error("Unable to locate token for user [{}]", principal.getUsername());
val attributes = new LocalAttributeMap<>();
attributes.put("error", new AuthenticationException("Invalid token"));
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE, attributes);
}
Also used :
lombok.val(lombok.val)
LocalAttributeMap(org.springframework.webflow.core.collection.LocalAttributeMap)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
OneTimePasswordCredential(org.apereo.cas.authentication.credential.OneTimePasswordCredential)
AuthenticationException(org.apereo.cas.authentication.AuthenticationException)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
Aggregations
EventFactorySupport (org.springframework.webflow.action.EventFactorySupport)78
lombok.val (lombok.val)61
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)26
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)26
ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)26
MockServletContext (org.springframework.mock.web.MockServletContext)25
MockRequestContext (org.springframework.webflow.test.MockRequestContext)23
Test (org.junit.jupiter.api.Test)21
Event (org.springframework.webflow.execution.Event)12
Test (org.junit.Test)7
LocalAttributeMap (org.springframework.webflow.core.collection.LocalAttributeMap)7
HttpServletRequest (javax.servlet.http.HttpServletRequest)5
HashMap (java.util.HashMap)4
Authentication (org.apereo.cas.authentication.Authentication)4
AuthenticationException (org.apereo.cas.authentication.AuthenticationException)4
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4
WebUtils (org.apereo.cas.web.support.WebUtils)3
LiteralExpression (org.springframework.binding.expression.support.LiteralExpression)3
MessageContext (org.springframework.binding.message.MessageContext)3
Transition (org.springframework.webflow.engine.Transition)3
