Search in sources :

Example 36 with Transition

use of org.springframework.webflow.engine.Transition in project cas by apereo.

the class AuthenticationAttributeMultifactorAuthenticationPolicyEventResolverTests method verifyOperation.

@Test
public void verifyOperation() {
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    val registeredService = RegisteredServiceTestUtils.getRegisteredService();
    servicesManager.save(registeredService);
    WebUtils.putRegisteredService(context, registeredService);
    WebUtils.putAuthentication(RegisteredServiceTestUtils.getAuthentication(), context);
    WebUtils.putServiceIntoFlowScope(context, RegisteredServiceTestUtils.getService());
    var results = authenticationAttributeMultifactorAuthenticationPolicyEventResolver.resolve(context);
    assertNull(results);
    val targetResolver = new DefaultTargetStateResolver(TestMultifactorAuthenticationProvider.ID);
    val transition = new Transition(new DefaultTransitionCriteria(new LiteralExpression(TestMultifactorAuthenticationProvider.ID)), targetResolver);
    context.getRootFlow().getGlobalTransitionSet().add(transition);
    TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    val authn = RegisteredServiceTestUtils.getAuthentication();
    authn.getAttributes().put("authn-method-dummy", List.of("mfa-dummy"));
    WebUtils.putAuthentication(authn, context);
    results = authenticationAttributeMultifactorAuthenticationPolicyEventResolver.resolve(context);
    assertNotNull(results);
    assertEquals(1, results.size());
    assertEquals(TestMultifactorAuthenticationProvider.ID, results.iterator().next().getId());
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) DefaultTransitionCriteria(org.springframework.webflow.engine.support.DefaultTransitionCriteria) LiteralExpression(org.springframework.binding.expression.support.LiteralExpression) Transition(org.springframework.webflow.engine.Transition) DefaultTargetStateResolver(org.springframework.webflow.engine.support.DefaultTargetStateResolver) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) Test(org.junit.jupiter.api.Test)

Example 37 with Transition

use of org.springframework.webflow.engine.Transition in project cas by apereo.

the class RequestHeaderMultifactorAuthenticationPolicyEventResolverTests method verifyOperation.

@Test
public void verifyOperation() {
    val context = new MockRequestContext();
    val request = new MockHttpServletRequest();
    val response = new MockHttpServletResponse();
    context.setExternalContext(new ServletExternalContext(new MockServletContext(), request, response));
    val service = RegisteredServiceTestUtils.getRegisteredService();
    servicesManager.save(service);
    WebUtils.putRegisteredService(context, service);
    WebUtils.putAuthentication(RegisteredServiceTestUtils.getAuthentication(), context);
    WebUtils.putServiceIntoFlowScope(context, RegisteredServiceTestUtils.getService());
    var results = requestHeaderAuthenticationPolicyWebflowEventResolver.resolve(context);
    assertNull(results);
    val targetResolver = new DefaultTargetStateResolver(TestMultifactorAuthenticationProvider.ID);
    val transition = new Transition(new DefaultTransitionCriteria(new LiteralExpression(TestMultifactorAuthenticationProvider.ID)), targetResolver);
    context.getRootFlow().getGlobalTransitionSet().add(transition);
    TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(applicationContext);
    request.addHeader(casProperties.getAuthn().getMfa().getTriggers().getHttp().getRequestHeader(), TestMultifactorAuthenticationProvider.ID);
    results = requestHeaderAuthenticationPolicyWebflowEventResolver.resolve(context);
    assertNotNull(results);
    assertEquals(1, results.size());
    assertEquals(TestMultifactorAuthenticationProvider.ID, results.iterator().next().getId());
}
Also used : lombok.val(lombok.val) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletExternalContext(org.springframework.webflow.context.servlet.ServletExternalContext) DefaultTransitionCriteria(org.springframework.webflow.engine.support.DefaultTransitionCriteria) LiteralExpression(org.springframework.binding.expression.support.LiteralExpression) Transition(org.springframework.webflow.engine.Transition) DefaultTargetStateResolver(org.springframework.webflow.engine.support.DefaultTargetStateResolver) MockRequestContext(org.springframework.webflow.test.MockRequestContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) MockServletContext(org.springframework.mock.web.MockServletContext) Test(org.junit.jupiter.api.Test)

Example 38 with Transition

use of org.springframework.webflow.engine.Transition in project cas by apereo.

the class AbstractCasMultifactorWebflowConfigurer method registerMultifactorProviderAuthenticationWebflow.

@Override
public void registerMultifactorProviderAuthenticationWebflow(final Flow flow, final String subflowId, final String providerId) {
    multifactorAuthenticationFlowDefinitionRegistries.forEach(registry -> {
        if (!registry.containsFlowDefinition(subflowId)) {
            LOGGER.error("Could not locate flow id [{}]", subflowId);
            return;
        }
        if (flow == null) {
            LOGGER.error("Unable to locate parent flow definition to register provider [{}]", providerId);
            return;
        }
        val mfaFlow = (Flow) registry.getFlowDefinition(subflowId);
        mfaFlow.getStartActionList().add(requestContext -> {
            WebUtils.createCredential(requestContext);
            return null;
        });
        mfaFlow.getStartActionList().add(createSetAction("flowScope.".concat(CasWebflowConstants.VAR_ID_MFA_PROVIDER_ID), StringUtils.quote(providerId)));
        val initStartState = (TransitionableState) mfaFlow.getStartState();
        val transition = (Transition) initStartState.getTransition(CasWebflowConstants.TRANSITION_ID_SUCCESS);
        val targetStateId = transition.getTargetStateId();
        transition.setTargetStateResolver(new DefaultTargetStateResolver(CasWebflowConstants.STATE_ID_MFA_CHECK_BYPASS));
        registerMultifactorProviderBypassAction(mfaFlow);
        registerMultifactorProviderAvailableAction(mfaFlow, targetStateId);
        registerMultifactorProviderFailureAction(flow, mfaFlow);
        val subflowState = createSubflowState(flow, subflowId, subflowId);
        val subflowMappings = Stream.of(CasWebflowConstants.ATTRIBUTE_SERVICE, CasWebflowConstants.ATTRIBUTE_REGISTERED_SERVICE).map(attr -> new DefaultMapping(createExpression("flowScope." + attr), createExpression(attr))).collect(Collectors.toList());
        subflowMappings.add(new DefaultMapping(createExpression("flowScope." + CasWebflowConstants.VAR_ID_CREDENTIAL), createExpression("parent" + StringUtils.capitalize(CasWebflowConstants.VAR_ID_CREDENTIAL))));
        multifactorAuthenticationFlowCustomizers.forEach(c -> c.getMultifactorWebflowAttributeMappings().forEach(key -> subflowMappings.add(new DefaultMapping(createExpression("flowScope." + key), createExpression(key)))));
        val inputMapper = createMapperToSubflowState(subflowMappings);
        val subflowMapper = createSubflowAttributeMapper(inputMapper, null);
        subflowState.setAttributeMapper(subflowMapper);
        val flowMappings = Stream.of(CasWebflowConstants.ATTRIBUTE_SERVICE, CasWebflowConstants.ATTRIBUTE_REGISTERED_SERVICE).map(attr -> new DefaultMapping(createExpression(attr), createExpression("flowScope." + attr))).collect(Collectors.toList());
        flowMappings.add(new DefaultMapping(createExpression("parent" + StringUtils.capitalize(CasWebflowConstants.VAR_ID_CREDENTIAL)), createExpression("flowScope.parent" + StringUtils.capitalize(CasWebflowConstants.VAR_ID_CREDENTIAL))));
        multifactorAuthenticationFlowCustomizers.forEach(c -> c.getMultifactorWebflowAttributeMappings().forEach(key -> flowMappings.add(new DefaultMapping(createExpression(key), createExpression("flowScope." + key)))));
        val flowInputMapper = createMapperToSubflowState(flowMappings);
        mfaFlow.setInputMapper(flowInputMapper);
        val states = getCandidateStatesForMultifactorAuthentication();
        registerMultifactorAuthenticationSubflowWithStates(flow, subflowState, states);
        registerMultifactorFlowDefinitionIntoLoginFlowRegistry();
        augmentMultifactorProviderFlowRegistry();
        LOGGER.trace("Registering the [{}] flow into the flow [{}]", subflowId, flow.getId());
        val startState = flow.getTransitionableState(flow.getStartState().getId());
        createTransitionForState(startState, subflowId, subflowId, true);
        val initState = getState(flow, CasWebflowConstants.STATE_ID_INITIAL_AUTHN_REQUEST_VALIDATION_CHECK);
        createTransitionForState(initState, subflowId, subflowId, true);
    });
}
Also used : lombok.val(lombok.val) CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) SubflowState(org.springframework.webflow.engine.SubflowState) Ordered(org.springframework.core.Ordered) Arrays(java.util.Arrays) Getter(lombok.Getter) DefaultMapping(org.springframework.binding.mapping.impl.DefaultMapping) FlowBuilderServices(org.springframework.webflow.engine.builder.support.FlowBuilderServices) TransitionableState(org.springframework.webflow.engine.TransitionableState) ArrayList(java.util.ArrayList) CasWebflowConstants(org.apereo.cas.web.flow.CasWebflowConstants) ConfigurableApplicationContext(org.springframework.context.ConfigurableApplicationContext) LinkedHashSet(java.util.LinkedHashSet) FlowDefinitionRegistry(org.springframework.webflow.definition.registry.FlowDefinitionRegistry) Collection(java.util.Collection) lombok.val(lombok.val) Flow(org.springframework.webflow.engine.Flow) Transition(org.springframework.webflow.engine.Transition) Collectors(java.util.stream.Collectors) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) Stream(java.util.stream.Stream) Optional(java.util.Optional) WebUtils(org.apereo.cas.web.support.WebUtils) DefaultTargetStateResolver(org.springframework.webflow.engine.support.DefaultTargetStateResolver) StringUtils(org.springframework.util.StringUtils) Transition(org.springframework.webflow.engine.Transition) DefaultTargetStateResolver(org.springframework.webflow.engine.support.DefaultTargetStateResolver) DefaultMapping(org.springframework.binding.mapping.impl.DefaultMapping) TransitionableState(org.springframework.webflow.engine.TransitionableState) Flow(org.springframework.webflow.engine.Flow)

Aggregations

Transition (org.springframework.webflow.engine.Transition)38 lombok.val (lombok.val)29 DefaultTargetStateResolver (org.springframework.webflow.engine.support.DefaultTargetStateResolver)29 DefaultTransitionCriteria (org.springframework.webflow.engine.support.DefaultTransitionCriteria)24 LiteralExpression (org.springframework.binding.expression.support.LiteralExpression)23 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)22 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)22 MockServletContext (org.springframework.mock.web.MockServletContext)22 ServletExternalContext (org.springframework.webflow.context.servlet.ServletExternalContext)22 MockRequestContext (org.springframework.webflow.test.MockRequestContext)22 Test (org.junit.jupiter.api.Test)17 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)5 ClientInfo (org.apereo.inspektr.common.web.ClientInfo)4 BeforeEach (org.junit.jupiter.api.BeforeEach)4 Flow (org.springframework.webflow.engine.Flow)4 EventFactorySupport (org.springframework.webflow.action.EventFactorySupport)3 ActionState (org.springframework.webflow.engine.ActionState)3 Authentication (org.apereo.cas.authentication.Authentication)2 DefaultRegisteredServiceMultifactorPolicy (org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2