Search in sources :

Example 21 with RequestContext

use of org.springframework.webflow.execution.RequestContext in project cas by apereo.

the class GrouperMultifactorAuthenticationPolicyEventResolver method resolveInternal.

@Override
public Set<Event> resolveInternal(final RequestContext context) {
    final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
    final Authentication authentication = WebUtils.getAuthentication(context);
    if (StringUtils.isBlank(grouperField)) {
        LOGGER.debug("No group field is defined to process for Grouper multifactor trigger");
        return null;
    }
    if (authentication == null || service == null) {
        LOGGER.debug("No authentication or service is available to determine event for principal");
        return null;
    }
    final Principal principal = authentication.getPrincipal();
    final Collection<WsGetGroupsResult> results = GrouperFacade.getGroupsForSubjectId(principal.getId());
    if (results.isEmpty()) {
        LOGGER.debug("No groups could be found for [{}] to resolve events for MFA", principal);
        return null;
    }
    final Map<String, MultifactorAuthenticationProvider> providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
    if (providerMap == null || providerMap.isEmpty()) {
        LOGGER.error("No multifactor authentication providers are available in the application context");
        throw new AuthenticationException();
    }
    final GrouperGroupField groupField = GrouperGroupField.valueOf(grouperField);
    final Set<String> values = results.stream().map(wsGetGroupsResult -> Stream.of(wsGetGroupsResult.getWsGroups())).flatMap(Function.identity()).map(g -> GrouperFacade.getGrouperGroupAttribute(groupField, g)).collect(Collectors.toSet());
    final Optional<MultifactorAuthenticationProvider> providerFound = resolveProvider(providerMap, values);
    if (providerFound.isPresent()) {
        final MultifactorAuthenticationProvider provider = providerFound.get();
        if (provider.isAvailable(service)) {
            LOGGER.debug("Attempting to build event based on the authentication provider [{}] and service [{}]", provider, service.getName());
            final Event event = validateEventIdForMatchingTransitionInContext(provider.getId(), context, buildEventAttributeMap(authentication.getPrincipal(), service, provider));
            return CollectionUtils.wrapSet(event);
        }
        LOGGER.warn("Located multifactor provider [{}], yet the provider cannot be reached or verified", providerFound.get());
        return null;
    }
    LOGGER.debug("No multifactor provider could be found based on [{}]'s Grouper groups", principal.getId());
    return null;
}
Also used : CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties) WsGetGroupsResult(edu.internet2.middleware.grouperClient.ws.beans.WsGetGroupsResult) MultifactorAuthenticationProviderSelector(org.apereo.cas.services.MultifactorAuthenticationProviderSelector) CentralAuthenticationService(org.apereo.cas.CentralAuthenticationService) TicketRegistrySupport(org.apereo.cas.ticket.registry.TicketRegistrySupport) RequestContext(org.springframework.webflow.execution.RequestContext) Function(java.util.function.Function) Authentication(org.apereo.cas.authentication.Authentication) Map(java.util.Map) CollectionUtils(org.apereo.cas.util.CollectionUtils) AuthenticationSystemSupport(org.apereo.cas.authentication.AuthenticationSystemSupport) GrouperFacade(org.apereo.cas.grouper.GrouperFacade) MultifactorAuthenticationUtils(org.apereo.cas.authentication.MultifactorAuthenticationUtils) CookieGenerator(org.springframework.web.util.CookieGenerator) ServicesManager(org.apereo.cas.services.ServicesManager) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider) StringUtils(edu.internet2.middleware.grouperClientExt.org.apache.commons.lang3.StringUtils) GrouperGroupField(org.apereo.cas.grouper.GrouperGroupField) Audit(org.apereo.inspektr.audit.annotation.Audit) Collection(java.util.Collection) AuthenticationServiceSelectionPlan(org.apereo.cas.authentication.AuthenticationServiceSelectionPlan) Set(java.util.Set) Collectors(java.util.stream.Collectors) RegisteredService(org.apereo.cas.services.RegisteredService) BaseMultifactorAuthenticationProviderEventResolver(org.apereo.cas.web.flow.authentication.BaseMultifactorAuthenticationProviderEventResolver) Slf4j(lombok.extern.slf4j.Slf4j) Stream(java.util.stream.Stream) Optional(java.util.Optional) Principal(org.apereo.cas.authentication.principal.Principal) WebUtils(org.apereo.cas.web.support.WebUtils) Event(org.springframework.webflow.execution.Event) RegisteredService(org.apereo.cas.services.RegisteredService) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider) WsGetGroupsResult(edu.internet2.middleware.grouperClient.ws.beans.WsGetGroupsResult) Authentication(org.apereo.cas.authentication.Authentication) GrouperGroupField(org.apereo.cas.grouper.GrouperGroupField) Event(org.springframework.webflow.execution.Event) Principal(org.apereo.cas.authentication.principal.Principal)

Example 22 with RequestContext

use of org.springframework.webflow.execution.RequestContext in project uPortal by Jasig.

the class PersonQueryValidator method validatePersonLookup.

/**
 * Ensures all passed attributes are part of the valid query attribute set.
 */
public void validatePersonLookup(PersonQuery personQuery, MessageContext context) {
    final RequestContext requestContext = RequestContextHolder.getRequestContext();
    final ExternalContext externalContext = requestContext.getExternalContext();
    final Set<String> queryAttributes = personLookupHelper.getQueryAttributes(externalContext);
    final Map<String, Attribute> attributes = personQuery.getAttributes();
    for (final String attribute : attributes.keySet()) {
        if (!queryAttributes.contains(attribute)) {
            final MessageBuilder messageBuilder = new MessageBuilder();
            messageBuilder.error();
            messageBuilder.source("attributes[" + attribute + "].value");
            messageBuilder.code("personLookup.invalidQueryAttribute");
            messageBuilder.arg(attribute);
            final MessageResolver errorMessage = messageBuilder.build();
            context.addMessage(errorMessage);
        }
    }
}
Also used : MessageResolver(org.springframework.binding.message.MessageResolver) MessageBuilder(org.springframework.binding.message.MessageBuilder) Attribute(org.apereo.portal.portlets.Attribute) ExternalContext(org.springframework.webflow.context.ExternalContext) RequestContext(org.springframework.webflow.execution.RequestContext)

Example 23 with RequestContext

use of org.springframework.webflow.execution.RequestContext in project cas by apereo.

the class Pac4jWebflowConfigurer method createStopWebflowViewState.

private void createStopWebflowViewState(final Flow flow) {
    final ViewState state = createViewState(flow, DelegatedClientAuthenticationAction.STOP_WEBFLOW, DelegatedClientAuthenticationAction.VIEW_ID_STOP_WEBFLOW);
    state.getEntryActionList().add(new AbstractAction() {

        @Override
        protected Event doExecute(final RequestContext requestContext) throws Exception {
            final HttpServletRequest request = WebUtils.getHttpServletRequest(requestContext);
            final HttpServletResponse response = WebUtils.getHttpServletResponse(requestContext);
            final Optional<ModelAndView> mv = DelegatedClientAuthenticationAction.hasDelegationRequestFailed(request, response.getStatus());
            mv.ifPresent(modelAndView -> modelAndView.getModel().forEach((k, v) -> requestContext.getFlowScope().put(k, v)));
            return null;
        }
    });
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ActionState(org.springframework.webflow.engine.ActionState) FlowDefinitionRegistry(org.springframework.webflow.definition.registry.FlowDefinitionRegistry) AbstractAction(org.springframework.webflow.action.AbstractAction) HttpServletResponse(javax.servlet.http.HttpServletResponse) Flow(org.springframework.webflow.engine.Flow) FlowBuilderServices(org.springframework.webflow.engine.builder.support.FlowBuilderServices) Action(org.springframework.webflow.execution.Action) DecisionState(org.springframework.webflow.engine.DecisionState) RequestContext(org.springframework.webflow.execution.RequestContext) ModelAndView(org.springframework.web.servlet.ModelAndView) HttpServletRequest(javax.servlet.http.HttpServletRequest) ViewState(org.springframework.webflow.engine.ViewState) DelegatedClientAuthenticationAction(org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction) Optional(java.util.Optional) WebUtils(org.apereo.cas.web.support.WebUtils) Event(org.springframework.webflow.execution.Event) Optional(java.util.Optional) Event(org.springframework.webflow.execution.Event) HttpServletResponse(javax.servlet.http.HttpServletResponse) ViewState(org.springframework.webflow.engine.ViewState) RequestContext(org.springframework.webflow.execution.RequestContext) AbstractAction(org.springframework.webflow.action.AbstractAction)

Example 24 with RequestContext

use of org.springframework.webflow.execution.RequestContext in project cas by apereo.

the class ServiceThemeResolver method resolveThemeName.

@Override
public String resolveThemeName(final HttpServletRequest request) {
    if (this.servicesManager == null) {
        return getDefaultThemeName();
    }
    // retrieve the user agent string from the request
    final String userAgent = WebUtils.getHttpServletRequestUserAgent(request);
    if (StringUtils.isBlank(userAgent)) {
        return getDefaultThemeName();
    }
    overrides.entrySet().stream().filter(entry -> entry.getKey().matcher(userAgent).matches()).findFirst().ifPresent(entry -> {
        request.setAttribute("isMobile", "true");
        request.setAttribute("browserType", entry.getValue());
    });
    final RequestContext context = RequestContextHolder.getRequestContext();
    final Service service = WebUtils.getService(context);
    if (service != null) {
        final RegisteredService rService = this.servicesManager.findServiceBy(service);
        if (rService != null && rService.getAccessStrategy().isServiceAccessAllowed() && StringUtils.isNotBlank(rService.getTheme())) {
            LOGGER.debug("Service [{}] is configured to use a custom theme [{}]", rService, rService.getTheme());
            final CasThemeResourceBundleMessageSource messageSource = new CasThemeResourceBundleMessageSource();
            messageSource.setBasename(rService.getTheme());
            if (messageSource.doGetBundle(rService.getTheme(), request.getLocale()) != null) {
                LOGGER.debug("Found custom theme [{}] for service [{}]", rService.getTheme(), rService);
                return rService.getTheme();
            } else {
                LOGGER.warn("Custom theme [{}] for service [{}] cannot be located. Falling back to default theme...", rService.getTheme(), rService);
            }
        }
    }
    return getDefaultThemeName();
}
Also used : RegisteredService(org.apereo.cas.services.RegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) RequestContext(org.springframework.webflow.execution.RequestContext)

Example 25 with RequestContext

use of org.springframework.webflow.execution.RequestContext in project cas by apereo.

the class CasWebflowContextConfigurationTests method verifyFlowExecutorByClient.

@Test
public void verifyFlowExecutorByClient() {
    final RequestContext ctx = getMockRequestContext();
    final LocalAttributeMap map = new LocalAttributeMap<>();
    flowExecutorViaClientFlowExecution.launchExecution("login", map, ctx.getExternalContext());
}
Also used : LocalAttributeMap(org.springframework.webflow.core.collection.LocalAttributeMap) MockRequestContext(org.springframework.webflow.test.MockRequestContext) RequestContext(org.springframework.webflow.execution.RequestContext) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

RequestContext (org.springframework.webflow.execution.RequestContext)32 WebUtils (org.apereo.cas.web.support.WebUtils)14 Event (org.springframework.webflow.execution.Event)14 RegisteredService (org.apereo.cas.services.RegisteredService)11 Map (java.util.Map)10 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 Slf4j (lombok.extern.slf4j.Slf4j)8 Authentication (org.apereo.cas.authentication.Authentication)8 CasConfigurationProperties (org.apereo.cas.configuration.CasConfigurationProperties)8 ServicesManager (org.apereo.cas.services.ServicesManager)8 Test (org.junit.Test)8 HttpServletResponse (javax.servlet.http.HttpServletResponse)7 MultifactorAuthenticationProvider (org.apereo.cas.services.MultifactorAuthenticationProvider)7 List (java.util.List)6 Set (java.util.Set)6 StringUtils (org.apache.commons.lang3.StringUtils)6 CentralAuthenticationService (org.apereo.cas.CentralAuthenticationService)6 AuthenticationServiceSelectionPlan (org.apereo.cas.authentication.AuthenticationServiceSelectionPlan)6 AuthenticationSystemSupport (org.apereo.cas.authentication.AuthenticationSystemSupport)6 MultifactorAuthenticationProviderSelector (org.apereo.cas.services.MultifactorAuthenticationProviderSelector)6