use of org.springframework.webflow.execution.RequestContext in project cas by apereo.
the class VerifySecurityQuestionsAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) throws Exception {
final HttpServletRequest request = WebUtils.getHttpServletRequest(requestContext);
final String username = requestContext.getFlowScope().getString("username");
final PasswordManagementProperties pm = casProperties.getAuthn().getPm();
if (!pm.getReset().isSecurityQuestionsEnabled()) {
LOGGER.debug("Security questions are not enabled");
return success();
}
final Map<String, String> questions = passwordManagementService.getSecurityQuestions(username);
final AtomicInteger i = new AtomicInteger(0);
final long c = questions.values().stream().filter(v -> {
final String answer = request.getParameter("q" + i.getAndIncrement());
return answer.equals(v);
}).count();
if (c == questions.size()) {
return success();
}
return error();
}
use of org.springframework.webflow.execution.RequestContext in project cas by apereo.
the class AuthenticationAttributeMultifactorAuthenticationPolicyEventResolver method resolveInternal.
@Override
public Set<Event> resolveInternal(final RequestContext context) {
final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
final Authentication authentication = WebUtils.getAuthentication(context);
if (service == null || authentication == null) {
LOGGER.debug("No service or authentication is available to determine event for principal");
return null;
}
if (attributeNames.isEmpty()) {
LOGGER.debug("Authentication attribute name to determine event is not configured");
return null;
}
final Map<String, MultifactorAuthenticationProvider> providerMap = WebUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
if (providerMap == null || providerMap.isEmpty()) {
LOGGER.error("No multifactor authentication providers are available in the application context");
return null;
}
final Collection<MultifactorAuthenticationProvider> providers = flattenProviders(providerMap.values());
if (providers.size() == 1 && StringUtils.isNotBlank(globalAuthenticationAttributeValueRegex)) {
final MultifactorAuthenticationProvider provider = providers.iterator().next();
LOGGER.debug("Found a single multifactor provider [{}] in the application context", provider);
return resolveEventViaAuthenticationAttribute(authentication, attributeNames, service, context, providers, input -> input != null && input.matches(globalAuthenticationAttributeValueRegex));
}
return resolveEventViaAuthenticationAttribute(authentication, attributeNames, service, context, providers, input -> providers.stream().filter(provider -> input != null && provider.matches(input)).count() > 0);
}
use of org.springframework.webflow.execution.RequestContext in project cas by apereo.
the class PrincipalAttributeMultifactorAuthenticationPolicyEventResolver method resolveInternal.
@Override
public Set<Event> resolveInternal(final RequestContext context) {
final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
final Authentication authentication = WebUtils.getAuthentication(context);
if (service == null || authentication == null) {
LOGGER.debug("No service or authentication is available to determine event for principal");
return null;
}
final Principal principal = authentication.getPrincipal();
if (attributeNames.isEmpty()) {
LOGGER.debug("Attribute name to determine event is not configured for [{}]", principal.getId());
return null;
}
final Map<String, MultifactorAuthenticationProvider> providerMap = WebUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
if (providerMap == null || providerMap.isEmpty()) {
LOGGER.error("No multifactor authentication providers are available in the application context");
return null;
}
final Collection<MultifactorAuthenticationProvider> providers = flattenProviders(providerMap.values());
if (providers.size() == 1 && StringUtils.isNotBlank(globalPrincipalAttributeValueRegex)) {
final MultifactorAuthenticationProvider provider = providers.iterator().next();
LOGGER.debug("Found a single multifactor provider [{}] in the application context", provider);
return resolveEventViaPrincipalAttribute(principal, attributeNames, service, context, providers, input -> input != null && input.matches(globalPrincipalAttributeValueRegex));
}
return resolveEventViaPrincipalAttribute(principal, attributeNames, service, context, providers, input -> providers.stream().filter(provider -> input != null && provider.matches(input)).count() > 0);
}
use of org.springframework.webflow.execution.RequestContext in project cas by apereo.
the class AuthenticationExceptionHandlerActionTests method handleAccountNotFoundExceptionByDefault.
@Test
public void handleAccountNotFoundExceptionByDefault() {
final AuthenticationExceptionHandlerAction handler = new AuthenticationExceptionHandlerAction(CollectionUtils.wrapSet(AccountLockedException.class, AccountNotFoundException.class));
final RequestContext req = getMockRequestContext();
final Map<String, Throwable> map = new HashMap<>();
map.put("notFound", new AccountNotFoundException());
final String id = handler.handle(new AuthenticationException(map), req);
assertEquals(AccountNotFoundException.class.getSimpleName(), id);
}
use of org.springframework.webflow.execution.RequestContext in project cas by apereo.
the class ServiceThemeResolverTests method verifyGetServiceThemeDoesNotExist.
@Test
public void verifyGetServiceThemeDoesNotExist() {
final RegexRegisteredService r = new RegexRegisteredService();
r.setTheme("myTheme");
r.setId(1000);
r.setName("Test Service");
r.setServiceId("myServiceId");
this.servicesManager.save(r);
final MockHttpServletRequest request = new MockHttpServletRequest();
final RequestContext ctx = mock(RequestContext.class);
final MutableAttributeMap scope = new LocalAttributeMap();
scope.put(CasProtocolConstants.PARAMETER_SERVICE, RegisteredServiceTestUtils.getService(r.getServiceId()));
when(ctx.getFlowScope()).thenReturn(scope);
RequestContextHolder.setRequestContext(ctx);
request.addHeader(HttpRequestUtils.USER_AGENT_HEADER, MOZILLA);
assertEquals(DEFAULT_THEME_NAME, this.themeResolver.resolveThemeName(request));
}
Aggregations