protected Collection<String> getCandidateStatesForMultifactorAuthentication() { return CollectionUtils.wrapSet(CasWebflowConstants.STATE_ID_REAL_SUBMIT); } }
public RejectResultCodePasswordPolicyHandlingStrategy() { this(CollectionUtils.wrapSet(DEFAULT_REJECTED_RESULT_CODE)); }
public ByCredentialTypeAuthenticationHandlerResolver(final Class<? extends Credential>... credentials) { this(CollectionUtils.wrapSet(credentials)); }
public SamlValidateController(final CasProtocolValidationSpecification validationSpecification, final AuthenticationSystemSupport authenticationSystemSupport, final ServicesManager servicesManager, final CentralAuthenticationService centralAuthenticationService, final ProxyHandler proxyHandler, final ArgumentExtractor argumentExtractor, final RequestedContextValidator requestedContextValidator, final View jsonView, final View successView, final View failureView, final String authnContextAttribute, final ServiceTicketValidationAuthorizersExecutionPlan validationAuthorizers, final boolean renewEnabled) { super(CollectionUtils.wrapSet(validationSpecification), validationAuthorizers, authenticationSystemSupport, servicesManager, centralAuthenticationService, proxyHandler, successView, failureView, argumentExtractor, requestedContextValidator, jsonView, authnContextAttribute, renewEnabled); }
public ServiceValidateController(final CasProtocolValidationSpecification validationSpecification, final AuthenticationSystemSupport authenticationSystemSupport, final ServicesManager servicesManager, final CentralAuthenticationService centralAuthenticationService, final ProxyHandler proxyHandler, final ArgumentExtractor argumentExtractor, final RequestedContextValidator requestedContextValidator, final View jsonView, final View successView, final View failureView, final String authnContextAttribute, final ServiceTicketValidationAuthorizersExecutionPlan validationAuthorizers, final boolean renewEnabled) { super(CollectionUtils.wrapSet(validationSpecification), validationAuthorizers, authenticationSystemSupport, servicesManager, centralAuthenticationService, proxyHandler, successView, failureView, argumentExtractor, requestedContextValidator, jsonView, authnContextAttribute, renewEnabled); }
public V3ServiceValidateController(final CasProtocolValidationSpecification validationSpecification, final AuthenticationSystemSupport authenticationSystemSupport, final ServicesManager servicesManager, final CentralAuthenticationService centralAuthenticationService, final ProxyHandler proxyHandler, final ArgumentExtractor argumentExtractor, final RequestedContextValidator requestedContextValidator, final View jsonView, final View successView, final View failureView, final String authnContextAttribute, final ServiceTicketValidationAuthorizersExecutionPlan validationAuthorizers, final boolean renewEnabled) { super(CollectionUtils.wrapSet(validationSpecification), validationAuthorizers, authenticationSystemSupport, servicesManager, centralAuthenticationService, proxyHandler, successView, failureView, argumentExtractor, requestedContextValidator, jsonView, authnContextAttribute, renewEnabled); }
public LegacyValidateController(final CasProtocolValidationSpecification validationSpecification, final AuthenticationSystemSupport authenticationSystemSupport, final ServicesManager servicesManager, final CentralAuthenticationService centralAuthenticationService, final ProxyHandler proxyHandler, final ArgumentExtractor argumentExtractor, final RequestedContextValidator requestedContextValidator, final View jsonView, final View successView, final View failureView, final String authnContextAttribute, final ServiceTicketValidationAuthorizersExecutionPlan validationAuthorizers, final boolean renewEnabled) { super(CollectionUtils.wrapSet(validationSpecification), validationAuthorizers, authenticationSystemSupport, servicesManager, centralAuthenticationService, proxyHandler, successView, failureView, argumentExtractor, requestedContextValidator, jsonView, authnContextAttribute, renewEnabled); }
public ProxyValidateController(final CasProtocolValidationSpecification validationSpecification, final AuthenticationSystemSupport authenticationSystemSupport, final ServicesManager servicesManager, final CentralAuthenticationService centralAuthenticationService, final ProxyHandler proxyHandler, final ArgumentExtractor argumentExtractor, final RequestedContextValidator requestedContextValidator, final View jsonView, final View successView, final View failureView, final String authnContextAttribute, final ServiceTicketValidationAuthorizersExecutionPlan validationAuthorizers, final boolean renewEnabled) { super(CollectionUtils.wrapSet(validationSpecification), validationAuthorizers, authenticationSystemSupport, servicesManager, centralAuthenticationService, proxyHandler, successView, failureView, argumentExtractor, requestedContextValidator, jsonView, authnContextAttribute, renewEnabled); }
public OpenIdValidateController(final CasProtocolValidationSpecification validationSpecification, final AuthenticationSystemSupport authenticationSystemSupport, final ServicesManager servicesManager, final CentralAuthenticationService centralAuthenticationService, final ProxyHandler proxyHandler, final ArgumentExtractor argumentExtractor, final RequestedContextValidator requestedContextValidator, final View jsonView, final View successView, final View failureView, final String authnContextAttribute, final ServerManager serverManager, final ServiceTicketValidationAuthorizersExecutionPlan validationAuthorizers, final boolean renewEnabled) { super(CollectionUtils.wrapSet(validationSpecification), validationAuthorizers, authenticationSystemSupport, servicesManager, centralAuthenticationService, proxyHandler, successView, failureView, argumentExtractor, requestedContextValidator, jsonView, authnContextAttribute, renewEnabled); this.serverManager = serverManager; }
@JsonIgnore @Override public Set<String> getEntityAttributeValues() { return CollectionUtils.wrapSet("http://refeds.org/category/research-and-scholarship"); } }
@JsonIgnore @Override public Set<String> getEntityAttributeValues() { return CollectionUtils.wrapSet("http://id.incommon.org/category/research-and-scholarship"); }
/** * Parse request scopes set. * * @param context the context * @return the set */ public static Set<String> parseRequestScopes(final HttpServletRequest context) { val parameterValues = context.getParameter(OAuth20Constants.SCOPE); if (StringUtils.isBlank(parameterValues)) { return new HashSet<>(0); } return CollectionUtils.wrapSet(parameterValues.split(" ")); }
private static Boolean isRememberMeRecordedInAuthentication(final RequestContext requestContext) { LOGGER.debug("Request does not indicate a remember-me authentication event. Locating authentication object from the request context..."); val auth = WebUtils.getAuthentication(requestContext); if (auth == null) { return Boolean.FALSE; } val attributes = auth.getAttributes(); LOGGER.trace("Located authentication attributes [{}]", attributes); if (attributes.containsKey(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME)) { val rememberMeValue = attributes.getOrDefault(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME, Boolean.FALSE); LOGGER.debug("Located remember-me authentication attribute [{}]", rememberMeValue); return CollectionUtils.wrapSet(rememberMeValue).contains(Boolean.TRUE); } return Boolean.FALSE; }
@Override public Set<Event> resolveInternal(final RequestContext context) { if (isRequestAskingForServiceTicket(context)) { LOGGER.debug("Authentication request is asking for service tickets"); return CollectionUtils.wrapSet(grantServiceTicket(context)); } return null; }
private Set<Event> resumeFlow() { return CollectionUtils.wrapSet(new EventFactorySupport().success(this)); }
private boolean isRememberMeAuthentication(final RequestContext requestContext) { final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext); final String value = request.getParameter(RememberMeCredential.REQUEST_PARAMETER_REMEMBER_ME); LOGGER.debug("Locating request parameter [{}] with value [{}]", RememberMeCredential.REQUEST_PARAMETER_REMEMBER_ME, value); boolean isRememberMe = StringUtils.isNotBlank(value) && WebUtils.isRememberMeAuthenticationEnabled(requestContext); if (!isRememberMe) { LOGGER.debug("Request does not indicate a remember-me authentication event. Locating authentication object from the request context..."); final Authentication auth = WebUtils.getAuthentication(requestContext); if (auth != null) { final Map<String, Object> attributes = auth.getAttributes(); LOGGER.debug("Located authentication attributes [{}]", attributes); if (attributes.containsKey(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME)) { final Object rememberMeValue = attributes.getOrDefault(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME, false); LOGGER.debug("Located remember-me authentication attribute [{}]", rememberMeValue); isRememberMe = CollectionUtils.wrapSet(rememberMeValue).contains(true); } } } LOGGER.debug("Is this request from a remember-me authentication event? [{}]", BooleanUtils.toStringYesNo(isRememberMe)); return isRememberMe; }
@Override public Set<IPostProcessor> getPostProcessors() { return CollectionUtils.wrapSet(new PostProcessor(TemplateMode.parse(thymeleafProperties.getMode()), CasThymeleafOutputTemplateHandler.class, Integer.MAX_VALUE)); }
@Override public Set<Event> resolveInternal(final RequestContext context) { val registeredService = resolveRegisteredServiceInRequestContext(context); val service = resolveServiceFromAuthenticationRequest(context); val authentication = WebUtils.getAuthentication(context); val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context); val result = multifactorAuthenticationTrigger.isActivated(authentication, registeredService, request, service); return result.map(provider -> { LOGGER.trace("Attempting to build an event based on the authentication provider [{}] and service [{}]", provider, registeredService); val event = MultifactorAuthenticationUtils.validateEventIdForMatchingTransitionInContext(provider.getId(), Optional.of(context), MultifactorAuthenticationUtils.buildEventAttributeMap(authentication.getPrincipal(), Optional.ofNullable(registeredService), provider)); return CollectionUtils.wrapSet(event); }).orElse(null); }
/** * Handle authentication transaction and grant ticket granting ticket. * * @param context the context * @return the set */ protected Set<Event> handleAuthenticationTransactionAndGrantTicketGrantingTicket(final RequestContext context) { val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context); try { val credential = getCredentialFromContext(context); val builderResult = WebUtils.getAuthenticationResultBuilder(context); LOGGER.debug("Handling authentication transaction for credential [{}]", credential); val service = WebUtils.getService(context); val builder = this.authenticationSystemSupport.handleAuthenticationTransaction(service, builderResult, credential); LOGGER.debug("Issuing ticket-granting tickets for service [{}]", service); return CollectionUtils.wrapSet(grantTicketGrantingTicketToAuthenticationResult(context, builder, service)); } catch (final Exception e) { LOGGER.error(e.getMessage(), e); val messageContext = context.getMessageContext(); messageContext.addMessage(new MessageBuilder() .error() .code(DEFAULT_MESSAGE_BUNDLE_PREFIX.concat(e.getClass().getSimpleName())) .build()); response.setStatus(HttpStatus.UNAUTHORIZED.value()); return CollectionUtils.wrapSet(getAuthenticationFailureErrorEvent(context)); } }
@ConditionalOnMissingBean(name = "authenticationAttributeReleasePolicy") @RefreshScope @Bean public AuthenticationAttributeReleasePolicy authenticationAttributeReleasePolicy() { val release = casProperties.getAuthn().getAuthenticationAttributeRelease(); if (!release.isEnabled()) { LOGGER.debug("CAS is configured to not release protocol-level authentication attributes."); return AuthenticationAttributeReleasePolicy.noOp(); } val attributesToNeverRelease = CollectionUtils.wrapSet( CasViewConstants.MODEL_ATTRIBUTE_NAME_PRINCIPAL_CREDENTIAL, CasViewConstants.MODEL_ATTRIBUTE_NAME_PROXY_GRANTING_TICKET, RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME); attributesToNeverRelease.addAll(release.getNeverRelease()); return new DefaultAuthenticationAttributeReleasePolicy(release.getOnlyRelease(), attributesToNeverRelease, casProperties.getAuthn().getMfa().getAuthenticationContextAttribute()); } }