@Override public String getId() { return this.principal.getId(); }
@Override public String getId() { return this.principal != null ? this.principal.getId() : UNKNOWN_ID; }
@Override public Map<String, Object> call() throws Exception { LOGGER.debug("No cached attributes could be found for {}", p.getId()); return new HashMap<>(); } });
@Override protected Map<String, Object> getPrincipalAttributes(final Principal p) { try { return this.cache.get(p.getId(), new Callable<Map<String, Object>>() { @Override public Map<String, Object> call() throws Exception { LOGGER.debug("No cached attributes could be found for {}", p.getId()); return new HashMap<>(); } }); } catch (final Exception e) { LOGGER.error(e.getMessage(), e); } return null; }
@Override protected String extractPrincipalId(final Credential credential) { return ((PrincipalBearingCredential) credential).getPrincipal().getId(); }
@Override protected String extractPrincipalId(final Credential credential) { final SpnegoCredential c = (SpnegoCredential) credential; final String id = c.getPrincipal().getId(); switch (this.transformPrincipalId) { case UPPERCASE: return id.toUpperCase(Locale.ENGLISH); case LOWERCASE: return id.toLowerCase(Locale.ENGLISH); default: return id; } }
@Override public boolean verify(final RequestContext requestContext, final Credential credential) { final Principal principal = getPrincipal(requestContext); final Map<String, Object> attributes = principal.getAttributes(); logger.debug("Principal attributes found for {} are {}", principal.getId(), attributes); if (attributes != null && attributes.containsKey(this.aupAttributeName)) { final Object value = attributes.get(this.aupAttributeName); logger.debug("Evaluating attribute value {} found for {}", value, this.aupAttributeName); if (value.toString().equalsIgnoreCase(Boolean.TRUE.toString())) { return true; } } logger.warn("Usage policy has not been accepted by {}", principal.getId()); return false; }
@Override public Principal nominate(final Collection<Authentication> authentications, final Map<String, Object> principalAttributes) { final Principal principal = authentications.iterator().next().getPrincipal(); final Principal finalPrincipal = this.principalFactory.createPrincipal(principal.getId(), principalAttributes); LOGGER.debug("Nominated [{}] as the primary principal", finalPrincipal); return finalPrincipal; }
@Override public String getId() { if (getPrincipal() != null) { return getPrincipal().getId(); } return Credential.UNKNOWN_ID; } }
/** * Convert attributes to principal attributes and cache. * * @param p the p * @param sourceAttributes the source attributes * @return the map */ private Map<String, Object> convertAttributesToPrincipalAttributesAndCache(final Principal p, final Map<String, List<Object>> sourceAttributes) { final Map<String, Object> finalAttributes = convertPersonAttributesToPrincipalAttributes(sourceAttributes); addPrincipalAttributes(p.getId(), finalAttributes); return finalAttributes; }
@Override public void addTicket(final Ticket ticket) { if (ticket instanceof TicketGrantingTicket) { final TicketGrantingTicket ticketGrantingTicket = (TicketGrantingTicket) ticket; final String ticketId = ticketGrantingTicket.getId(); final String userName = ticketGrantingTicket.getAuthentication().getPrincipal().getId().toLowerCase(); logger.debug("Creating mapping ticket {} to user name {}", ticketId, userName); this.cache.put(ticketId, userName); } this.ticketRegistry.addTicket(ticket); }
@Override public void populateAttributes(final AuthenticationBuilder builder, final Credential credential) { final UsernamePasswordCredential c = (UsernamePasswordCredential) credential; final Authentication authentication = builder.build(); this.credentialCache.put(authentication.getPrincipal().getId(), c.getPassword()); }
@Override public Collection<Map<String, Object>> getActiveSsoSessions() throws BulkRetrievalOfTicketsNotSupportedException { final List<Map<String, Object>> activeSessions = new ArrayList<Map<String, Object>>(); for(TicketGrantingTicket tgt : this.ticketSupport.getNonExpiredTicketGrantingTickets()) { final Map<String, Object> sso = new HashMap<String, Object>(3); sso.put(SsoSessionAttributeKeys.AUTHENTICATED_PRINCIPAL.toString(), tgt.getAuthentication().getPrincipal().getId()); sso.put(SsoSessionAttributeKeys.AUTHENTICATION_DATE.toString(), tgt.getAuthentication().getAuthenticatedDate()); sso.put(SsoSessionAttributeKeys.NUMBER_OF_USES.toString(), tgt.getCountOfUses()); activeSessions.add(Collections.unmodifiableMap(sso)); } return Collections.unmodifiableCollection(activeSessions); } }
@Override protected HandlerResult postAuthenticate(final Credential credential, final HandlerResult result) { final TokenCredential tokenCredential = (TokenCredential) credential; tokenCredential.setId(result.getPrincipal().getId()); return super.postAuthenticate(credential, result); }
/** * Determine identity. * * @param service the service * @param assertion the assertion * @return the string */ protected String determineIdentity(final OpenIdService service, final Assertion assertion) { final String id; if (assertion != null && OpenIdProtocolConstants.OPENID_IDENTIFIERSELECT.equals(service.getIdentity())) { id = this.openIdPrefixUrl + '/' + assertion.getPrimaryAuthentication().getPrincipal().getId(); } else { id = service.getIdentity(); } return id; }
/** * Gets the principal id. * * @param context the context * @return the principal id */ public static Principal getMultiFactorPrimaryPrincipal(final RequestContext context) { if (context != null) { final FlowSession flowSession = context.getFlowExecutionContext().getActiveSession(); final MutableAttributeMap map = flowSession.getScope(); final MultiFactorCredentials creds = (MultiFactorCredentials) map.get(CAS_MFA_CREDENTIALS_ATTR_NAME); if (creds == null || creds.getPrincipal() == null) { throw new IllegalArgumentException("Cannot locate credential object in the flow session map. Credentials missing..."); } final Principal principalId = creds.getPrincipal(); LOGGER.debug("Determined principal name to use [{}] for authentication", principalId.getId()); return principalId; } throw new IllegalArgumentException("Request context could not be retrieved from the webflow."); }
private AuthenticationStatement newAuthenticationStatement(final Authentication authentication) { final String authenticationMethod = (String) authentication.getAttributes().get( SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD); final AuthenticationStatement authnStatement = newSamlObject(AuthenticationStatement.class); authnStatement.setAuthenticationInstant(new DateTime(authentication.getAuthenticatedDate())); authnStatement.setAuthenticationMethod(authenticationMethod != null ? authenticationMethod : SamlAuthenticationMetaDataPopulator.AUTHN_METHOD_UNSPECIFIED); authnStatement.setSubject(newSubject(authentication.getPrincipal().getId())); return authnStatement; }
public TicketValidationJsonResponse(final Authentication authentication, final Principal principal) { setUser(principal.getId()); setAuthenticationTime(authentication.getAuthenticatedDate()); setAttributes(principal.getAttributes()); }
@Override public HandlerResult authenticate(final Credential credential) throws GeneralSecurityException { final OpenIdCredential c = (OpenIdCredential) credential; final TicketGrantingTicket t = this.ticketRegistry.getTicket(c.getTicketGrantingTicketId(), TicketGrantingTicket.class); if (t == null || t.isExpired()) { throw new FailedLoginException("TGT is null or expired."); } final Principal principal = t.getAuthentication().getPrincipal(); if (!principal.getId().equals(c.getUsername())) { throw new FailedLoginException("Principal ID mismatch"); } return new DefaultHandlerResult(this, new BasicCredentialMetaData(c), principal); }
@Override @Audit( action="AUTHENTICATION", actionResolverName="AUTHENTICATION_RESOLVER", resourceResolverName="AUTHENTICATION_RESOURCE_RESOLVER") @Timed(name="AUTHENTICATE_TIMED") @Metered(name="AUTHENTICATE_METER") @Counted(name="AUTHENTICATE_COUNT", monotonic=true) public Authentication authenticate(final AuthenticationTransaction transaction) throws AuthenticationException { final AuthenticationBuilder builder = authenticateInternal(transaction.getCredentials()); final Authentication authentication = builder.build(); final Principal principal = authentication.getPrincipal(); if (principal instanceof NullPrincipal) { throw new UnresolvedPrincipalException(authentication); } addAuthenticationMethodAttribute(builder, authentication); logger.info("Authenticated {} with credentials {}.", principal, transaction.getCredentials()); logger.debug("Attribute map for {}: {}", principal.getId(), principal.getAttributes()); populateAuthenticationMetadataAttributes(builder, transaction.getCredentials()); return builder.build(); }