/** {@inheritDoc} */ @Override @Nullable public Boolean apply(@Nullable final ProfileRequestContext input) { final AuthnRequest request = requestLookupStrategy.apply(input); if (request != null) { return request.isForceAuthn(); } return null; }
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response, final HttpServletRequest request, final Pair<AuthnRequest, MessageContext> pair) throws Exception { val authnRequest = pair.getKey(); val ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET); this.ticketValidator.setRenew(authnRequest.isForceAuthn()); val serviceUrl = constructServiceUrl(request, response, pair); LOGGER.trace("Created service url for validation: [{}]", serviceUrl); val assertion = this.ticketValidator.validate(ticket, serviceUrl); logCasValidationAssertion(assertion); return assertion; }
public SAMLAuthnRequest(AuthnRequest authnRequest) { super(authnRequest); consumerServiceURL = authnRequest.getAssertionConsumerServiceURL(); forceAuthn = authnRequest.isForceAuthn().booleanValue(); if (authnRequest.getSubject() != null && authnRequest.getSubject().getNameID() != null) { subjectNameId = authnRequest.getSubject().getNameID().getValue(); } }
/** * Redirect request for authentication. * * @param pair the pair * @param request the request * @param response the response * @throws Exception the exception */ protected void issueAuthenticationRequestRedirect(final Pair<? extends SignableSAMLObject, MessageContext> pair, final HttpServletRequest request, final HttpServletResponse response) throws Exception { val authnRequest = (AuthnRequest) pair.getLeft(); val serviceUrl = constructServiceUrl(request, response, pair); LOGGER.debug("Created service url [{}]", DigestUtils.abbreviate(serviceUrl)); val initialUrl = CommonUtils.constructRedirectUrl(casProperties.getServer().getLoginUrl(), CasProtocolConstants.PARAMETER_SERVICE, serviceUrl, authnRequest.isForceAuthn(), authnRequest.isPassive()); val urlToRedirectTo = buildRedirectUrlByRequestedAuthnContext(initialUrl, authnRequest, request); LOGGER.debug("Redirecting SAML authN request to [{}]", urlToRedirectTo); val authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy(); authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo); }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) { final AuthenticationContext authnCtx = new AuthenticationContext(); if (authnRequest != null) { authnCtx.setForceAuthn(authnRequest.isForceAuthn()); authnCtx.setIsPassive(authnRequest.isPassive()); } final AuthenticationContext initialAuthnContext = profileRequestContext.getSubcontext(AuthenticationContext.class); if (initialAuthnContext != null) { authnCtx.setInitialAuthenticationResult(initialAuthnContext.getAuthenticationResult()); } if (!authnCtx.isForceAuthn()) { authnCtx.setForceAuthn(forceAuthnPredicate.apply(profileRequestContext)); } profileRequestContext.addSubcontext(authnCtx, true); log.debug("{} Created authentication context: {}", getLogPrefix(), authnCtx); }
.setForceAuth(request.isForceAuthn()) .setPassive(request.isPassive()) .setId(request.getID())