fixed issues with authN manager types

Unicon · Jun 17, 2015 · 6093d60 · 6093d60
1 parent 3c2cbef
commit 6093d60
Show file tree

Hide file tree

Showing 4 changed files with 103 additions and 8 deletions.
diff --git a/...rc/main/groovy/net/unicon/cas/mfa/authentication/duo/DuoMultiFactorWebflowConfigurer.java b/...rc/main/groovy/net/unicon/cas/mfa/authentication/duo/DuoMultiFactorWebflowConfigurer.java
@@ -2,13 +2,10 @@
 
 import org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver;
 import org.jasig.cas.authentication.principal.Credentials;
-import org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver;
-import org.jasig.cas.authentication.principal.Principal;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.WebApplicationContext;
 
@@ -30,6 +27,7 @@ public class DuoMultiFactorWebflowConfigurer implements InitializingBean {
 
 
     @PostConstruct
+    @Override
     public void afterPropertiesSet() throws Exception {
         try {
             final List resolvers = this.context.getBean("mfaCredentialsToPrincipalResolvers", List.class);

diff --git a/.../src/main/java/net/unicon/cas/mfa/authentication/CasMultiFactorAuthenticationManager.java b/.../src/main/java/net/unicon/cas/mfa/authentication/CasMultiFactorAuthenticationManager.java
@@ -0,0 +1,96 @@
+package net.unicon.cas.mfa.authentication;
+
+import org.jasig.cas.authentication.AbstractAuthentication;
+import org.jasig.cas.authentication.Authentication;
+import org.jasig.cas.authentication.AuthenticationManager;
+import org.jasig.cas.authentication.AuthenticationManagerImpl;
+import org.jasig.cas.authentication.AuthenticationMetaDataPopulator;
+import org.jasig.cas.authentication.ImmutableAuthentication;
+import org.jasig.cas.authentication.handler.AuthenticationException;
+import org.jasig.cas.authentication.handler.AuthenticationHandler;
+import org.jasig.cas.authentication.principal.Credentials;
+import org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver;
+import org.jasig.cas.authentication.principal.Principal;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * This is {@link CasMultiFactorAuthenticationManager} that delegates to the CAS authentication
+ * manager and runs post-authn processes on the final object based on MFA requirements.
+ *
+ * @author Misagh Moayyed
+ */
+public class CasMultiFactorAuthenticationManager implements AuthenticationManager {
+    private AuthenticationManager delegate;
+    private List<AuthenticationHandler> authenticationHandlers = new ArrayList<>();
+    private List<CredentialsToPrincipalResolver> credentialsToPrincipalResolvers = new ArrayList<>();
+    private List<AuthenticationMetaDataPopulator> authenticationMetaDataPopulators = new ArrayList<>();
+
+    public void setAuthenticationHandlers(final List<AuthenticationHandler> authenticationHandlers) {
+        this.authenticationHandlers = authenticationHandlers;
+    }
+
+    public final void setAuthenticationMetaDataPopulators(final List<AuthenticationMetaDataPopulator> authenticationMetaDataPopulators) {
+        this.authenticationMetaDataPopulators = authenticationMetaDataPopulators;
+    }
+
+    public void setCredentialsToPrincipalResolvers(final List<CredentialsToPrincipalResolver> credentialsToPrincipalResolvers) {
+        this.credentialsToPrincipalResolvers = credentialsToPrincipalResolvers;
+    }
+
+    public void setDelegate(final AuthenticationManager delegate) {
+        this.delegate = delegate;
+    }
+
+    @Override
+    public Authentication authenticate(final Credentials credentials) throws AuthenticationException {
+        final AuthenticationManagerImpl authImpl = new AuthenticationManagerImpl();
+        authImpl.setAuthenticationHandlers(this.authenticationHandlers);
+        authImpl.setCredentialsToPrincipalResolvers(this.credentialsToPrincipalResolvers);
+        authImpl.setAuthenticationMetaDataPopulators(this.authenticationMetaDataPopulators);
+
+        Authentication authentication = null;
+        if (!this.authenticationHandlers.isEmpty()) {
+            authentication = authImpl.authenticate(credentials);
+        } else {
+            authentication = this.delegate.authenticate(credentials);
+        }
+
+        MutableAuthentication authNMutable = new MutableAuthentication(authentication.getPrincipal(),
+                authentication.getAttributes(), authentication.getAuthenticatedDate());
+        for (final AuthenticationMetaDataPopulator authenticationMetaDataPopulator : this.authenticationMetaDataPopulators) {
+            final Authentication modified = authenticationMetaDataPopulator.populateAttributes(authNMutable, credentials);
+            authNMutable = new MutableAuthentication(modified.getPrincipal(),
+                    modified.getAttributes(), modified.getAuthenticatedDate());
+        }
+        return new ImmutableAuthentication(authNMutable.getPrincipal(),
+                authNMutable.getAttributes());
+
+    }
+
+    private final class MutableAuthentication extends AbstractAuthentication {
+        private static final long serialVersionUID = 8051060297683763397L;
+
+        private final Date authenticatedDate;
+
+        /**
+         * Instantiates a new Mutable authentication.
+         *
+         * @param principal the principal
+         * @param attributes the attributes
+         * @param date the date
+         */
+        public MutableAuthentication(final Principal principal, final Map<String, Object> attributes, final Date date) {
+            super(principal, new HashMap<String, Object>(attributes));
+            this.authenticatedDate = date;
+        }
+
+        public Date getAuthenticatedDate() {
+            return this.authenticatedDate;
+        }
+    }
+}
diff --git a/cas-mfa-web/src/main/webapp/WEB-INF/cas-servlet-override-context.xml b/cas-mfa-web/src/main/webapp/WEB-INF/cas-servlet-override-context.xml
@@ -65,18 +65,19 @@
           p:persistentIdGenerator-ref="persistentIdGenerator"
           p:authenticationManager-ref="mfaAuthenticationManager"/>
 
-    <bean id="mfaAuthenticationManager" parent="authenticationManager">
+    <bean id="mfaAuthenticationManager" class="net.unicon.cas.mfa.authentication.CasMultiFactorAuthenticationManager">
         <property name="authenticationMetaDataPopulators">
-            <list merge="true">
+            <list>
                 <bean class="net.unicon.cas.mfa.authentication.RememberAuthenticationMethodMetaDataPopulator"/>
             </list>
         </property>
         <property name="credentialsToPrincipalResolvers">
-            <list merge="true" >
+            <list>
                 <bean class="net.unicon.cas.mfa.authentication.principal.ChainingCredentialsToPrincipalResolver"
                       p:chain-ref="mfaCredentialsToPrincipalResolvers" />
             </list>
         </property>
+        <property name="delegate" ref="authenticationManager" />
     </bean>
 
     <!-- This will be automatically populated at runtime, when necessary, by each module -->

diff --git a/pom.xml b/pom.xml
@@ -557,8 +557,8 @@
         <maven.groovy.eclipse.batch.plugin.version>2.3.4-01</maven.groovy.eclipse.batch.plugin.version>
         <maven.groovy.eclipse.compiler.plugin.version>2.9.0-01</maven.groovy.eclipse.compiler.plugin.version>
 
-        <project.build.sourceVersion>1.6</project.build.sourceVersion>
-        <project.build.targetVersion>1.6</project.build.targetVersion>
+        <project.build.sourceVersion>1.7</project.build.sourceVersion>
+        <project.build.targetVersion>1.7</project.build.targetVersion>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     </properties>