All Downloads are FREE. Search and download functionalities are using the official Maven repository.
Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
pl.edu.icm.unity.engine.authn.AuthenticatorLoader Maven / Gradle / Ivy
/*
* Copyright (c) 2013 ICM Uniwersytet Warszawski All rights reserved.
* See LICENCE.txt file for licensing information.
*/
package pl.edu.icm.unity.engine.authn;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.google.common.collect.Sets;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.AuthenticatorInstance;
import pl.edu.icm.unity.engine.api.authn.CredentialRetrieval;
import pl.edu.icm.unity.engine.api.authn.CredentialRetrievalFactory;
import pl.edu.icm.unity.engine.api.authn.CredentialVerificator;
import pl.edu.icm.unity.engine.api.authn.CredentialVerificatorFactory;
import pl.edu.icm.unity.engine.api.authn.local.LocalCredentialsRegistry;
import pl.edu.icm.unity.engine.credential.CredentialHolder;
import pl.edu.icm.unity.engine.credential.CredentialRepository;
import pl.edu.icm.unity.store.api.generic.AuthenticationFlowDB;
import pl.edu.icm.unity.store.api.generic.AuthenticatorConfigurationDB;
import pl.edu.icm.unity.store.types.AuthenticatorConfiguration;
import pl.edu.icm.unity.types.authn.AuthenticationFlowDefinition;
import pl.edu.icm.unity.types.authn.AuthenticationFlowDefinition.Policy;
import pl.edu.icm.unity.types.authn.CredentialDefinition;
/**
* Loading and initialization of {@link AuthenticatorImpl}.
*
* @author K. Benedyczak
*/
@Component
public class AuthenticatorLoader
{
private AuthenticatorConfigurationDB authenticatorDB;
private AuthenticationFlowDB authenticationFlowDB;
private AuthenticatorsRegistry authReg;
private LocalCredentialsRegistry localCredReg;
private CredentialRepository credRepository;
private AuthenticatorFactory authenticatorFactory;
@Autowired
public AuthenticatorLoader(AuthenticatorConfigurationDB authenticatorDB,
AuthenticationFlowDB authenticationFlowDB, AuthenticatorsRegistry authReg,
CredentialRepository credRepository, LocalCredentialsRegistry localCredReg,
AuthenticatorFactory authenticatorFactory)
{
this.localCredReg = localCredReg;
this.authenticatorDB = authenticatorDB;
this.authReg = authReg;
this.credRepository = credRepository;
this.authenticationFlowDB = authenticationFlowDB;
this.authenticatorFactory = authenticatorFactory;
}
public List resolveAuthenticationFlows(List authnOptions, String binding)
{
Map allFlows = authenticationFlowDB.getAllAsMap();
Map allAuthenticators = authenticatorDB.getAllAsMap();
List defs = new ArrayList<>();
for (String authOption : authnOptions)
{
AuthenticationFlowDefinition def = allFlows.get(authOption);
if (def == null)
{
AuthenticatorConfiguration authenticator = allAuthenticators.get(authOption);
def = createAdHocAuthenticatorWrappingFlow(authOption, authenticator);
}
defs.add(def);
}
return createAuthenticationFlows(defs, binding);
}
List createAuthenticationFlows(List authnFlows, String binding)
{
List ret = new ArrayList<>(authnFlows.size());
for (AuthenticationFlowDefinition authenticationFlowDefinition : authnFlows)
{
List firstFactorAuthImpl = getAuthenticators(
authenticationFlowDefinition.getFirstFactorAuthenticators(), binding);
List secondFactorFactorAuthImpl = getAuthenticators(
authenticationFlowDefinition.getSecondFactorAuthenticators(), binding);
ret.add(new AuthenticationFlow(authenticationFlowDefinition.getName(),
authenticationFlowDefinition.getPolicy(),
Sets.newLinkedHashSet(firstFactorAuthImpl),
secondFactorFactorAuthImpl, authenticationFlowDefinition.getRevision()));
}
return ret;
}
AuthenticatorInstance getAuthenticator(String id, String binding)
{
AuthenticatorConfiguration authnConfig = authenticatorDB.get(id);
return getAuthenticatorNoCheck(authnConfig, binding);
}
/**
* Checks if configuration is valid for corresponding verificator and all available retrievals
*/
void verifyConfiguration(String typeId, String config)
{
CredentialVerificatorFactory verificatorFact = authReg.getCredentialVerificatorFactory(typeId);
CredentialVerificator verificator = verificatorFact.newInstance();
verificator.setSerializedConfiguration(config);
Set supportedRetrievals = authReg.getSupportedRetrievals(typeId);
for (CredentialRetrievalFactory retrievalFact: supportedRetrievals)
{
CredentialRetrieval newInstance = retrievalFact.newInstance();
newInstance.setSerializedConfiguration(config);
}
}
private AuthenticationFlowDefinition createAdHocAuthenticatorWrappingFlow(String authOption,
AuthenticatorConfiguration authenticator)
{
if (authenticator != null)
{
return new AuthenticationFlowDefinition(
authenticator.getName(), Policy.NEVER,
Sets.newLinkedHashSet(List.of(authenticator.getName())));
} else
{
throw new IllegalArgumentException(
"Authentication flow or authenticator "
+ authOption
+ " is undefined");
}
}
private AuthenticatorInstance getAuthenticatorNoCheck(AuthenticatorConfiguration authnConfiguration, String binding)
{
String localCredential = authnConfiguration.getLocalCredentialName();
if (localCredential != null)
{
CredentialDefinition credDef = credRepository.get(localCredential);
CredentialHolder credential = new CredentialHolder(credDef, localCredReg);
String localCredentialConfig = credential.getCredentialDefinition()
.getConfiguration();
return authenticatorFactory.createLocalAuthenticator(
authnConfiguration, localCredentialConfig, binding);
} else
{
return authenticatorFactory.createRemoteAuthenticator( authnConfiguration, binding);
}
}
private List getAuthenticators(Collection ids, String binding)
{
return ids.stream()
.map(id -> getAuthenticator(id, binding))
.collect(Collectors.toList());
}
List getAuthenticators(String binding)
{
return authenticatorDB.getAll().stream()
.filter(ac -> authReg.getSupportedBindings(ac.getVerificationMethod()).contains(binding))
.map(ac -> getAuthenticator(ac.getName(), binding))
.collect(Collectors.toList());
}
}
