当前位置: 首页>>代码示例>>Java>>正文


Java YubicoClient类代码示例

本文整理汇总了Java中com.yubico.client.v2.YubicoClient的典型用法代码示例。如果您正苦于以下问题:Java YubicoClient类的具体用法?Java YubicoClient怎么用?Java YubicoClient使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


YubicoClient类属于com.yubico.client.v2包,在下文中一共展示了YubicoClient类的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: authenticateUsernamePasswordInternal

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
/**
 * {@inheritDoc}
 * Attempts to authenticate the received credentials using the Yubico cloud validation platform.
 * In this implementation, the {@link UsernamePasswordCredential#getUsername()}
 * is mapped to the {@code uid} which will be used by the plugged-in instance of the
 * {@link YubiKeyAccountRegistry}
 * and the {@link UsernamePasswordCredential#getPassword()} is the received
 * one-time password token issued by the YubiKey device.
 */
@Override
protected HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential)
        throws GeneralSecurityException, PreventedException {

    final String uid = transformedCredential.getUsername();
    final String otp = transformedCredential.getPassword();

    if (!YubicoClient.isValidOTPFormat(otp)) {
        logger.debug("Invalid OTP format [{}]", otp);
        throw new FailedLoginException("OTP format is invalid");
    }

    final String publicId = YubicoClient.getPublicId(otp);
    if (this.registry != null
          &&!this.registry.isYubiKeyRegisteredFor(uid, publicId)) {
        logger.debug("YubiKey public id [{}] is not registered for user [{}]", publicId, uid);
        throw new AccountNotFoundException("YubiKey id is not recognized in registry");
    }

    try {
        final VerificationResponse response = this.client.verify(otp);
        final ResponseStatus status = response.getStatus();
        if (status.compareTo(ResponseStatus.OK) == 0) {
            logger.debug("YubiKey response status {} at {}", status, response.getTimestamp());
            return createHandlerResult(transformedCredential,
                    this.principalFactory.createPrincipal(uid), null);
        }
        throw new FailedLoginException("Authentication failed with status: " + status);
    } catch (final YubicoVerificationException | YubicoValidationFailure e) {
        logger.error(e.getMessage(), e);
        throw new FailedLoginException("YubiKey validation failed: " + e.getMessage());
    }
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:43,代码来源:YubiKeyAuthenticationHandler.java

示例2: doAuthentication

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
@Override
protected HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
    final YubiKeyCredential yubiKeyCredential = (YubiKeyCredential) credential;

    final String otp = yubiKeyCredential.getToken();

    if (!YubicoClient.isValidOTPFormat(otp)) {
        LOGGER.debug("Invalid OTP format [{}]", otp);
        throw new AccountNotFoundException("OTP format is invalid");
    }

    final RequestContext context = RequestContextHolder.getRequestContext();
    final String uid = WebUtils.getAuthentication(context).getPrincipal().getId();
    final String publicId = YubicoClient.getPublicId(otp);
    if (this.registry != null
            && !this.registry.isYubiKeyRegisteredFor(uid, publicId)) {
        LOGGER.debug("YubiKey public id [{}] is not registered for user [{}]", publicId, uid);
        throw new AccountNotFoundException("YubiKey id is not recognized in registry");
    }

    try {
        final VerificationResponse response = this.client.verify(otp);
        final ResponseStatus status = response.getStatus();
        if (status.compareTo(ResponseStatus.OK) == 0) {
            LOGGER.debug("YubiKey response status [{}] at [{}]", status, response.getTimestamp());
            return createHandlerResult(yubiKeyCredential, this.principalFactory.createPrincipal(uid), null);
        }
        throw new FailedLoginException("Authentication failed with status: " + status);
    } catch (final YubicoVerificationException | YubicoValidationFailure e) {
        LOGGER.error(e.getMessage(), e);
        throw new FailedLoginException("YubiKey validation failed: " + e.getMessage());
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:34,代码来源:YubiKeyAuthenticationHandler.java

示例3: initialize

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
@PostConstruct
public void initialize() {
	YubicoClient yubicoClient = YubicoClient.getClient(clientId, apiKey);
	// could set up more stuff with the client here .. for example override the default validation servers or other stuff
	yubiAuth = new Yubiauth(yubicoClient);

	log.debug("YubicoClient initialized, clientId={}, apiKey={}", clientId, apiKey);
}
 
开发者ID:BlueWizardHat,项目名称:2fa-demo,代码行数:9,代码来源:YubiauthFactory.java

示例4: getClient

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
public YubicoClient getClient() {
    return this.client;
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:4,代码来源:YubiKeyAuthenticationHandler.java

示例5: getYubicoClient

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
private synchronized YubicoClient getYubicoClient() {
  return _yubicoClient;
}
 
开发者ID:erik-wramner,项目名称:YubikeyAuth,代码行数:4,代码来源:AuthenticationFilter.java

示例6: createYubicoClient

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
private YubicoClient createYubicoClient() {
  return YubicoClient.getClient(Integer.valueOf(_yubicoProperties.getProperty("client_id")),
      _yubicoProperties.getProperty("secret_key"));
}
 
开发者ID:erik-wramner,项目名称:YubikeyAuth,代码行数:5,代码来源:YubicoClientFactory.java

示例7: validateRequest

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)
    throws AuthException {
  _logger.debug("Enter validateRequest");

  if (!requiresAuthentication(messageInfo)) {
    _logger.debug("Returning success, auth policy not mandatory");
    return AuthStatus.SUCCESS;
  }

  HttpServletRequest req = (HttpServletRequest) messageInfo.getRequestMessage();
  HttpServletResponse resp = (HttpServletResponse) messageInfo.getResponseMessage();

  try {
    UserAccount account = (UserAccount) req.getSession().getAttribute(USER_ACCOUNT_SESSION_KEY);
    if (account != null) {
      _logger.debug("Returning success, user already logged in");
      addPrincipalsToSubject(clientSubject, account);
      return AuthStatus.SUCCESS;
    }

    if (!req.getRequestURI().endsWith(LOGIN_PAGE)) {
      redirectToLoginPage(req, resp);
      return AuthStatus.SEND_CONTINUE;
    }

    if ("GET".equals(req.getMethod())) {
      forwardToLoginPage(req, resp, "GET request");
      return AuthStatus.SEND_CONTINUE;
    }

    String userName = req.getParameter("j_username");
    String password = req.getParameter("j_password");
    String otp = req.getParameter("j_otp");

    if (userName == null || password == null || otp == null) {
      _logger.debug("Returning failure, missing request parameter(s)");
      forwardToFailedLoginPage(req, resp, null);
      return AuthStatus.SEND_CONTINUE;
    }

    UserAccount userAccount = _accountMap.get(userName);
    if (userAccount != null
        && userAccount.getHashedPassword().equals(
            PasswordEncoder.encodePasswordForUser(userName, userAccount.getSalt(), password))
        && YubicoClient.isValidOTPFormat(otp)) {
      _logger.debug("Verifying Yubikey for {}...", userName);
      VerificationResponse response = _yubicoClient.verify(otp);
      if (response.isOk()) {
        if (response.getPublicId().equals(userAccount.getPublicYubiId())) {
          addPrincipalsToSubject(clientSubject, userAccount);
          req.getSession().setAttribute(USER_ACCOUNT_SESSION_KEY, userAccount);

          String originalUri = (String) req.getSession().getAttribute(ORIGINAL_URI_SESSION_KEY);
          if (originalUri != null) {
            _logger.debug("Login successful for {}, redirecting to {}", userName, originalUri);
            resp.sendRedirect(originalUri);
            return AuthStatus.SEND_CONTINUE;
          } else {
            _logger.debug("Login successful for {}, returning success", userName);
            return AuthStatus.SUCCESS;
          }
        } else {
          _logger.warn("Login attempt for {} with wrong Yubikey {}!", userName, response.getPublicId());
        }
      } else {
        _logger.info("Failed to verify Yubikey for {}, response not OK", userName);
      }
    }

    forwardToFailedLoginPage(req, resp, "authentication failed");
    return AuthStatus.SEND_CONTINUE;
  } catch (Exception e) {
    _logger.error("Authentication failed with exception", e);
    throw new AuthException(e.getMessage());
  }
}
 
开发者ID:erik-wramner,项目名称:YubikeyAuth,代码行数:78,代码来源:YubiAuthModule.java

示例8: YubiKeyAuthenticationHandler

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
/**
 * Prepares the Yubico client with the received clientId and secretKey. If you wish to
 * limit the usage of this handler only to a particular set of yubikey accounts for a special
 * group of users, you may verify an compliant implementation of {@link YubiKeyAccountRegistry}.
 * By default, all accounts are allowed.
 *
 * @param name             the name
 * @param servicesManager  the services manager
 * @param principalFactory the principal factory
 * @param clientId         the client id
 * @param secretKey        the secret key
 * @param registry         the account registry which holds registrations.
 */
public YubiKeyAuthenticationHandler(final String name, final ServicesManager servicesManager, final PrincipalFactory principalFactory,
                                    final Integer clientId, final String secretKey, final YubiKeyAccountRegistry registry) {
    super(name, servicesManager, principalFactory, null);
    this.registry = registry;
    this.client = YubicoClient.getClient(clientId, secretKey);

    if (this.registry == null) {
        LOGGER.warn("No YubiKey account registry is defined. All credentials are considered "
                        + "eligible for YubiKey authentication. Consider providing an account registry implementation via [{}]",
                YubiKeyAccountRegistry.class.getName());
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:YubiKeyAuthenticationHandler.java

示例9: YubiKeyAuthenticationHandler

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
/**
 * Prepares the Yubico client with the received clientId and secretKey. If you wish to
 * limit the usage of this handler only to a particular set of yubikey accounts for a special
 * group of users, you may provide an compliant implementation of {@link YubiKeyAccountRegistry}.
 * By default, all accounts are allowed.
 *
 * @param clientId the client id
 * @param secretKey the secret key
 */
@Autowired
public YubiKeyAuthenticationHandler(@NotNull @Value("${yubikey.client.id:}") final Integer clientId,
                                    @NotNull @Value("${yubikey.secret.key:}") final String secretKey) {
    this.client = YubicoClient.getClient(clientId, secretKey);
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:15,代码来源:YubiKeyAuthenticationHandler.java

示例10: getYubicoClient

import com.yubico.client.v2.YubicoClient; //导入依赖的package包/类
/**
 * Get a client.
 * 
 * @return client.
 */
public static YubicoClient getYubicoClient() {
  return INSTANCE.createYubicoClient();
}
 
开发者ID:erik-wramner,项目名称:YubikeyAuth,代码行数:9,代码来源:YubicoClientFactory.java


注:本文中的com.yubico.client.v2.YubicoClient类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。