/**
* Gets mfa request context.
*
* @param serviceMfaData service specific mfa settings
* @param attributeValue the value found in the attribute
* @param targetService the target service
* @return the mfa request context
*/
private MultiFactorAuthenticationRequestContext getMfaRequestContext(
final ServiceMfaData serviceMfaData,
final String attributeValue,
final WebApplicationService targetService) {
final RegisteredService registeredService = this.servicesManager.findServiceBy(targetService);
final RegisteredServiceWithAttributes service =
RegisteredServiceWithAttributes.class.cast(registeredService);
final String method = String.class.cast(service.getExtraAttributes().get("method"));
if (match(serviceMfaData.getAttributePattern(), attributeValue)) {
if (!this.authenticationMethodConfiguration.containsAuthenticationMethod(
serviceMfaData.getAuthenticationMethod())) {
logger.info(
"MFA attribute [{}] with value [{}] is not supported by the authentication method configuration.",
serviceMfaData.getAttributeName(),
serviceMfaData.getAuthenticationMethod());
return null;
}
final int mfaMethodRank =
this.authenticationMethodConfiguration
.getAuthenticationMethod(serviceMfaData.getAuthenticationMethod())
.getRank();
final MultiFactorAuthenticationSupportingWebApplicationService svc =
this.mfaServiceFactory.create(
targetService.getId(),
targetService.getId(),
targetService.getArtifactId(),
"POST".equals(method) ? ResponseType.POST : ResponseType.REDIRECT,
serviceMfaData.getAuthenticationMethod(),
MultiFactorAuthenticationSupportingWebApplicationService.AuthenticationMethodSource
.PRINCIPAL_ATTRIBUTE);
return new MultiFactorAuthenticationRequestContext(svc, mfaMethodRank);
}
logger.trace("{} did not match {}", attributeValue, serviceMfaData.getAttributePattern());
return null;
}
