Source code

001/*
002 *  Copyright 2022 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.web.usermanagement;
017
018import java.io.IOException;
019import java.util.Map;
020
021import org.apache.avalon.framework.service.ServiceException;
022import org.apache.avalon.framework.service.ServiceManager;
023import org.apache.cocoon.ProcessingException;
024import org.apache.cocoon.environment.ObjectModelHelper;
025import org.apache.cocoon.environment.Request;
026import org.apache.cocoon.generation.ServiceableGenerator;
027import org.apache.cocoon.xml.AttributesImpl;
028import org.apache.cocoon.xml.XMLUtils;
029import org.xml.sax.SAXException;
030
031import org.ametys.core.authentication.CredentialProvider;
032import org.ametys.plugins.core.authentication.MultifactorAuthenticationManager;
033import org.ametys.plugins.core.impl.authentication.FormCredentialProvider;
034import org.ametys.web.WebAuthenticateAction;
035
036/**
037 * Generate information to render the multifactor authentication service.
038 */
039public class MultifactorAuthenticationServiceGenerator extends ServiceableGenerator
040{
041    /** The multifactor authentication manager */
042    protected MultifactorAuthenticationManager _multifactorAuthenticationManager;
043
044    @Override
045    public void service(ServiceManager serviceManager) throws ServiceException
046    {
047        super.service(serviceManager);
048        _multifactorAuthenticationManager = (MultifactorAuthenticationManager) serviceManager.lookup(MultifactorAuthenticationManager.ROLE);
049    }
050    
051    @Override
052    public void generate() throws IOException, SAXException, ProcessingException
053    {
054        Request request = ObjectModelHelper.getRequest(objectModel);
055        
056        contentHandler.startDocument();
057        
058        // Check if multifactor authentication is active for the current credential provider (if there is no user, current credential provider is null)
059        CredentialProvider credentialProvider = WebAuthenticateAction.getCredentialProviderFromSession(request);
060        if (credentialProvider instanceof FormCredentialProvider formCredentialProvider && formCredentialProvider.useMultifactorAuthentication())
061        {
062            AttributesImpl attrs = new AttributesImpl();
063            Map<String, Object> secretForCurrentUser = _multifactorAuthenticationManager.getUserSecretForCurrentUser();
064            attrs.addCDATAAttribute("useApplication", String.valueOf(secretForCurrentUser.get("active")));
065            attrs.addCDATAAttribute("secret", (String) secretForCurrentUser.get("secret"));
066
067            XMLUtils.createElement(contentHandler, "MultifactorAuthentication", attrs);
068        }
069        
070        contentHandler.endDocument();
071    }
072    
073}