org.apereo.cas.adaptors.yubikey

Class YubiKeyAuthenticationHandler

java.lang.Object

org.apereo.cas.authentication.AbstractAuthenticationHandler

org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

org.apereo.cas.adaptors.yubikey.YubiKeyAuthenticationHandler

All Implemented Interfaces:

org.apereo.cas.authentication.AuthenticationHandler

public class YubiKeyAuthenticationHandler
extends org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

An authentication handler that uses the Yubico cloud validation platform to authenticate one-time password tokens that are issued by a YubiKey device. To use YubiCloud you need a client id and an API key which must be obtained from Yubico.

For more info, please visit this link

Since:

4.1

Field Summary

Fields inherited from class org.apereo.cas.authentication.AbstractAuthenticationHandler

logger, principalFactory, servicesManager

Fields inherited from interface org.apereo.cas.authentication.AuthenticationHandler

SUCCESSFUL_AUTHENTICATION_HANDLERS

Constructor Summary

Constructors

Constructor and Description
YubiKeyAuthenticationHandler(java.lang.Integer clientId, java.lang.String secretKey) Prepares the Yubico client with the received clientId and secretKey.

Method Summary

Modifier and Type	Method and Description
void	afterPropertiesSet() After properties set.
protected org.apereo.cas.authentication.HandlerResult	doAuthentication(org.apereo.cas.authentication.Credential credential)
com.yubico.client.v2.YubicoClient	getClient()
YubiKeyAccountRegistry	getRegistry()
void	setRegistry(YubiKeyAccountRegistry registry)
boolean	supports(org.apereo.cas.authentication.Credential credential)

Methods inherited from class org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

authenticate, createHandlerResult, postAuthenticate, preAuthenticate

Methods inherited from class org.apereo.cas.authentication.AbstractAuthenticationHandler

getName, setName, setPrincipalFactory, setServicesManager

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

YubiKeyAuthenticationHandler

public YubiKeyAuthenticationHandler(java.lang.Integer clientId,
                                    java.lang.String secretKey)

Prepares the Yubico client with the received clientId and secretKey. If you wish to limit the usage of this handler only to a particular set of yubikey accounts for a special group of users, you may verify an compliant implementation of YubiKeyAccountRegistry. By default, all accounts are allowed.

Parameters:

clientId - the client id

secretKey - the secret key

Method Detail

afterPropertiesSet

@PostConstruct
public void afterPropertiesSet()

After properties set.

doAuthentication

protected org.apereo.cas.authentication.HandlerResult doAuthentication(org.apereo.cas.authentication.Credential credential)
                                                                throws java.security.GeneralSecurityException,
                                                                       org.apereo.cas.authentication.PreventedException

Specified by:

doAuthentication in class org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

Throws:

java.security.GeneralSecurityException

org.apereo.cas.authentication.PreventedException

setRegistry

public void setRegistry(YubiKeyAccountRegistry registry)

getRegistry

public YubiKeyAccountRegistry getRegistry()

getClient

public com.yubico.client.v2.YubicoClient getClient()

supports

public boolean supports(org.apereo.cas.authentication.Credential credential)