...
Bloc de code |
---|
import java.util.* class SampleGroovyEventResolver { def String run(final Object... args) { def service = args[0] def registeredService = args[1] def authentication = args[2] def httpRequest = args[3] def logger = args[4]service, registeredService, authentication, httpRequest, logger, ... args) { def mobile = authentication.principal.attributes.mobile def ip = httpRequest.getRemoteAddr() def memberOf = authentication.principal.attributes.memberOf /* logger.info("ip : [{}]", httpRequest.getRemoteAddr()) logger.info("mobile : [{}]", mobile) logger.info("registeredService.id : [{}]", registeredService.id) */ if ((int)registeredService.id in [22] && 'cn=from.grouper.admin,ou=groups,dc=univ-rouen,dc=fr' in memberOf) { logger.warn("mfa required for grouper !", authentication.principal.id) return "mfa-esupotp" } if(!('cn=from.cas.otp,ou=groups,dc=univ-rouen,dc=fr' in memberOf)) { return null; } if ((int)registeredService.id in [12,13,14,18,21,22] && !ip.startsWith("10.0.1.")) { logger.warn("mfa for [{}] !", authentication.principal.id) return "mfa-esupotp" } if ((int)registeredService.id in [11, 18] && !ip.startsWith("10.0.1.") && 'cn=for.multipass.admin,ou=groups,dc=univ-rouen,dc=fr' in memberOf) { logger.warn("mfa for [{}] !", authentication.principal.id) return "mfa-esupotp" } return null } } |
...