tessl/maven-org-apereo-cas--cas-server-core-webflow-mfa-api
Core API for multifactor authentication webflow configuration in Apereo CAS providing interfaces and base classes for MFA provider integration
—
Pending
webflow-configuration.mddocs/
Webflow Configuration
Core interfaces and base classes for configuring MFA webflows and integrating MFA providers into the CAS authentication flow. These components provide the foundation for registering custom MFA providers and customizing webflow behavior.
Capabilities
CasMultifactorWebflowConfigurer Interface
Main interface defining the contract for configuring multifactor authentication webflows.
/**
* Interface for configuring multifactor authentication webflows
*/
public interface CasMultifactorWebflowConfigurer {
/**
* Register multifactor provider authentication webflow
* @param flow The parent flow to register the MFA subflow into
* @param subflowId The ID of the subflow state
* @param providerId The ID of the MFA provider
*/
void registerMultifactorProviderAuthenticationWebflow(Flow flow, String subflowId, String providerId);
/**
* Register multifactor provider authentication webflow with provider ID as subflow ID
* @param flow The parent flow to register the MFA subflow into
* @param providerId The ID of the MFA provider (used as both provider and subflow ID)
*/
default void registerMultifactorProviderAuthenticationWebflow(Flow flow, String providerId) {
registerMultifactorProviderAuthenticationWebflow(flow, providerId, providerId);
}
/**
* Determine the order of the configurer
* @return Order value for configurer execution sequence
*/
int getOrder();
/**
* Collection of flow definition registries tied to this MFA flow
* @return List of flow definition registries
*/
List<FlowDefinitionRegistry> getMultifactorAuthenticationFlowDefinitionRegistries();
}AbstractCasMultifactorWebflowConfigurer
Base implementation providing common functionality for MFA webflow configuration.
/**
* Abstract base class for MFA webflow configurers providing entry point into CAS webflow
*/
public abstract class AbstractCasMultifactorWebflowConfigurer extends AbstractCasWebflowConfigurer
implements CasMultifactorWebflowConfigurer {
/**
* Constructor for single MFA flow definition registry
*/
protected AbstractCasMultifactorWebflowConfigurer(
FlowBuilderServices flowBuilderServices,
FlowDefinitionRegistry flowDefinitionRegistry,
ConfigurableApplicationContext applicationContext,
CasConfigurationProperties casProperties,
Optional<FlowDefinitionRegistry> mfaFlowDefinitionRegistry,
List<CasMultifactorWebflowCustomizer> mfaFlowCustomizers);
/**
* Register multifactor provider authentication webflow
* @param flow The parent flow
* @param subflowId The subflow state ID
* @param providerId The MFA provider ID
*/
@Override
public void registerMultifactorProviderAuthenticationWebflow(Flow flow, String subflowId, String providerId);
/**
* Get flow definition registries for this MFA configurer
* @return List of FlowDefinitionRegistry instances
*/
@Override
public List<FlowDefinitionRegistry> getMultifactorAuthenticationFlowDefinitionRegistries();
/**
* Get execution order for this configurer
* @return Order value (defaults to LOWEST_PRECEDENCE)
*/
@Override
public int getOrder();
}Usage Example:
@Configuration
public class MyMfaWebflowConfiguration {
@Bean
public CasMultifactorWebflowConfigurer myMfaWebflowConfigurer(
@Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices,
@Qualifier("loginFlowRegistry") FlowDefinitionRegistry loginFlowDefinitionRegistry,
ConfigurableApplicationContext applicationContext,
CasConfigurationProperties casProperties,
@Qualifier("myMfaFlowRegistry") FlowDefinitionRegistry myMfaFlowRegistry,
List<CasMultifactorWebflowCustomizer> mfaFlowCustomizers) {
return new MyMfaWebflowConfigurer(flowBuilderServices, loginFlowDefinitionRegistry,
applicationContext, casProperties, Optional.of(myMfaFlowRegistry), mfaFlowCustomizers);
}
}
public class MyMfaWebflowConfigurer extends AbstractCasMultifactorWebflowConfigurer {
public MyMfaWebflowConfigurer(
FlowBuilderServices flowBuilderServices,
FlowDefinitionRegistry flowDefinitionRegistry,
ConfigurableApplicationContext applicationContext,
CasConfigurationProperties casProperties,
Optional<FlowDefinitionRegistry> mfaFlowDefinitionRegistry,
List<CasMultifactorWebflowCustomizer> mfaFlowCustomizers) {
super(flowBuilderServices, flowDefinitionRegistry, applicationContext,
casProperties, mfaFlowDefinitionRegistry, mfaFlowCustomizers);
}
@Override
protected void doInitialize() {
val loginFlow = getLoginFlow();
if (loginFlow != null) {
registerMultifactorProviderAuthenticationWebflow(loginFlow, "myMfaProvider");
}
}
}CasMultifactorWebflowCustomizer Interface
Interface for customizing multifactor authentication webflows with additional states and attribute mappings.
/**
* Interface extending CasWebflowCustomizer for MFA-specific customizations
*/
public interface CasMultifactorWebflowCustomizer extends CasWebflowCustomizer {
/**
* Get candidate states for multifactor authentication
* @return Collection of state IDs that are candidates for MFA integration
*/
default Collection<String> getCandidateStatesForMultifactorAuthentication() {
return List.of();
}
}CompositeProviderSelectionMultifactorWebflowConfigurer
Configurer for composite multifactor authentication provider selection scenarios.
/**
* Configures webflow for composite MFA provider selection
*/
public class CompositeProviderSelectionMultifactorWebflowConfigurer
extends AbstractCasMultifactorWebflowConfigurer {
/**
* Constructor
*/
public CompositeProviderSelectionMultifactorWebflowConfigurer(
FlowBuilderServices flowBuilderServices,
FlowDefinitionRegistry flowDefinitionRegistry,
ConfigurableApplicationContext applicationContext,
CasConfigurationProperties casProperties);
/**
* Initialize composite provider selection webflow configuration
*/
@Override
protected void doInitialize();
}MultifactorAuthenticationAccountProfileWebflowConfigurer
Configurer for MFA-related components in user account profile management flows.
/**
* Configures MFA components for user account profile management flows
*/
public class MultifactorAuthenticationAccountProfileWebflowConfigurer
extends AbstractCasWebflowConfigurer {
/**
* Constructor
*/
public MultifactorAuthenticationAccountProfileWebflowConfigurer(
FlowBuilderServices flowBuilderServices,
FlowDefinitionRegistry flowDefinitionRegistry,
ConfigurableApplicationContext applicationContext,
CasConfigurationProperties casProperties);
/**
* Initialize account profile MFA webflow configuration
*/
@Override
protected void doInitialize();
}Implementation Guidelines
- Extend AbstractCasMultifactorWebflowConfigurer for new MFA provider integrations
- Override doInitialize() to perform webflow registration logic
- Use registerMultifactorProviderAuthenticationWebflow() to integrate your MFA flow
- Set appropriate order using setOrder() if execution sequence matters
- Implement CasMultifactorWebflowCustomizer for additional webflow customizations
Install with Tessl CLI
npx tessl i tessl/maven-org-apereo-cas--cas-server-core-webflow-mfa-api