Thanks pointing out the fix. I setup the 6.6 prerelease in a dev environment and was able to adjust our groovy script to get the functionality we wanted. Will hopefully be implementing this sometime after 6.6 is out of prerelease.
In case it helps anyone:
import java.util.*
import redis.clients.jedis.Jedis
import redis.clients.jedis.JedisPool
import redis.clients.jedis.JedisPoolConfig
import org.apereo.cas.authentication.*
import org.apereo.cas.authentication.mfa.*
def String run(final Object... args) {
def authentication = args[2]
try (JedisPool rpool = new JedisPool(new JedisPoolConfig(), "<redis hostname>");) {
Jedis rdb = rpool.getResource()
rdb.auth("<Password>")
String mfatype = rdb.hget(
authentication.principal.id,"mfatype");
if(mfatype == null) {
return null
}
if(mfatype.equalsIgnoreCase("mfa-gauth")) {
return "mfa-gauth"
}
if(mfatype.equalsIgnoreCase("mfa-u2f")) {
return "mfa-u2f"
}
if(mfatype.equalsIgnoreCase("all")) {
return ChainingMultifactorAuthenticationProvider.DEFAULT_IDENTIFIER
}
}
}