use of com.nike.cerberus.auth.connector.AuthData in project cerberus by Nike-Inc.
the class AuthenticationServiceTest method triggerChallengeSuccess.
@Test
public void triggerChallengeSuccess() {
String stateToken = "state token";
MfaCheckRequest challengeRequest = mock(MfaCheckRequest.class);
AuthResponse expectedResponse = mock(AuthResponse.class);
AuthData expectedData = mock(AuthData.class);
when(expectedData.getStateToken()).thenReturn(stateToken);
when(expectedResponse.getData()).thenReturn(expectedData);
doAnswer(invocation -> expectedResponse).when(authConnector).triggerChallenge(any(), any());
AuthResponse actualResponse = authenticationService.triggerChallenge(challengeRequest);
assertEquals(expectedResponse, actualResponse);
assertEquals(expectedResponse.getData().getStateToken(), actualResponse.getData().getStateToken());
}
use of com.nike.cerberus.auth.connector.AuthData in project cerberus by Nike-Inc.
the class MfaStateHandler method handleMfaChallenge.
/**
* Handles MFA Challenge, when a MFA challenge has been initiated for call or sms.
*
* @param mfaChallengeResponse - Authentication response from the Completable Future
*/
@Override
public void handleMfaChallenge(AuthenticationResponse mfaChallengeResponse) {
final String userId = mfaChallengeResponse.getUser().getId();
final String userLogin = mfaChallengeResponse.getUser().getLogin();
final AuthData authData = AuthData.builder().userId(userId).username(userLogin).build();
AuthResponse authResponse = AuthResponse.builder().data(authData).status(AuthStatus.MFA_CHALLENGE).build();
authenticationResponseFuture.complete(authResponse);
}
use of com.nike.cerberus.auth.connector.AuthData in project cerberus by Nike-Inc.
the class OktaAuthConnectorTest method triggerChallengeFails.
@Test(expected = ApiException.class)
public void triggerChallengeFails() throws Exception {
String stateToken = "state token";
String deviceId = "device id";
AuthResponse expectedResponse = mock(AuthResponse.class);
AuthData expectedData = mock(AuthData.class);
when(expectedData.getStateToken()).thenReturn(stateToken);
when(expectedResponse.getData()).thenReturn(expectedData);
doAnswer(invocation -> {
MfaStateHandler stateHandler = (MfaStateHandler) invocation.getArguments()[2];
stateHandler.authenticationResponseFuture.cancel(true);
return null;
}).when(client).challengeFactor(any(), any(), any());
// do the call
AuthResponse actualResponse = this.oktaAuthConnector.triggerChallenge(stateToken, deviceId);
// verify results
assertEquals(expectedResponse, actualResponse);
assertEquals(expectedResponse.getData().getStateToken(), actualResponse.getData().getStateToken());
}
use of com.nike.cerberus.auth.connector.AuthData in project cerberus by Nike-Inc.
the class AuthenticationService method refreshUserToken.
/**
* Since tokens are immutable, there are certain situations where refreshing the token used by a
* user is necessary. Anytime permissions change, this is required to reflect that to the user.
*
* @param authPrincipal The principal for the caller
* @return The auth response with the token and metadata
*/
public AuthResponse refreshUserToken(final CerberusPrincipal authPrincipal) {
if (!PrincipalType.USER.equals(authPrincipal.getPrincipalType())) {
String msg = "The principal: %s attempted to use the user token refresh method";
throw ApiException.newBuilder().withApiErrors(CustomApiError.createCustomApiError(DefaultApiError.USER_ONLY_RESOURCE, msg)).withExceptionMessage(msg).build();
}
Integer currentTokenRefreshCount = authPrincipal.getTokenRefreshCount();
if (currentTokenRefreshCount >= maxTokenRefreshCount) {
throw ApiException.newBuilder().withApiErrors(DefaultApiError.MAXIMUM_TOKEN_REFRESH_COUNT_REACHED).withExceptionMessage(String.format("The principal %s attempted to refresh its token but has " + "reached the maximum number of refreshes allowed", authPrincipal.getName())).build();
}
revoke(authPrincipal, authPrincipal.getTokenExpires());
final AuthData authData = AuthData.builder().username(authPrincipal.getName()).clientToken(generateToken(authPrincipal.getName(), authPrincipal.getUserGroups(), currentTokenRefreshCount + 1)).build();
final AuthResponse authResponse = AuthResponse.builder().status(AuthStatus.SUCCESS).data(authData).build();
return authResponse;
}
use of com.nike.cerberus.auth.connector.AuthData in project cerberus by Nike-Inc.
the class AbstractOktaStateHandler method handleSuccess.
/**
* Handles authentication success.
*
* @param successResponse - Authentication response from the Completable Future
*/
@Override
public void handleSuccess(AuthenticationResponse successResponse) {
final String userId = successResponse.getUser().getId();
final String userLogin = successResponse.getUser().getLogin();
final AuthData authData = AuthData.builder().userId(userId).username(userLogin).build();
AuthResponse authResponse = AuthResponse.builder().data(authData).status(AuthStatus.SUCCESS).build();
authenticationResponseFuture.complete(authResponse);
}
Aggregations