Search in sources :

Example 16 with AuthResponse

use of com.nike.cerberus.auth.connector.AuthResponse in project cerberus by Nike-Inc.

the class UserAuthenticationController method authenticate.

@RequestMapping(value = "/user", method = GET)
public AuthResponse authenticate(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String authHeader) {
    final UserCredentials credentials = extractCredentials(authHeader);
    AuthResponse authResponse;
    try {
        authResponse = authenticationService.authenticate(credentials);
    } catch (ApiException e) {
        auditLoggingFilterDetails.setAction("Failed to authenticate");
        throw e;
    }
    auditLoggingFilterDetails.setAction("Authenticated");
    return authResponse;
}
Also used : UserCredentials(com.nike.cerberus.domain.UserCredentials) AuthResponse(com.nike.cerberus.auth.connector.AuthResponse) ApiException(com.nike.backstopper.exception.ApiException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 17 with AuthResponse

use of com.nike.cerberus.auth.connector.AuthResponse in project cerberus by Nike-Inc.

the class AuthenticationServiceTest method tests_that_refreshUserToken_refreshes_token_when_count_is_less_than_limit.

@Test
public void tests_that_refreshUserToken_refreshes_token_when_count_is_less_than_limit() {
    Integer curCount = MAX_LIMIT - 1;
    CerberusAuthToken authToken = CerberusAuthToken.Builder.create().withPrincipalType(PrincipalType.USER).withPrincipal("principal").withGroups("group1,group2").withRefreshCount(curCount).withToken(UUID.randomUUID().toString()).build();
    CerberusPrincipal principal = new CerberusPrincipal(authToken);
    OffsetDateTime now = OffsetDateTime.now();
    when(authTokenService.generateToken(anyString(), any(PrincipalType.class), anyBoolean(), anyString(), anyInt(), anyInt())).thenReturn(CerberusAuthToken.Builder.create().withPrincipalType(PrincipalType.USER).withPrincipal("principal").withGroups("group1,group2").withRefreshCount(curCount + 1).withToken(UUID.randomUUID().toString()).withCreated(now).withExpires(now.plusHours(1)).build());
    AuthResponse response = authenticationService.refreshUserToken(principal);
    assertEquals(curCount + 1, Integer.parseInt(response.getData().getClientToken().getMetadata().get(CerberusPrincipal.METADATA_KEY_TOKEN_REFRESH_COUNT)));
}
Also used : CerberusAuthToken(com.nike.cerberus.domain.CerberusAuthToken) OffsetDateTime(java.time.OffsetDateTime) PrincipalType(com.nike.cerberus.PrincipalType) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) AuthResponse(com.nike.cerberus.auth.connector.AuthResponse) Test(org.junit.Test)

Example 18 with AuthResponse

use of com.nike.cerberus.auth.connector.AuthResponse in project cerberus by Nike-Inc.

the class AbstractOktaStateHandler method handleSuccess.

/**
 * Handles authentication success.
 *
 * @param successResponse - Authentication response from the Completable Future
 */
@Override
public void handleSuccess(AuthenticationResponse successResponse) {
    final String userId = successResponse.getUser().getId();
    final String userLogin = successResponse.getUser().getLogin();
    final AuthData authData = AuthData.builder().userId(userId).username(userLogin).build();
    AuthResponse authResponse = AuthResponse.builder().data(authData).status(AuthStatus.SUCCESS).build();
    authenticationResponseFuture.complete(authResponse);
}
Also used : AuthData(com.nike.cerberus.auth.connector.AuthData) AuthResponse(com.nike.cerberus.auth.connector.AuthResponse)

Example 19 with AuthResponse

use of com.nike.cerberus.auth.connector.AuthResponse in project cerberus by Nike-Inc.

the class InitialLoginStateHandler method handleMfaResponse.

/**
 * Handles MFA states by determining valid user MFA factors.
 *
 * @param mfaResponse - Authentication response from the Completable Future
 */
private void handleMfaResponse(AuthenticationResponse mfaResponse) {
    final String userId = mfaResponse.getUser().getId();
    final String userLogin = mfaResponse.getUser().getLogin();
    final AuthData authData = AuthData.builder().userId(userId).username(userLogin).build();
    final AuthResponse authResponse = AuthResponse.builder().data(authData).build();
    authData.setStateToken(mfaResponse.getStateToken());
    authResponse.setStatus(AuthStatus.MFA_REQUIRED);
    final List<Factor> factors = new ArrayList<>(mfaResponse.getFactors());
    factors.removeIf(this::isPush);
    validateUserFactors(factors);
    factors.forEach(factor -> authData.getDevices().add(AuthMfaDevice.builder().id(factor.getId()).name(getDeviceName(factor)).requiresTrigger(isTriggerRequired(factor)).isPush(isPush(factor)).build()));
    authenticationResponseFuture.complete(authResponse);
}
Also used : AuthData(com.nike.cerberus.auth.connector.AuthData) Factor(com.okta.authn.sdk.resource.Factor) ArrayList(java.util.ArrayList) AuthResponse(com.nike.cerberus.auth.connector.AuthResponse)

Example 20 with AuthResponse

use of com.nike.cerberus.auth.connector.AuthResponse in project cerberus by Nike-Inc.

the class PushStateHandler method handleSuccess.

/**
 * Handles MFA Challenge, when a MFA challenge has been initiated for call or sms.
 *
 * @param mfaChallengeResponse - Authentication response from the Completable Future
 */
@Override
public void handleSuccess(AuthenticationResponse mfaChallengeResponse) {
    final String userId = mfaChallengeResponse.getUser().getId();
    final String userLogin = mfaChallengeResponse.getUser().getLogin();
    final String factorResult = mfaChallengeResponse.getStatus().toString();
    final AuthData authData = AuthData.builder().userId(userId).username(userLogin).factorResult(factorResult).build();
    AuthResponse authResponse = AuthResponse.builder().data(authData).status(AuthStatus.SUCCESS).build();
    authenticationResponseFuture.complete(authResponse);
}
Also used : AuthData(com.nike.cerberus.auth.connector.AuthData) AuthResponse(com.nike.cerberus.auth.connector.AuthResponse)

Aggregations

AuthResponse (com.nike.cerberus.auth.connector.AuthResponse)30 Test (org.junit.Test)19 AuthData (com.nike.cerberus.auth.connector.AuthData)9 AuthStatus (com.nike.cerberus.auth.connector.AuthStatus)7 AuthenticationResponse (com.okta.authn.sdk.resource.AuthenticationResponse)7 User (com.okta.authn.sdk.resource.User)7 MfaStateHandler (com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler)6 ApiException (com.nike.backstopper.exception.ApiException)5 FactorValidationException (com.okta.authn.sdk.FactorValidationException)4 CompletableFuture (java.util.concurrent.CompletableFuture)4 InitialLoginStateHandler (com.nike.cerberus.auth.connector.okta.statehandlers.InitialLoginStateHandler)3 DefaultVerifyPassCodeFactorRequest (com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest)3 UserCredentials (com.nike.cerberus.domain.UserCredentials)2 DefaultFactor (com.okta.authn.sdk.impl.resource.DefaultFactor)2 FactorProvider (com.okta.authn.sdk.resource.FactorProvider)2 FactorType (com.okta.authn.sdk.resource.FactorType)2 PrincipalType (com.nike.cerberus.PrincipalType)1 PushStateHandler (com.nike.cerberus.auth.connector.okta.statehandlers.PushStateHandler)1 CerberusAuthToken (com.nike.cerberus.domain.CerberusAuthToken)1 MfaCheckRequest (com.nike.cerberus.domain.MfaCheckRequest)1