Examples with MfaStateHandler com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler used on opensource projects

Example 1 with MfaStateHandler

use of com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler in project cerberus by Nike-Inc.

the class OktaAuthConnector method mfaCheck.

/**
 * Verifies user's MFA factor using Okta Auth SDK.
 */
@Override
public AuthResponse mfaCheck(String stateToken, String deviceId, String otpToken) {
    CompletableFuture<AuthResponse> authResponse = new CompletableFuture<>();
    MfaStateHandler stateHandler = new MfaStateHandler(oktaAuthenticationClient, authResponse);
    DefaultVerifyPassCodeFactorRequest request = oktaAuthenticationClient.instantiate(DefaultVerifyPassCodeFactorRequest.class);
    request.setPassCode(otpToken);
    request.setStateToken(stateToken);
    try {
        oktaAuthenticationClient.verifyFactor(deviceId, request, stateHandler);
        return authResponse.get(45, TimeUnit.SECONDS);
    } catch (ApiException e) {
        throw e;
    } catch (FactorValidationException e) {
        throw ApiException.newBuilder().withExceptionCause(e).withApiErrors(DefaultApiError.FACTOR_VALIDATE_FAILED).withExceptionMessage("Failed to validate factor.").build();
    } catch (Exception e) {
        throw ApiException.newBuilder().withExceptionCause(e).withApiErrors(DefaultApiError.AUTH_RESPONSE_WAIT_FAILED).withExceptionMessage("Failed to wait for Okta Auth Completable Future to complete.").build();
    }
}

Example 2 with MfaStateHandler

use of com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler in project cerberus by Nike-Inc.

the class OktaAuthConnector method triggerChallenge.

/**
 * Triggers challenge for SMS or Call factors using Okta Auth SDK.
 */
public AuthResponse triggerChallenge(String stateToken, String deviceId) {
    CompletableFuture<AuthResponse> authResponse = new CompletableFuture<>();
    MfaStateHandler stateHandler = new MfaStateHandler(oktaAuthenticationClient, authResponse);
    try {
        oktaAuthenticationClient.challengeFactor(deviceId, stateToken, stateHandler);
        return authResponse.get(45, TimeUnit.SECONDS);
    } catch (ApiException e) {
        throw e;
    } catch (Exception e) {
        throw ApiException.newBuilder().withExceptionCause(e).withApiErrors(DefaultApiError.AUTH_RESPONSE_WAIT_FAILED).withExceptionMessage("Failed to trigger challenge due to timeout. Please try again.").build();
    }
}

Example 3 with MfaStateHandler

use of com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler in project cerberus by Nike-Inc.

the class OktaAuthConnectorTest method triggerChallengeFails.

@Test(expected = ApiException.class)
public void triggerChallengeFails() throws Exception {
    String stateToken = "state token";
    String deviceId = "device id";
    AuthResponse expectedResponse = mock(AuthResponse.class);
    AuthData expectedData = mock(AuthData.class);
    when(expectedData.getStateToken()).thenReturn(stateToken);
    when(expectedResponse.getData()).thenReturn(expectedData);
    doAnswer(invocation -> {
        MfaStateHandler stateHandler = (MfaStateHandler) invocation.getArguments()[2];
        stateHandler.authenticationResponseFuture.cancel(true);
        return null;
    }).when(client).challengeFactor(any(), any(), any());
    // do the call
    AuthResponse actualResponse = this.oktaAuthConnector.triggerChallenge(stateToken, deviceId);
    // verify results
    assertEquals(expectedResponse, actualResponse);
    assertEquals(expectedResponse.getData().getStateToken(), actualResponse.getData().getStateToken());
}

Example 4 with MfaStateHandler

use of com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler in project cerberus by Nike-Inc.

the class OktaAuthConnectorTest method mfaCheckFails.

@Test(expected = ApiException.class)
public void mfaCheckFails() throws Exception {
    String stateToken = "state token";
    String deviceId = "device id";
    String otpToken = "otp token";
    AuthResponse expectedResponse = mock(AuthResponse.class);
    when(expectedResponse.getStatus()).thenReturn(AuthStatus.SUCCESS);
    DefaultVerifyPassCodeFactorRequest request = mock(DefaultVerifyPassCodeFactorRequest.class);
    doAnswer(invocation -> {
        request.setPassCode(stateToken);
        request.setStateToken(otpToken);
        return request;
    }).when(client).instantiate(DefaultVerifyPassCodeFactorRequest.class);
    doAnswer(invocation -> {
        MfaStateHandler stateHandler = (MfaStateHandler) invocation.getArguments()[2];
        stateHandler.authenticationResponseFuture.cancel(true);
        return null;
    }).when(client).verifyFactor(any(), isA(DefaultVerifyPassCodeFactorRequest.class), any());
    // do the call
    AuthResponse actualResponse = this.oktaAuthConnector.mfaCheck(stateToken, deviceId, otpToken);
    // verify results
    assertEquals(expectedResponse, actualResponse);
}

Example 5 with MfaStateHandler

use of com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler in project cerberus by Nike-Inc.

the class MfaStateHandlerTest method setup.

@Before
public void setup() {
    initMocks(this);
    authenticationResponseFuture = new CompletableFuture<>();
    // create test object
    this.mfaStateHandler = new MfaStateHandler(client, authenticationResponseFuture) {
    };
}