Search in sources :

Example 1 with PushStateHandler

use of com.nike.cerberus.auth.connector.okta.statehandlers.PushStateHandler in project cerberus by Nike-Inc.

the class OktaAuthConnector method triggerPush.

/**
 * Triggers challenge for SMS or Call factors using Okta Auth SDK.
 */
public AuthResponse triggerPush(String stateToken, String deviceId) {
    CompletableFuture<AuthResponse> authResponseFuture = new CompletableFuture<>();
    PushStateHandler stateHandler = new PushStateHandler(oktaAuthenticationClient, authResponseFuture);
    try {
        oktaAuthenticationClient.verifyFactor(deviceId, stateToken, stateHandler);
        AuthResponse authResponse = authResponseFuture.get(45, TimeUnit.SECONDS);
        long startTime = System.currentTimeMillis();
        while (authResponse.getData().getFactorResult().equals("WAITING") && System.currentTimeMillis() - startTime <= 55000) {
            sleep(100);
            authResponseFuture = new CompletableFuture<>();
            stateHandler = new PushStateHandler(oktaAuthenticationClient, authResponseFuture);
            oktaAuthenticationClient.verifyFactor(deviceId, stateToken, stateHandler);
            authResponse = authResponseFuture.get(45, TimeUnit.SECONDS);
        }
        String factorResult = authResponse.getData().getFactorResult();
        if (!factorResult.equals("SUCCESS")) {
            if (factorResult.equals("TIMEOUT") || factorResult.equals("WAITING")) {
                throw ApiException.newBuilder().withApiErrors(DefaultApiError.OKTA_PUSH_MFA_TIMEOUT).withExceptionMessage(DefaultApiError.OKTA_PUSH_MFA_TIMEOUT.getMessage()).build();
            } else if (factorResult.equals("REJECTED")) {
                throw ApiException.newBuilder().withApiErrors(DefaultApiError.OKTA_PUSH_MFA_REJECTED).withExceptionMessage(DefaultApiError.OKTA_PUSH_MFA_REJECTED.getMessage()).build();
            }
        }
        return authResponseFuture.get(45, TimeUnit.SECONDS);
    } catch (ApiException e) {
        throw e;
    } catch (Exception e) {
        throw ApiException.newBuilder().withExceptionCause(e).withApiErrors(DefaultApiError.AUTH_RESPONSE_WAIT_FAILED).withExceptionMessage("Failed to trigger challenge due to timeout. Please try again.").build();
    }
}
Also used : PushStateHandler(com.nike.cerberus.auth.connector.okta.statehandlers.PushStateHandler) CompletableFuture(java.util.concurrent.CompletableFuture) ApiException(com.nike.backstopper.exception.ApiException) FactorValidationException(com.okta.authn.sdk.FactorValidationException) AuthResponse(com.nike.cerberus.auth.connector.AuthResponse) ApiException(com.nike.backstopper.exception.ApiException)

Example 2 with PushStateHandler

use of com.nike.cerberus.auth.connector.okta.statehandlers.PushStateHandler in project cerberus by Nike-Inc.

the class PushStateHandlerTest method setup.

@Before
public void setup() {
    initMocks(this);
    authenticationResponseFuture = new CompletableFuture<>();
    // create test object
    this.pushStateHandler = new PushStateHandler(client, authenticationResponseFuture) {
    };
}
Also used : PushStateHandler(com.nike.cerberus.auth.connector.okta.statehandlers.PushStateHandler) Before(org.junit.Before)

Aggregations

PushStateHandler (com.nike.cerberus.auth.connector.okta.statehandlers.PushStateHandler)2 ApiException (com.nike.backstopper.exception.ApiException)1 AuthResponse (com.nike.cerberus.auth.connector.AuthResponse)1 FactorValidationException (com.okta.authn.sdk.FactorValidationException)1 CompletableFuture (java.util.concurrent.CompletableFuture)1 Before (org.junit.Before)1