Example 1 with DefaultVerifyPassCodeFactorRequest
use of com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest in project cerberus by Nike-Inc.
the class OktaAuthConnector method mfaCheck.
/**
* Verifies user's MFA factor using Okta Auth SDK.
*/
@Override
public AuthResponse mfaCheck(String stateToken, String deviceId, String otpToken) {
CompletableFuture<AuthResponse> authResponse = new CompletableFuture<>();
MfaStateHandler stateHandler = new MfaStateHandler(oktaAuthenticationClient, authResponse);
DefaultVerifyPassCodeFactorRequest request = oktaAuthenticationClient.instantiate(DefaultVerifyPassCodeFactorRequest.class);
request.setPassCode(otpToken);
request.setStateToken(stateToken);
try {
oktaAuthenticationClient.verifyFactor(deviceId, request, stateHandler);
return authResponse.get(45, TimeUnit.SECONDS);
} catch (ApiException e) {
throw e;
} catch (FactorValidationException e) {
throw ApiException.newBuilder().withExceptionCause(e).withApiErrors(DefaultApiError.FACTOR_VALIDATE_FAILED).withExceptionMessage("Failed to validate factor.").build();
} catch (Exception e) {
throw ApiException.newBuilder().withExceptionCause(e).withApiErrors(DefaultApiError.AUTH_RESPONSE_WAIT_FAILED).withExceptionMessage("Failed to wait for Okta Auth Completable Future to complete.").build();
}
}
Also used :
DefaultVerifyPassCodeFactorRequest(com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest)
CompletableFuture(java.util.concurrent.CompletableFuture)
FactorValidationException(com.okta.authn.sdk.FactorValidationException)
MfaStateHandler(com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler)
ApiException(com.nike.backstopper.exception.ApiException)
FactorValidationException(com.okta.authn.sdk.FactorValidationException)
AuthResponse(com.nike.cerberus.auth.connector.AuthResponse)
ApiException(com.nike.backstopper.exception.ApiException)
Example 2 with DefaultVerifyPassCodeFactorRequest
use of com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest in project cerberus by Nike-Inc.
the class OktaAuthConnectorTest method mfaCheckFails.
@Test(expected = ApiException.class)
public void mfaCheckFails() throws Exception {
String stateToken = "state token";
String deviceId = "device id";
String otpToken = "otp token";
AuthResponse expectedResponse = mock(AuthResponse.class);
when(expectedResponse.getStatus()).thenReturn(AuthStatus.SUCCESS);
DefaultVerifyPassCodeFactorRequest request = mock(DefaultVerifyPassCodeFactorRequest.class);
doAnswer(invocation -> {
request.setPassCode(stateToken);
request.setStateToken(otpToken);
return request;
}).when(client).instantiate(DefaultVerifyPassCodeFactorRequest.class);
doAnswer(invocation -> {
MfaStateHandler stateHandler = (MfaStateHandler) invocation.getArguments()[2];
stateHandler.authenticationResponseFuture.cancel(true);
return null;
}).when(client).verifyFactor(any(), isA(DefaultVerifyPassCodeFactorRequest.class), any());
// do the call
AuthResponse actualResponse = this.oktaAuthConnector.mfaCheck(stateToken, deviceId, otpToken);
// verify results
assertEquals(expectedResponse, actualResponse);
}
Also used :
DefaultVerifyPassCodeFactorRequest(com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest)
MfaStateHandler(com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler)
AuthResponse(com.nike.cerberus.auth.connector.AuthResponse)
Test(org.junit.Test)
Example 3 with DefaultVerifyPassCodeFactorRequest
use of com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest in project cerberus by Nike-Inc.
the class OktaAuthConnectorTest method mfaCheckSuccess.
@Test
public void mfaCheckSuccess() throws Exception {
String stateToken = "state token";
String deviceId = "device id";
String otpToken = "otp token";
AuthResponse expectedResponse = mock(AuthResponse.class);
when(expectedResponse.getStatus()).thenReturn(AuthStatus.SUCCESS);
DefaultVerifyPassCodeFactorRequest request = mock(DefaultVerifyPassCodeFactorRequest.class);
doAnswer(invocation -> {
request.setPassCode(stateToken);
request.setStateToken(otpToken);
return request;
}).when(client).instantiate(DefaultVerifyPassCodeFactorRequest.class);
doAnswer(invocation -> {
MfaStateHandler stateHandler = (MfaStateHandler) invocation.getArguments()[2];
stateHandler.authenticationResponseFuture.complete(expectedResponse);
return null;
}).when(client).verifyFactor(anyString(), isA(DefaultVerifyPassCodeFactorRequest.class), any());
// do the call
AuthResponse actualResponse = this.oktaAuthConnector.mfaCheck(stateToken, deviceId, otpToken);
// verify results
assertEquals(expectedResponse, actualResponse);
}
Also used :
DefaultVerifyPassCodeFactorRequest(com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest)
MfaStateHandler(com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler)
AuthResponse(com.nike.cerberus.auth.connector.AuthResponse)
Test(org.junit.Test)
Aggregations
AuthResponse (com.nike.cerberus.auth.connector.AuthResponse)3
MfaStateHandler (com.nike.cerberus.auth.connector.okta.statehandlers.MfaStateHandler)3
DefaultVerifyPassCodeFactorRequest (com.okta.authn.sdk.impl.resource.DefaultVerifyPassCodeFactorRequest)3
Test (org.junit.Test)2
ApiException (com.nike.backstopper.exception.ApiException)1
FactorValidationException (com.okta.authn.sdk.FactorValidationException)1
CompletableFuture (java.util.concurrent.CompletableFuture)1
