Example 16 with ProcessingException
use of com.okta.idx.sdk.api.exception.ProcessingException in project okta-idx-java by okta.
the class LoginController method handleLogin.
@GetMapping(value = "/custom-login")
public ModelAndView handleLogin(HttpServletRequest request, @RequestParam(name = "state", required = false) String state, @RequestParam(name = "nonce") String nonce, HttpSession session) throws MalformedURLException {
logger.info("Handling login with state: {}, nonce {}", state, nonce);
if (session.getAttribute(IDX_CLIENT_CONTEXT) == null) {
try {
idxClientContext = idxAuthenticationWrapper.getClientContext();
} catch (ProcessingException e) {
ModelAndView modelAndView = new ModelAndView("error");
ErrorResponse errorResponse = e.getErrorResponse();
if (errorResponse != null) {
modelAndView.addObject("errorDetails", errorResponse.getError() + "," + errorResponse.getErrorDescription());
} else {
modelAndView.addObject("errorDetails", "Unknown error");
}
return modelAndView;
}
session.setAttribute(IDX_CLIENT_CONTEXT, idxClientContext);
}
if (idxClientContext == null) {
ModelAndView modelAndView = new ModelAndView("error");
modelAndView.addObject("error_details", "Unknown error");
return modelAndView;
}
// if we don't have the state parameter redirect
if (state == null) {
return new ModelAndView("redirect:" + oktaOAuth2Properties.getRedirectUri());
}
String issuer = oktaOAuth2Properties.getIssuer();
// the widget needs the base url, just grab the root of the issuer
String orgUrl = new URL(new URL(issuer), "/").toString();
ModelAndView mav = new ModelAndView("login");
mav.addObject(STATE, state);
mav.addObject(NONCE, nonce);
mav.addObject(SCOPES, oktaOAuth2Properties.getScopes());
mav.addObject(OKTA_BASE_URL, orgUrl);
mav.addObject(OKTA_CLIENT_ID, oktaOAuth2Properties.getClientId());
mav.addObject(INTERACTION_HANDLE, idxClientContext.getInteractionHandle());
mav.addObject(CODE_VERIFIER, idxClientContext.getCodeVerifier());
mav.addObject(CODE_CHALLENGE, idxClientContext.getCodeChallenge());
mav.addObject(CODE_CHALLENGE_METHOD, CODE_CHALLENGE_METHOD_VALUE);
// from ClientRegistration.redirectUriTemplate, if the template is change you must update this
mav.addObject(REDIRECT_URI, request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath() + "/authorization-code/callback");
mav.addObject(ISSUER_URI, issuer);
session.setAttribute(CODE_VERIFIER, idxClientContext.getCodeVerifier());
return mav;
}
Also used :
ModelAndView(org.springframework.web.servlet.ModelAndView)
URL(java.net.URL)
ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException)
ErrorResponse(com.okta.idx.sdk.api.response.ErrorResponse)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Example 17 with ProcessingException
use of com.okta.idx.sdk.api.exception.ProcessingException in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method verifyAuthenticator.
/**
* Verify Authenticator with the supplied authenticator options.
*
* @param proceedContext the ProceedContext
* @param verifyAuthenticatorOptions the verify Authenticator options
* @return the Authentication response
*/
public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyAuthenticatorOptions verifyAuthenticatorOptions) {
try {
Credentials credentials = new Credentials();
credentials.setPasscode(verifyAuthenticatorOptions.getCode().toCharArray());
// build answer password authenticator challenge request
AnswerChallengeRequest challengeAuthenticatorRequest = AnswerChallengeRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle()).withCredentials(credentials).build();
return AuthenticationTransaction.proceed(client, proceedContext, () -> client.answerChallenge(challengeAuthenticatorRequest, proceedContext.getHref())).asAuthenticationResponse(AuthenticationStatus.AWAITING_PASSWORD_RESET);
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
Also used :
AnswerChallengeRequest(com.okta.idx.sdk.api.request.AnswerChallengeRequest)
Credentials(com.okta.idx.sdk.api.model.Credentials)
WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException)
ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException)
WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)
Example 18 with ProcessingException
use of com.okta.idx.sdk.api.exception.ProcessingException in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method submitPhoneAuthenticator.
/**
* Submit phone authenticator enrollment with the provided phone number.
*
* @param proceedContext the ProceedContext
* @param phone the phone number
* @param factor factor
* @return the Authentication response
*/
public AuthenticationResponse submitPhoneAuthenticator(ProceedContext proceedContext, String phone, com.okta.idx.sdk.api.client.Authenticator.Factor factor) {
try {
Assert.notNull(proceedContext, "proceed context cannot be null");
Authenticator phoneAuthenticator = new Authenticator();
phoneAuthenticator.setId(factor.getId());
phoneAuthenticator.setMethodType(factor.getMethod());
phoneAuthenticator.setPhoneNumber(phone);
EnrollRequest enrollRequest = EnrollRequestBuilder.builder().withAuthenticator(phoneAuthenticator).withStateHandle(proceedContext.getStateHandle()).build();
return AuthenticationTransaction.proceed(client, proceedContext, () -> client.enroll(enrollRequest, proceedContext.getHref())).asAuthenticationResponse();
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
Also used :
EnrollRequest(com.okta.idx.sdk.api.request.EnrollRequest)
Authenticator(com.okta.idx.sdk.api.model.Authenticator)
WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException)
ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException)
WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)
Example 19 with ProcessingException
use of com.okta.idx.sdk.api.exception.ProcessingException in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method enrollAuthenticator.
public AuthenticationResponse enrollAuthenticator(ProceedContext proceedContext, String authenticatorId) {
try {
AuthenticationResponse authenticationResponse = AuthenticationTransaction.proceed(client, proceedContext, () -> {
Authenticator authenticator = new Authenticator();
authenticator.setId(authenticatorId);
EnrollRequest enrollRequest = EnrollRequestBuilder.builder().withAuthenticator(authenticator).withStateHandle(proceedContext.getStateHandle()).build();
return client.enroll(enrollRequest, proceedContext.getHref());
}).asAuthenticationResponse();
if (authenticationResponse.getWebAuthnParams() != null) {
AuthenticatorEnrollments authenticatorEnrollments = authenticationResponse.getAuthenticatorEnrollments();
Optional<AuthenticatorEnrollment> authenticatorEnrollmentOptional = authenticatorEnrollments.stream().filter(x -> "security_key".equals(x.getType())).findAny();
authenticatorEnrollmentOptional.ifPresent(authenticatorEnrollment -> authenticationResponse.getWebAuthnParams().setWebauthnCredentialId(authenticatorEnrollment.getCredentialId()));
}
return authenticationResponse;
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
Also used :
DeviceContext(com.okta.idx.sdk.api.model.DeviceContext)
Arrays(java.util.Arrays)
ChallengeRequestBuilder(com.okta.idx.sdk.api.request.ChallengeRequestBuilder)
SkipAuthenticatorEnrollmentRequest(com.okta.idx.sdk.api.request.SkipAuthenticatorEnrollmentRequest)
AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse)
LoggerFactory(org.slf4j.LoggerFactory)
IdentifyRequest(com.okta.idx.sdk.api.request.IdentifyRequest)
ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException)
SkipAuthenticatorEnrollmentRequestBuilder(com.okta.idx.sdk.api.request.SkipAuthenticatorEnrollmentRequestBuilder)
ErrorResponse(com.okta.idx.sdk.api.response.ErrorResponse)
Recover(com.okta.idx.sdk.api.model.Recover)
IDXResponse(com.okta.idx.sdk.api.response.IDXResponse)
Map(java.util.Map)
ClientUtil(com.okta.idx.sdk.api.util.ClientUtil)
EnrollUserProfileUpdateRequestBuilder(com.okta.idx.sdk.api.request.EnrollUserProfileUpdateRequestBuilder)
Assert(com.okta.commons.lang.Assert)
RemediationOption(com.okta.idx.sdk.api.model.RemediationOption)
Set(java.util.Set)
AuthenticationStatus(com.okta.idx.sdk.api.model.AuthenticationStatus)
Response(com.okta.commons.http.Response)
WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)
EnrollRequestBuilder(com.okta.idx.sdk.api.request.EnrollRequestBuilder)
Collectors(java.util.stream.Collectors)
WebAuthnRequest(com.okta.idx.sdk.api.request.WebAuthnRequest)
List(java.util.List)
Optional(java.util.Optional)
AuthenticatorEnrollment(com.okta.idx.sdk.api.model.AuthenticatorEnrollment)
AnswerChallengeRequest(com.okta.idx.sdk.api.request.AnswerChallengeRequest)
EnrollUserProfileUpdateRequest(com.okta.idx.sdk.api.request.EnrollUserProfileUpdateRequest)
UserProfile(com.okta.idx.sdk.api.model.UserProfile)
EnrollRequest(com.okta.idx.sdk.api.request.EnrollRequest)
TokenType(com.okta.idx.sdk.api.model.TokenType)
VerifyChannelDataOptions(com.okta.idx.sdk.api.model.VerifyChannelDataOptions)
ChallengeRequest(com.okta.idx.sdk.api.request.ChallengeRequest)
Authenticator(com.okta.idx.sdk.api.model.Authenticator)
IdentifyRequestBuilder(com.okta.idx.sdk.api.request.IdentifyRequestBuilder)
VerifyAuthenticatorOptions(com.okta.idx.sdk.api.model.VerifyAuthenticatorOptions)
AnswerChallengeRequestBuilder(com.okta.idx.sdk.api.request.AnswerChallengeRequestBuilder)
RecoverRequest(com.okta.idx.sdk.api.request.RecoverRequest)
VerifyAuthenticatorAnswer(com.okta.idx.sdk.api.model.VerifyAuthenticatorAnswer)
Logger(org.slf4j.Logger)
PollRequestBuilder(com.okta.idx.sdk.api.request.PollRequestBuilder)
Credentials(com.okta.idx.sdk.api.model.Credentials)
FormValue(com.okta.idx.sdk.api.model.FormValue)
RemediationType(com.okta.idx.sdk.api.model.RemediationType)
WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException)
AuthenticationOptions(com.okta.idx.sdk.api.model.AuthenticationOptions)
EmailTokenType(com.okta.idx.sdk.api.model.EmailTokenType)
RecoverRequestBuilder(com.okta.idx.sdk.api.request.RecoverRequestBuilder)
AuthenticatorEnrollments(com.okta.idx.sdk.api.model.AuthenticatorEnrollments)
IDXClientContext(com.okta.idx.sdk.api.model.IDXClientContext)
TokenResponse(com.okta.idx.sdk.api.response.TokenResponse)
PollRequest(com.okta.idx.sdk.api.request.PollRequest)
PollInfo(com.okta.idx.sdk.api.model.PollInfo)
AuthenticatorEnrollment(com.okta.idx.sdk.api.model.AuthenticatorEnrollment)
EnrollRequest(com.okta.idx.sdk.api.request.EnrollRequest)
AuthenticatorEnrollments(com.okta.idx.sdk.api.model.AuthenticatorEnrollments)
AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse)
Authenticator(com.okta.idx.sdk.api.model.Authenticator)
WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException)
ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException)
WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)
Example 20 with ProcessingException
use of com.okta.idx.sdk.api.exception.ProcessingException in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method recoverPassword.
/**
* Recover Password with the supplied username.
*
* @param username the username
* @return the Authentication response
*/
public AuthenticationResponse recoverPassword(String username, ProceedContext proceedContext) {
try {
boolean isIdentifyInOneStep = proceedContext.isIdentifyInOneStep();
if (isIdentifyInOneStep) {
// recover
AuthenticationTransaction recoverTransaction = AuthenticationTransaction.proceed(client, proceedContext, () -> {
RecoverRequest recoverRequest = RecoverRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle()).build();
return client.recover(recoverRequest, null);
});
RemediationOption remediationOption = recoverTransaction.getRemediationOption(RemediationType.IDENTIFY_RECOVERY);
IdentifyRequest identifyRequest = IdentifyRequestBuilder.builder().withIdentifier(username).withStateHandle(proceedContext.getStateHandle()).build();
// identify user
return recoverTransaction.proceed(() -> remediationOption.proceed(client, identifyRequest)).asAuthenticationResponse(AuthenticationStatus.AWAITING_AUTHENTICATOR_SELECTION);
} else {
// identify user
AuthenticationTransaction identifyTransaction = AuthenticationTransaction.proceed(client, proceedContext, () -> {
IdentifyRequest identifyRequest = IdentifyRequestBuilder.builder().withIdentifier(username).withStateHandle(proceedContext.getStateHandle()).build();
return client.identify(identifyRequest, proceedContext.getHref());
});
IDXResponse identifyResponse = identifyTransaction.getResponse();
if (identifyResponse.getMessages() != null) {
return identifyTransaction.asAuthenticationResponse(AuthenticationStatus.AWAITING_USER_EMAIL_ACTIVATION);
}
// Check if instead of password, user is being prompted for list of authenticators to select
if (identifyResponse.getCurrentAuthenticatorEnrollment() == null) {
identifyTransaction = selectPasswordAuthenticatorIfNeeded(identifyTransaction);
}
Recover recover = identifyTransaction.getResponse().getCurrentAuthenticatorEnrollment().getValue().getRecover();
AuthenticationTransaction recoverTransaction = identifyTransaction.proceed(() -> {
// recover password
RecoverRequest recoverRequest = RecoverRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle()).build();
return recover.proceed(client, recoverRequest);
});
return recoverTransaction.asAuthenticationResponse(AuthenticationStatus.AWAITING_AUTHENTICATOR_SELECTION);
}
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
Also used :
IdentifyRequest(com.okta.idx.sdk.api.request.IdentifyRequest)
RemediationOption(com.okta.idx.sdk.api.model.RemediationOption)
RecoverRequest(com.okta.idx.sdk.api.request.RecoverRequest)
Recover(com.okta.idx.sdk.api.model.Recover)
IDXResponse(com.okta.idx.sdk.api.response.IDXResponse)
WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException)
ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException)
WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)
Aggregations
ProcessingException (com.okta.idx.sdk.api.exception.ProcessingException)28
AnswerChallengeRequest (com.okta.idx.sdk.api.request.AnswerChallengeRequest)21
IdentifyRequest (com.okta.idx.sdk.api.request.IdentifyRequest)18
EnrollRequest (com.okta.idx.sdk.api.request.EnrollRequest)17
EnrollUserProfileUpdateRequest (com.okta.idx.sdk.api.request.EnrollUserProfileUpdateRequest)17
RecoverRequest (com.okta.idx.sdk.api.request.RecoverRequest)17
ErrorResponse (com.okta.idx.sdk.api.response.ErrorResponse)17
ChallengeRequest (com.okta.idx.sdk.api.request.ChallengeRequest)16
PollRequest (com.okta.idx.sdk.api.request.PollRequest)16
SkipAuthenticatorEnrollmentRequest (com.okta.idx.sdk.api.request.SkipAuthenticatorEnrollmentRequest)16
IDXResponse (com.okta.idx.sdk.api.response.IDXResponse)15
TokenResponse (com.okta.idx.sdk.api.response.TokenResponse)15
DefaultRequest (com.okta.commons.http.DefaultRequest)14
HttpException (com.okta.commons.http.HttpException)14
Request (com.okta.commons.http.Request)14
Response (com.okta.commons.http.Response)14
CancelRequest (com.okta.idx.sdk.api.request.CancelRequest)14
IntrospectRequest (com.okta.idx.sdk.api.request.IntrospectRequest)14
ByteArrayInputStream (java.io.ByteArrayInputStream)14
JsonNode (com.fasterxml.jackson.databind.JsonNode)13
