Examples with Qrcode - com.okta.idx.sdk.api.model.Qrcode

Example 1 with Qrcode

use of com.okta.idx.sdk.api.model.Qrcode in project okta-idx-java by okta.

the class LoginController method selectAuthenticator.

/**
 * Handle authenticator selection during authentication.
 *
 * @param authenticatorType the authenticatorType
 * @param session the session
 * @param action the submit or cancel action from form post
 * @return select authenticator view or select factor view or error view
 */
@PostMapping(value = "/select-authenticator")
public ModelAndView selectAuthenticator(@RequestParam("authenticator-type") final String authenticatorType, @RequestParam(value = "action") final String action, final HttpSession session) {
    AuthenticationResponse authenticationResponse = null;
    Authenticator foundAuthenticator = null;
    ProceedContext proceedContext = Util.getProceedContextFromSession(session);
    if ("skip".equals(action)) {
        logger.info("Skipping {} authenticator", authenticatorType);
        authenticationResponse = idxAuthenticationWrapper.skipAuthenticatorEnrollment(proceedContext);
        return responseHandler.handleKnownTransitions(authenticationResponse, session);
    }
    List<Authenticator> authenticators = (List<Authenticator>) session.getAttribute("authenticators");
    if ("webauthn".equals(authenticatorType)) {
        ModelAndView modelAndView;
        Optional<Authenticator> authenticatorOptional = authenticators.stream().filter(auth -> auth.getType().equals(authenticatorType)).findFirst();
        String authId = authenticatorOptional.get().getId();
        AuthenticationResponse enrollResponse = idxAuthenticationWrapper.enrollAuthenticator(proceedContext, authId);
        Util.updateSession(session, enrollResponse.getProceedContext());
        String webauthnCredentialId = enrollResponse.getWebAuthnParams().getWebauthnCredentialId();
        if (webauthnCredentialId != null) {
            modelAndView = new ModelAndView("select-webauthn-authenticator");
            modelAndView.addObject("title", "Select Webauthn Authenticator");
            modelAndView.addObject("webauthnCredentialId", webauthnCredentialId);
            modelAndView.addObject("challengeData", enrollResponse.getWebAuthnParams().getCurrentAuthenticator().getValue().getContextualData().getChallengeData());
        } else {
            modelAndView = new ModelAndView("enroll-webauthn-authenticator");
            modelAndView.addObject("title", "Enroll Webauthn Authenticator");
            modelAndView.addObject("currentAuthenticator", enrollResponse.getWebAuthnParams().getCurrentAuthenticator());
        }
        return modelAndView;
    }
    if ("okta_verify".equals(authenticatorType)) {
        ModelAndView modelAndView;
        Optional<Authenticator> authenticatorOptional = authenticators.stream().filter(auth -> auth.getType().equals(authenticatorType)).findFirst();
        Assert.isTrue(authenticatorOptional.isPresent(), "Authenticator not found");
        // Looking for QRCODE factor
        Optional<Authenticator.Factor> factorOptional = authenticatorOptional.get().getFactors().stream().filter(x -> "QRCODE".equals(x.getLabel())).findFirst();
        Assert.isTrue(factorOptional.isPresent(), "Authenticator not found");
        authenticationResponse = idxAuthenticationWrapper.selectFactor(proceedContext, factorOptional.get());
        Util.setProceedContextForPoll(session, authenticationResponse.getProceedContext());
        List<Authenticator.Factor> factors = authenticatorOptional.get().getFactors().stream().filter(x -> !"QRCODE".equals(x.getLabel())).collect(Collectors.toList());
        modelAndView = new ModelAndView("setup-okta-verify");
        modelAndView.addObject("qrCode", authenticationResponse.getContextualData().getQrcode().getHref());
        modelAndView.addObject("channelName", "qrcode");
        modelAndView.addObject("factors", factors);
        modelAndView.addObject("authenticatorId", authenticatorOptional.get().getId());
        modelAndView.addObject("pollTimeout", authenticationResponse.getProceedContext().getRefresh());
        return modelAndView;
    }
    for (Authenticator authenticator : authenticators) {
        if (authenticatorType.equals(authenticator.getType())) {
            foundAuthenticator = authenticator;
            if (foundAuthenticator.getFactors().size() == 1) {
                authenticationResponse = idxAuthenticationWrapper.selectAuthenticator(proceedContext, authenticator);
                if (authenticationResponse.getContextualData() != null) {
                    session.setAttribute("totp", authenticationResponse.getContextualData());
                } else {
                    session.removeAttribute("totp");
                }
            } else {
                // user should select the factor in a separate view
                ModelAndView modelAndView = new ModelAndView("select-factor");
                modelAndView.addObject("title", "Select Factor");
                modelAndView.addObject("authenticatorId", foundAuthenticator.getId());
                modelAndView.addObject("factors", foundAuthenticator.getFactors());
                return modelAndView;
            }
        }
    }
    if (responseHandler.needsToShowErrors(authenticationResponse)) {
        ModelAndView modelAndView = new ModelAndView("select-authenticator");
        modelAndView.addObject("errors", authenticationResponse.getErrors());
        return modelAndView;
    }
    ModelAndView terminalTransition = responseHandler.handleTerminalTransitions(authenticationResponse, session);
    if (terminalTransition != null) {
        return terminalTransition;
    }
    switch(authenticationResponse.getAuthenticationStatus()) {
        case AWAITING_AUTHENTICATOR_VERIFICATION_DATA:
            return responseHandler.verifyForm();
        case AWAITING_AUTHENTICATOR_ENROLLMENT:
        case AWAITING_AUTHENTICATOR_ENROLLMENT_DATA:
            return responseHandler.registerVerifyForm(foundAuthenticator);
        case AWAITING_POLL_ENROLLMENT:
            return responseHandler.setupOktaVerifyForm(session);
        default:
            return responseHandler.handleKnownTransitions(authenticationResponse, session);
    }
}

Also used : RequestParam(org.springframework.web.bind.annotation.RequestParam) Arrays(java.util.Arrays) Qrcode(com.okta.idx.sdk.api.model.Qrcode) ContextualData(com.okta.idx.sdk.api.model.ContextualData) Util(com.okta.spring.example.helpers.Util) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) Controller(org.springframework.stereotype.Controller) Authenticator(com.okta.idx.sdk.api.client.Authenticator) UserProfile(com.okta.idx.sdk.api.model.UserProfile) ResponseHandler(com.okta.spring.example.helpers.ResponseHandler) RequestBody(org.springframework.web.bind.annotation.RequestBody) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) IDXAuthenticationWrapper(com.okta.idx.sdk.api.client.IDXAuthenticationWrapper) VerifyChannelDataOptions(com.okta.idx.sdk.api.model.VerifyChannelDataOptions) PollResults(com.okta.spring.example.helpers.PollResults) GetMapping(org.springframework.web.bind.annotation.GetMapping) VerifyAuthenticatorOptions(com.okta.idx.sdk.api.model.VerifyAuthenticatorOptions) HttpSession(javax.servlet.http.HttpSession) PostMapping(org.springframework.web.bind.annotation.PostMapping) Strings(com.okta.commons.lang.Strings) VerifyAuthenticatorAnswer(com.okta.idx.sdk.api.model.VerifyAuthenticatorAnswer) Assert(com.okta.commons.lang.Assert) Logger(org.slf4j.Logger) FormValue(com.okta.idx.sdk.api.model.FormValue) AuthenticationOptions(com.okta.idx.sdk.api.model.AuthenticationOptions) AuthenticationStatus(com.okta.idx.sdk.api.model.AuthenticationStatus) ResponseBody(org.springframework.web.bind.annotation.ResponseBody) Collectors(java.util.stream.Collectors) WebAuthnRequest(com.okta.idx.sdk.api.request.WebAuthnRequest) ModelAndView(org.springframework.web.servlet.ModelAndView) List(java.util.List) Optional(java.util.Optional) ModelAndView(org.springframework.web.servlet.ModelAndView) List(java.util.List) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) Authenticator(com.okta.idx.sdk.api.client.Authenticator) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Aggregations

Assert (com.okta.commons.lang.Assert)1 Strings (com.okta.commons.lang.Strings)1 Authenticator (com.okta.idx.sdk.api.client.Authenticator)1 IDXAuthenticationWrapper (com.okta.idx.sdk.api.client.IDXAuthenticationWrapper)1 ProceedContext (com.okta.idx.sdk.api.client.ProceedContext)1 AuthenticationOptions (com.okta.idx.sdk.api.model.AuthenticationOptions)1 AuthenticationStatus (com.okta.idx.sdk.api.model.AuthenticationStatus)1 ContextualData (com.okta.idx.sdk.api.model.ContextualData)1 FormValue (com.okta.idx.sdk.api.model.FormValue)1 Qrcode (com.okta.idx.sdk.api.model.Qrcode)1 UserProfile (com.okta.idx.sdk.api.model.UserProfile)1 VerifyAuthenticatorAnswer (com.okta.idx.sdk.api.model.VerifyAuthenticatorAnswer)1 VerifyAuthenticatorOptions (com.okta.idx.sdk.api.model.VerifyAuthenticatorOptions)1 VerifyChannelDataOptions (com.okta.idx.sdk.api.model.VerifyChannelDataOptions)1 WebAuthnRequest (com.okta.idx.sdk.api.request.WebAuthnRequest)1 AuthenticationResponse (com.okta.idx.sdk.api.response.AuthenticationResponse)1 PollResults (com.okta.spring.example.helpers.PollResults)1 ResponseHandler (com.okta.spring.example.helpers.ResponseHandler)1 Util (com.okta.spring.example.helpers.Util)1 Arrays (java.util.Arrays)1