use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.
the class BaseIDXClient method answerChallenge.
@Override
public IDXResponse answerChallenge(AnswerChallengeRequest answerChallengeRequest, String href) throws ProcessingException {
IDXResponse idxResponse;
try {
Request request = new DefaultRequest(HttpMethod.POST, href, null, getHttpHeaders(false), new ByteArrayInputStream(objectMapper.writeValueAsBytes(answerChallengeRequest)), -1L);
Response response = requestExecutor.executeRequest(request);
if (response.getHttpStatus() != 200) {
handleErrorResponse(request, response);
}
JsonNode responseJsonNode = objectMapper.readTree(response.getBody());
idxResponse = objectMapper.convertValue(responseJsonNode, IDXResponse.class);
} catch (IOException | HttpException e) {
throw new ProcessingException(e);
}
return idxResponse;
}
use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method authenticate.
/**
* Authenticate user with the supplied Authentication options (username and password) and
* returns the Authentication response object that contains:
* - IDX Client context
* - Token (access_token/id_token/refresh_token) object
* - Authentication status
* <p>
* Note: This requires 'Password' as the ONLY required factor in app Sign-on policy configuration.
*
* @param authenticationOptions the Authenticator options
* @return the Authentication response
*/
public AuthenticationResponse authenticate(AuthenticationOptions authenticationOptions, ProceedContext proceedContext) {
try {
// Check if identify flow needs to include credentials
boolean isIdentifyInOneStep = proceedContext.isIdentifyInOneStep();
AuthenticationTransaction identifyTransaction = AuthenticationTransaction.proceed(client, proceedContext, () -> {
IdentifyRequest identifyRequest;
if (isIdentifyInOneStep) {
Credentials credentials = new Credentials();
credentials.setPasscode(authenticationOptions.getPassword());
identifyRequest = IdentifyRequestBuilder.builder().withIdentifier(authenticationOptions.getUsername()).withCredentials(credentials).withStateHandle(proceedContext.getStateHandle()).build();
} else {
identifyRequest = IdentifyRequestBuilder.builder().withIdentifier(authenticationOptions.getUsername()).withStateHandle(proceedContext.getStateHandle()).build();
}
// identify user
return client.identify(identifyRequest, proceedContext.getHref());
});
AuthenticationResponse identifyResponse = identifyTransaction.asAuthenticationResponse();
if (isIdentifyInOneStep || identifyResponse.getErrors() != null && !identifyResponse.getErrors().isEmpty()) {
return identifyResponse;
}
AuthenticationTransaction passwordTransaction = selectPasswordAuthenticatorIfNeeded(identifyTransaction);
AuthenticationTransaction answerTransaction = passwordTransaction.proceed(() -> {
// answer password authenticator challenge
Credentials credentials = new Credentials();
credentials.setPasscode(authenticationOptions.getPassword());
// build answer password authenticator challenge request
AnswerChallengeRequest passwordAuthenticatorAnswerChallengeRequest = AnswerChallengeRequestBuilder.builder().withStateHandle(passwordTransaction.getStateHandle()).withCredentials(credentials).build();
return passwordTransaction.getRemediationOption(RemediationType.CHALLENGE_AUTHENTICATOR).proceed(client, passwordAuthenticatorAnswerChallengeRequest);
});
return answerTransaction.asAuthenticationResponse();
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method verifyWebAuthn.
/**
* Verify Webauthn Authenticator.
*
* @param proceedContext the ProceedContext
* @param webauthnRequest object
* @return the Authentication response
*/
public AuthenticationResponse verifyWebAuthn(ProceedContext proceedContext, WebAuthnRequest webauthnRequest) {
try {
Credentials credentials = new Credentials();
credentials.setClientData(webauthnRequest.getClientData());
if (webauthnRequest.getAttestation() != null)
credentials.setAttestation(webauthnRequest.getAttestation());
if (webauthnRequest.getAuthenticatorData() != null)
credentials.setAuthenticatorData(webauthnRequest.getAuthenticatorData());
if (webauthnRequest.getSignatureData() != null)
credentials.setSignatureData(webauthnRequest.getSignatureData());
AnswerChallengeRequest challengeAuthenticatorRequest = AnswerChallengeRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle()).withCredentials(credentials).build();
return AuthenticationTransaction.proceed(client, proceedContext, () -> client.answerChallenge(challengeAuthenticatorRequest, proceedContext.getHref())).asAuthenticationResponse();
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method verifyAuthenticator.
public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyChannelDataOptions verifyChannelDataOptions) {
try {
AnswerChallengeRequestBuilder builder = AnswerChallengeRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle());
if ("phoneNumber".equals(verifyChannelDataOptions.getChannelName())) {
builder.withPhoneNumber(verifyChannelDataOptions.getValue());
}
if ("email".equals(verifyChannelDataOptions.getChannelName())) {
builder.withEmail(verifyChannelDataOptions.getValue());
}
if ("totp".equals(verifyChannelDataOptions.getChannelName())) {
Credentials credentials = new Credentials();
credentials.setTotp(verifyChannelDataOptions.getValue());
builder.withCredentials(credentials);
}
AnswerChallengeRequest challengeAuthenticatorRequest = builder.build();
return AuthenticationTransaction.proceed(client, proceedContext, () -> client.answerChallenge(challengeAuthenticatorRequest, proceedContext.getHref())).asAuthenticationResponse(AuthenticationStatus.AWAITING_POLL_ENROLLMENT);
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.
the class IDXAuthenticationWrapper method verifyAuthenticator.
/**
* Verify Authenticator with the supplied authenticator options.
*
* @param proceedContext the ProceedContext
* @param verifyAuthenticatorAnswer the verify Authenticator answer
* @return the Authentication response
*/
public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyAuthenticatorAnswer verifyAuthenticatorAnswer) {
try {
Credentials credentials = new Credentials();
credentials.setQuestionKey(verifyAuthenticatorAnswer.getQuestionKey());
credentials.setAnswer(verifyAuthenticatorAnswer.getAnswer().toCharArray());
// build answer password authenticator challenge request
AnswerChallengeRequest challengeAuthenticatorRequest = AnswerChallengeRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle()).withCredentials(credentials).build();
return AuthenticationTransaction.proceed(client, proceedContext, () -> client.answerChallenge(challengeAuthenticatorRequest, proceedContext.getHref())).asAuthenticationResponse(AuthenticationStatus.AWAITING_PASSWORD_RESET);
} catch (ProcessingException e) {
return handleProcessingException(e);
} catch (IllegalArgumentException e) {
return handleIllegalArgumentException(e);
}
}
Aggregations