Search in sources :

Example 1 with AnswerChallengeRequest

use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.

the class BaseIDXClient method answerChallenge.

@Override
public IDXResponse answerChallenge(AnswerChallengeRequest answerChallengeRequest, String href) throws ProcessingException {
    IDXResponse idxResponse;
    try {
        Request request = new DefaultRequest(HttpMethod.POST, href, null, getHttpHeaders(false), new ByteArrayInputStream(objectMapper.writeValueAsBytes(answerChallengeRequest)), -1L);
        Response response = requestExecutor.executeRequest(request);
        if (response.getHttpStatus() != 200) {
            handleErrorResponse(request, response);
        }
        JsonNode responseJsonNode = objectMapper.readTree(response.getBody());
        idxResponse = objectMapper.convertValue(responseJsonNode, IDXResponse.class);
    } catch (IOException | HttpException e) {
        throw new ProcessingException(e);
    }
    return idxResponse;
}
Also used : ErrorResponse(com.okta.idx.sdk.api.response.ErrorResponse) IDXResponse(com.okta.idx.sdk.api.response.IDXResponse) InteractResponse(com.okta.idx.sdk.api.response.InteractResponse) Response(com.okta.commons.http.Response) TokenResponse(com.okta.idx.sdk.api.response.TokenResponse) DefaultRequest(com.okta.commons.http.DefaultRequest) ByteArrayInputStream(java.io.ByteArrayInputStream) SkipAuthenticatorEnrollmentRequest(com.okta.idx.sdk.api.request.SkipAuthenticatorEnrollmentRequest) Request(com.okta.commons.http.Request) IdentifyRequest(com.okta.idx.sdk.api.request.IdentifyRequest) EnrollUserProfileUpdateRequest(com.okta.idx.sdk.api.request.EnrollUserProfileUpdateRequest) DefaultRequest(com.okta.commons.http.DefaultRequest) EnrollRequest(com.okta.idx.sdk.api.request.EnrollRequest) ChallengeRequest(com.okta.idx.sdk.api.request.ChallengeRequest) CancelRequest(com.okta.idx.sdk.api.request.CancelRequest) RecoverRequest(com.okta.idx.sdk.api.request.RecoverRequest) IntrospectRequest(com.okta.idx.sdk.api.request.IntrospectRequest) AnswerChallengeRequest(com.okta.idx.sdk.api.request.AnswerChallengeRequest) PollRequest(com.okta.idx.sdk.api.request.PollRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) HttpException(com.okta.commons.http.HttpException) IOException(java.io.IOException) IDXResponse(com.okta.idx.sdk.api.response.IDXResponse) ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException)

Example 2 with AnswerChallengeRequest

use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.

the class IDXAuthenticationWrapper method authenticate.

/**
 * Authenticate user with the supplied Authentication options (username and password) and
 * returns the Authentication response object that contains:
 * - IDX Client context
 * - Token (access_token/id_token/refresh_token) object
 * - Authentication status
 * <p>
 * Note: This requires 'Password' as the ONLY required factor in app Sign-on policy configuration.
 *
 * @param authenticationOptions the Authenticator options
 * @return the Authentication response
 */
public AuthenticationResponse authenticate(AuthenticationOptions authenticationOptions, ProceedContext proceedContext) {
    try {
        // Check if identify flow needs to include credentials
        boolean isIdentifyInOneStep = proceedContext.isIdentifyInOneStep();
        AuthenticationTransaction identifyTransaction = AuthenticationTransaction.proceed(client, proceedContext, () -> {
            IdentifyRequest identifyRequest;
            if (isIdentifyInOneStep) {
                Credentials credentials = new Credentials();
                credentials.setPasscode(authenticationOptions.getPassword());
                identifyRequest = IdentifyRequestBuilder.builder().withIdentifier(authenticationOptions.getUsername()).withCredentials(credentials).withStateHandle(proceedContext.getStateHandle()).build();
            } else {
                identifyRequest = IdentifyRequestBuilder.builder().withIdentifier(authenticationOptions.getUsername()).withStateHandle(proceedContext.getStateHandle()).build();
            }
            // identify user
            return client.identify(identifyRequest, proceedContext.getHref());
        });
        AuthenticationResponse identifyResponse = identifyTransaction.asAuthenticationResponse();
        if (isIdentifyInOneStep || identifyResponse.getErrors() != null && !identifyResponse.getErrors().isEmpty()) {
            return identifyResponse;
        }
        AuthenticationTransaction passwordTransaction = selectPasswordAuthenticatorIfNeeded(identifyTransaction);
        AuthenticationTransaction answerTransaction = passwordTransaction.proceed(() -> {
            // answer password authenticator challenge
            Credentials credentials = new Credentials();
            credentials.setPasscode(authenticationOptions.getPassword());
            // build answer password authenticator challenge request
            AnswerChallengeRequest passwordAuthenticatorAnswerChallengeRequest = AnswerChallengeRequestBuilder.builder().withStateHandle(passwordTransaction.getStateHandle()).withCredentials(credentials).build();
            return passwordTransaction.getRemediationOption(RemediationType.CHALLENGE_AUTHENTICATOR).proceed(client, passwordAuthenticatorAnswerChallengeRequest);
        });
        return answerTransaction.asAuthenticationResponse();
    } catch (ProcessingException e) {
        return handleProcessingException(e);
    } catch (IllegalArgumentException e) {
        return handleIllegalArgumentException(e);
    }
}
Also used : AnswerChallengeRequest(com.okta.idx.sdk.api.request.AnswerChallengeRequest) IdentifyRequest(com.okta.idx.sdk.api.request.IdentifyRequest) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) Credentials(com.okta.idx.sdk.api.model.Credentials) WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException) ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException) WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)

Example 3 with AnswerChallengeRequest

use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.

the class IDXAuthenticationWrapper method verifyWebAuthn.

/**
 * Verify Webauthn Authenticator.
 *
 * @param proceedContext the ProceedContext
 * @param webauthnRequest object
 * @return the Authentication response
 */
public AuthenticationResponse verifyWebAuthn(ProceedContext proceedContext, WebAuthnRequest webauthnRequest) {
    try {
        Credentials credentials = new Credentials();
        credentials.setClientData(webauthnRequest.getClientData());
        if (webauthnRequest.getAttestation() != null)
            credentials.setAttestation(webauthnRequest.getAttestation());
        if (webauthnRequest.getAuthenticatorData() != null)
            credentials.setAuthenticatorData(webauthnRequest.getAuthenticatorData());
        if (webauthnRequest.getSignatureData() != null)
            credentials.setSignatureData(webauthnRequest.getSignatureData());
        AnswerChallengeRequest challengeAuthenticatorRequest = AnswerChallengeRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle()).withCredentials(credentials).build();
        return AuthenticationTransaction.proceed(client, proceedContext, () -> client.answerChallenge(challengeAuthenticatorRequest, proceedContext.getHref())).asAuthenticationResponse();
    } catch (ProcessingException e) {
        return handleProcessingException(e);
    } catch (IllegalArgumentException e) {
        return handleIllegalArgumentException(e);
    }
}
Also used : AnswerChallengeRequest(com.okta.idx.sdk.api.request.AnswerChallengeRequest) Credentials(com.okta.idx.sdk.api.model.Credentials) WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException) ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException) WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)

Example 4 with AnswerChallengeRequest

use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.

the class IDXAuthenticationWrapper method verifyAuthenticator.

public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyChannelDataOptions verifyChannelDataOptions) {
    try {
        AnswerChallengeRequestBuilder builder = AnswerChallengeRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle());
        if ("phoneNumber".equals(verifyChannelDataOptions.getChannelName())) {
            builder.withPhoneNumber(verifyChannelDataOptions.getValue());
        }
        if ("email".equals(verifyChannelDataOptions.getChannelName())) {
            builder.withEmail(verifyChannelDataOptions.getValue());
        }
        if ("totp".equals(verifyChannelDataOptions.getChannelName())) {
            Credentials credentials = new Credentials();
            credentials.setTotp(verifyChannelDataOptions.getValue());
            builder.withCredentials(credentials);
        }
        AnswerChallengeRequest challengeAuthenticatorRequest = builder.build();
        return AuthenticationTransaction.proceed(client, proceedContext, () -> client.answerChallenge(challengeAuthenticatorRequest, proceedContext.getHref())).asAuthenticationResponse(AuthenticationStatus.AWAITING_POLL_ENROLLMENT);
    } catch (ProcessingException e) {
        return handleProcessingException(e);
    } catch (IllegalArgumentException e) {
        return handleIllegalArgumentException(e);
    }
}
Also used : AnswerChallengeRequest(com.okta.idx.sdk.api.request.AnswerChallengeRequest) AnswerChallengeRequestBuilder(com.okta.idx.sdk.api.request.AnswerChallengeRequestBuilder) Credentials(com.okta.idx.sdk.api.model.Credentials) WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException) ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException) WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)

Example 5 with AnswerChallengeRequest

use of com.okta.idx.sdk.api.request.AnswerChallengeRequest in project okta-idx-java by okta.

the class IDXAuthenticationWrapper method verifyAuthenticator.

/**
 * Verify Authenticator with the supplied authenticator options.
 *
 * @param proceedContext the ProceedContext
 * @param verifyAuthenticatorAnswer the verify Authenticator answer
 * @return the Authentication response
 */
public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyAuthenticatorAnswer verifyAuthenticatorAnswer) {
    try {
        Credentials credentials = new Credentials();
        credentials.setQuestionKey(verifyAuthenticatorAnswer.getQuestionKey());
        credentials.setAnswer(verifyAuthenticatorAnswer.getAnswer().toCharArray());
        // build answer password authenticator challenge request
        AnswerChallengeRequest challengeAuthenticatorRequest = AnswerChallengeRequestBuilder.builder().withStateHandle(proceedContext.getStateHandle()).withCredentials(credentials).build();
        return AuthenticationTransaction.proceed(client, proceedContext, () -> client.answerChallenge(challengeAuthenticatorRequest, proceedContext.getHref())).asAuthenticationResponse(AuthenticationStatus.AWAITING_PASSWORD_RESET);
    } catch (ProcessingException e) {
        return handleProcessingException(e);
    } catch (IllegalArgumentException e) {
        return handleIllegalArgumentException(e);
    }
}
Also used : AnswerChallengeRequest(com.okta.idx.sdk.api.request.AnswerChallengeRequest) Credentials(com.okta.idx.sdk.api.model.Credentials) WrapperUtil.handleIllegalArgumentException(com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException) ProcessingException(com.okta.idx.sdk.api.exception.ProcessingException) WrapperUtil.handleProcessingException(com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)

Aggregations

ProcessingException (com.okta.idx.sdk.api.exception.ProcessingException)6 AnswerChallengeRequest (com.okta.idx.sdk.api.request.AnswerChallengeRequest)6 WrapperUtil.handleIllegalArgumentException (com.okta.idx.sdk.api.client.WrapperUtil.handleIllegalArgumentException)5 WrapperUtil.handleProcessingException (com.okta.idx.sdk.api.client.WrapperUtil.handleProcessingException)5 Credentials (com.okta.idx.sdk.api.model.Credentials)5 IdentifyRequest (com.okta.idx.sdk.api.request.IdentifyRequest)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 DefaultRequest (com.okta.commons.http.DefaultRequest)1 HttpException (com.okta.commons.http.HttpException)1 Request (com.okta.commons.http.Request)1 Response (com.okta.commons.http.Response)1 AnswerChallengeRequestBuilder (com.okta.idx.sdk.api.request.AnswerChallengeRequestBuilder)1 CancelRequest (com.okta.idx.sdk.api.request.CancelRequest)1 ChallengeRequest (com.okta.idx.sdk.api.request.ChallengeRequest)1 EnrollRequest (com.okta.idx.sdk.api.request.EnrollRequest)1 EnrollUserProfileUpdateRequest (com.okta.idx.sdk.api.request.EnrollUserProfileUpdateRequest)1 IntrospectRequest (com.okta.idx.sdk.api.request.IntrospectRequest)1 PollRequest (com.okta.idx.sdk.api.request.PollRequest)1 RecoverRequest (com.okta.idx.sdk.api.request.RecoverRequest)1 SkipAuthenticatorEnrollmentRequest (com.okta.idx.sdk.api.request.SkipAuthenticatorEnrollmentRequest)1