Search in sources :

Example 1 with AuthenticationResponse

use of com.okta.idx.sdk.api.response.AuthenticationResponse in project okta-idx-java by okta.

the class LoginController method login.

/**
 * Handle login with the supplied username and password.
 *
 * @param username the username
 * @param password the password
 * @param session the session
 * @return the home page view (if login is successful), else the login page with errors.
 */
@PostMapping("/login")
public ModelAndView login(@RequestParam("username") final String username, @RequestParam("password") final String password, final HttpSession session) {
    // begin transaction
    AuthenticationResponse beginResponse = idxAuthenticationWrapper.begin();
    // get proceed context
    ProceedContext proceedContext = beginResponse.getProceedContext();
    // trigger authentication
    AuthenticationResponse authenticationResponse = idxAuthenticationWrapper.authenticate(new AuthenticationOptions(username, password.toCharArray()), proceedContext);
    if (responseHandler.needsToShowErrors(authenticationResponse)) {
        ModelAndView modelAndView = new ModelAndView("redirect:/login");
        modelAndView.addObject("errors", authenticationResponse.getErrors());
        return modelAndView;
    }
    if (authenticationResponse.getAuthenticatorEnrollments() != null) {
        authenticationResponse.getAuthenticatorEnrollments().stream().filter(x -> x.getDisplayName().equals("Okta Verify")).findFirst().flatMap(enroll -> Arrays.stream(enroll.getMethods()).filter(methodType -> methodType.getType().equals("totp")).findFirst()).ifPresent(methodType -> session.setAttribute("totp", "totp"));
    }
    return responseHandler.handleKnownTransitions(authenticationResponse, session);
}
Also used : RequestParam(org.springframework.web.bind.annotation.RequestParam) Arrays(java.util.Arrays) Qrcode(com.okta.idx.sdk.api.model.Qrcode) ContextualData(com.okta.idx.sdk.api.model.ContextualData) Util(com.okta.spring.example.helpers.Util) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) Controller(org.springframework.stereotype.Controller) Authenticator(com.okta.idx.sdk.api.client.Authenticator) UserProfile(com.okta.idx.sdk.api.model.UserProfile) ResponseHandler(com.okta.spring.example.helpers.ResponseHandler) RequestBody(org.springframework.web.bind.annotation.RequestBody) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) IDXAuthenticationWrapper(com.okta.idx.sdk.api.client.IDXAuthenticationWrapper) VerifyChannelDataOptions(com.okta.idx.sdk.api.model.VerifyChannelDataOptions) PollResults(com.okta.spring.example.helpers.PollResults) GetMapping(org.springframework.web.bind.annotation.GetMapping) VerifyAuthenticatorOptions(com.okta.idx.sdk.api.model.VerifyAuthenticatorOptions) HttpSession(javax.servlet.http.HttpSession) PostMapping(org.springframework.web.bind.annotation.PostMapping) Strings(com.okta.commons.lang.Strings) VerifyAuthenticatorAnswer(com.okta.idx.sdk.api.model.VerifyAuthenticatorAnswer) Assert(com.okta.commons.lang.Assert) Logger(org.slf4j.Logger) FormValue(com.okta.idx.sdk.api.model.FormValue) AuthenticationOptions(com.okta.idx.sdk.api.model.AuthenticationOptions) AuthenticationStatus(com.okta.idx.sdk.api.model.AuthenticationStatus) ResponseBody(org.springframework.web.bind.annotation.ResponseBody) Collectors(java.util.stream.Collectors) WebAuthnRequest(com.okta.idx.sdk.api.request.WebAuthnRequest) ModelAndView(org.springframework.web.servlet.ModelAndView) List(java.util.List) Optional(java.util.Optional) AuthenticationOptions(com.okta.idx.sdk.api.model.AuthenticationOptions) ModelAndView(org.springframework.web.servlet.ModelAndView) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 2 with AuthenticationResponse

use of com.okta.idx.sdk.api.response.AuthenticationResponse in project okta-idx-java by okta.

the class LoginController method pollResults.

/**
 * Handle poll functionality.
 *
 * @param session the session
 * @return the view associated with authentication response.
 */
@GetMapping("/poll")
@ResponseBody
public PollResults pollResults(final HttpSession session) {
    PollResults pollResults = new PollResults();
    ProceedContext proceedContext = Util.getProceedContextForPoll(session);
    if (proceedContext == null) {
        proceedContext = Util.getProceedContextFromSession(session);
    }
    AuthenticationResponse authenticationResponse = idxAuthenticationWrapper.poll(proceedContext);
    if (responseHandler.needsToShowErrors(authenticationResponse)) {
        pollResults.setErrors(authenticationResponse.getErrors());
    }
    pollResults.setStatus(authenticationResponse.getAuthenticationStatus());
    if (authenticationResponse.getAuthenticationStatus() == AuthenticationStatus.SUCCESS) {
        responseHandler.handleTerminalTransitions(authenticationResponse, session);
    }
    return pollResults;
}
Also used : PollResults(com.okta.spring.example.helpers.PollResults) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) GetMapping(org.springframework.web.bind.annotation.GetMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 3 with AuthenticationResponse

use of com.okta.idx.sdk.api.response.AuthenticationResponse in project okta-idx-java by okta.

the class LoginController method verify.

/**
 * Handle authenticator verification functionality.
 *
 * @param code                  the verification code
 * @param securityQuestionKey   the security question key
 * @param session               the session
 * @return the view associated with authentication response.
 */
@PostMapping("/verify")
public ModelAndView verify(@RequestParam("code") final String code, @RequestParam(value = "security_question_key", required = false) final String securityQuestionKey, final HttpSession session) {
    logger.info(":: Verify Code :: {}", code);
    ProceedContext proceedContext = Util.getProceedContextFromSession(session);
    AuthenticationResponse authenticationResponse;
    if (!Strings.isEmpty(securityQuestionKey)) {
        authenticationResponse = idxAuthenticationWrapper.verifyAuthenticator(proceedContext, new VerifyAuthenticatorAnswer(code, securityQuestionKey));
    } else if ("totp".equals(String.valueOf(session.getAttribute("totp")))) {
        authenticationResponse = idxAuthenticationWrapper.verifyAuthenticator(proceedContext, new VerifyChannelDataOptions("totp", code));
    } else {
        VerifyAuthenticatorOptions verifyAuthenticatorOptions = new VerifyAuthenticatorOptions(code);
        authenticationResponse = idxAuthenticationWrapper.verifyAuthenticator(proceedContext, verifyAuthenticatorOptions);
    }
    if (responseHandler.needsToShowErrors(authenticationResponse)) {
        ModelAndView modelAndView = new ModelAndView("verify");
        modelAndView.addObject("errors", authenticationResponse.getErrors());
        return modelAndView;
    }
    return responseHandler.handleKnownTransitions(authenticationResponse, session);
}
Also used : VerifyAuthenticatorAnswer(com.okta.idx.sdk.api.model.VerifyAuthenticatorAnswer) VerifyAuthenticatorOptions(com.okta.idx.sdk.api.model.VerifyAuthenticatorOptions) VerifyChannelDataOptions(com.okta.idx.sdk.api.model.VerifyChannelDataOptions) ModelAndView(org.springframework.web.servlet.ModelAndView) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 4 with AuthenticationResponse

use of com.okta.idx.sdk.api.response.AuthenticationResponse in project okta-idx-java by okta.

the class LoginController method verifyChannelData.

/**
 * Handle channel data verification functionality.
 *
 * @param channelName   the channel name
 * @param channelValue  the value for channel
 * @param session the session
 * @return the view associated with authentication response.
 */
@PostMapping("/verify-channel-data")
public ModelAndView verifyChannelData(@RequestParam("channelName") final String channelName, @RequestParam("channelValue") final String channelValue, final HttpSession session) {
    logger.info(":: Verify Channel Name, Value :: {}, {}", channelName, channelValue);
    ProceedContext proceedContext = Util.getProceedContextFromSession(session);
    VerifyChannelDataOptions verifyChannelDataOptions = new VerifyChannelDataOptions(channelName, channelValue);
    AuthenticationResponse authenticationResponse = idxAuthenticationWrapper.verifyAuthenticator(proceedContext, verifyChannelDataOptions);
    if (responseHandler.needsToShowErrors(authenticationResponse)) {
        ModelAndView modelAndView = new ModelAndView("verify");
        modelAndView.addObject("errors", authenticationResponse.getErrors());
        return modelAndView;
    }
    return responseHandler.handleKnownTransitions(authenticationResponse, session);
}
Also used : VerifyChannelDataOptions(com.okta.idx.sdk.api.model.VerifyChannelDataOptions) ModelAndView(org.springframework.web.servlet.ModelAndView) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 5 with AuthenticationResponse

use of com.okta.idx.sdk.api.response.AuthenticationResponse in project okta-idx-java by okta.

the class LoginController method registerPassword.

/**
 * Handle change password functionality.
 *
 * @param newPassword the new password
 * @param confirmNewPassword the confirmation of the new password
 * @param session the session
 * @return the view associated with authentication response.
 */
@PostMapping("/register-password")
public ModelAndView registerPassword(@RequestParam("new-password") final String newPassword, @RequestParam("confirm-new-password") final String confirmNewPassword, final HttpSession session) {
    logger.info(":: Change Password ::");
    if (!newPassword.equals(confirmNewPassword)) {
        ModelAndView mav = new ModelAndView("register-password");
        mav.addObject("errors", "Passwords do not match");
        return mav;
    }
    ProceedContext proceedContext = Util.getProceedContextFromSession(session);
    VerifyAuthenticatorOptions verifyAuthenticatorOptions = new VerifyAuthenticatorOptions(newPassword);
    AuthenticationResponse authenticationResponse = idxAuthenticationWrapper.verifyAuthenticator(proceedContext, verifyAuthenticatorOptions);
    if (responseHandler.needsToShowErrors(authenticationResponse)) {
        ModelAndView modelAndView = new ModelAndView("register-password");
        modelAndView.addObject("errors", authenticationResponse.getErrors());
        return modelAndView;
    }
    return responseHandler.handleKnownTransitions(authenticationResponse, session);
}
Also used : VerifyAuthenticatorOptions(com.okta.idx.sdk.api.model.VerifyAuthenticatorOptions) ModelAndView(org.springframework.web.servlet.ModelAndView) AuthenticationResponse(com.okta.idx.sdk.api.response.AuthenticationResponse) ProceedContext(com.okta.idx.sdk.api.client.ProceedContext) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Aggregations

AuthenticationResponse (com.okta.idx.sdk.api.response.AuthenticationResponse)28 ProceedContext (com.okta.idx.sdk.api.client.ProceedContext)16 ModelAndView (org.springframework.web.servlet.ModelAndView)14 PostMapping (org.springframework.web.bind.annotation.PostMapping)12 VerifyAuthenticatorOptions (com.okta.idx.sdk.api.model.VerifyAuthenticatorOptions)9 TokenResponse (com.okta.idx.sdk.api.response.TokenResponse)8 List (java.util.List)8 FormValue (com.okta.idx.sdk.api.model.FormValue)7 VerifyChannelDataOptions (com.okta.idx.sdk.api.model.VerifyChannelDataOptions)7 Arrays (java.util.Arrays)7 Optional (java.util.Optional)7 GetMapping (org.springframework.web.bind.annotation.GetMapping)7 Assert (com.okta.commons.lang.Assert)6 AuthenticationStatus (com.okta.idx.sdk.api.model.AuthenticationStatus)6 VerifyAuthenticatorAnswer (com.okta.idx.sdk.api.model.VerifyAuthenticatorAnswer)6 Authenticator (com.okta.idx.sdk.api.client.Authenticator)5 ProcessingException (com.okta.idx.sdk.api.exception.ProcessingException)5 AuthenticationOptions (com.okta.idx.sdk.api.model.AuthenticationOptions)5 UserProfile (com.okta.idx.sdk.api.model.UserProfile)5 WebAuthnRequest (com.okta.idx.sdk.api.request.WebAuthnRequest)5