Examples with TokenResponse com.okta.idx.sdk.api.response.TokenResponse used on opensource projects

Example 1 with TokenResponse

use of com.okta.idx.sdk.api.response.TokenResponse in project okta-idx-java by okta.

the class LogoutController method logout.

/**
 * Handle logout by revoking the access token and invalidating the session.
 *
 * @param session the session
 * @return the redirection to login view
 */
@GetMapping("/logout")
public String logout(final HttpSession session) {
    logger.info(":: Logout ::");
    // retrieve access token
    TokenResponse tokenResponse = (TokenResponse) session.getAttribute("tokenResponse");
    if (tokenResponse != null) {
        String accessToken = tokenResponse.getAccessToken();
        // revoke access token
        logger.info("Revoking access token");
        idxAuthenticationWrapper.revokeToken(TokenType.ACCESS_TOKEN, accessToken);
    }
    // invalidate session
    session.invalidate();
    return "redirect:/";
}

Example 2 with TokenResponse

use of com.okta.idx.sdk.api.response.TokenResponse in project okta-idx-java by okta.

the class HomeController method displayIndexOrHomePage.

/**
 * Display one of:
 * <p>
 * a) index page - if the user is not authenticated yet (does not have token response in session).
 * b) home page - if the user is authenticated (or) we have obtained a token for the user from the interaction code or otp in callback.
 * c) info page - if the user is unauthenticated yet and has received an otp in callback. the info page will ask the user to input
 *                otp in the original browser to continue with the flow.
 * d) error page - if the received state does not correlate with the state in client context or if the callback
 *                 contains error parameters.
 * <p>
 * where index page refers to the root view with table of contents,
 * and home page refers to the view that shows the user profile information along with token information.
 *
 * @param interactionCode the interaction code from callback (optional)
 * @param state the state value from callback (optional)
 * @param otp the one time password or verification code (optional)
 * @param error the error from callback when interaction_code could not be sent (optional)
 * @param errDesc the error_description from callback (optional)
 * @param session the http session
 * @return the index page view with table of contents or the home page view if we have a token or the info page.
 */
@RequestMapping(value = { "/", "**/callback" }, method = RequestMethod.GET)
public ModelAndView displayIndexOrHomePage(@RequestParam(name = "interaction_code", required = false) final String interactionCode, @RequestParam(name = "state", required = false) final String state, @RequestParam(name = "otp", required = false) final String otp, @RequestParam(name = "error", required = false) final String error, @RequestParam(name = "error_description", required = false) final String errDesc, final HttpSession session) {
    ProceedContext proceedContext = Util.getProceedContextFromSession(session);
    TokenResponse tokenResponse = (TokenResponse) session.getAttribute("tokenResponse");
    // render home page if token is already present in session
    if (tokenResponse != null) {
        return homeHelper.proceedToHome(tokenResponse, session);
    }
    // correlate received state with the client context
    if ((Strings.hasText(interactionCode) || Strings.hasText(otp)) && proceedContext != null && (Strings.isEmpty(state) || !state.equals(proceedContext.getClientContext().getState()))) {
        ModelAndView mav = new ModelAndView("error");
        mav.addObject("errors", "Could not correlate client context with the received state value " + state + " in callback");
        return mav;
    }
    AuthenticationResponse authenticationResponse;
    // if interaction code is present, exchange it for a token
    if (Strings.hasText(interactionCode)) {
        authenticationResponse = authenticationWrapper.fetchTokenWithInteractionCode(proceedContext, interactionCode);
        return responseHandler.handleKnownTransitions(authenticationResponse, session);
    }
    // if otp is present, proceed with introspect to finish the flow
    if (Strings.hasText(otp)) {
        if (proceedContext == null) {
            // different browser case
            ModelAndView mav = new ModelAndView("info");
            mav.addObject("message", "Please enter OTP " + otp + " in the original browser tab to finish the flow.");
            return mav;
        }
        VerifyAuthenticatorOptions verifyAuthenticatorOptions = new VerifyAuthenticatorOptions(otp);
        authenticationResponse = authenticationWrapper.verifyAuthenticator(proceedContext, verifyAuthenticatorOptions);
        return responseHandler.handleKnownTransitions(authenticationResponse, session);
    }
    // if error params are present, show error page
    if (Strings.hasText(error) || Strings.hasText(errDesc)) {
        ModelAndView mav = new ModelAndView("error");
        mav.addObject("errors", error + ":" + errDesc);
        return mav;
    }
    // return the root view
    return new ModelAndView("index");
}

Example 3 with TokenResponse

use of com.okta.idx.sdk.api.response.TokenResponse in project okta-idx-java by okta.

the class BaseIDXClient method token.

@Override
public TokenResponse token(String url, String grantType, String interactionCode, IDXClientContext idxClientContext) throws ProcessingException {
    TokenResponse tokenResponse;
    StringBuilder urlParameters = new StringBuilder();
    urlParameters.append("grant_type=").append(grantType);
    urlParameters.append("&client_id=").append(clientConfiguration.getClientId());
    if (Strings.hasText(clientConfiguration.getClientSecret())) {
        urlParameters.append("&client_secret=").append(clientConfiguration.getClientSecret());
    }
    urlParameters.append("&interaction_code=").append(interactionCode);
    urlParameters.append("&code_verifier=").append(idxClientContext.getCodeVerifier());
    try {
        Request request = new DefaultRequest(HttpMethod.POST, url, null, getHttpHeaders(true), new ByteArrayInputStream(urlParameters.toString().getBytes(StandardCharsets.UTF_8)), -1L);
        Response response = requestExecutor.executeRequest(request);
        if (response.getHttpStatus() != 200) {
            handleErrorResponse(request, response);
        }
        JsonNode responseJsonNode = objectMapper.readTree(response.getBody());
        tokenResponse = objectMapper.convertValue(responseJsonNode, TokenResponse.class);
    } catch (IOException | HttpException e) {
        throw new ProcessingException(e);
    }
    return tokenResponse;
}

Example 4 with TokenResponse

use of com.okta.idx.sdk.api.response.TokenResponse in project okta-idx-java by okta.

the class IDXAuthenticationWrapper method fetchTokenWithInteractionCode.

/**
 * Exchange interaction code for token.
 * @deprecated the {@code issuer} param is automatically resolved.
 */
@Deprecated
public AuthenticationResponse fetchTokenWithInteractionCode(String issuer, ProceedContext proceedContext, String interactionCode) {
    AuthenticationResponse authenticationResponse = new AuthenticationResponse();
    try {
        TokenResponse tokenResponse = client.token(ClientUtil.normalizedIssuerUri(issuer, "/v1/token"), "interaction_code", interactionCode, proceedContext.getClientContext());
        authenticationResponse.setTokenResponse(tokenResponse);
    } catch (ProcessingException e) {
        return handleProcessingException(e);
    }
    return authenticationResponse;
}

Example 5 with TokenResponse

use of com.okta.idx.sdk.api.response.TokenResponse in project okta-idx-java by okta.

the class HomeController method displaySelectAuthenticatorPage.

/**
 * Display the select authenticator page.
 *
 * @param session the http session
 * @param completedAuthenticatorType the last enrolled/verified authenticator type
 * @return the select authenticators view.
 */
@GetMapping("/select-authenticator")
public ModelAndView displaySelectAuthenticatorPage(final HttpSession session, @RequestParam(value = "completed", required = false) final String completedAuthenticatorType) {
    List<Authenticator> authenticators = (List<Authenticator>) session.getAttribute("authenticators");
    if (completedAuthenticatorType != null) {
        authenticators.removeIf(authenticator -> authenticator.getLabel().equals(completedAuthenticatorType));
    }
    TokenResponse tokenResponse = (TokenResponse) session.getAttribute("tokenResponse");
    if (tokenResponse != null) {
        return homeHelper.proceedToHome(tokenResponse, session);
    }
    ProceedContext proceedContext = Util.getProceedContextFromSession(session);
    boolean canSkip = authenticationWrapper.isSkipAuthenticatorPresent(proceedContext);
    ModelAndView modelAndView = new ModelAndView("select-authenticator");
    modelAndView.addObject("title", "Select Authenticator");
    modelAndView.addObject("canSkip", canSkip);
    modelAndView.addObject("authenticators", authenticators);
    return modelAndView;
}