Example 1 with PowerAuthActivation
use of io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation in project powerauth-restful-integration by lime-company.
the class PowerAuthAuthenticationProvider method validateSignatureAuthentication.
/**
* Validate signature based authentication.
*
* @param authentication Signature based authentication object.
* @return API authentication object in case of successful authentication, null otherwise.
*/
private PowerAuthApiAuthenticationImpl validateSignatureAuthentication(PowerAuthSignatureAuthenticationImpl authentication) {
if (authentication.getSignatureType() != null) {
final SignatureTypeConverter converter = new SignatureTypeConverter();
final SignatureType signatureType = converter.convertFrom(authentication.getSignatureType());
if (signatureType == null) {
return null;
}
final VerifySignatureRequest request = new VerifySignatureRequest();
request.setActivationId(authentication.getActivationId());
request.setApplicationKey(authentication.getApplicationKey());
request.setSignature(authentication.getSignature());
request.setSignatureType(signatureType);
request.setSignatureVersion(authentication.getVersion());
request.setData(PowerAuthHttpBody.getSignatureBaseString(authentication.getHttpMethod(), authentication.getRequestUri(), authentication.getNonce(), authentication.getData()));
// This occurs when verifying signature during upgrade before upgrade is committed.
if (authentication.getForcedSignatureVersion() != null) {
request.setForcedSignatureVersion(authentication.getForcedSignatureVersion().longValue());
}
final VerifySignatureResponse response;
try {
response = powerAuthClient.verifySignature(request);
} catch (PowerAuthClientException ex) {
logger.warn("Signature validation failed, error: {}", ex.getMessage());
logger.debug("Error details", ex);
return null;
}
final AuthenticationContext authenticationContext = new AuthenticationContext();
authenticationContext.setValid(response.isSignatureValid());
authenticationContext.setRemainingAttempts(response.getRemainingAttempts() != null ? response.getRemainingAttempts().intValue() : null);
authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
final PowerAuthActivation activationContext = copyActivationAttributes(response.getActivationId(), response.getUserId(), activationStatusConverter.convertFrom(response.getActivationStatus()), response.getBlockedReason(), response.getActivationFlags(), authenticationContext, authentication.getVersion());
return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(), response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(), authenticationContext, authentication.getVersion(), authentication.getHttpHeader(), activationContext);
} else {
return null;
}
}
Also used :
AuthenticationContext(io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext)
PowerAuthClientException(com.wultra.security.powerauth.client.model.error.PowerAuthClientException)
PowerAuthActivation(io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation)
SignatureTypeConverter(io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)
Example 2 with PowerAuthActivation
use of io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation in project powerauth-restful-integration by lime-company.
the class PowerAuthAuthenticationProvider method validateTokenAuthentication.
/**
* Validate basic token-based authentication.
*
* @param authentication Token based authentication object.
* @return API authentication object in case of successful authentication, null otherwise.
*/
private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthTokenAuthenticationImpl authentication) {
try {
final ValidateTokenRequest request = new ValidateTokenRequest();
request.setTokenId(authentication.getTokenId());
request.setTokenDigest(authentication.getTokenDigest());
request.setNonce(authentication.getNonce());
request.setTimestamp(Long.parseLong(authentication.getTimestamp()));
final ValidateTokenResponse response = powerAuthClient.validateToken(request);
final ActivationStatus activationStatus;
if (response.isTokenValid()) {
activationStatus = ActivationStatus.ACTIVE;
} else {
// Detailed activation status in case of token authentication failure needs to be obtained from PA server
activationStatus = null;
}
final AuthenticationContext authenticationContext = new AuthenticationContext();
authenticationContext.setValid(response.isTokenValid());
authenticationContext.setRemainingAttempts(null);
authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
final PowerAuthActivation activationContext = copyActivationAttributes(response.getActivationId(), response.getUserId(), activationStatus, null, response.getActivationFlags(), authenticationContext, authentication.getVersion());
return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(), response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(), authenticationContext, authentication.getVersion(), authentication.getHttpHeader(), activationContext);
} catch (NumberFormatException ex) {
logger.warn("Invalid timestamp format, error: {}", ex.getMessage());
logger.debug("Error details", ex);
return null;
} catch (Exception ex) {
logger.warn("Token validation failed, error: {}", ex.getMessage());
logger.debug("Error details", ex);
return null;
}
}
Also used :
AuthenticationContext(io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext)
ActivationStatus(io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus)
PowerAuthActivation(io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation)
PowerAuthTokenInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException)
InvalidPowerAuthHttpHeaderException(io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException)
PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)
PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException)
PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
PowerAuthHeaderMissingException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException)
PowerAuthClientException(com.wultra.security.powerauth.client.model.error.PowerAuthClientException)
Aggregations
PowerAuthClientException (com.wultra.security.powerauth.client.model.error.PowerAuthClientException)2
PowerAuthActivation (io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation)2
AuthenticationContext (io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext)2
InvalidPowerAuthHttpHeaderException (io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException)1
SignatureTypeConverter (io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)1
PowerAuthAuthenticationException (io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)1
PowerAuthHeaderMissingException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException)1
PowerAuthSignatureInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)1
PowerAuthSignatureTypeInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException)1
PowerAuthTokenInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException)1
ActivationStatus (io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus)1
AuthenticationException (org.springframework.security.core.AuthenticationException)1
