Search in sources :

Example 1 with AuthenticationContext

use of io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext in project powerauth-restful-integration by lime-company.

the class PowerAuthAuthenticationProvider method validateSignatureAuthentication.

/**
 * Validate signature based authentication.
 *
 * @param authentication Signature based authentication object.
 * @return API authentication object in case of successful authentication, null otherwise.
 */
private PowerAuthApiAuthenticationImpl validateSignatureAuthentication(PowerAuthSignatureAuthenticationImpl authentication) {
    if (authentication.getSignatureType() != null) {
        final SignatureTypeConverter converter = new SignatureTypeConverter();
        final SignatureType signatureType = converter.convertFrom(authentication.getSignatureType());
        if (signatureType == null) {
            return null;
        }
        final VerifySignatureRequest request = new VerifySignatureRequest();
        request.setActivationId(authentication.getActivationId());
        request.setApplicationKey(authentication.getApplicationKey());
        request.setSignature(authentication.getSignature());
        request.setSignatureType(signatureType);
        request.setSignatureVersion(authentication.getVersion());
        request.setData(PowerAuthHttpBody.getSignatureBaseString(authentication.getHttpMethod(), authentication.getRequestUri(), authentication.getNonce(), authentication.getData()));
        // This occurs when verifying signature during upgrade before upgrade is committed.
        if (authentication.getForcedSignatureVersion() != null) {
            request.setForcedSignatureVersion(authentication.getForcedSignatureVersion().longValue());
        }
        final VerifySignatureResponse response;
        try {
            response = powerAuthClient.verifySignature(request);
        } catch (PowerAuthClientException ex) {
            logger.warn("Signature validation failed, error: {}", ex.getMessage());
            logger.debug("Error details", ex);
            return null;
        }
        final AuthenticationContext authenticationContext = new AuthenticationContext();
        authenticationContext.setValid(response.isSignatureValid());
        authenticationContext.setRemainingAttempts(response.getRemainingAttempts() != null ? response.getRemainingAttempts().intValue() : null);
        authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
        final PowerAuthActivation activationContext = copyActivationAttributes(response.getActivationId(), response.getUserId(), activationStatusConverter.convertFrom(response.getActivationStatus()), response.getBlockedReason(), response.getActivationFlags(), authenticationContext, authentication.getVersion());
        return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(), response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(), authenticationContext, authentication.getVersion(), authentication.getHttpHeader(), activationContext);
    } else {
        return null;
    }
}
Also used : AuthenticationContext(io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext) PowerAuthClientException(com.wultra.security.powerauth.client.model.error.PowerAuthClientException) PowerAuthActivation(io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation) SignatureTypeConverter(io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)

Example 2 with AuthenticationContext

use of io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext in project powerauth-restful-integration by lime-company.

the class PowerAuthAuthenticationProvider method validateTokenAuthentication.

/**
 * Validate basic token-based authentication.
 *
 * @param authentication Token based authentication object.
 * @return API authentication object in case of successful authentication, null otherwise.
 */
private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthTokenAuthenticationImpl authentication) {
    try {
        final ValidateTokenRequest request = new ValidateTokenRequest();
        request.setTokenId(authentication.getTokenId());
        request.setTokenDigest(authentication.getTokenDigest());
        request.setNonce(authentication.getNonce());
        request.setTimestamp(Long.parseLong(authentication.getTimestamp()));
        final ValidateTokenResponse response = powerAuthClient.validateToken(request);
        final ActivationStatus activationStatus;
        if (response.isTokenValid()) {
            activationStatus = ActivationStatus.ACTIVE;
        } else {
            // Detailed activation status in case of token authentication failure needs to be obtained from PA server
            activationStatus = null;
        }
        final AuthenticationContext authenticationContext = new AuthenticationContext();
        authenticationContext.setValid(response.isTokenValid());
        authenticationContext.setRemainingAttempts(null);
        authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
        final PowerAuthActivation activationContext = copyActivationAttributes(response.getActivationId(), response.getUserId(), activationStatus, null, response.getActivationFlags(), authenticationContext, authentication.getVersion());
        return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(), response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(), authenticationContext, authentication.getVersion(), authentication.getHttpHeader(), activationContext);
    } catch (NumberFormatException ex) {
        logger.warn("Invalid timestamp format, error: {}", ex.getMessage());
        logger.debug("Error details", ex);
        return null;
    } catch (Exception ex) {
        logger.warn("Token validation failed, error: {}", ex.getMessage());
        logger.debug("Error details", ex);
        return null;
    }
}
Also used : AuthenticationContext(io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext) ActivationStatus(io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus) PowerAuthActivation(io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation) PowerAuthTokenInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException) InvalidPowerAuthHttpHeaderException(io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException) PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException) PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException) PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException) AuthenticationException(org.springframework.security.core.AuthenticationException) PowerAuthHeaderMissingException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException) PowerAuthClientException(com.wultra.security.powerauth.client.model.error.PowerAuthClientException)

Aggregations

PowerAuthClientException (com.wultra.security.powerauth.client.model.error.PowerAuthClientException)2 PowerAuthActivation (io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation)2 AuthenticationContext (io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext)2 InvalidPowerAuthHttpHeaderException (io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException)1 SignatureTypeConverter (io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)1 PowerAuthAuthenticationException (io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)1 PowerAuthHeaderMissingException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException)1 PowerAuthSignatureInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)1 PowerAuthSignatureTypeInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException)1 PowerAuthTokenInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException)1 ActivationStatus (io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1