Example 11 with ConfirmationCallback
use of javax.security.auth.callback.ConfirmationCallback in project OpenAM by OpenRock.
the class LoginViewBean method getLoginDisplay.
protected void getLoginDisplay() throws Exception {
loginDebug.message("In getLoginDisplay()");
if (!bAuthLevel) {
prepareLoginParams();
}
if (loginDebug.messageEnabled()) {
loginDebug.message("Login Parameters : IndexType = " + indexType + " IndexName = " + indexName);
}
try {
if (indexType != null) {
if (indexType.equals(AuthContext.IndexType.RESOURCE)) {
ac.login(indexType, indexName, envMap, null);
} else {
ac.login(indexType, indexName);
}
} else {
ac.login();
}
} catch (AuthLoginException le) {
loginDebug.message("AuthContext()::login error ", le);
if ((ac.getStatus() == AuthContext.Status.RESET) || (ac.getStatus() == AuthContext.Status.ORG_MISMATCH)) {
loginDebug.message("getLoginDisplay(): Destroying current session!");
InternalSession oldSession = AuthUtils.getOldSession(ac);
if (AuthUtils.isSessionUpgrade(ac)) {
clearCookieAndDestroySession(ac);
loginDebug.message("getLoginDisplay(): Session upgrade - " + " Restoring original Session!");
if (oldSession != null) {
ac.getLoginState().setSession(oldSession);
String redirect_url = AuthUtils.getSuccessURL(request, ac);
if (loginDebug.messageEnabled()) {
loginDebug.message("Session Upgrade - redirect_url : " + redirect_url);
}
response.sendRedirect(redirect_url);
}
forward = false;
} else {
clearCookieAndDestroySession(ac);
if (oldSession != null) {
loginDebug.message("Destroy existing/old valid session");
AuthD authD = AuthD.getAuth();
authD.destroySession(oldSession.getID());
}
ac = null;
handleAuthLoginException(le);
}
} else {
handleAuthLoginException(le);
}
return;
}
try {
// Get the information requested by the respective auth module
if (ac.hasMoreRequirements()) {
loginDebug.message("In getLoginDisplay, has More Requirements");
callbacks = ac.getRequirements();
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof HttpCallback) {
processHttpCallback((HttpCallback) callbacks[i]);
return;
} else if (callbacks[i] instanceof RedirectCallback) {
processRedirectCallback((RedirectCallback) callbacks[i]);
return;
} else if (!bAuthLevel && !newOrgExist) {
// Auth Level login will never do one page login.
if (callbacks[i] instanceof NameCallback) {
if (reqDataHash.get(TOKEN + Integer.toString(i)) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(TOKEN_OLD + Integer.toString(i)) != null) {
onePageLogin = true;
break;
}
} else if (callbacks[i] instanceof PasswordCallback) {
if (reqDataHash.get(TOKEN + Integer.toString(i)) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(TOKEN_OLD + Integer.toString(i)) != null) {
onePageLogin = true;
break;
}
} else if (callbacks[i] instanceof ChoiceCallback) {
if (reqDataHash.get(TOKEN + Integer.toString(i)) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(TOKEN_OLD + Integer.toString(i)) != null) {
onePageLogin = true;
break;
}
} else if (callbacks[i] instanceof ConfirmationCallback) {
if (reqDataHash.get(BUTTON) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(BUTTON_OLD) != null) {
onePageLogin = true;
break;
}
}
}
}
if (onePageLogin && AuthUtils.isZeroPageLoginAllowed(ac.getLoginState().getZeroPageLoginConfig(), request)) {
// user input login info in URL
loginDebug.message("User input login information in URL!");
processLoginDisplay();
} else {
addLoginCallbackMessage(callbacks);
if (!LoginFail) {
//if the login already failed, then LoginState is already
//nullified, hence any attempt of calling this method
//the errormessage/code/template should be already set
//so a proper error page is shown.
AuthUtils.setCallbacksPerState(ac, pageState, callbacks);
}
}
} else {
if (loginDebug.messageEnabled()) {
loginDebug.message("No more Requirements in getLoginDisplay");
loginDebug.message("Status is : " + ac.getStatus());
}
if (ac.getStatus() == AuthContext.Status.SUCCESS) {
LoginSuccess = true;
ResultVal = rb.getString("authentication.successful");
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginSuccessURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginSuccessURL in getLoginDisplay " + "(in case of successful auth) : " + redirect_url);
}
}
} else if (ac.getStatus() == AuthContext.Status.FAILED) {
handleAuthLoginException(null);
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginFailedURL in getLoginDisplay : " + redirect_url);
}
}
} else {
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if (loginDebug.warningEnabled()) {
loginDebug.warning("Login Status is " + ac.getStatus() + " - redirect to loginFailedURL : " + redirect_url);
}
setErrorMessage(null);
}
}
} catch (Exception e) {
setErrorMessage(e);
throw new L10NMessageImpl(bundleName, "loginDisplay.get", new Object[] { e.getMessage() });
}
}
Also used :
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
ModelControlException(com.iplanet.jato.model.ModelControlException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
InternalSession(com.iplanet.dpro.session.service.InternalSession)
AuthD(com.sun.identity.authentication.service.AuthD)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 12 with ConfirmationCallback
use of javax.security.auth.callback.ConfirmationCallback in project OpenAM by OpenRock.
the class DevicePrintAuthenticationServiceTest method shouldSendOTPWhenRequested.
/**
* 4) second call, using OPT, 2 - request OPT to be sent - should return 2
*/
@Test
public void shouldSendOTPWhenRequested() throws AuthLoginException {
//Given
Callback[] callbacks = new Callback[2];
PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
int state = 2;
callbacks[0] = smsOTPCallback;
callbacks[1] = confirmationCallback;
given(smsOTPCallback.getPassword()).willReturn(new char[0]);
given(confirmationCallback.getSelectedIndex()).willReturn(1);
//When
int nextState = devicePrintAuthenticationService.process(callbacks, state);
//Then
verify(hotpService).sendHOTP();
assertEquals(nextState, 2);
}
Also used :
PasswordCallback(javax.security.auth.callback.PasswordCallback)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
Callback(javax.security.auth.callback.Callback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
DevicePrint(org.forgerock.openam.authentication.modules.deviceprint.model.DevicePrint)
Test(org.testng.annotations.Test)
Example 13 with ConfirmationCallback
use of javax.security.auth.callback.ConfirmationCallback in project OpenAM by OpenRock.
the class DevicePrintAuthenticationServiceTest method shouldThrowExceptionIfConfirmationCallbackSubmittedWithUnknownOption.
@Test
public void shouldThrowExceptionIfConfirmationCallbackSubmittedWithUnknownOption() throws AuthLoginException {
//Given
Callback[] callbacks = new Callback[2];
PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
int state = 2;
callbacks[0] = smsOTPCallback;
callbacks[1] = confirmationCallback;
given(confirmationCallback.getSelectedIndex()).willReturn(2);
//When
boolean exceptionCaught = false;
try {
devicePrintAuthenticationService.process(callbacks, state);
fail();
} catch (AuthLoginException e) {
exceptionCaught = true;
}
//Then
assertTrue(exceptionCaught);
}
Also used :
PasswordCallback(javax.security.auth.callback.PasswordCallback)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
Callback(javax.security.auth.callback.Callback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
DevicePrint(org.forgerock.openam.authentication.modules.deviceprint.model.DevicePrint)
Test(org.testng.annotations.Test)
Example 14 with ConfirmationCallback
use of javax.security.auth.callback.ConfirmationCallback in project OpenAM by OpenRock.
the class DevicePrintAuthenticationServiceTest method shouldGotoSaveProfilePageWhenSubmittedOTPWithCorrectCode.
/**
* 5) third call, using OPT, 2 - OPT code submitted, with correct code - should return 3
*/
@Test
public void shouldGotoSaveProfilePageWhenSubmittedOTPWithCorrectCode() throws AuthLoginException {
//Given
Callback[] callbacks = new Callback[2];
PasswordCallback smsOTPCallback = mock(PasswordCallback.class);
ConfirmationCallback confirmationCallback = mock(ConfirmationCallback.class);
int state = 2;
String otpCode = "OTPCODE";
callbacks[0] = smsOTPCallback;
callbacks[1] = confirmationCallback;
given(smsOTPCallback.getPassword()).willReturn(otpCode.toCharArray());
given(confirmationCallback.getSelectedIndex()).willReturn(0);
given(hotpService.isValidHOTP("OTPCODE")).willReturn(true);
given(devicePrintService.hasRequiredAttributes(Matchers.<DevicePrint>anyObject())).willReturn(true);
//When
int nextState = devicePrintAuthenticationService.process(callbacks, state);
//Then
assertEquals(nextState, 3);
}
Also used :
PasswordCallback(javax.security.auth.callback.PasswordCallback)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
Callback(javax.security.auth.callback.Callback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
DevicePrint(org.forgerock.openam.authentication.modules.deviceprint.model.DevicePrint)
Test(org.testng.annotations.Test)
Example 15 with ConfirmationCallback
use of javax.security.auth.callback.ConfirmationCallback in project OpenAM by OpenRock.
the class Membership method process.
/**
* Takes an array of submitted <code>Callback</code>,
* process them and decide the order of next state to go.
* Return STATE_SUCCEED if the login is successful, return STATE_FAILED
* if the LoginModule should be ignored.
*
* @param callbacks an array of <code>Callback</cdoe> for this Login state
* @param state order of state. State order starts with 1.
* @return int order of next state. Return STATE_SUCCEED if authentication
* is successful, return STATE_FAILED if the
* LoginModule should be ignored.
* @throws AuthLoginException
*/
public int process(Callback[] callbacks, int state) throws AuthLoginException {
if (debug.messageEnabled()) {
debug.message("in process(), login state is " + state);
}
this.callbacks = callbacks;
ModuleState moduleState = ModuleState.get(state);
ModuleState nextState = null;
switch(moduleState) {
case LOGIN_START:
int action = 0;
// action == 0 is a Submit Button
if (callbacks != null && callbacks.length != 0) {
action = ((ConfirmationCallback) callbacks[2]).getSelectedIndex();
if (debug.messageEnabled()) {
debug.message("LOGIN page button index: " + action);
}
}
if (action == 0) {
// loginUser will attempt to validate the user and return
// the next state to display, either an error state or
// SUCCESS
nextState = loginUser(callbacks);
} else {
// new user registration
initAuthConfig();
clearInfoText(ModuleState.REGISTRATION.intValue());
nextState = ModuleState.REGISTRATION;
}
break;
case CHOOSE_USERNAMES:
// user name entered already exists, generate
// a set of user names for user to choose
nextState = chooseUserID(callbacks);
break;
case DISCLAIMER:
// when disclaimer page exists the user is created
// after the user agrees to disclaimer
// callbacks[0] is user selected button index
int agree = ((ConfirmationCallback) callbacks[0]).getSelectedIndex();
if (debug.messageEnabled()) {
debug.message("DISCLAIMER page button index: " + agree);
}
if (agree == 0) {
RegistrationResult result = registerNewUser();
if (result.equals(RegistrationResult.NO_ERROR)) {
return ISAuthConstants.LOGIN_SUCCEED;
} else {
switch(result) {
case USER_EXISTS_ERROR:
setErrorMessage(result, 0);
nextState = ModuleState.REGISTRATION;
break;
case PROFILE_ERROR:
nextState = ModuleState.PROFILE_ERROR;
break;
case NO_ERROR:
nextState = ModuleState.COMPLETE;
break;
}
}
} else if (agree == 1) {
nextState = ModuleState.DISCLAIMER_DECLINED;
} else {
throw new AuthLoginException(amAuthMembership, "loginException", null);
}
break;
case REGISTRATION:
// this is REGISTRATION state, registration will attempt to
// create a new user profile
// callbacks[len-1] is a user selected button index
// next == 0 is a Submit button
// next == 1 is a Cancel button
int next = ((ConfirmationCallback) callbacks[callbacks.length - 1]).getSelectedIndex();
if (debug.messageEnabled()) {
debug.message("REGISTRATION page button index: " + next);
}
if (next == 0) {
//clear infotexts in case they had error messages in the
//previous run
clearInfoText(ModuleState.REGISTRATION.intValue());
ModuleState result = getAndCheckRegistrationFields(callbacks);
switch(result) {
case DISCLAIMER:
nextState = processRegistrationResult();
break;
case REGISTRATION:
case CHOOSE_USERNAMES:
case PROFILE_ERROR:
if (debug.messageEnabled()) {
debug.message("Recoverable error: " + result.toString());
}
nextState = result;
break;
}
} else if (next == 1) {
clearCallbacks(callbacks);
nextState = ModuleState.LOGIN_START;
} else {
return ISAuthConstants.LOGIN_IGNORE;
}
}
return nextState.intValue();
}
Also used :
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
Aggregations
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)29
NameCallback (javax.security.auth.callback.NameCallback)18
PasswordCallback (javax.security.auth.callback.PasswordCallback)18
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)14
Callback (javax.security.auth.callback.Callback)13
Test (org.testng.annotations.Test)13
TextOutputCallback (javax.security.auth.callback.TextOutputCallback)7
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)6
JsonValue (org.forgerock.json.JsonValue)6
DevicePrint (org.forgerock.openam.authentication.modules.deviceprint.model.DevicePrint)6
HttpCallback (com.sun.identity.authentication.spi.HttpCallback)5
PagePropertiesCallback (com.sun.identity.authentication.spi.PagePropertiesCallback)5
RedirectCallback (com.sun.identity.authentication.spi.RedirectCallback)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)4
TextInputCallback (javax.security.auth.callback.TextInputCallback)4
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)4
HiddenValueCallback (com.sun.identity.authentication.callbacks.HiddenValueCallback)3
ScriptTextOutputCallback (com.sun.identity.authentication.callbacks.ScriptTextOutputCallback)3
LanguageCallback (javax.security.auth.callback.LanguageCallback)3
