Examples with AuthenticationContext - org.forgerock.openam.core.rest.authn.core.AuthenticationContext

Example 1 with AuthenticationContext

use of org.forgerock.openam.core.rest.authn.core.AuthenticationContext in project OpenAM by OpenRock.

the class RestAuthenticationHandler method processAuthentication.

/**
     * Using the given LoginProcess will process the authentication by getting the required callbacks and either
     * completing and submitting them or sending the requirements back to the client as JSON. If the authentication
     * process has completed it will then check the completion status and will either return an error or the SSO Token
     * Id to the client.
     *
     * @param request The HttpServletRequest.
     * @param response The HttpServletResponse.
     * @param postBody The post body of the request.
     * @param loginProcess The LoginProcess used to track the login.
     * @param loginConfiguration The LoginConfiguration used to configure the login process.
     * @return A ResponseBuilder which contains the contents of the response to return to the client.
     * @throws AuthLoginException If there is a problem submitting the callbacks.
     * @throws SignatureException If there is a problem creating the JWT to use in the response to the client.
     */
private JsonValue processAuthentication(HttpServletRequest request, HttpServletResponse response, JsonValue postBody, String authId, LoginProcess loginProcess, LoginConfiguration loginConfiguration) throws AuthLoginException, SignatureException, RestAuthException {
    switch(loginProcess.getLoginStage()) {
        case REQUIREMENTS_WAITING:
            {
                Callback[] callbacks = loginProcess.getCallbacks();
                JsonValue jsonCallbacks;
                try {
                    if (callbacks.length == 1 && callbacks[0] instanceof RedirectCallback && postBody != null) {
                        jsonCallbacks = null;
                    } else {
                        jsonCallbacks = handleCallbacks(request, response, postBody, callbacks);
                    }
                } catch (RestAuthResponseException e) {
                    // Include the authId in the JSON response.
                    if (authId == null) {
                        authId = authIdHelper.createAuthId(loginConfiguration, loginProcess.getAuthContext());
                    }
                    e.getJsonResponse().put(AUTH_ID, authId);
                    AuditRequestContext.putProperty(AUTH_ID, authId);
                    throw e;
                }
                if (jsonCallbacks != null && jsonCallbacks.size() > 0) {
                    JsonValue jsonValue = createJsonCallbackResponse(authId, loginConfiguration, loginProcess, jsonCallbacks);
                    return jsonValue;
                } else {
                    loginProcess = loginProcess.next(callbacks);
                    return processAuthentication(request, response, null, authId, loginProcess, loginConfiguration);
                }
            }
        case COMPLETE:
            {
                loginProcess.cleanup();
                if (loginProcess.isSuccessful()) {
                    // send token to client
                    JsonObject jsonResponseObject = JsonValueBuilder.jsonValue();
                    SSOToken ssoToken = loginProcess.getSSOToken();
                    if (ssoToken != null) {
                        String tokenId = ssoToken.getTokenID().toString();
                        jsonResponseObject.put(TOKEN_ID, tokenId);
                        AuditRequestContext.putProperty(TOKEN_ID, tokenId);
                    } else {
                        jsonResponseObject.put("message", "Authentication Successful");
                    }
                    String gotoUrl = urlValidator.getRedirectUrl(loginProcess.getOrgDN(), urlValidator.getValueFromJson(postBody, RedirectUrlValidator.GOTO), loginProcess.getSuccessURL());
                    jsonResponseObject.put("successUrl", gotoUrl);
                    return jsonResponseObject.build();
                } else {
                    // send Error to client
                    AuthenticationContext authContext = loginProcess.getAuthContext();
                    String errorCode = authContext.getErrorCode();
                    String errorMessage = authContext.getErrorMessage();
                    throw new RestAuthErrorCodeException(errorCode, errorMessage);
                }
            }
    }
    // This should never happen
    throw new RestAuthException(ResourceException.INTERNAL_ERROR, "Unknown Authentication State!");
}

Also used : RestAuthErrorCodeException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException) RestAuthException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthException) RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback) SSOToken(com.iplanet.sso.SSOToken) AuthenticationContext(org.forgerock.openam.core.rest.authn.core.AuthenticationContext) RestAuthResponseException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthResponseException) JsonValue(org.forgerock.json.JsonValue) JsonObject(org.forgerock.openam.utils.JsonObject)

Aggregations

SSOToken (com.iplanet.sso.SSOToken)1 RedirectCallback (com.sun.identity.authentication.spi.RedirectCallback)1 JsonValue (org.forgerock.json.JsonValue)1 AuthenticationContext (org.forgerock.openam.core.rest.authn.core.AuthenticationContext)1 RestAuthErrorCodeException (org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException)1 RestAuthException (org.forgerock.openam.core.rest.authn.exceptions.RestAuthException)1 RestAuthResponseException (org.forgerock.openam.core.rest.authn.exceptions.RestAuthResponseException)1 JsonObject (org.forgerock.openam.utils.JsonObject)1