Examples with LoginProcess org.forgerock.openam.core.rest.authn.core.LoginProcess used on opensource projects

Search in sources :

Example 1 with LoginProcess

use of org.forgerock.openam.core.rest.authn.core.LoginProcess in project OpenAM by OpenRock.

the class RestAuthenticationHandler method authenticate.

/**
     * Handles either the creation or retrieval of the Login Process, dependent on if the request is a new
     * authentication request or a continuation of one.
     *
     * @param request The HttpServletRequest.
     * @param response The HttpServletResponse.
     * @param postBody The post body of the request.
     * @param authIndexType The authentication index type.
     * @param indexValue The authentication index value.
     * @param sessionUpgradeSSOTokenId The SSO Token Id of the user's current session, null if not performing a session
     *                                 upgrade.
     * @return The Response of the authentication request.
     */
private JsonValue authenticate(HttpServletRequest request, HttpServletResponse response, JsonValue postBody, String authIndexType, String indexValue, String sessionUpgradeSSOTokenId) throws RestAuthException {
    LoginProcess loginProcess = null;
    try {
        AuthIndexType indexType = getAuthIndexType(authIndexType);
        String authId = null;
        String sessionId = null;
        if (postBody != null) {
            authId = getAuthId(postBody);
            if (authId != null) {
                SignedJwt jwt = authIdHelper.reconstructAuthId(authId);
                sessionId = getSessionId(jwt);
                indexType = getAuthIndexType(jwt);
                indexValue = getAuthIndexValue(jwt);
                String realmDN = getRealmDomainName(jwt);
                AuditRequestContext.putProperty(SESSION_ID, sessionId);
                authIdHelper.verifyAuthId(realmDN, authId);
            }
        }
        LoginConfiguration loginConfiguration = new LoginConfiguration().httpRequest(request).httpResponse(response).indexType(indexType).indexValue(indexValue).sessionId(sessionId).forceAuth(request.getParameter(AuthUtils.FORCE_AUTH)).sessionUpgrade(sessionUpgradeSSOTokenId);
        loginProcess = loginAuthenticator.getLoginProcess(loginConfiguration);
        return processAuthentication(request, response, postBody, authId, loginProcess, loginConfiguration);
    } catch (RestAuthException e) {
        if (loginProcess != null) {
            String failureUrl = urlValidator.getRedirectUrl(loginProcess.getAuthContext().getOrgDN(), loginProcess.getFailureURL(), null);
            e.setFailureUrl(failureUrl);
        }
        throw e;
    } catch (L10NMessageImpl e) {
        throw new RestAuthException(amAuthErrorCodeResponseStatusMapping.getAuthLoginExceptionResponseStatus(e.getErrorCode()), e);
    } catch (JsonException e) {
        throw new RestAuthException(ResourceException.INTERNAL_ERROR, e);
    } catch (SignatureException e) {
        throw new RestAuthException(ResourceException.INTERNAL_ERROR, e);
    } catch (AuthLoginException e) {
        throw new RestAuthException(amAuthErrorCodeResponseStatusMapping.getAuthLoginExceptionResponseStatus(e.getErrorCode()), e);
    } catch (JwsSigningException jse) {
        DEBUG.error("JwsSigningException", jse);
        throw new RestAuthException(ResourceException.INTERNAL_ERROR, "JwsSigningException, " + jse.getMessage());
    }
}
Also used : RestAuthException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthException) JsonException(org.forgerock.json.JsonException) JwsSigningException(org.forgerock.json.jose.exceptions.JwsSigningException) L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl) AuthIndexType(org.forgerock.openam.core.rest.authn.core.AuthIndexType) LoginConfiguration(org.forgerock.openam.core.rest.authn.core.LoginConfiguration) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SignedJwt(org.forgerock.json.jose.jws.SignedJwt) SignatureException(java.security.SignatureException) LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess)

Example 2 with LoginProcess

use of org.forgerock.openam.core.rest.authn.core.LoginProcess in project OpenAM by OpenRock.

the class RestAuthenticationHandlerTest method shouldCleanupAfterAuthenticationComplete.

@Test
public void shouldCleanupAfterAuthenticationComplete() throws Exception {
    // Given
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    String module = "LDAP";
    String existingSesssionId = "session1";
    AuthContextLocalWrapper authContextLocalWrapper = mock(AuthContextLocalWrapper.class);
    LoginProcess loginProcess = mock(LoginProcess.class);
    given(loginProcess.getLoginStage()).willReturn(LoginStage.COMPLETE);
    given(loginProcess.isSuccessful()).willReturn(true);
    given(loginProcess.getAuthContext()).willReturn(authContextLocalWrapper);
    given(loginAuthenticator.getLoginProcess(Matchers.<LoginConfiguration>anyObject())).willReturn(loginProcess);
    // When
    restAuthenticationHandler.initiateAuthentication(request, response, "module", module, existingSesssionId);
    // Then
    verify(loginProcess).cleanup();
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthContextLocalWrapper(org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper) LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess) Test(org.testng.annotations.Test)

Example 3 with LoginProcess

use of org.forgerock.openam.core.rest.authn.core.LoginProcess in project OpenAM by OpenRock.

the class RestAuthenticationHandlerTest method shouldInitiateAuthenticationViaGET4.

@Test
public void shouldInitiateAuthenticationViaGET4() throws AuthLoginException, L10NMessageImpl, JSONException, IOException, RestAuthResponseException, SignatureException, RestAuthException {
    //Given
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse httpResponse = mock(HttpServletResponse.class);
    String authIndexType = null;
    String indexValue = null;
    String sessionUpgradeSSOTokenId = null;
    Callback[] callbacks = new Callback[0];
    AuthContextLocalWrapper authContextLocalWrapper = mock(AuthContextLocalWrapper.class);
    LoginProcess loginProcess = mock(LoginProcess.class);
    given(loginProcess.getLoginStage()).willReturn(LoginStage.REQUIREMENTS_WAITING);
    given(loginProcess.getCallbacks()).willReturn(callbacks);
    given(loginProcess.getAuthContext()).willReturn(authContextLocalWrapper);
    PagePropertiesCallback pagePropertiesCallback = mock(PagePropertiesCallback.class);
    given(pagePropertiesCallback.getTemplateName()).willReturn("TEMPLATE_NAME");
    given(pagePropertiesCallback.getModuleName()).willReturn("MODULE_NAME");
    given(pagePropertiesCallback.getPageState()).willReturn("PAGE_STATE");
    JsonValue jsonCallbacks = new JsonValue(new HashMap<String, Object>());
    jsonCallbacks.add("KEY", "VALUE");
    Map<String, String> responseHeaders = new HashMap<String, String>();
    responseHeaders.put("HEADER_KEY", "HEADER_VALUE");
    JsonValue jsonResponse = new JsonValue(new HashMap<String, Object>());
    jsonResponse.add("KEY", "VALUE");
    RestAuthResponseException restAuthResponseException = new RestAuthResponseException(999, responseHeaders, jsonResponse);
    given(loginAuthenticator.getLoginProcess(Matchers.<LoginConfiguration>anyObject())).willReturn(loginProcess);
    given(restAuthCallbackHandlerManager.handleCallbacks(request, httpResponse, callbacks)).willThrow(restAuthResponseException);
    given(authIdHelper.createAuthId(Matchers.<LoginConfiguration>anyObject(), eq(authContextLocalWrapper))).willReturn("AUTH_ID");
    //When
    try {
        restAuthenticationHandler.initiateAuthentication(request, httpResponse, authIndexType, indexValue, sessionUpgradeSSOTokenId);
    } catch (RestAuthResponseException e) {
        JsonValue response = e.getJsonResponse();
        assertEquals(response.size(), 2);
        assertEquals(response.get("authId").asString(), "AUTH_ID");
        assertEquals(response.get("KEY").asString(), "VALUE");
        Map<String, String> headers = e.getResponseHeaders();
        assertEquals(headers.get("HEADER_KEY"), "HEADER_VALUE");
        assertEquals(e.getStatusCode(), 999);
        return;
    }
    //Then
    fail();
}
Also used : PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback) HashMap(java.util.HashMap) JsonValue(org.forgerock.json.JsonValue) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthContextLocalWrapper(org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper) LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess) HttpServletRequest(javax.servlet.http.HttpServletRequest) PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback) Callback(javax.security.auth.callback.Callback) RestAuthResponseException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthResponseException) HashMap(java.util.HashMap) Map(java.util.Map) Test(org.testng.annotations.Test)

Example 4 with LoginProcess

use of org.forgerock.openam.core.rest.authn.core.LoginProcess in project OpenAM by OpenRock.

the class RestAuthenticationHandlerTest method shouldInitiateAuthenticationViaGET2.

@Test
public void shouldInitiateAuthenticationViaGET2() throws AuthLoginException, L10NMessageImpl, JSONException, IOException, RestAuthResponseException, SignatureException, RestAuthException {
    //Given
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse httpResponse = mock(HttpServletResponse.class);
    String authIndexType = null;
    String indexValue = null;
    String sessionUpgradeSSOTokenId = null;
    Callback callbackOne = mock(Callback.class);
    Callback callbackTwo = mock(Callback.class);
    Callback[] callbacks = new Callback[] { callbackOne, callbackTwo };
    PagePropertiesCallback pagePropertiesCallback = mock(PagePropertiesCallback.class);
    given(pagePropertiesCallback.getTemplateName()).willReturn("TEMPLATE_NAME");
    given(pagePropertiesCallback.getModuleName()).willReturn("MODULE_NAME");
    given(pagePropertiesCallback.getPageState()).willReturn("PAGE_STATE");
    given(pagePropertiesCallback.getHeader()).willReturn("HEADER");
    AuthContextLocalWrapper authContextLocalWrapper = mock(AuthContextLocalWrapper.class);
    LoginProcess loginProcess = mock(LoginProcess.class);
    given(loginProcess.getLoginStage()).willReturn(LoginStage.REQUIREMENTS_WAITING);
    given(loginProcess.getCallbacks()).willReturn(callbacks);
    given(loginProcess.getPagePropertiesCallback()).willReturn(pagePropertiesCallback);
    given(loginProcess.getAuthContext()).willReturn(authContextLocalWrapper);
    JsonValue jsonCallbacks = new JsonValue(new HashMap<String, Object>());
    jsonCallbacks.add("KEY", "VALUE");
    given(loginAuthenticator.getLoginProcess(Matchers.<LoginConfiguration>anyObject())).willReturn(loginProcess);
    given(restAuthCallbackHandlerManager.handleCallbacks(request, httpResponse, callbacks)).willReturn(jsonCallbacks);
    given(authIdHelper.createAuthId(Matchers.<LoginConfiguration>anyObject(), eq(authContextLocalWrapper))).willReturn("AUTH_ID");
    //When
    JsonValue response = restAuthenticationHandler.initiateAuthentication(request, httpResponse, authIndexType, indexValue, sessionUpgradeSSOTokenId);
    //Then
    assertEquals(response.size(), 5);
    assertEquals(response.get("authId").asString(), "AUTH_ID");
    assertEquals(response.get("template").asString(), "TEMPLATE_NAME");
    assertEquals(response.get("stage").asString(), "MODULE_NAMEPAGE_STATE");
    assertEquals(response.get("header").asString(), "HEADER");
    assertEquals(response.get("callbacks").get("KEY").asString(), "VALUE");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback) Callback(javax.security.auth.callback.Callback) PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback) JsonValue(org.forgerock.json.JsonValue) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthContextLocalWrapper(org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper) LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess) Test(org.testng.annotations.Test)

Example 5 with LoginProcess

use of org.forgerock.openam.core.rest.authn.core.LoginProcess in project OpenAM by OpenRock.

the class RestAuthenticationHandlerTest method shouldInitiateAuthenticationViaGET1.

@Test
public void shouldInitiateAuthenticationViaGET1() throws AuthLoginException, L10NMessageImpl, JSONException, IOException, RestAuthException, RestAuthResponseException {
    //Given
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse httpResponse = mock(HttpServletResponse.class);
    String authIndexType = AuthIndexType.MODULE.toString();
    String indexValue = "INDEX_VALUE";
    String sessionUpgradeSSOTokenId = null;
    AuthContextLocalWrapper authContextLocalWrapper = mock(AuthContextLocalWrapper.class);
    given(authContextLocalWrapper.getErrorCode()).willReturn("ERROR_CODE");
    given(authContextLocalWrapper.getErrorMessage()).willReturn("ERROR_MESSAGE");
    LoginProcess loginProcess = mock(LoginProcess.class);
    given(loginProcess.getLoginStage()).willReturn(LoginStage.COMPLETE);
    given(loginProcess.isSuccessful()).willReturn(false);
    given(loginProcess.getAuthContext()).willReturn(authContextLocalWrapper);
    given(loginAuthenticator.getLoginProcess(Matchers.<LoginConfiguration>anyObject())).willReturn(loginProcess);
    //When
    try {
        restAuthenticationHandler.initiateAuthentication(request, httpResponse, authIndexType, indexValue, sessionUpgradeSSOTokenId);
    } catch (RestAuthErrorCodeException e) {
        assertEquals(e.getStatusCode(), 401);
        ArgumentCaptor<LoginConfiguration> argumentCaptor = ArgumentCaptor.forClass(LoginConfiguration.class);
        verify(loginAuthenticator).getLoginProcess(argumentCaptor.capture());
        LoginConfiguration loginConfiguration = argumentCaptor.getValue();
        assertEquals(loginConfiguration.getHttpRequest(), request);
        assertEquals(loginConfiguration.getIndexType(), AuthIndexType.MODULE);
        assertEquals(loginConfiguration.getIndexValue(), "INDEX_VALUE");
        assertEquals(loginConfiguration.getSessionId(), "");
        assertEquals(loginConfiguration.getSSOTokenId(), "");
        return;
    }
    //Then
    fail();
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) RestAuthErrorCodeException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException) ArgumentCaptor(org.mockito.ArgumentCaptor) HttpServletResponse(javax.servlet.http.HttpServletResponse) LoginConfiguration(org.forgerock.openam.core.rest.authn.core.LoginConfiguration) AuthContextLocalWrapper(org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper) LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess) Test(org.testng.annotations.Test)

Aggregations

LoginProcess (org.forgerock.openam.core.rest.authn.core.LoginProcess)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 HttpServletResponse (javax.servlet.http.HttpServletResponse)7 AuthContextLocalWrapper (org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper)7 Test (org.testng.annotations.Test)7 JsonValue (org.forgerock.json.JsonValue)5 LoginConfiguration (org.forgerock.openam.core.rest.authn.core.LoginConfiguration)4 SSOToken (com.iplanet.sso.SSOToken)3 SSOTokenID (com.iplanet.sso.SSOTokenID)3 PagePropertiesCallback (com.sun.identity.authentication.spi.PagePropertiesCallback)3 Callback (javax.security.auth.callback.Callback)3 SignedJwt (org.forgerock.json.jose.jws.SignedJwt)2 AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)1 L10NMessageImpl (com.sun.identity.shared.locale.L10NMessageImpl)1 SignatureException (java.security.SignatureException)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 JsonException (org.forgerock.json.JsonException)1 JwsSigningException (org.forgerock.json.jose.exceptions.JwsSigningException)1 JwtClaimsSet (org.forgerock.json.jose.jwt.JwtClaimsSet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial