Search in sources :

Example 1 with RestAuthErrorCodeException

use of org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException in project OpenAM by OpenRock.

the class RestAuthenticationHandler method processAuthentication.

/**
     * Using the given LoginProcess will process the authentication by getting the required callbacks and either
     * completing and submitting them or sending the requirements back to the client as JSON. If the authentication
     * process has completed it will then check the completion status and will either return an error or the SSO Token
     * Id to the client.
     *
     * @param request The HttpServletRequest.
     * @param response The HttpServletResponse.
     * @param postBody The post body of the request.
     * @param loginProcess The LoginProcess used to track the login.
     * @param loginConfiguration The LoginConfiguration used to configure the login process.
     * @return A ResponseBuilder which contains the contents of the response to return to the client.
     * @throws AuthLoginException If there is a problem submitting the callbacks.
     * @throws SignatureException If there is a problem creating the JWT to use in the response to the client.
     */
private JsonValue processAuthentication(HttpServletRequest request, HttpServletResponse response, JsonValue postBody, String authId, LoginProcess loginProcess, LoginConfiguration loginConfiguration) throws AuthLoginException, SignatureException, RestAuthException {
    switch(loginProcess.getLoginStage()) {
        case REQUIREMENTS_WAITING:
            {
                Callback[] callbacks = loginProcess.getCallbacks();
                JsonValue jsonCallbacks;
                try {
                    if (callbacks.length == 1 && callbacks[0] instanceof RedirectCallback && postBody != null) {
                        jsonCallbacks = null;
                    } else {
                        jsonCallbacks = handleCallbacks(request, response, postBody, callbacks);
                    }
                } catch (RestAuthResponseException e) {
                    // Include the authId in the JSON response.
                    if (authId == null) {
                        authId = authIdHelper.createAuthId(loginConfiguration, loginProcess.getAuthContext());
                    }
                    e.getJsonResponse().put(AUTH_ID, authId);
                    AuditRequestContext.putProperty(AUTH_ID, authId);
                    throw e;
                }
                if (jsonCallbacks != null && jsonCallbacks.size() > 0) {
                    JsonValue jsonValue = createJsonCallbackResponse(authId, loginConfiguration, loginProcess, jsonCallbacks);
                    return jsonValue;
                } else {
                    loginProcess = loginProcess.next(callbacks);
                    return processAuthentication(request, response, null, authId, loginProcess, loginConfiguration);
                }
            }
        case COMPLETE:
            {
                loginProcess.cleanup();
                if (loginProcess.isSuccessful()) {
                    // send token to client
                    JsonObject jsonResponseObject = JsonValueBuilder.jsonValue();
                    SSOToken ssoToken = loginProcess.getSSOToken();
                    if (ssoToken != null) {
                        String tokenId = ssoToken.getTokenID().toString();
                        jsonResponseObject.put(TOKEN_ID, tokenId);
                        AuditRequestContext.putProperty(TOKEN_ID, tokenId);
                    } else {
                        jsonResponseObject.put("message", "Authentication Successful");
                    }
                    String gotoUrl = urlValidator.getRedirectUrl(loginProcess.getOrgDN(), urlValidator.getValueFromJson(postBody, RedirectUrlValidator.GOTO), loginProcess.getSuccessURL());
                    jsonResponseObject.put("successUrl", gotoUrl);
                    return jsonResponseObject.build();
                } else {
                    // send Error to client
                    AuthenticationContext authContext = loginProcess.getAuthContext();
                    String errorCode = authContext.getErrorCode();
                    String errorMessage = authContext.getErrorMessage();
                    throw new RestAuthErrorCodeException(errorCode, errorMessage);
                }
            }
    }
    // This should never happen
    throw new RestAuthException(ResourceException.INTERNAL_ERROR, "Unknown Authentication State!");
}
Also used : RestAuthErrorCodeException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException) RestAuthException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthException) RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback) SSOToken(com.iplanet.sso.SSOToken) AuthenticationContext(org.forgerock.openam.core.rest.authn.core.AuthenticationContext) RestAuthResponseException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthResponseException) JsonValue(org.forgerock.json.JsonValue) JsonObject(org.forgerock.openam.utils.JsonObject)

Example 2 with RestAuthErrorCodeException

use of org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException in project OpenAM by OpenRock.

the class RestAuthenticationHandlerTest method shouldInitiateAuthenticationViaGET1.

@Test
public void shouldInitiateAuthenticationViaGET1() throws AuthLoginException, L10NMessageImpl, JSONException, IOException, RestAuthException, RestAuthResponseException {
    //Given
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse httpResponse = mock(HttpServletResponse.class);
    String authIndexType = AuthIndexType.MODULE.toString();
    String indexValue = "INDEX_VALUE";
    String sessionUpgradeSSOTokenId = null;
    AuthContextLocalWrapper authContextLocalWrapper = mock(AuthContextLocalWrapper.class);
    given(authContextLocalWrapper.getErrorCode()).willReturn("ERROR_CODE");
    given(authContextLocalWrapper.getErrorMessage()).willReturn("ERROR_MESSAGE");
    LoginProcess loginProcess = mock(LoginProcess.class);
    given(loginProcess.getLoginStage()).willReturn(LoginStage.COMPLETE);
    given(loginProcess.isSuccessful()).willReturn(false);
    given(loginProcess.getAuthContext()).willReturn(authContextLocalWrapper);
    given(loginAuthenticator.getLoginProcess(Matchers.<LoginConfiguration>anyObject())).willReturn(loginProcess);
    //When
    try {
        restAuthenticationHandler.initiateAuthentication(request, httpResponse, authIndexType, indexValue, sessionUpgradeSSOTokenId);
    } catch (RestAuthErrorCodeException e) {
        assertEquals(e.getStatusCode(), 401);
        ArgumentCaptor<LoginConfiguration> argumentCaptor = ArgumentCaptor.forClass(LoginConfiguration.class);
        verify(loginAuthenticator).getLoginProcess(argumentCaptor.capture());
        LoginConfiguration loginConfiguration = argumentCaptor.getValue();
        assertEquals(loginConfiguration.getHttpRequest(), request);
        assertEquals(loginConfiguration.getIndexType(), AuthIndexType.MODULE);
        assertEquals(loginConfiguration.getIndexValue(), "INDEX_VALUE");
        assertEquals(loginConfiguration.getSessionId(), "");
        assertEquals(loginConfiguration.getSSOTokenId(), "");
        return;
    }
    //Then
    fail();
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) RestAuthErrorCodeException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException) ArgumentCaptor(org.mockito.ArgumentCaptor) HttpServletResponse(javax.servlet.http.HttpServletResponse) LoginConfiguration(org.forgerock.openam.core.rest.authn.core.LoginConfiguration) AuthContextLocalWrapper(org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper) LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess) Test(org.testng.annotations.Test)

Aggregations

RestAuthErrorCodeException (org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException)2 SSOToken (com.iplanet.sso.SSOToken)1 RedirectCallback (com.sun.identity.authentication.spi.RedirectCallback)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 JsonValue (org.forgerock.json.JsonValue)1 AuthenticationContext (org.forgerock.openam.core.rest.authn.core.AuthenticationContext)1 LoginConfiguration (org.forgerock.openam.core.rest.authn.core.LoginConfiguration)1 LoginProcess (org.forgerock.openam.core.rest.authn.core.LoginProcess)1 AuthContextLocalWrapper (org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper)1 RestAuthException (org.forgerock.openam.core.rest.authn.exceptions.RestAuthException)1 RestAuthResponseException (org.forgerock.openam.core.rest.authn.exceptions.RestAuthResponseException)1 JsonObject (org.forgerock.openam.utils.JsonObject)1 ArgumentCaptor (org.mockito.ArgumentCaptor)1 Test (org.testng.annotations.Test)1