use of org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException in project OpenAM by OpenRock.
the class RestAuthenticationHandler method processAuthentication.
/**
* Using the given LoginProcess will process the authentication by getting the required callbacks and either
* completing and submitting them or sending the requirements back to the client as JSON. If the authentication
* process has completed it will then check the completion status and will either return an error or the SSO Token
* Id to the client.
*
* @param request The HttpServletRequest.
* @param response The HttpServletResponse.
* @param postBody The post body of the request.
* @param loginProcess The LoginProcess used to track the login.
* @param loginConfiguration The LoginConfiguration used to configure the login process.
* @return A ResponseBuilder which contains the contents of the response to return to the client.
* @throws AuthLoginException If there is a problem submitting the callbacks.
* @throws SignatureException If there is a problem creating the JWT to use in the response to the client.
*/
private JsonValue processAuthentication(HttpServletRequest request, HttpServletResponse response, JsonValue postBody, String authId, LoginProcess loginProcess, LoginConfiguration loginConfiguration) throws AuthLoginException, SignatureException, RestAuthException {
switch(loginProcess.getLoginStage()) {
case REQUIREMENTS_WAITING:
{
Callback[] callbacks = loginProcess.getCallbacks();
JsonValue jsonCallbacks;
try {
if (callbacks.length == 1 && callbacks[0] instanceof RedirectCallback && postBody != null) {
jsonCallbacks = null;
} else {
jsonCallbacks = handleCallbacks(request, response, postBody, callbacks);
}
} catch (RestAuthResponseException e) {
// Include the authId in the JSON response.
if (authId == null) {
authId = authIdHelper.createAuthId(loginConfiguration, loginProcess.getAuthContext());
}
e.getJsonResponse().put(AUTH_ID, authId);
AuditRequestContext.putProperty(AUTH_ID, authId);
throw e;
}
if (jsonCallbacks != null && jsonCallbacks.size() > 0) {
JsonValue jsonValue = createJsonCallbackResponse(authId, loginConfiguration, loginProcess, jsonCallbacks);
return jsonValue;
} else {
loginProcess = loginProcess.next(callbacks);
return processAuthentication(request, response, null, authId, loginProcess, loginConfiguration);
}
}
case COMPLETE:
{
loginProcess.cleanup();
if (loginProcess.isSuccessful()) {
// send token to client
JsonObject jsonResponseObject = JsonValueBuilder.jsonValue();
SSOToken ssoToken = loginProcess.getSSOToken();
if (ssoToken != null) {
String tokenId = ssoToken.getTokenID().toString();
jsonResponseObject.put(TOKEN_ID, tokenId);
AuditRequestContext.putProperty(TOKEN_ID, tokenId);
} else {
jsonResponseObject.put("message", "Authentication Successful");
}
String gotoUrl = urlValidator.getRedirectUrl(loginProcess.getOrgDN(), urlValidator.getValueFromJson(postBody, RedirectUrlValidator.GOTO), loginProcess.getSuccessURL());
jsonResponseObject.put("successUrl", gotoUrl);
return jsonResponseObject.build();
} else {
// send Error to client
AuthenticationContext authContext = loginProcess.getAuthContext();
String errorCode = authContext.getErrorCode();
String errorMessage = authContext.getErrorMessage();
throw new RestAuthErrorCodeException(errorCode, errorMessage);
}
}
}
// This should never happen
throw new RestAuthException(ResourceException.INTERNAL_ERROR, "Unknown Authentication State!");
}
use of org.forgerock.openam.core.rest.authn.exceptions.RestAuthErrorCodeException in project OpenAM by OpenRock.
the class RestAuthenticationHandlerTest method shouldInitiateAuthenticationViaGET1.
@Test
public void shouldInitiateAuthenticationViaGET1() throws AuthLoginException, L10NMessageImpl, JSONException, IOException, RestAuthException, RestAuthResponseException {
//Given
HttpServletRequest request = mock(HttpServletRequest.class);
HttpServletResponse httpResponse = mock(HttpServletResponse.class);
String authIndexType = AuthIndexType.MODULE.toString();
String indexValue = "INDEX_VALUE";
String sessionUpgradeSSOTokenId = null;
AuthContextLocalWrapper authContextLocalWrapper = mock(AuthContextLocalWrapper.class);
given(authContextLocalWrapper.getErrorCode()).willReturn("ERROR_CODE");
given(authContextLocalWrapper.getErrorMessage()).willReturn("ERROR_MESSAGE");
LoginProcess loginProcess = mock(LoginProcess.class);
given(loginProcess.getLoginStage()).willReturn(LoginStage.COMPLETE);
given(loginProcess.isSuccessful()).willReturn(false);
given(loginProcess.getAuthContext()).willReturn(authContextLocalWrapper);
given(loginAuthenticator.getLoginProcess(Matchers.<LoginConfiguration>anyObject())).willReturn(loginProcess);
//When
try {
restAuthenticationHandler.initiateAuthentication(request, httpResponse, authIndexType, indexValue, sessionUpgradeSSOTokenId);
} catch (RestAuthErrorCodeException e) {
assertEquals(e.getStatusCode(), 401);
ArgumentCaptor<LoginConfiguration> argumentCaptor = ArgumentCaptor.forClass(LoginConfiguration.class);
verify(loginAuthenticator).getLoginProcess(argumentCaptor.capture());
LoginConfiguration loginConfiguration = argumentCaptor.getValue();
assertEquals(loginConfiguration.getHttpRequest(), request);
assertEquals(loginConfiguration.getIndexType(), AuthIndexType.MODULE);
assertEquals(loginConfiguration.getIndexValue(), "INDEX_VALUE");
assertEquals(loginConfiguration.getSessionId(), "");
assertEquals(loginConfiguration.getSSOTokenId(), "");
return;
}
//Then
fail();
}
Aggregations