Example 6 with OathDeviceSettings
use of org.forgerock.openam.core.rest.devices.OathDeviceSettings in project OpenAM by OpenRock.
the class OathMakerTest method shouldSaveGeneratedDevice.
@Test
@SuppressWarnings({ "unchecked", "rawtypes" })
public void shouldSaveGeneratedDevice() throws Exception {
// Given
OathDeviceSettings deviceSettings = new OathDeviceSettings();
deviceSettings.setCounter(42);
deviceSettings.setSharedSecret("sekret");
deviceSettings.setChecksumDigit(true);
deviceSettings.setLastLogin(99, TimeUnit.MILLISECONDS);
deviceSettings.setDeviceName("test device");
deviceSettings.setTruncationOffset(32);
JsonValue expectedJson = JsonConversionUtils.toJsonValue(deviceSettings);
// When
testFactory.saveDeviceProfile(USER, REALM, deviceSettings);
// Then
ArgumentCaptor<List> savedProfileList = ArgumentCaptor.forClass(List.class);
verify(mockDao).saveDeviceProfiles(eq(USER), eq(REALM), savedProfileList.capture());
assertThat(savedProfileList.getValue()).hasSize(1);
// JsonValue has no sensible .equals() method, so rely on canonical string representation
assertThat(savedProfileList.getValue().get(0).toString()).isEqualTo(expectedJson.toString());
}
Also used :
OathDeviceSettings(org.forgerock.openam.core.rest.devices.OathDeviceSettings)
JsonValue(org.forgerock.json.JsonValue)
List(java.util.List)
Test(org.testng.annotations.Test)
Example 7 with OathDeviceSettings
use of org.forgerock.openam.core.rest.devices.OathDeviceSettings in project OpenAM by OpenRock.
the class AuthenticatorOATH method process.
/**
* Processes the OTP input by the user. Checks the OTP for validity, and
* resynchronizes the server as needed.
*
* @param callbacks Incoming from the UI.
* @param state State of the module to process this access.
* @return -1 for success; 0 for failure, any other int to move to that state.
* @throws AuthLoginException upon any errors.
*/
@Override
public int process(Callback[] callbacks, int state) throws AuthLoginException {
try {
checkForSessionAndGetUsernameAndUUID();
final OathDeviceSettings settings = getOathDeviceSettings(id.getName(), id.getRealm());
try {
//figures out whether we're optional or not, based on server + user setting
detectNecessity(id);
} catch (Exception e) {
throw new AuthLoginException(amAuthOATH, "authFailed", null);
}
int selectedIndex;
switch(state) {
case LOGIN_OPTIONAL:
case LOGIN_NO_DEVICE:
case LOGIN_OPT_DEVICE:
case LOGIN_SAVED_DEVICE:
if (null == callbacks) {
throw new AuthLoginException(amAuthOATH, "authFailed", null);
}
}
//fall-throughs are INTENTIONAL
switch(state) {
case LOGIN_START:
return beginLogin(settings);
case LOGIN_OPTIONAL:
selectedIndex = ((ConfirmationCallback) callbacks[0]).getSelectedIndex();
if (selectedIndex == SKIP_OATH_INDEX) {
realmOathService.setUserSkipOath(id, AuthenticatorOathService.SKIPPABLE);
return ISAuthConstants.LOGIN_SUCCEED;
}
case LOGIN_NO_DEVICE:
selectedIndex = ((ConfirmationCallback) callbacks[0]).getSelectedIndex();
if (selectedIndex == REGISTER_DEVICE_OPTION_VALUE_INDEX) {
newDevice = createBasicDevice();
paintRegisterDeviceCallback(id, newDevice);
return REGISTER_DEVICE;
}
case LOGIN_OPT_DEVICE:
selectedIndex = ((ConfirmationCallback) callbacks[1]).getSelectedIndex();
if (selectedIndex == OPT_DEVICE_SKIP_INDEX) {
realmOathService.setUserSkipOath(id, AuthenticatorOathService.SKIPPABLE);
//user backed out of saving device
realmOathService.removeAllUserDevices(id);
return ISAuthConstants.LOGIN_SUCCEED;
}
case LOGIN_SAVED_DEVICE:
return doLoginSavedDevice(callbacks, state, settings);
case REGISTER_DEVICE:
if (isOptional) {
replaceHeader(LOGIN_OPT_DEVICE, MODULE_NAME);
return LOGIN_OPT_DEVICE;
} else {
replaceHeader(LOGIN_SAVED_DEVICE, MODULE_NAME);
return LOGIN_SAVED_DEVICE;
}
case RECOVERY_USED:
if (isOptional) {
//if it's optional and you log in, config not skippable
realmOathService.setUserSkipOath(id, AuthenticatorOathService.NOT_SKIPPABLE);
}
return ISAuthConstants.LOGIN_SUCCEED;
default:
throw new AuthLoginException("amAuth", "invalidLoginState", new Object[] { state });
}
} catch (SSOException | IdRepoException | IOException e) {
debug.error("OATH.process() : SSOException", e);
throw new AuthLoginException(amAuthOATH, "authFailed", null);
}
}
Also used :
OathDeviceSettings(org.forgerock.openam.core.rest.devices.OathDeviceSettings)
IdRepoException(com.sun.identity.idm.IdRepoException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SMSException(com.sun.identity.sm.SMSException)
DecoderException(org.apache.commons.codec.DecoderException)
IOException(java.io.IOException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
InvalidPasswordException(com.sun.identity.authentication.spi.InvalidPasswordException)
SSOException(com.iplanet.sso.SSOException)
Example 8 with OathDeviceSettings
use of org.forgerock.openam.core.rest.devices.OathDeviceSettings in project OpenAM by OpenRock.
the class OathMakerTest method shouldDefaultCounterToZero.
@Test
public void shouldDefaultCounterToZero() throws Exception {
// Given
// When
OathDeviceSettings deviceSettings = testFactory.createDeviceProfile(SECRET_HEX_LENGTH);
// Then
assertThat(deviceSettings.getCounter()).isEqualTo(0);
}
Also used :
OathDeviceSettings(org.forgerock.openam.core.rest.devices.OathDeviceSettings)
Test(org.testng.annotations.Test)
Example 9 with OathDeviceSettings
use of org.forgerock.openam.core.rest.devices.OathDeviceSettings in project OpenAM by OpenRock.
the class OathMakerTest method shouldDefaultLastLoginTimeToZero.
@Test
public void shouldDefaultLastLoginTimeToZero() throws Exception {
// Given
// When
OathDeviceSettings deviceSettings = testFactory.createDeviceProfile(SECRET_HEX_LENGTH);
// Then
assertThat(deviceSettings.getLastLogin()).isEqualTo(0);
}
Also used :
OathDeviceSettings(org.forgerock.openam.core.rest.devices.OathDeviceSettings)
Test(org.testng.annotations.Test)
Example 10 with OathDeviceSettings
use of org.forgerock.openam.core.rest.devices.OathDeviceSettings in project OpenAM by OpenRock.
the class OathMakerTest method shouldNotGenerateLessThan8BytesOfSecret.
@Test
public void shouldNotGenerateLessThan8BytesOfSecret() throws Exception {
// Given
// When
OathDeviceSettings deviceSettings = testFactory.createDeviceProfile(0);
// Then
assertThat(deviceSettings.getSharedSecret()).hasSize(16);
}
Also used :
OathDeviceSettings(org.forgerock.openam.core.rest.devices.OathDeviceSettings)
Test(org.testng.annotations.Test)
Aggregations
OathDeviceSettings (org.forgerock.openam.core.rest.devices.OathDeviceSettings)12
Test (org.testng.annotations.Test)8
JsonValue (org.forgerock.json.JsonValue)3
InvalidPasswordException (com.sun.identity.authentication.spi.InvalidPasswordException)2
SSOException (com.iplanet.sso.SSOException)1
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)1
IdRepoException (com.sun.identity.idm.IdRepoException)1
SMSException (com.sun.identity.sm.SMSException)1
IOException (java.io.IOException)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
NameCallback (javax.security.auth.callback.NameCallback)1
DecoderException (org.apache.commons.codec.DecoderException)1
