use of org.forgerock.openam.http.annotations.Post in project OpenAM by OpenRock.
the class AuthenticationServiceV1 method authenticate.
/**
* Handles both initial and subsequent RESTful calls from clients submitting Callbacks for the authentication
* process to continue. This is determined by checking if the POST body is empty or not. If it is empty then this
* is initiating the authentication process otherwise it is a subsequent call submitting Callbacks.
*
* Initiating authentication request using the query parameters from the URL starts the login process and either
* returns an SSOToken on successful authentication or a number of Callbacks needing to be completed before
* authentication can proceed or an exception if any problems occurred whilst trying to authenticate.
*
* Using the body of the POST request the method continues the login process, submitting the given Callbacks and
* then either returns an SSOToken on successful authentication or a number of additional Callbacks needing to be
* completed before authentication can proceed or an exception if any problems occurred whilst trying to
* authenticate.
*
* @param context The request context.
* @param httpRequest The HTTP request.
* @return A Json Representation of the response body. The response will contain either a JSON object containing the
* SSOToken id from a successful authentication, a JSON object containing a number of Callbacks for the client to
* complete and return or a JSON object containing an exception message.
* @throws ResourceException If there is an error processing the authentication request.
*/
@Post
public Response authenticate(@Contextual Context context, @Contextual Request httpRequest) {
if (!isSupportedMediaType(httpRequest)) {
if (DEBUG.errorEnabled()) {
DEBUG.error("AuthenticationService :: Unable to handle media type request : " + ContentTypeHeader.valueOf(httpRequest).getType());
}
return handleErrorResponse(httpRequest, Status.UNSUPPORTED_MEDIA_TYPE, null);
}
final HttpServletResponse response = getHttpServletResponse(context);
Form urlQueryString = getUrlQueryString(httpRequest);
final String sessionUpgradeSSOTokenId = urlQueryString.getFirst("sessionUpgradeSSOTokenId");
try {
JsonValue jsonContent;
try {
jsonContent = getJsonContent(httpRequest);
} catch (IOException e) {
DEBUG.message("AuthenticationService.authenticate() :: JSON parsing error", e);
return handleErrorResponse(httpRequest, Status.BAD_REQUEST, e);
}
final HttpServletRequest request = getHttpServletRequest(context, jsonContent);
JsonValue jsonResponse;
if (jsonContent != null && jsonContent.size() > 0) {
// submit requirements
jsonResponse = restAuthenticationHandler.continueAuthentication(request, response, jsonContent, sessionUpgradeSSOTokenId);
} else {
// initiate
final String authIndexType = urlQueryString.getFirst("authIndexType");
final String authIndexValue = urlQueryString.getFirst("authIndexValue");
jsonResponse = restAuthenticationHandler.initiateAuthentication(request, response, authIndexType, authIndexValue, sessionUpgradeSSOTokenId);
}
return createResponse(jsonResponse);
} catch (RestAuthResponseException e) {
DEBUG.message("AuthenticationService.authenticate() :: Exception from CallbackHandler", e);
return handleErrorResponse(httpRequest, Status.valueOf(e.getStatusCode()), e);
} catch (RestAuthException e) {
DEBUG.message("AuthenticationService.authenticate() :: Rest Authentication Exception", e);
return handleErrorResponse(httpRequest, Status.valueOf(e.getStatusCode()), e);
} catch (IOException e) {
DEBUG.error("AuthenticationService.authenticate() :: Internal Error", e);
return handleErrorResponse(httpRequest, Status.INTERNAL_SERVER_ERROR, e);
}
}
Aggregations