Search in sources :

Example 6 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtilsTest method testIsRetryEnabledFromRegistry.

@Test
public void testIsRetryEnabledFromRegistry() throws AuthenticationFailedException {
    AuthenticationContext authenticationContext = new AuthenticationContext();
    authenticationContext.setTenantDomain("wso2.org");
    authenticationContext.setProperty(SMSOTPConstants.IS_ENABLED_RETRY, "true");
    Assert.assertEquals(SMSOTPUtils.isRetryEnabled(authenticationContext, SMSOTPConstants.AUTHENTICATOR_NAME), true);
}
Also used : AuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 7 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtilsTest method testIsSMSOTPEnableByUserFromRegistry.

@Test
public void testIsSMSOTPEnableByUserFromRegistry() throws AuthenticationFailedException {
    AuthenticationContext authenticationContext = new AuthenticationContext();
    authenticationContext.setTenantDomain("wso2.org");
    authenticationContext.setProperty(SMSOTPConstants.IS_SMSOTP_ENABLE_BY_USER, "true");
    Assert.assertEquals(SMSOTPUtils.isSMSOTPEnableOrDisableByUser(authenticationContext, SMSOTPConstants.AUTHENTICATOR_NAME), true);
}
Also used : AuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 8 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method proceedWithOTP.

/**
 * Proceed with One Time Password.
 *
 * @param response     the HttpServletResponse
 * @param context      the AuthenticationContext
 * @param errorPage    the errorPage
 * @param mobileNumber the mobile number
 * @param queryParams  the queryParams
 * @param username     the Username
 * @throws AuthenticationFailedException
 */
private void proceedWithOTP(HttpServletResponse response, AuthenticationContext context, String errorPage, String mobileNumber, String queryParams, String username) throws AuthenticationFailedException {
    String screenValue;
    Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
    boolean isEnableResendCode = SMSOTPUtils.isEnableResendCode(context, getName());
    String loginPage = getLoginPage(context);
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
    try {
        // One time password is generated and stored in the context.
        OneTimePassword token = new OneTimePassword();
        String secret = OneTimePassword.getRandomNumber(SMSOTPConstants.SECRET_KEY_LENGTH);
        String otpToken = token.generateToken(secret, String.valueOf(SMSOTPConstants.NUMBER_BASE), SMSOTPConstants.NUMBER_DIGIT);
        context.setProperty(SMSOTPConstants.OTP_TOKEN, otpToken);
        if (log.isDebugEnabled()) {
            log.debug("Generated OTP successfully and set to the context.");
        }
        // Get the values of the sms provider related api parameters.
        String smsUrl = authenticatorProperties.get(SMSOTPConstants.SMS_URL);
        String httpMethod = authenticatorProperties.get(SMSOTPConstants.HTTP_METHOD);
        String headerString = authenticatorProperties.get(SMSOTPConstants.HEADERS);
        String payload = authenticatorProperties.get(SMSOTPConstants.PAYLOAD);
        String httpResponse = authenticatorProperties.get(SMSOTPConstants.HTTP_RESPONSE);
        if (!sendRESTCall(context, smsUrl, httpMethod, headerString, payload, httpResponse, mobileNumber, otpToken)) {
            String retryParam;
            context.setProperty(SMSOTPConstants.STATUS_CODE, SMSOTPConstants.UNABLE_SEND_CODE);
            if (context.getProperty(SMSOTPConstants.ERROR_CODE) != null) {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + context.getProperty(SMSOTPConstants.ERROR_CODE).toString();
            } else {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + SMSOTPConstants.UNABLE_SEND_CODE_VALUE;
            }
            String redirectUrl = getURL(errorPage, queryParams);
            response.sendRedirect(redirectUrl + SMSOTPConstants.RESEND_CODE + isEnableResendCode + retryParam);
        } else {
            String url = getURL(loginPage, queryParams);
            boolean isUserExists = FederatedAuthenticatorUtil.isUserExistInUserStore(username);
            if (isUserExists) {
                screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
                if (screenValue != null) {
                    url = url + SMSOTPConstants.SCREEN_VALUE + screenValue;
                }
            }
            response.sendRedirect(url);
        }
    } catch (IOException e) {
        throw new AuthenticationFailedException("Error while sending the HTTP request. ", e);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the user from user store. ", e);
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IOException(java.io.IOException)

Example 9 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method processFirstStepOnly.

/**
 * In SMSOTP optional case proceed with first step only.It can be basic or federated.
 *
 * @param authenticatedUser the name of authenticatedUser
 * @param context           the AuthenticationContext
 */
private void processFirstStepOnly(AuthenticatedUser authenticatedUser, AuthenticationContext context) {
    if (log.isDebugEnabled()) {
        log.debug("Processing First step only. Skipping SMSOTP");
    }
    // the authentication flow happens with basic authentication.
    StepConfig stepConfig = context.getSequenceConfig().getStepMap().get(context.getCurrentStep() - 1);
    if (stepConfig.getAuthenticatedAutenticator().getApplicationAuthenticator() instanceof LocalApplicationAuthenticator) {
        if (log.isDebugEnabled()) {
            log.debug("Found local authenticator in previous step. Hence setting a local user");
        }
        FederatedAuthenticatorUtil.updateLocalAuthenticatedUserInStepConfig(context, authenticatedUser);
        context.setProperty(SMSOTPConstants.AUTHENTICATION, SMSOTPConstants.BASIC);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("Found federated authenticator in previous step. Hence setting a local user");
        }
        FederatedAuthenticatorUtil.updateAuthenticatedUserInStepConfig(context, authenticatedUser);
        context.setProperty(SMSOTPConstants.AUTHENTICATION, SMSOTPConstants.FEDERETOR);
    }
}
Also used : StepConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig) LocalApplicationAuthenticator(org.wso2.carbon.identity.application.authentication.framework.LocalApplicationAuthenticator)

Example 10 with AuthenticationContext

use of org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method redirectToErrorPage.

/**
 * Redirect to an error page.
 *
 * @param response    the HttpServletResponse
 * @param queryParams the queryParams
 * @throws AuthenticationFailedException
 */
private void redirectToErrorPage(HttpServletResponse response, AuthenticationContext context, String queryParams, String retryParam) throws AuthenticationFailedException {
    // that Enable the SMS OTP in user's Profile. Cannot proceed further without SMS OTP authentication.
    try {
        String errorPage = getErrorPage(context);
        String url = getURL(errorPage, queryParams);
        response.sendRedirect(url + retryParam);
    } catch (IOException e) {
        throw new AuthenticationFailedException("Exception occurred while redirecting to errorPage. ", e);
    }
}
Also used : AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) IOException(java.io.IOException)

Aggregations

AuthenticationContext (org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext)96 Axis2MessageContext (org.apache.synapse.core.axis2.Axis2MessageContext)69 Test (org.junit.Test)69 MessageContext (org.apache.synapse.MessageContext)56 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)49 ArrayList (java.util.ArrayList)31 ConditionGroupDTO (org.wso2.carbon.apimgt.api.dto.ConditionGroupDTO)31 TreeMap (java.util.TreeMap)22 VerbInfoDTO (org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO)22 API (org.wso2.carbon.apimgt.keymgt.model.entity.API)21 HashMap (java.util.HashMap)19 Cache (javax.cache.Cache)18 Test (org.testng.annotations.Test)18 AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)18 ThrottleProperties (org.wso2.carbon.apimgt.impl.dto.ThrottleProperties)17 SignedJWT (com.nimbusds.jwt.SignedJWT)16 ConditionDTO (org.wso2.carbon.apimgt.api.dto.ConditionDTO)16 ThrottleDataHolder (org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder)16 APISecurityException (org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException)15 APIKeyValidationInfoDTO (org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO)14