Search in sources :

Example 1 with AuthGraphNode

use of org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode in project carbon-identity-framework by wso2.

the class JsGraphBuilder method executeStepInAsyncEvent.

/**
 * Adds the step given by step ID tp the authentication graph.
 *
 * @param params params
 */
@SuppressWarnings("unchecked")
public void executeStepInAsyncEvent(int stepId, Object... params) {
    AuthenticationContext context = contextForJs.get();
    AuthGraphNode currentNode = dynamicallyBuiltBaseNode.get();
    if (log.isDebugEnabled()) {
        log.debug("Execute Step on async event. Step ID : " + stepId);
    }
    AuthenticationGraph graph = context.getSequenceConfig().getAuthenticationGraph();
    if (graph == null) {
        log.error("The graph happens to be null on the sequence config. Can not execute step : " + stepId);
        return;
    }
    StepConfig stepConfig = graph.getStepMap().get(stepId);
    if (stepConfig == null) {
        if (log.isDebugEnabled()) {
            log.debug("The stepConfig of the step ID : " + stepId + " is null");
        }
        return;
    }
    // Inorder to keep original stepConfig as a backup in AuthenticationGraph.
    StepConfig clonedStepConfig = new StepConfig(stepConfig);
    StepConfig stepConfigFromContext = null;
    if (MapUtils.isNotEmpty(context.getSequenceConfig().getStepMap())) {
        stepConfigFromContext = context.getSequenceConfig().getStepMap().values().stream().filter(contextStepConfig -> (stepConfig.getOrder() == contextStepConfig.getOrder())).findFirst().orElse(null);
    }
    clonedStepConfig.applyStateChangesToNewObjectFromContextStepMap(stepConfigFromContext);
    if (log.isDebugEnabled()) {
        log.debug("Found step for the Step ID : " + stepId + ", Step Config " + clonedStepConfig);
    }
    StepConfigGraphNode newNode = wrap(clonedStepConfig);
    if (currentNode == null) {
        if (log.isDebugEnabled()) {
            log.debug("Setting a new node at the first time. Node : " + newNode.getName());
        }
        dynamicallyBuiltBaseNode.set(newNode);
    } else {
        attachToLeaf(currentNode, newNode);
    }
    if (params.length > 0) {
        // if there is only one param, it is assumed to be the event listeners
        if (params[params.length - 1] instanceof Map) {
            attachEventListeners((Map<String, Object>) params[params.length - 1], newNode);
        } else {
            log.error("Invalid argument and hence ignored. Last argument should be a Map of event listeners.");
        }
    }
    if (params.length == 2) {
        // There is an argument with options present
        if (params[0] instanceof Map) {
            Map<String, Object> options = (Map<String, Object>) params[0];
            handleOptions(options, clonedStepConfig);
        }
    }
}
Also used : StringUtils(org.apache.commons.lang.StringUtils) Bindings(javax.script.Bindings) AuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext) FrameworkConstants(org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants) HashMap(java.util.HashMap) Function(java.util.function.Function) HashSet(java.util.HashSet) AuthenticationDecisionEvaluator(org.wso2.carbon.identity.application.authentication.framework.AuthenticationDecisionEvaluator) JSObject(jdk.nashorn.api.scripting.JSObject) Map(java.util.Map) JsFunctionRegistry(org.wso2.carbon.identity.application.authentication.framework.JsFunctionRegistry) BiConsumer(java.util.function.BiConsumer) ScriptException(javax.script.ScriptException) FrameworkServiceComponent(org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceComponent) Compilable(javax.script.Compilable) MapUtils(org.apache.commons.collections.MapUtils) StepConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig) ApplicationAuthenticatorService(org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService) AsyncProcess(org.wso2.carbon.identity.application.authentication.framework.AsyncProcess) Set(java.util.Set) AuthenticatorConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig) UUID(java.util.UUID) FunctionLibrary(org.wso2.carbon.identity.functions.library.mgt.model.FunctionLibrary) FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig) Collectors(java.util.stream.Collectors) ScriptContext(javax.script.ScriptContext) Serializable(java.io.Serializable) FunctionLibraryManagementService(org.wso2.carbon.identity.functions.library.mgt.FunctionLibraryManagementService) List(java.util.List) Invocable(javax.script.Invocable) FrameworkServiceDataHolder(org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder) CarbonContext(org.wso2.carbon.context.CarbonContext) CompiledScript(javax.script.CompiledScript) ScriptEngine(javax.script.ScriptEngine) Log(org.apache.commons.logging.Log) FunctionLibraryManagementException(org.wso2.carbon.identity.functions.library.mgt.exception.FunctionLibraryManagementException) ScriptObjectMirror(jdk.nashorn.api.scripting.ScriptObjectMirror) LogFactory(org.apache.commons.logging.LogFactory) JsAuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js.JsAuthenticationContext) FrameworkUtils(org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig) Collections(java.util.Collections) AuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext) JsAuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js.JsAuthenticationContext) StepConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig) JSObject(jdk.nashorn.api.scripting.JSObject) HashMap(java.util.HashMap) Map(java.util.Map)

Example 2 with AuthGraphNode

use of org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode in project carbon-identity-framework by wso2.

the class GraphBasedSequenceHandler method handleAuthenticationStep.

private boolean handleAuthenticationStep(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context, SequenceConfig sequenceConfig, StepConfigGraphNode stepConfigGraphNode) throws FrameworkException {
    StepConfig stepConfig = stepConfigGraphNode.getStepConfig();
    if (stepConfig == null) {
        throw new FrameworkException("StepConfig not found while handling the step. Service Provider : " + context.getServiceProviderName());
    }
    // if the current step is completed
    if (stepConfig.isCompleted()) {
        stepConfig.setCompleted(false);
        stepConfig.setRetrying(false);
        // if the request didn't fail during the step execution
        if (context.isRequestAuthenticated()) {
            if (log.isDebugEnabled()) {
                log.debug("Step " + stepConfig.getOrder() + " is completed. Going to get the next one.");
            }
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Authentication has failed in the Step " + (context.getCurrentStep()));
            }
            // authentication
            if (stepConfig.isMultiOption() && !context.isPassiveAuthenticate()) {
                stepConfig.setRetrying(true);
                context.setRequestAuthenticated(true);
            } else {
                FrameworkUtils.resetAuthenticationContext(context);
            }
        }
        FrameworkUtils.resetAuthenticationContext(context);
    }
    // if the sequence is not completed, we have work to do.
    if (log.isDebugEnabled()) {
        log.debug("Starting Step: " + stepConfig.getOrder());
    }
    AuthenticatorFlowStatus flowStatus = (AuthenticatorFlowStatus) request.getAttribute(FrameworkConstants.RequestParams.FLOW_STATUS);
    int stepNumber = context.getCurrentStep();
    if (!context.isReturning()) {
        if (stepNumber <= 0) {
            stepNumber = 1;
        } else if (flowStatus != FAIL_COMPLETED) {
            stepNumber++;
        }
        context.setCurrentStep(stepNumber);
        context.getSequenceConfig().getStepMap().put(stepNumber, stepConfig);
    }
    FrameworkUtils.getStepHandler().handle(request, response, context);
    flowStatus = (AuthenticatorFlowStatus) request.getAttribute(FrameworkConstants.RequestParams.FLOW_STATUS);
    if (flowStatus != SUCCESS_COMPLETED && flowStatus != INCOMPLETE && !(FAIL_COMPLETED.equals(flowStatus) && context.isRetrying())) {
        stepConfig.setSubjectAttributeStep(false);
        stepConfig.setSubjectIdentifierStep(false);
    }
    if (flowStatus == FAIL_COMPLETED) {
        if (!(stepConfigGraphNode.getNext() instanceof DynamicDecisionNode)) {
            if (context.isRetrying()) {
                StepConfigGraphNode newNextNode = new StepConfigGraphNode(stepConfigGraphNode.getStepConfig());
                newNextNode.setNext(stepConfigGraphNode.getNext());
                AuthGraphNode parentNode = stepConfigGraphNode.getParent();
                if (parentNode == null) {
                    parentNode = sequenceConfig.getAuthenticationGraph().getStartNode();
                }
                newNextNode.setParent(parentNode);
                if (parentNode instanceof DynamicDecisionNode) {
                    ((DynamicDecisionNode) parentNode).setDefaultEdge(newNextNode);
                } else if (parentNode instanceof StepConfigGraphNode) {
                    ((StepConfigGraphNode) parentNode).setNext(newNextNode);
                }
                stepConfigGraphNode.setNext(newNextNode);
            } else {
                stepConfigGraphNode.setNext(new FailNode());
            }
        }
    }
    // if step is not completed, that means step wants to redirect to outside
    if (!stepConfig.isCompleted()) {
        if (log.isDebugEnabled()) {
            log.debug("Step is not complete yet. Redirecting to outside.");
        }
        return true;
    }
    if (context.isPassiveAuthenticate() && !context.isRequestAuthenticated()) {
        return true;
    }
    context.setReturning(false);
    return false;
}
Also used : DynamicDecisionNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.DynamicDecisionNode) FailNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.FailNode) FrameworkException(org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException) StepConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig) AuthenticatorFlowStatus(org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus) StepConfigGraphNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.StepConfigGraphNode) AuthGraphNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode)

Example 3 with AuthGraphNode

use of org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode in project carbon-identity-framework by wso2.

the class GraphBasedSequenceHandler method gotoToNextNode.

private void gotoToNextNode(AuthenticationContext context, SequenceConfig sequenceConfig, AuthGraphNode currentNode) {
    AuthGraphNode nextNode = null;
    if (currentNode instanceof StepConfigGraphNode) {
        nextNode = ((StepConfigGraphNode) currentNode).getNext();
    }
    if (nextNode == null) {
        if (log.isDebugEnabled()) {
            log.debug("No Next node found for the current graph node : " + currentNode.getName() + ", Service Provider: " + context.getServiceProviderName() + " . Ending the authentication flow.");
        }
        nextNode = new EndStep();
    }
    context.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, nextNode);
}
Also used : StepConfigGraphNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.StepConfigGraphNode) EndStep(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.EndStep) AuthGraphNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode)

Example 4 with AuthGraphNode

use of org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode in project carbon-identity-framework by wso2.

the class GraphBasedSequenceHandler method handleInitialize.

private boolean handleInitialize(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context, SequenceConfig sequenceConfig, AuthenticationGraph graph) throws FrameworkException {
    AuthGraphNode startNode = graph.getStartNode();
    if (startNode == null) {
        throw new FrameworkException("Start node is not set for authentication graph:" + graph.getName());
    }
    context.setCurrentStep(0);
    return handleNode(request, response, context, sequenceConfig, startNode);
}
Also used : FrameworkException(org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException) AuthGraphNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode)

Example 5 with AuthGraphNode

use of org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode in project carbon-identity-framework by wso2.

the class GraphBasedSequenceHandler method modifyCurrentNodeAsFirstStep.

private void modifyCurrentNodeAsFirstStep(AuthenticationContext context) {
    context.removeProperty(BACK_TO_FIRST_STEP);
    if (context.getProperty(PROP_CURRENT_NODE) != null) {
        // Identifier first should be the first step. Other steps will be determine dynamically.
        int size = context.getSequenceConfig().getStepMap().size();
        for (int i = 2; i <= size; i++) {
            context.getSequenceConfig().getStepMap().remove(i);
        }
        context.getSequenceConfig().setCompleted(false);
        context.setProperty(PROP_CURRENT_NODE, null);
        AuthGraphNode startNode = context.getSequenceConfig().getAuthenticationGraph().getStartNode();
        if (startNode instanceof StepConfigGraphNode) {
            ((StepConfigGraphNode) startNode).getStepConfig().setCompleted(false);
            ((StepConfigGraphNode) startNode).getStepConfig().setAuthenticatedAutenticator(null);
            ((StepConfigGraphNode) startNode).getStepConfig().setAuthenticatedUser(null);
            if (((StepConfigGraphNode) startNode).getNext() instanceof DynamicDecisionNode) {
                ((DynamicDecisionNode) ((StepConfigGraphNode) startNode).getNext()).setDefaultEdge(new EndStep());
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Modified current node a parent node which can restart authentication flow" + " from first step.");
        }
    }
}
Also used : DynamicDecisionNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.DynamicDecisionNode) StepConfigGraphNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.StepConfigGraphNode) EndStep(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.EndStep) AuthGraphNode(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode)

Aggregations

AuthGraphNode (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode)8 EndStep (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.EndStep)3 FailNode (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.FailNode)3 StepConfigGraphNode (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.StepConfigGraphNode)3 FrameworkException (org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException)3 Map (java.util.Map)2 AuthenticatorFlowStatus (org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus)2 StepConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig)2 DynamicDecisionNode (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.DynamicDecisionNode)2 Serializable (java.io.Serializable)1 Collections (java.util.Collections)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 List (java.util.List)1 Set (java.util.Set)1 UUID (java.util.UUID)1 BiConsumer (java.util.function.BiConsumer)1 Function (java.util.function.Function)1 Collectors (java.util.stream.Collectors)1 Bindings (javax.script.Bindings)1