Search in sources :

Example 6 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtilsTest method testIsRetryEnabledFromRegistry.

@Test
public void testIsRetryEnabledFromRegistry() throws AuthenticationFailedException {
    AuthenticationContext authenticationContext = new AuthenticationContext();
    authenticationContext.setTenantDomain("wso2.org");
    authenticationContext.setProperty(SMSOTPConstants.IS_ENABLED_RETRY, "true");
    Assert.assertEquals(SMSOTPUtils.isRetryEnabled(authenticationContext, SMSOTPConstants.AUTHENTICATOR_NAME), true);
}
Also used : AuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 7 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtilsTest method testIsSMSOTPEnableByUserFromRegistry.

@Test
public void testIsSMSOTPEnableByUserFromRegistry() throws AuthenticationFailedException {
    AuthenticationContext authenticationContext = new AuthenticationContext();
    authenticationContext.setTenantDomain("wso2.org");
    authenticationContext.setProperty(SMSOTPConstants.IS_SMSOTP_ENABLE_BY_USER, "true");
    Assert.assertEquals(SMSOTPUtils.isSMSOTPEnableOrDisableByUser(authenticationContext, SMSOTPConstants.AUTHENTICATOR_NAME), true);
}
Also used : AuthenticationContext(org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 8 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method proceedWithOTP.

/**
 * Proceed with One Time Password.
 *
 * @param response     the HttpServletResponse
 * @param context      the AuthenticationContext
 * @param errorPage    the errorPage
 * @param mobileNumber the mobile number
 * @param queryParams  the queryParams
 * @param username     the Username
 * @throws AuthenticationFailedException
 */
private void proceedWithOTP(HttpServletResponse response, AuthenticationContext context, String errorPage, String mobileNumber, String queryParams, String username) throws AuthenticationFailedException {
    String screenValue;
    Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
    boolean isEnableResendCode = SMSOTPUtils.isEnableResendCode(context, getName());
    String loginPage = getLoginPage(context);
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
    try {
        // One time password is generated and stored in the context.
        OneTimePassword token = new OneTimePassword();
        String secret = OneTimePassword.getRandomNumber(SMSOTPConstants.SECRET_KEY_LENGTH);
        String otpToken = token.generateToken(secret, String.valueOf(SMSOTPConstants.NUMBER_BASE), SMSOTPConstants.NUMBER_DIGIT);
        context.setProperty(SMSOTPConstants.OTP_TOKEN, otpToken);
        if (log.isDebugEnabled()) {
            log.debug("Generated OTP successfully and set to the context.");
        }
        // Get the values of the sms provider related api parameters.
        String smsUrl = authenticatorProperties.get(SMSOTPConstants.SMS_URL);
        String httpMethod = authenticatorProperties.get(SMSOTPConstants.HTTP_METHOD);
        String headerString = authenticatorProperties.get(SMSOTPConstants.HEADERS);
        String payload = authenticatorProperties.get(SMSOTPConstants.PAYLOAD);
        String httpResponse = authenticatorProperties.get(SMSOTPConstants.HTTP_RESPONSE);
        if (!sendRESTCall(context, smsUrl, httpMethod, headerString, payload, httpResponse, mobileNumber, otpToken)) {
            String retryParam;
            context.setProperty(SMSOTPConstants.STATUS_CODE, SMSOTPConstants.UNABLE_SEND_CODE);
            if (context.getProperty(SMSOTPConstants.ERROR_CODE) != null) {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + context.getProperty(SMSOTPConstants.ERROR_CODE).toString();
            } else {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + SMSOTPConstants.UNABLE_SEND_CODE_VALUE;
            }
            String redirectUrl = getURL(errorPage, queryParams);
            response.sendRedirect(redirectUrl + SMSOTPConstants.RESEND_CODE + isEnableResendCode + retryParam);
        } else {
            String url = getURL(loginPage, queryParams);
            boolean isUserExists = FederatedAuthenticatorUtil.isUserExistInUserStore(username);
            if (isUserExists) {
                screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
                if (screenValue != null) {
                    url = url + SMSOTPConstants.SCREEN_VALUE + screenValue;
                }
            }
            response.sendRedirect(url);
        }
    } catch (IOException e) {
        throw new AuthenticationFailedException("Error while sending the HTTP request. ", e);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the user from user store. ", e);
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IOException(java.io.IOException)

Example 9 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method redirectToErrorPage.

/**
 * Redirect to an error page.
 *
 * @param response    the HttpServletResponse
 * @param queryParams the queryParams
 * @throws AuthenticationFailedException
 */
private void redirectToErrorPage(HttpServletResponse response, AuthenticationContext context, String queryParams, String retryParam) throws AuthenticationFailedException {
    // that Enable the SMS OTP in user's Profile. Cannot proceed further without SMS OTP authentication.
    try {
        String errorPage = getErrorPage(context);
        String url = getURL(errorPage, queryParams);
        response.sendRedirect(url + retryParam);
    } catch (IOException e) {
        throw new AuthenticationFailedException("Exception occurred while redirecting to errorPage. ", e);
    }
}
Also used : AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) IOException(java.io.IOException)

Example 10 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method getScreenValue.

/**
 * Get the screen value for configured screen attribute.
 *
 * @param context the AuthenticationContext
 * @return screenValue
 * @throws AuthenticationFailedException
 */
private String getScreenValue(AuthenticationContext context) throws AuthenticationFailedException {
    String screenValue;
    String username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
    try {
        screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the screen attribute for the user " + tenantAwareUsername + " from user store. ", e);
    }
    return screenValue;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException)

Aggregations

PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)18 Test (org.testng.annotations.Test)18 AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)16 AuthenticationFailedException (org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException)12 UserStoreException (org.wso2.carbon.user.api.UserStoreException)10 UserRealm (org.wso2.carbon.user.api.UserRealm)9 SMSOTPException (org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)6 IOException (java.io.IOException)5 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)3 RealmService (org.wso2.carbon.user.core.service.RealmService)3 HashMap (java.util.HashMap)2 Matchers.anyString (org.mockito.Matchers.anyString)2 AuthenticatorFlowStatus (org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus)2 AuthenticatorConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig)2 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)2 OutputStreamWriter (java.io.OutputStreamWriter)1 MalformedURLException (java.net.MalformedURLException)1 ProtocolException (java.net.ProtocolException)1 InvalidCredentialsException (org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException)1