Examples with AuthenticationFailedException org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException used on opensource projects

Search in sources :

Example 16 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method getMobileNumberForUsername.

/**
 * Get the mobile number for Username.
 *
 * @param username the username
 * @return mobile number
 * @throws SMSOTPException
 */
public static String getMobileNumberForUsername(String username) throws SMSOTPException, AuthenticationFailedException {
    UserRealm userRealm;
    String mobile;
    try {
        String tenantDomain = MultitenantUtils.getTenantDomain(username);
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
        userRealm = getUserRealm(tenantDomain);
        if (userRealm != null) {
            mobile = userRealm.getUserStoreManager().getUserClaimValue(tenantAwareUsername, SMSOTPConstants.MOBILE_CLAIM, null);
        } else {
            throw new SMSOTPException("Cannot find the user realm for the given tenant domain : " + tenantDomain);
        }
    } catch (UserStoreException e) {
        throw new SMSOTPException("Cannot find the user " + username + " to get the mobile number ", e);
    }
    return mobile;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)

Example 17 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method verifyUserExists.

/**
 * Verify whether user Exist in the user store or not.
 *
 * @param username the Username
 * @throws SMSOTPException
 */
public static void verifyUserExists(String username, String tenantDomain) throws SMSOTPException, AuthenticationFailedException {
    UserRealm userRealm;
    boolean isUserExist = false;
    try {
        userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
        if (userRealm == null) {
            throw new SMSOTPException("Super tenant realm not loaded.");
        }
        UserStoreManager userStoreManager = userRealm.getUserStoreManager();
        if (userStoreManager.isExistingUser(username)) {
            isUserExist = true;
        }
    } catch (UserStoreException e) {
        throw new SMSOTPException("Error while validating the user.", e);
    }
    if (!isUserExist) {
        if (log.isDebugEnabled()) {
            log.debug("User does not exist in the User Store");
        }
        throw new SMSOTPException("User does not exist in the User Store.");
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)

Example 18 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method checkWithBackUpCodes.

/**
 * If user forgets the mobile, then user can use the back up codes to authenticate the user.
 *
 * @param context           the AuthenticationContext
 * @param userToken         the userToken
 * @param authenticatedUser the name of authenticatedUser
 * @throws AuthenticationFailedException
 */
private void checkWithBackUpCodes(AuthenticationContext context, String userToken, AuthenticatedUser authenticatedUser) throws AuthenticationFailedException {
    String savedOTPString = null;
    String username = context.getProperty(SMSOTPConstants.USER_NAME).toString();
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = getUserRealm(username);
    try {
        if (userRealm != null) {
            savedOTPString = userRealm.getUserStoreManager().getUserClaimValue(tenantAwareUsername, SMSOTPConstants.SAVED_OTP_LIST, null);
        }
        if (StringUtils.isEmpty(savedOTPString)) {
            if (log.isDebugEnabled()) {
                log.debug("The claim " + SMSOTPConstants.SAVED_OTP_LIST + " does not contain any values");
            }
            throw new AuthenticationFailedException("The claim " + SMSOTPConstants.SAVED_OTP_LIST + " does not contain any values");
        } else if (savedOTPString.contains(userToken)) {
            if (log.isDebugEnabled()) {
                log.debug("Found saved backup SMS OTP for user :" + authenticatedUser);
            }
            context.setSubject(authenticatedUser);
            savedOTPString = savedOTPString.replaceAll(userToken, "").replaceAll(",,", ",");
            userRealm.getUserStoreManager().setUserClaimValue(tenantAwareUsername, SMSOTPConstants.SAVED_OTP_LIST, savedOTPString, null);
        } else {
            if (log.isDebugEnabled()) {
                log.debug("User entered OTP :" + userToken + " does not match with any of the saved backup codes");
            }
            throw new AuthenticationFailedException("Verification Error due to Code " + userToken + " mismatch.");
        }
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Cannot find the user claim for OTP list for user : " + authenticatedUser, e);
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException)

Example 19 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method processAuthenticationResponse.

/**
 * Process the response of the SMSOTP end-point.
 *
 * @param request  the HttpServletRequest
 * @param response the HttpServletResponse
 * @param context  the AuthenticationContext
 * @throws AuthenticationFailedException
 */
@Override
protected void processAuthenticationResponse(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException {
    String userToken = request.getParameter(SMSOTPConstants.CODE);
    String contextToken = (String) context.getProperty(SMSOTPConstants.OTP_TOKEN);
    AuthenticatedUser authenticatedUser = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
    if (StringUtils.isEmpty(request.getParameter(SMSOTPConstants.CODE))) {
        throw new InvalidCredentialsException("Code cannot not be null");
    }
    if (Boolean.parseBoolean(request.getParameter(SMSOTPConstants.RESEND))) {
        if (log.isDebugEnabled()) {
            log.debug("Retrying to resend the OTP");
        }
        throw new InvalidCredentialsException("Retrying to resend the OTP");
    }
    if (userToken.equals(contextToken)) {
        context.setSubject(authenticatedUser);
    } else if (SMSOTPUtils.getBackupCode(context, getName()).equals("true")) {
        checkWithBackUpCodes(context, userToken, authenticatedUser);
    } else {
        context.setProperty(SMSOTPConstants.CODE_MISMATCH, true);
        throw new AuthenticationFailedException("Code mismatch");
    }
}
Also used : InvalidCredentialsException(org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)

Example 20 with AuthenticationFailedException

use of org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method updateUserAttribute.

/**
 * Update the mobile number (user attribute) in user's profile.
 *
 * @param username  the Username
 * @param attribute the Attribute
 * @throws SMSOTPException
 */
public static void updateUserAttribute(String username, Map<String, String> attribute, String tenantDomain) throws SMSOTPException {
    try {
        // updating user attributes is independent from tenant association.not tenant association check needed here.
        UserRealm userRealm;
        // user is always in the super tenant.
        userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
        if (userRealm == null) {
            throw new SMSOTPException("The specified tenant domain " + tenantDomain + " does not exist.");
        }
        // check whether user already exists in the system.
        SMSOTPUtils.verifyUserExists(username, tenantDomain);
        UserStoreManager userStoreManager = userRealm.getUserStoreManager();
        userStoreManager.setUserClaimValues(username, attribute, null);
    } catch (UserStoreException | AuthenticationFailedException e) {
        throw new SMSOTPException("Exception occurred while connecting to User Store: Authentication is failed. ", e);
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)

Aggregations

PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)18 Test (org.testng.annotations.Test)18 AuthenticationContext (org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext)16 AuthenticationFailedException (org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException)12 UserStoreException (org.wso2.carbon.user.api.UserStoreException)10 UserRealm (org.wso2.carbon.user.api.UserRealm)9 SMSOTPException (org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)6 IOException (java.io.IOException)5 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)3 RealmService (org.wso2.carbon.user.core.service.RealmService)3 HashMap (java.util.HashMap)2 Matchers.anyString (org.mockito.Matchers.anyString)2 AuthenticatorFlowStatus (org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus)2 AuthenticatorConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig)2 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)2 OutputStreamWriter (java.io.OutputStreamWriter)1 MalformedURLException (java.net.MalformedURLException)1 ProtocolException (java.net.ProtocolException)1 InvalidCredentialsException (org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial