use of org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPAuthenticator method processAuthenticationResponse.
/**
* Process the response of the SMSOTP end-point.
*
* @param request the HttpServletRequest
* @param response the HttpServletResponse
* @param context the AuthenticationContext
* @throws AuthenticationFailedException
*/
@Override
protected void processAuthenticationResponse(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException {
String userToken = request.getParameter(SMSOTPConstants.CODE);
String contextToken = (String) context.getProperty(SMSOTPConstants.OTP_TOKEN);
AuthenticatedUser authenticatedUser = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
if (StringUtils.isEmpty(request.getParameter(SMSOTPConstants.CODE))) {
throw new InvalidCredentialsException("Code cannot not be null");
}
if (Boolean.parseBoolean(request.getParameter(SMSOTPConstants.RESEND))) {
if (log.isDebugEnabled()) {
log.debug("Retrying to resend the OTP");
}
throw new InvalidCredentialsException("Retrying to resend the OTP");
}
if (userToken.equals(contextToken)) {
context.setSubject(authenticatedUser);
} else if (SMSOTPUtils.getBackupCode(context, getName()).equals("true")) {
checkWithBackUpCodes(context, userToken, authenticatedUser);
} else {
context.setProperty(SMSOTPConstants.CODE_MISMATCH, true);
throw new AuthenticationFailedException("Code mismatch");
}
}
Aggregations