Examples with InvalidCredentialsException org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException used on opensource projects

Example 1 with InvalidCredentialsException

use of org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method processAuthenticationResponse.

/**
 * Process the response of the SMSOTP end-point.
 *
 * @param request  the HttpServletRequest
 * @param response the HttpServletResponse
 * @param context  the AuthenticationContext
 * @throws AuthenticationFailedException
 */
@Override
protected void processAuthenticationResponse(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException {
    String userToken = request.getParameter(SMSOTPConstants.CODE);
    String contextToken = (String) context.getProperty(SMSOTPConstants.OTP_TOKEN);
    AuthenticatedUser authenticatedUser = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
    if (StringUtils.isEmpty(request.getParameter(SMSOTPConstants.CODE))) {
        throw new InvalidCredentialsException("Code cannot not be null");
    }
    if (Boolean.parseBoolean(request.getParameter(SMSOTPConstants.RESEND))) {
        if (log.isDebugEnabled()) {
            log.debug("Retrying to resend the OTP");
        }
        throw new InvalidCredentialsException("Retrying to resend the OTP");
    }
    if (userToken.equals(contextToken)) {
        context.setSubject(authenticatedUser);
    } else if (SMSOTPUtils.getBackupCode(context, getName()).equals("true")) {
        checkWithBackUpCodes(context, userToken, authenticatedUser);
    } else {
        context.setProperty(SMSOTPConstants.CODE_MISMATCH, true);
        throw new AuthenticationFailedException("Code mismatch");
    }
}