Search in sources :

Example 16 with AuthenticationResult

use of org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult in project carbon-identity-framework by wso2.

the class IdentityUserIdResolverListener method doPostAuthenticate.

@Override
public boolean doPostAuthenticate(String userName, boolean authenticated, UserStoreManager userStoreManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    String userID = ((AbstractUserStoreManager) userStoreManager).getUserIDFromUserName(userName);
    if (userID == null) {
        return handleUserIDResolveFailure(userName, userStoreManager);
    }
    AuthenticationResult authenticationResult;
    if (authenticated) {
        authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
        User user = ((AbstractUserStoreManager) userStoreManager).getUser(userID, userName);
        authenticationResult.setAuthenticatedUser(user);
    } else {
        authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.FAIL);
    }
    for (UserOperationEventListener listener : getUserStoreManagerListeners()) {
        if (isNotAResolverListener(listener)) {
            if (!((UniqueIDUserOperationEventListener) listener).doPostAuthenticateWithID(userID, authenticationResult, userStoreManager)) {
                return false;
            }
        }
    }
    return true;
}
Also used : UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener) UniqueIDUserOperationEventListener(org.wso2.carbon.user.core.listener.UniqueIDUserOperationEventListener) AbstractIdentityUserOperationEventListener(org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener) User(org.wso2.carbon.user.core.common.User) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) AuthenticationResult(org.wso2.carbon.user.core.common.AuthenticationResult)

Example 17 with AuthenticationResult

use of org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult in project carbon-identity-framework by wso2.

the class IdentityProcessor method processResponseFromFrameworkLogin.

/**
 * Processes the IdentityMessageContext and retrieved the using {@code sessionDataKey} parameter and sets the
 * AuthenticationResult to message context if found in AuthenticationResultCache
 *
 * @param context IdentityMessageContext
 * @param identityRequest Current IdentityRequest object
 * @return AuthenticationResult
 */
protected AuthenticationResult processResponseFromFrameworkLogin(IdentityMessageContext context, IdentityRequest identityRequest) {
    String sessionDataKey = identityRequest.getParameter(InboundConstants.RequestProcessor.CONTEXT_KEY);
    AuthenticationResultCacheEntry entry = FrameworkUtils.getAuthenticationResultFromCache(sessionDataKey);
    AuthenticationResult authnResult = null;
    if (entry != null) {
        authnResult = entry.getResult();
    } else {
        throw FrameworkRuntimeException.error("Cannot find AuthenticationResult from the cache");
    }
    FrameworkUtils.removeAuthenticationResultFromCache(sessionDataKey);
    if (authnResult.isAuthenticated()) {
        context.addParameter(InboundConstants.RequestProcessor.AUTHENTICATION_RESULT, authnResult);
    }
    return authnResult;
}
Also used : AuthenticationResultCacheEntry(org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationResultCacheEntry) AuthenticationResult(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult)

Example 18 with AuthenticationResult

use of org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult in project carbon-identity-framework by wso2.

the class DefaultAuthenticationRequestHandler method populateErrorInformation.

/**
 * Populate any error information sent from Authenticators to be sent in the Response from the authentication
 * framework. By default we retrieve the error information from the AuthenticationContext and populate the error
 * it within the AuthenticationResult as properties.
 *
 * @param request
 * @param response
 * @param context
 */
protected void populateErrorInformation(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) {
    // get the authentication result
    AuthenticationResult authenticationResult = getAuthenticationResult(request, response, context);
    String errorCode = String.valueOf(context.getProperty(FrameworkConstants.AUTH_ERROR_CODE));
    String errorMessage = String.valueOf(context.getProperty(FrameworkConstants.AUTH_ERROR_MSG));
    String errorUri = String.valueOf(context.getProperty(FrameworkConstants.AUTH_ERROR_URI));
    if (authenticationResult != null) {
        if (IdentityUtil.isNotBlank(errorCode)) {
            // set the custom error code
            authenticationResult.addProperty(FrameworkConstants.AUTH_ERROR_CODE, errorCode);
        }
        if (IdentityUtil.isNotBlank(errorMessage)) {
            // set the custom error message
            authenticationResult.addProperty(FrameworkConstants.AUTH_ERROR_MSG, errorMessage);
        }
        if (IdentityUtil.isNotBlank(errorUri)) {
            // set the custom error uri
            authenticationResult.addProperty(FrameworkConstants.AUTH_ERROR_URI, errorUri);
        }
        if (log.isDebugEnabled()) {
            log.debug("Populated errorCode=" + errorCode + ", errorMessage=" + errorMessage + ", errorUri=" + errorUri + " to the AuthenticationResult.");
        }
        // set the updated authentication result to request
        request.setAttribute(FrameworkConstants.RequestAttribute.AUTH_RESULT, authenticationResult);
    }
}
Also used : AuthenticationResult(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult)

Example 19 with AuthenticationResult

use of org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult in project carbon-identity-framework by wso2.

the class DefaultLogoutRequestHandler method sendResponse.

protected void sendResponse(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context, boolean isLoggedOut) throws ServletException, IOException {
    if (log.isTraceEnabled()) {
        log.trace("Inside sendLogoutResponseToCaller()");
    }
    // Set values to be returned to the calling servlet as request
    // attributes
    request.setAttribute(FrameworkConstants.ResponseParams.LOGGED_OUT, isLoggedOut);
    String redirectURL;
    if (isLoggedOut && !isValidCallerPath(context)) {
        if (log.isDebugEnabled()) {
            log.debug("The commonAuthCallerPath param specified in the request does not satisfy the logout return" + " url specified. Therefore directing to the default logout return url.");
        }
        context.setCallerPath(getDefaultLogoutReturnUrl());
    }
    if (context.getCallerSessionKey() != null) {
        request.setAttribute(FrameworkConstants.SESSION_DATA_KEY, context.getCallerSessionKey());
        AuthenticationResult authenticationResult = new AuthenticationResult();
        authenticationResult.setLoggedOut(true);
        SequenceConfig sequenceConfig = context.getSequenceConfig();
        if (sequenceConfig != null) {
            authenticationResult.setSaaSApp(sequenceConfig.getApplicationConfig().isSaaSApp());
        }
        if (FrameworkUtils.getCacheDisabledAuthenticators().contains(context.getRequestType()) && (response instanceof CommonAuthResponseWrapper) && !((CommonAuthResponseWrapper) response).isWrappedByFramework()) {
            // Set authentication result as request attribute
            addAuthenticationResultToRequest(request, authenticationResult);
        } else {
            FrameworkUtils.addAuthenticationResultToCache(context.getCallerSessionKey(), authenticationResult);
        }
        String sessionDataKeyParam = FrameworkConstants.SESSION_DATA_KEY + "=" + URLEncoder.encode(context.getCallerSessionKey(), "UTF-8");
        redirectURL = FrameworkUtils.appendQueryParamsStringToUrl(context.getCallerPath(), sessionDataKeyParam);
    } else {
        redirectURL = context.getCallerPath();
    }
    /*
         * TODO Cache retaining is a temporary fix. Remove after Google fixes
         * http://code.google.com/p/gdata-issues/issues/detail?id=6628
         */
    String retainCache = System.getProperty("retainCache");
    if (retainCache == null) {
        FrameworkUtils.removeAuthenticationContextFromCache(context.getContextIdentifier());
    }
    if (log.isDebugEnabled()) {
        log.debug("Sending response back to: " + context.getCallerPath() + "...\n" + FrameworkConstants.ResponseParams.LOGGED_OUT + " : " + isLoggedOut + "\n" + FrameworkConstants.SESSION_DATA_KEY + ": " + context.getCallerSessionKey());
    }
    // redirect to the caller
    response.sendRedirect(redirectURL);
}
Also used : SequenceConfig(org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig) CommonAuthResponseWrapper(org.wso2.carbon.identity.application.authentication.framework.model.CommonAuthResponseWrapper) AuthenticationResult(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult)

Example 20 with AuthenticationResult

use of org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2AuthzEndpoint method handleEmptyAuthenticationResult.

private Response handleEmptyAuthenticationResult(OAuthMessage oAuthMessage) throws URISyntaxException {
    String appName = getOauth2Params(oAuthMessage).getApplicationName();
    if (log.isDebugEnabled()) {
        log.debug("Invalid authorization request. \'sessionDataKey\' attribute found but " + "corresponding AuthenticationResult does not exist in the cache.");
    }
    OAuth2Parameters oAuth2Parameters = getOAuth2ParamsFromOAuthMessage(oAuthMessage);
    return Response.status(HttpServletResponse.SC_FOUND).location(new URI(getErrorPageURL(oAuthMessage.getRequest(), OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.OAuth2SubErrorCodes.INVALID_AUTHORIZATION_REQUEST, "Invalid authorization request", appName, oAuth2Parameters))).build();
}
Also used : OAuth2Parameters(org.wso2.carbon.identity.oauth2.model.OAuth2Parameters) URI(java.net.URI) REDIRECT_URI(org.wso2.carbon.identity.oauth.common.OAuthConstants.OAuth20Params.REDIRECT_URI)

Aggregations

AuthenticationResult (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult)15 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)8 Test (org.testng.annotations.Test)8 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)7 AuthenticationResult (org.wso2.carbon.user.core.common.AuthenticationResult)6 AuthenticationResultCacheEntry (org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationResultCacheEntry)5 OAuth2Parameters (org.wso2.carbon.identity.oauth2.model.OAuth2Parameters)5 HashMap (java.util.HashMap)4 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)4 AfterTest (org.testng.annotations.AfterTest)4 BeforeTest (org.testng.annotations.BeforeTest)4 RequestObject (org.wso2.carbon.identity.openidconnect.model.RequestObject)4 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)3 Response (javax.ws.rs.core.Response)3 OAuthResponse (org.apache.oltu.oauth2.common.message.OAuthResponse)3 Matchers.anyString (org.mockito.Matchers.anyString)3 CommonAuthResponseWrapper (org.wso2.carbon.identity.application.authentication.framework.model.CommonAuthResponseWrapper)3 AbstractIdentityUserOperationEventListener (org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener)3 ResolvedUserResult (org.wso2.carbon.identity.multi.attribute.login.mgt.ResolvedUserResult)3