Search in sources :

Example 16 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project product-is by wso2.

the class EmailOTPTestCase method getLocalAndOutBoundAuthenticator.

private LocalAndOutboundAuthenticationConfig getLocalAndOutBoundAuthenticator() throws Exception {
    LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
    // This will add basic authentication as the first step for authentication.
    AuthenticationStep authenticationStepOne = new AuthenticationStep();
    authenticationStepOne.setStepOrder(1);
    LocalAuthenticatorConfig localConfig = new LocalAuthenticatorConfig();
    localConfig.setName(CommonConstants.BASIC_AUTHENTICATOR);
    localConfig.setDisplayName("basicauth");
    localConfig.setEnabled(true);
    authenticationStepOne.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localConfig });
    localAndOutboundAuthenticationConfig.addAuthenticationSteps(authenticationStepOne);
    // This will add email otp as the second step for authentication.
    AuthenticationStep authenticationStepTwo = new AuthenticationStep();
    authenticationStepTwo.setStepOrder(2);
    authenticationStepTwo.setSubjectStep(false);
    authenticationStepTwo.setAttributeStep(false);
    authenticationStepTwo.setFederatedIdentityProviders(new IdentityProvider[] { getEmailOTPIdP() });
    localAndOutboundAuthenticationConfig.addAuthenticationSteps(authenticationStepTwo);
    return localAndOutboundAuthenticationConfig;
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig) LocalAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep)

Example 17 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project product-is by wso2.

the class AbstractAnalyticsLoginTestCase method testSAMLSSOLogin.

public void testSAMLSSOLogin() throws IOException {
    AnalyticsDataHolder.getInstance().getThriftServer().resetPreservedEventList();
    HttpResponse response = null;
    try {
        HttpClient httpClient = sharedHttpClient;
        response = Utils.sendGetRequest(String.format(SAML_SSO_LOGIN_URL, config.getApp().getArtifact(), config.getHttpBinding().binding), USER_AGENT, httpClient);
        if (config.getHttpBinding() == HttpBinding.HTTP_POST) {
            String samlRequest = Utils.extractDataFromResponse(response, CommonConstants.SAML_REQUEST_PARAM, 5);
            response = sendSAMLMessage(SAML_SSO_URL, CommonConstants.SAML_REQUEST_PARAM, samlRequest);
            EntityUtils.consume(response.getEntity());
            response = Utils.sendRedirectRequest(response, USER_AGENT, ACS_URL, config.getApp().getArtifact(), httpClient);
        }
        String sessionKey = Utils.extractDataFromResponse(response, CommonConstants.SESSION_DATA_KEY, 1);
        EntityUtils.consume(response.getEntity());
        response = Utils.sendPOSTMessage(sessionKey, COMMON_AUTH_URL, USER_AGENT, ACS_URL, config.getApp().getArtifact(), config.getUser().getUsername(), config.getUser().getPassword(), httpClient);
        if (Utils.requestMissingClaims(response)) {
            String pastrCookie = Utils.getPastreCookie(response);
            Assert.assertNotNull(pastrCookie, "pastr cookie not found in response.");
            EntityUtils.consume(response.getEntity());
            response = Utils.sendPOSTConsentMessage(response, COMMON_AUTH_URL, USER_AGENT, ACS_URL, httpClient, pastrCookie);
            EntityUtils.consume(response.getEntity());
        }
        response = Utils.sendRedirectRequest(response, USER_AGENT, ACS_URL, config.getApp().getArtifact(), httpClient);
        String samlResponse = Utils.extractDataFromResponse(response, CommonConstants.SAML_RESPONSE_PARAM, 5);
        EntityUtils.consume(response.getEntity());
        response = sendSAMLMessage(String.format(ACS_URL, config.getApp().getArtifact()), CommonConstants.SAML_RESPONSE_PARAM, samlResponse);
        EntityUtils.consume(response.getEntity());
        waitUntilEventsReceive(3);
        Assert.assertEquals(AnalyticsDataHolder.getInstance().getThriftServer().getPreservedEventList().size(), 3);
        Event sessionEvent = null;
        Event authStepEvent = null;
        for (Event event : AnalyticsDataHolder.getInstance().getThriftServer().getPreservedEventList()) {
            String streamId = event.getStreamId();
            if (sessionStreamId.equalsIgnoreCase(streamId)) {
                sessionEvent = event;
            }
            if (authenticationStreamId.equalsIgnoreCase(streamId)) {
                Object[] eventStreamData = event.getPayloadData();
                if ("step".equalsIgnoreCase((String) eventStreamData[2])) {
                    authStepEvent = event;
                }
            }
        }
        Assert.assertNotNull(authStepEvent, "Auth step event can't be null.");
        assertSessionEvent(sessionEvent);
        Object[] eventStreamData = authStepEvent.getPayloadData();
        // authenticationSuccess
        Assert.assertEquals(eventStreamData[3], false);
        // userName
        Assert.assertEquals(eventStreamData[4], "samlAnalyticsuser1");
        // userStoreDomain
        Assert.assertEquals(eventStreamData[6], "PRIMARY");
        // tenantDomain
        Assert.assertEquals(eventStreamData[7], "carbon.super");
        // inboundAuthType
        Assert.assertEquals(eventStreamData[10], "samlsso");
        // serviceprovider
        Assert.assertEquals(eventStreamData[11], "SAML-SSO-TestApplication");
        // remembermeEnabled
        Assert.assertEquals(eventStreamData[12], false);
        // forceAuthEnabled
        Assert.assertEquals(eventStreamData[13], false);
        // rolesCommaSeperated
        Assert.assertEquals(eventStreamData[15], "NOT_AVAILABLE");
        // authenticationStep
        Assert.assertEquals(eventStreamData[16], "1");
        // isFirstLogin
        Assert.assertEquals(eventStreamData[20], false);
    } catch (Exception e) {
        Assert.fail("SAML SSO Login Analytics test failed for " + config, e);
    } finally {
        AnalyticsDataHolder.getInstance().getThriftServer().resetPreservedEventList();
        if (response != null) {
            EntityUtils.consume(response.getEntity());
        }
    }
}
Also used : HttpClient(org.apache.http.client.HttpClient) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) HttpResponse(org.apache.http.HttpResponse) Event(org.wso2.carbon.databridge.commons.Event) IOException(java.io.IOException)

Example 18 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project product-is by wso2.

the class OIDCIdentityFederationTestCase method createServiceProviderInPrimaryIS.

private void createServiceProviderInPrimaryIS() throws Exception {
    super.addServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SP_NAME);
    ServiceProvider serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SP_NAME);
    Assert.assertNotNull(serviceProvider, "Failed to create service provider 'travelocity' in primary IS");
    updateServiceProviderWithSAMLConfigs(PORT_OFFSET_0, PRIMARY_IS_SAML_ISSUER_NAME, PRIMARY_IS_SAML_ACS_URL, serviceProvider);
    AuthenticationStep authStep = new AuthenticationStep();
    org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider idP = new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider();
    idP.setIdentityProviderName(PRIMARY_IS_IDP_NAME);
    org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig oidcAuthnConfig = new org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig();
    oidcAuthnConfig.setName(PRIMARY_IS_IDP_AUTHENTICATOR_NAME_OIDC);
    oidcAuthnConfig.setDisplayName("openidconnect");
    idP.setFederatedAuthenticatorConfigs(new org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig[] { oidcAuthnConfig });
    authStep.setFederatedIdentityProviders(new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider[] { idP });
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(new AuthenticationStep[] { authStep });
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationType(PRIMARY_IS_SP_AUTHENTICATION_TYPE);
    updateServiceProvider(PORT_OFFSET_0, serviceProvider);
    serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SP_NAME);
    InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();
    boolean success = false;
    if (configs != null) {
        for (InboundAuthenticationRequestConfig config : configs) {
            if (PRIMARY_IS_SP_INBOUND_AUTH_TYPE_SAMLSSO.equals(config.getInboundAuthType())) {
                success = true;
                break;
            }
        }
    }
    Assert.assertTrue(success, "Failed to update service provider with inbound SAML2 configs in primary IS");
    Assert.assertTrue(PRIMARY_IS_SP_AUTHENTICATION_TYPE.equals(serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationType()), "Failed to update local and out bound configs in primary IS");
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)

Example 19 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project product-is by wso2.

the class ChangeACSUrlTestCase method initTest.

@BeforeClass(alwaysRun = true)
public void initTest() throws Exception {
    super.initTest();
    String carbonHome = Utils.getResidentCarbonHome();
    File defaultTomlFile = getDeploymentTomlFile(carbonHome);
    File configuredTomlFile = new File(getISResourceLocation() + File.separator + "saml" + File.separator + "application_authentication_changed_acs.toml");
    serverConfigurationManager = new ServerConfigurationManager(isServer);
    serverConfigurationManager.applyConfigurationWithoutRestart(configuredTomlFile, defaultTomlFile, true);
    serverConfigurationManager.restartGracefully();
    super.initTest();
    super.createServiceClients(PORT_OFFSET_0, sessionCookie, new IdentityConstants.ServiceClientType[] { IdentityConstants.ServiceClientType.APPLICATION_MANAGEMENT, IdentityConstants.ServiceClientType.IDENTITY_PROVIDER_MGT, IdentityConstants.ServiceClientType.SAML_SSO_CONFIG });
    super.createServiceClients(PORT_OFFSET_1, null, new IdentityConstants.ServiceClientType[] { IdentityConstants.ServiceClientType.APPLICATION_MANAGEMENT, IdentityConstants.ServiceClientType.SAML_SSO_CONFIG });
    // create identity provider in primary IS
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setIdentityProviderName(IDENTITY_PROVIDER_NAME);
    FederatedAuthenticatorConfig saml2SSOAuthnConfig = new FederatedAuthenticatorConfig();
    saml2SSOAuthnConfig.setName("SAMLSSOAuthenticator");
    saml2SSOAuthnConfig.setDisplayName("samlsso");
    saml2SSOAuthnConfig.setEnabled(true);
    saml2SSOAuthnConfig.setProperties(getSAML2SSOAuthnConfigProperties());
    identityProvider.setDefaultAuthenticatorConfig(saml2SSOAuthnConfig);
    identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[] { saml2SSOAuthnConfig });
    super.addIdentityProvider(PORT_OFFSET_0, identityProvider);
    // create service provider in primary IS
    super.addServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
    ServiceProvider serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
    updateServiceProviderWithSAMLConfigs(PORT_OFFSET_0, PRIMARY_IS_SAML_ISSUER_NAME, PRIMARY_IS_SAML_ACS_URL, serviceProvider);
    AuthenticationStep authStep = new AuthenticationStep();
    org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider idP = new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider();
    idP.setIdentityProviderName(IDENTITY_PROVIDER_NAME);
    org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig saml2SSOAuthnConfigXsd = new org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig();
    saml2SSOAuthnConfigXsd.setName("SAMLSSOAuthenticator");
    saml2SSOAuthnConfigXsd.setDisplayName("samlsso");
    idP.setFederatedAuthenticatorConfigs(new org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig[] { saml2SSOAuthnConfigXsd });
    authStep.setFederatedIdentityProviders(new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider[] { idP });
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(new AuthenticationStep[] { authStep });
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationType(AUTHENTICATION_TYPE);
    updateServiceProvider(PORT_OFFSET_0, serviceProvider);
    // create service provider in secondary IS
    super.addServiceProvider(PORT_OFFSET_1, SECONDARY_IS_SERVICE_PROVIDER_NAME);
    serviceProvider = getServiceProvider(PORT_OFFSET_1, SECONDARY_IS_SERVICE_PROVIDER_NAME);
    updateServiceProviderWithSAMLConfigs(PORT_OFFSET_1, SECONDARY_IS_SAML_ISSUER_NAME, String.format(COMMON_AUTH_URL_CHANGED, DEFAULT_PORT + PORT_OFFSET_0), serviceProvider);
    updateServiceProvider(PORT_OFFSET_1, serviceProvider);
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig) ServerConfigurationManager(org.wso2.carbon.integration.common.utils.mgt.ServerConfigurationManager) AuthenticationStep(org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider) IdentityConstants(org.wso2.identity.integration.test.utils.IdentityConstants) ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider) File(java.io.File) BeforeClass(org.testng.annotations.BeforeClass)

Example 20 with AuthenticationStep

use of org.wso2.carbon.identity.application.common.model.AuthenticationStep in project product-is by wso2.

the class TestPassiveSTSFederation method testCreateServiceProviderInPrimaryIS.

@Test(groups = "wso2.is", description = "Check create service provider in primary IS", dependsOnMethods = { "testCreateIdentityProviderInPrimaryIS" })
public void testCreateServiceProviderInPrimaryIS() throws Exception {
    super.addServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
    ServiceProvider serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
    Assert.assertNotNull(serviceProvider, "Failed to create service provider 'travelocity' in primary IS");
    updateServiceProviderWithSAMLConfigs(PORT_OFFSET_0, PRIMARY_IS_SAML_ISSUER_NAME, PRIMARY_IS_SAML_ACS_URL, serviceProvider);
    AuthenticationStep authStep = new AuthenticationStep();
    org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider idP = new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider();
    idP.setIdentityProviderName(IDENTITY_PROVIDER_NAME);
    org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig saml2SSOAuthnConfig = new org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig();
    saml2SSOAuthnConfig.setName("SAMLSSOAuthenticator");
    saml2SSOAuthnConfig.setDisplayName("samlsso");
    idP.setFederatedAuthenticatorConfigs(new org.wso2.carbon.identity.application.common.model.xsd.FederatedAuthenticatorConfig[] { saml2SSOAuthnConfig });
    authStep.setFederatedIdentityProviders(new org.wso2.carbon.identity.application.common.model.xsd.IdentityProvider[] { idP });
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationSteps(new AuthenticationStep[] { authStep });
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setAuthenticationType(AUTHENTICATION_TYPE);
    updateServiceProvider(PORT_OFFSET_0, serviceProvider);
    serviceProvider = getServiceProvider(PORT_OFFSET_0, PRIMARY_IS_SERVICE_PROVIDER_NAME);
    InboundAuthenticationRequestConfig[] configs = serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();
    boolean success = false;
    if (configs != null) {
        for (InboundAuthenticationRequestConfig config : configs) {
            if (PRIMARY_IS_SAML_ISSUER_NAME.equals(config.getInboundAuthKey()) && INBOUND_AUTH_TYPE.equals(config.getInboundAuthType())) {
                success = true;
                break;
            }
        }
    }
    Assert.assertTrue(success, "Failed to update service provider with inbound SAML2 configs " + "in primary IS");
}
Also used : FederatedAuthenticatorConfig(org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig) AuthenticationStep(org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep) IdentityProvider(org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider) InboundAuthenticationRequestConfig(org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider) Test(org.testng.annotations.Test)

Aggregations

AuthenticationStep (org.wso2.carbon.identity.application.common.model.AuthenticationStep)16 AuthenticationStep (org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep)15 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)13 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)9 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig)8 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig)8 ServiceProvider (org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider)8 ArrayList (java.util.ArrayList)7 LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)7 LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig)7 FederatedAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.idp.xsd.FederatedAuthenticatorConfig)6 IdentityProvider (org.wso2.carbon.identity.application.common.model.idp.xsd.IdentityProvider)6 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)6 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)5 Test (org.testng.annotations.Test)4 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)4 IdentityProviderManagementException (org.wso2.carbon.idp.mgt.IdentityProviderManagementException)4 AuthenticationScriptConfig (org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig)3 IOException (java.io.IOException)2 PreparedStatement (java.sql.PreparedStatement)2