Search in sources :

Example 1 with SMSOTPException

use of org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method initiateAuthenticationRequest.

/**
 * Initiate the authentication request.
 */
@Override
protected void initiateAuthenticationRequest(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException {
    try {
        String username;
        AuthenticatedUser authenticatedUser;
        String mobileNumber;
        String tenantDomain = context.getTenantDomain();
        context.setProperty(SMSOTPConstants.AUTHENTICATION, SMSOTPConstants.AUTHENTICATOR_NAME);
        if (!tenantDomain.equals(SMSOTPConstants.SUPER_TENANT)) {
            IdentityHelperUtil.loadApplicationAuthenticationXMLFromRegistry(context, getName(), tenantDomain);
        }
        FederatedAuthenticatorUtil.setUsernameFromFirstStep(context);
        username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
        authenticatedUser = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
        // find the authenticated user.
        if (authenticatedUser == null) {
            if (log.isDebugEnabled()) {
                log.debug("Authentication failed: Could not find the authenticated user. ");
            }
            throw new AuthenticationFailedException("Authentication failed: Cannot proceed further without identifying the user. ");
        }
        boolean isSMSOTPMandatory = SMSOTPUtils.isSMSOTPMandatory(context, getName());
        boolean isUserExists = FederatedAuthenticatorUtil.isUserExistInUserStore(username);
        String queryParams = FrameworkUtils.getQueryStringWithFrameworkContextId(context.getQueryParams(), context.getCallerSessionKey(), context.getContextIdentifier());
        String errorPage = getErrorPage(context);
        // SMS OTP authentication is mandatory and user doesn't disable SMS OTP claim in user's profile.
        if (isSMSOTPMandatory) {
            if (log.isDebugEnabled()) {
                log.debug("SMS OTP is mandatory. Hence processing in mandatory path");
            }
            processSMSOTPMandatoryCase(context, request, response, queryParams, username, isUserExists);
        } else if (isUserExists && !SMSOTPUtils.isSMSOTPDisableForLocalUser(username, context, getName())) {
            if (context.isRetrying() && !Boolean.parseBoolean(request.getParameter(SMSOTPConstants.RESEND))) {
                checkStatusCode(response, context, queryParams, errorPage);
            } else {
                mobileNumber = getMobileNumber(request, response, context, username, tenantDomain, queryParams);
                if (StringUtils.isNotEmpty(mobileNumber)) {
                    proceedWithOTP(response, context, errorPage, mobileNumber, queryParams, username);
                }
            }
        } else {
            processFirstStepOnly(authenticatedUser, context);
        }
    } catch (SMSOTPException e) {
        throw new AuthenticationFailedException("Failed to get the parameters from authentication xml fie. ", e);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the user from User Store. ", e);
    }
}
Also used : AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)

Example 2 with SMSOTPException

use of org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method getMobileNumberForUsername.

/**
 * Get the mobile number for Username.
 *
 * @param username the username
 * @return mobile number
 * @throws SMSOTPException
 */
public static String getMobileNumberForUsername(String username) throws SMSOTPException, AuthenticationFailedException {
    UserRealm userRealm;
    String mobile;
    try {
        String tenantDomain = MultitenantUtils.getTenantDomain(username);
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
        userRealm = getUserRealm(tenantDomain);
        if (userRealm != null) {
            mobile = userRealm.getUserStoreManager().getUserClaimValue(tenantAwareUsername, SMSOTPConstants.MOBILE_CLAIM, null);
        } else {
            throw new SMSOTPException("Cannot find the user realm for the given tenant domain : " + tenantDomain);
        }
    } catch (UserStoreException e) {
        throw new SMSOTPException("Cannot find the user " + username + " to get the mobile number ", e);
    }
    return mobile;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)

Example 3 with SMSOTPException

use of org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method verifyUserExists.

/**
 * Verify whether user Exist in the user store or not.
 *
 * @param username the Username
 * @throws SMSOTPException
 */
public static void verifyUserExists(String username, String tenantDomain) throws SMSOTPException, AuthenticationFailedException {
    UserRealm userRealm;
    boolean isUserExist = false;
    try {
        userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
        if (userRealm == null) {
            throw new SMSOTPException("Super tenant realm not loaded.");
        }
        UserStoreManager userStoreManager = userRealm.getUserStoreManager();
        if (userStoreManager.isExistingUser(username)) {
            isUserExist = true;
        }
    } catch (UserStoreException e) {
        throw new SMSOTPException("Error while validating the user.", e);
    }
    if (!isUserExist) {
        if (log.isDebugEnabled()) {
            log.debug("User does not exist in the User Store");
        }
        throw new SMSOTPException("User does not exist in the User Store.");
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)

Example 4 with SMSOTPException

use of org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method updateUserAttribute.

/**
 * Update the mobile number (user attribute) in user's profile.
 *
 * @param username  the Username
 * @param attribute the Attribute
 * @throws SMSOTPException
 */
public static void updateUserAttribute(String username, Map<String, String> attribute, String tenantDomain) throws SMSOTPException {
    try {
        // updating user attributes is independent from tenant association.not tenant association check needed here.
        UserRealm userRealm;
        // user is always in the super tenant.
        userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
        if (userRealm == null) {
            throw new SMSOTPException("The specified tenant domain " + tenantDomain + " does not exist.");
        }
        // check whether user already exists in the system.
        SMSOTPUtils.verifyUserExists(username, tenantDomain);
        UserStoreManager userStoreManager = userRealm.getUserStoreManager();
        userStoreManager.setUserClaimValues(username, attribute, null);
    } catch (UserStoreException | AuthenticationFailedException e) {
        throw new SMSOTPException("Exception occurred while connecting to User Store: Authentication is failed. ", e);
    }
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager)

Example 5 with SMSOTPException

use of org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method isSMSOTPDisableForLocalUser.

/**
 * Check whether SMSOTP is disable by user.
 *
 * @param username the Username
 * @param context  the AuthenticationContext
 * @return true or false
 * @throws SMSOTPException
 */
public static boolean isSMSOTPDisableForLocalUser(String username, AuthenticationContext context, String authenticatorName) throws SMSOTPException, AuthenticationFailedException {
    UserRealm userRealm;
    try {
        String tenantDomain = MultitenantUtils.getTenantDomain(username);
        int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
        RealmService realmService = IdentityTenantUtil.getRealmService();
        userRealm = realmService.getTenantUserRealm(tenantId);
        username = MultitenantUtils.getTenantAwareUsername(String.valueOf(username));
        boolean isEnablingControlledByUser = isSMSOTPEnableOrDisableByUser(context, authenticatorName);
        if (userRealm != null) {
            if (isEnablingControlledByUser) {
                Map<String, String> claimValues = userRealm.getUserStoreManager().getUserClaimValues(username, new String[] { SMSOTPConstants.USER_SMSOTP_DISABLED_CLAIM_URI }, null);
                return Boolean.parseBoolean(claimValues.get(SMSOTPConstants.USER_SMSOTP_DISABLED_CLAIM_URI));
            }
        } else {
            throw new SMSOTPException("Cannot find the user realm for the given tenant domain : " + CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        }
    } catch (UserStoreException e) {
        throw new SMSOTPException("Failed while trying to access userRealm of the user : " + username, e);
    }
    return false;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)

Aggregations

SMSOTPException (org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException)5 UserStoreException (org.wso2.carbon.user.api.UserStoreException)5 UserRealm (org.wso2.carbon.user.api.UserRealm)4 AuthenticationFailedException (org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException)2 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)2 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)1 RealmService (org.wso2.carbon.user.core.service.RealmService)1