Example 1 with CaptchaConnector
use of org.wso2.carbon.identity.captcha.connector.CaptchaConnector in project identity-governance by wso2-extensions.
the class CaptchaFilter method doFilter.
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
try {
if (!CaptchaDataHolder.getInstance().isReCaptchaEnabled()) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
// May need multiple reads of request body value from connectors.
if (servletRequest instanceof HttpServletRequest) {
String currentPath = ((HttpServletRequest) servletRequest).getRequestURI();
if (StringUtils.isNotBlank(currentPath) && CaptchaUtil.isPathAvailable(currentPath, CaptchaDataHolder.getInstance().getReCaptchaRequestWrapUrls())) {
servletRequest = new CaptchaHttpServletRequestWrapper((HttpServletRequest) servletRequest);
}
}
List<CaptchaConnector> captchaConnectors = CaptchaDataHolder.getInstance().getCaptchaConnectors();
CaptchaConnector selectedCaptchaConnector = null;
for (CaptchaConnector captchaConnector : captchaConnectors) {
if (captchaConnector.canHandle(servletRequest, servletResponse) && (selectedCaptchaConnector == null || captchaConnector.getPriority() > selectedCaptchaConnector.getPriority())) {
selectedCaptchaConnector = captchaConnector;
}
}
if (selectedCaptchaConnector == null) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
// Check whether captcha is required or will reach to the max failed attempts with the current attempt.
CaptchaPreValidationResponse captchaPreValidationResponse = selectedCaptchaConnector.preValidate(servletRequest, servletResponse);
if (captchaPreValidationResponse == null) {
// Captcha connector failed to response. Default is success.
filterChain.doFilter(servletRequest, servletResponse);
return;
}
HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
if (captchaPreValidationResponse.isCaptchaValidationRequired()) {
try {
boolean validCaptcha = selectedCaptchaConnector.verifyCaptcha(servletRequest, servletResponse);
if (!validCaptcha) {
log.warn("Captcha validation failed for the user.");
httpResponse.sendRedirect(CaptchaUtil.getOnFailRedirectUrl(httpRequest.getHeader("referer"), captchaPreValidationResponse.getOnCaptchaFailRedirectUrls(), captchaPreValidationResponse.getCaptchaAttributes()));
return;
}
} catch (CaptchaClientException e) {
log.warn("Captcha validation failed for the user. Cause : " + e.getMessage());
httpResponse.sendRedirect(CaptchaUtil.getOnFailRedirectUrl(httpRequest.getHeader("referer"), captchaPreValidationResponse.getOnCaptchaFailRedirectUrls(), captchaPreValidationResponse.getCaptchaAttributes()));
return;
}
}
// Enable reCaptcha for the destination.
if (captchaPreValidationResponse.isEnableCaptchaForRequestPath()) {
if (captchaPreValidationResponse.getCaptchaAttributes() != null) {
for (Map.Entry<String, String> parameter : captchaPreValidationResponse.getCaptchaAttributes().entrySet()) {
servletRequest.setAttribute(parameter.getKey(), parameter.getValue());
}
}
doFilter(captchaPreValidationResponse, servletRequest, servletResponse, filterChain);
return;
}
// Below the no. of max failed attempts, including the current attempt
if (!captchaPreValidationResponse.isPostValidationRequired() || (!captchaPreValidationResponse.isCaptchaValidationRequired() && !captchaPreValidationResponse.isMaxFailedLimitReached())) {
doFilter(captchaPreValidationResponse, servletRequest, servletResponse, filterChain);
return;
}
CaptchaHttpServletResponseWrapper responseWrapper = new CaptchaHttpServletResponseWrapper(httpResponse);
doFilter(captchaPreValidationResponse, servletRequest, responseWrapper, filterChain);
CaptchaPostValidationResponse postValidationResponse = selectedCaptchaConnector.postValidate(servletRequest, responseWrapper);
// Check whether this attempt is failed
if (postValidationResponse == null || postValidationResponse.isSuccessfulAttempt()) {
if (responseWrapper.isRedirect()) {
httpResponse.sendRedirect(responseWrapper.getRedirectURL());
}
return;
}
if (postValidationResponse.isEnableCaptchaResponsePath() && responseWrapper.isRedirect()) {
httpResponse.sendRedirect(CaptchaUtil.getUpdatedUrl(responseWrapper.getRedirectURL(), postValidationResponse.getCaptchaAttributes()));
}
} catch (CaptchaException e) {
log.error("Error occurred in processing captcha.", e);
((HttpServletResponse) servletResponse).sendRedirect(CaptchaUtil.getErrorPage("Server Error", "Something " + "went wrong. Please try again"));
}
}
Also used :
CaptchaConnector(org.wso2.carbon.identity.captcha.connector.CaptchaConnector)
CaptchaClientException(org.wso2.carbon.identity.captcha.exception.CaptchaClientException)
CaptchaHttpServletRequestWrapper(org.wso2.carbon.identity.captcha.util.CaptchaHttpServletRequestWrapper)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
CaptchaPostValidationResponse(org.wso2.carbon.identity.captcha.connector.CaptchaPostValidationResponse)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
CaptchaPreValidationResponse(org.wso2.carbon.identity.captcha.connector.CaptchaPreValidationResponse)
CaptchaHttpServletResponseWrapper(org.wso2.carbon.identity.captcha.util.CaptchaHttpServletResponseWrapper)
Map(java.util.Map)
CaptchaException(org.wso2.carbon.identity.captcha.exception.CaptchaException)
Example 2 with CaptchaConnector
use of org.wso2.carbon.identity.captcha.connector.CaptchaConnector in project identity-governance by wso2-extensions.
the class CaptchaComponent method activate.
@Activate
protected void activate(ComponentContext context) {
try {
// Initialize reCaptcha.
CaptchaUtil.buildReCaptchaFilterProperties();
// Initialize and register SSOLoginReCaptchaConfig.
IdentityConnectorConfig connector = new SSOLoginReCaptchaConfig();
((SSOLoginReCaptchaConfig) connector).init(CaptchaDataHolder.getInstance().getIdentityGovernanceService());
context.getBundleContext().registerService(IdentityConnectorConfig.class, connector, null);
CaptchaDataHolder.getInstance().addCaptchaConnector((SSOLoginReCaptchaConfig) connector);
// Initialize and register PathBasedReCaptchaConnector.
CaptchaConnector captchaConnector = new SelfSignUpReCaptchaConnector();
captchaConnector.init(CaptchaDataHolder.getInstance().getIdentityGovernanceService());
CaptchaDataHolder.getInstance().addCaptchaConnector(captchaConnector);
// Initialize and register UsernameRecoveryReCaptchaConnector.
captchaConnector = new UsernameRecoveryReCaptchaConnector();
captchaConnector.init(CaptchaDataHolder.getInstance().getIdentityGovernanceService());
CaptchaDataHolder.getInstance().addCaptchaConnector(captchaConnector);
// Initialize and register PasswordRecoveryReCaptchaConnector.
captchaConnector = new PasswordRecoveryReCaptchaConnector();
captchaConnector.init(CaptchaDataHolder.getInstance().getIdentityGovernanceService());
CaptchaDataHolder.getInstance().addCaptchaConnector(captchaConnector);
// Initialize and register ResendConfirmationReCaptchaConnector.
captchaConnector = new ResendConfirmationReCaptchaConnector();
captchaConnector.init(CaptchaDataHolder.getInstance().getIdentityGovernanceService());
CaptchaDataHolder.getInstance().addCaptchaConnector(captchaConnector);
AuthenticationDataPublisher failedLoginAttemptValidator = new FailLoginAttemptValidator();
context.getBundleContext().registerService(AuthenticationDataPublisher.class, failedLoginAttemptValidator, null);
context.getBundleContext().registerService(AbstractEventHandler.class.getName(), new FailLoginAttemptValidationHandler(), null);
if (log.isDebugEnabled()) {
log.debug("Captcha Component is activated");
}
} catch (Throwable e) {
log.error("Failed to start CaptchaComponent", e);
}
}
Also used :
FailLoginAttemptValidationHandler(org.wso2.carbon.identity.captcha.validator.FailLoginAttemptValidationHandler)
SelfSignUpReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.SelfSignUpReCaptchaConnector)
PasswordRecoveryReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.PasswordRecoveryReCaptchaConnector)
CaptchaConnector(org.wso2.carbon.identity.captcha.connector.CaptchaConnector)
ResendConfirmationReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.ResendConfirmationReCaptchaConnector)
UsernameRecoveryReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.UsernameRecoveryReCaptchaConnector)
IdentityConnectorConfig(org.wso2.carbon.identity.governance.common.IdentityConnectorConfig)
SelfSignUpReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.SelfSignUpReCaptchaConnector)
ResendConfirmationReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.ResendConfirmationReCaptchaConnector)
AbstractEventHandler(org.wso2.carbon.identity.event.handler.AbstractEventHandler)
PasswordRecoveryReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.PasswordRecoveryReCaptchaConnector)
SSOLoginReCaptchaConfig(org.wso2.carbon.identity.captcha.connector.recaptcha.SSOLoginReCaptchaConfig)
UsernameRecoveryReCaptchaConnector(org.wso2.carbon.identity.captcha.connector.recaptcha.UsernameRecoveryReCaptchaConnector)
AuthenticationDataPublisher(org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher)
FailLoginAttemptValidator(org.wso2.carbon.identity.captcha.validator.FailLoginAttemptValidator)
Activate(org.osgi.service.component.annotations.Activate)
Aggregations
CaptchaConnector (org.wso2.carbon.identity.captcha.connector.CaptchaConnector)2
Map (java.util.Map)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
Activate (org.osgi.service.component.annotations.Activate)1
AuthenticationDataPublisher (org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher)1
CaptchaPostValidationResponse (org.wso2.carbon.identity.captcha.connector.CaptchaPostValidationResponse)1
CaptchaPreValidationResponse (org.wso2.carbon.identity.captcha.connector.CaptchaPreValidationResponse)1
PasswordRecoveryReCaptchaConnector (org.wso2.carbon.identity.captcha.connector.recaptcha.PasswordRecoveryReCaptchaConnector)1
ResendConfirmationReCaptchaConnector (org.wso2.carbon.identity.captcha.connector.recaptcha.ResendConfirmationReCaptchaConnector)1
SSOLoginReCaptchaConfig (org.wso2.carbon.identity.captcha.connector.recaptcha.SSOLoginReCaptchaConfig)1
SelfSignUpReCaptchaConnector (org.wso2.carbon.identity.captcha.connector.recaptcha.SelfSignUpReCaptchaConnector)1
UsernameRecoveryReCaptchaConnector (org.wso2.carbon.identity.captcha.connector.recaptcha.UsernameRecoveryReCaptchaConnector)1
CaptchaClientException (org.wso2.carbon.identity.captcha.exception.CaptchaClientException)1
CaptchaException (org.wso2.carbon.identity.captcha.exception.CaptchaException)1
CaptchaHttpServletRequestWrapper (org.wso2.carbon.identity.captcha.util.CaptchaHttpServletRequestWrapper)1
CaptchaHttpServletResponseWrapper (org.wso2.carbon.identity.captcha.util.CaptchaHttpServletResponseWrapper)1
FailLoginAttemptValidationHandler (org.wso2.carbon.identity.captcha.validator.FailLoginAttemptValidationHandler)1
FailLoginAttemptValidator (org.wso2.carbon.identity.captcha.validator.FailLoginAttemptValidator)1
AbstractEventHandler (org.wso2.carbon.identity.event.handler.AbstractEventHandler)1
