Example 26 with AuthenticationResult
use of org.wso2.carbon.user.core.common.AuthenticationResult in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2AuthzEndpoint method handleAuthenticationResponse.
private Response handleAuthenticationResponse(OAuthMessage oAuthMessage) throws OAuthSystemException, URISyntaxException, ConsentHandlingFailedException {
if (LoggerUtils.isDiagnosticLogsEnabled()) {
Map<String, Object> requestParams = new HashMap<>();
if (oAuthMessage.getRequest() != null && MapUtils.isNotEmpty(oAuthMessage.getRequest().getParameterMap())) {
oAuthMessage.getRequest().getParameterMap().forEach((key, value) -> {
if (ArrayUtils.isNotEmpty(value)) {
requestParams.put(key, Arrays.asList(value));
}
});
}
LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, requestParams, OAuthConstants.LogConstants.SUCCESS, "Received authentication response from Framework.", "receive-authn-response", null);
}
updateAuthTimeInSessionDataCacheEntry(oAuthMessage);
addSessionDataKeyToSessionDataCacheEntry(oAuthMessage);
OAuth2Parameters oauth2Params = getOauth2Params(oAuthMessage);
String tenantDomain = EndpointUtil.getSPTenantDomainFromClientId(oauth2Params.getClientId());
setSPAttributeToRequest(oAuthMessage.getRequest(), oauth2Params.getApplicationName(), tenantDomain);
String sessionDataKeyFromLogin = getSessionDataKeyFromLogin(oAuthMessage);
AuthenticationResult authnResult = getAuthenticationResult(oAuthMessage, sessionDataKeyFromLogin);
if (isAuthnResultFound(authnResult)) {
removeAuthenticationResult(oAuthMessage, sessionDataKeyFromLogin);
if (authnResult.isAuthenticated()) {
String userIdentifier = null;
if (authnResult.getSubject() != null) {
try {
userIdentifier = authnResult.getSubject().getUserId();
} catch (UserIdNotFoundException e) {
if (StringUtils.isNotBlank(authnResult.getSubject().getAuthenticatedSubjectIdentifier())) {
userIdentifier = authnResult.getSubject().getAuthenticatedSubjectIdentifier().replaceAll(".", "*");
}
}
}
if (LoggerUtils.isDiagnosticLogsEnabled()) {
Map<String, Object> params = new HashMap<>();
params.put("clientId", oAuthMessage.getClientId());
if (userIdentifier != null) {
params.put("authenticatedUser", userIdentifier);
}
LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.SUCCESS, "Authentication is successful.", "validate-authn-status", null);
}
return handleSuccessfulAuthentication(oAuthMessage, oauth2Params, authnResult);
} else {
if (LoggerUtils.isDiagnosticLogsEnabled()) {
Map<String, Object> params = new HashMap<>();
params.put("clientId", oAuthMessage.getClientId());
LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.FAILED, "Authentication failed.", "validate-authn-status", null);
}
return handleFailedAuthentication(oAuthMessage, oauth2Params, authnResult);
}
} else {
if (LoggerUtils.isDiagnosticLogsEnabled()) {
Map<String, Object> params = new HashMap<>();
params.put("clientId", oAuthMessage.getClientId());
LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.FAILED, "Authentication status is empty.", "validate-authn-status", null);
}
return handleEmptyAuthenticationResult(oAuthMessage);
}
}
Also used :
OAuth2Parameters(org.wso2.carbon.identity.oauth2.model.OAuth2Parameters)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
RequestObject(org.wso2.carbon.identity.openidconnect.model.RequestObject)
JSONObject(org.json.JSONObject)
UserIdNotFoundException(org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException)
AuthenticationResult(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult)
Example 27 with AuthenticationResult
use of org.wso2.carbon.user.core.common.AuthenticationResult in project identity-governance by wso2-extensions.
the class RegexResolver method authenticateWithIdentifier.
@Override
public AuthenticationResult authenticateWithIdentifier(String loginAttributeValue, List<String> allowedAttributes, Object credential, String tenantDomain) {
AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.FAIL);
ClaimManager claimManager;
try {
if (allowedAttributes == null) {
return authenticationResult;
}
UserRealm userRealm = UserResolverUtil.getUserRealm(tenantDomain);
UniqueIDUserStoreManager userStoreManager = UserResolverUtil.getUserStoreManager(tenantDomain);
claimManager = userRealm.getClaimManager();
for (String claimURI : allowedAttributes) {
Claim claim = claimManager.getClaim(claimURI);
if (claim == null) {
continue;
}
String regex = claim.getRegEx();
if (StringUtils.isBlank(regex)) {
continue;
}
Pattern pattern = Pattern.compile(regex);
if (pattern.matcher(loginAttributeValue).matches()) {
authenticationResult = userStoreManager.authenticateWithID(claimURI, loginAttributeValue, credential, StringUtils.EMPTY);
if (AuthenticationResult.AuthenticationStatus.SUCCESS.equals(authenticationResult.getAuthenticationStatus())) {
break;
}
}
}
/*
If allowed attributes has only username claim, get authenticationResult even if
the username claim has no configured regex pattern.
*/
if (allowedAttributes.size() == 1 && allowedAttributes.contains(UserCoreClaimConstants.USERNAME_CLAIM_URI)) {
authenticationResult = userStoreManager.authenticateWithID(UserCoreClaimConstants.USERNAME_CLAIM_URI, loginAttributeValue, credential, StringUtils.EMPTY);
}
} catch (UserStoreException e) {
log.error("Error occurred while resolving authenticationResult", e);
}
return authenticationResult;
}
Also used :
ClaimManager(org.wso2.carbon.user.api.ClaimManager)
Pattern(java.util.regex.Pattern)
UserRealm(org.wso2.carbon.user.core.UserRealm)
UniqueIDUserStoreManager(org.wso2.carbon.user.core.UniqueIDUserStoreManager)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
Claim(org.wso2.carbon.user.api.Claim)
AuthenticationResult(org.wso2.carbon.user.core.common.AuthenticationResult)
Example 28 with AuthenticationResult
use of org.wso2.carbon.user.core.common.AuthenticationResult in project identity-governance by wso2-extensions.
the class MultiAttributeLoginServiceServiceImpl method authenticateWithIdentifier.
/**
* This method is used to authenticate user using multi attribute login identifier.
*
* @param loginIdentifierValue User entered login identifier.
* @param credential User credential.
* @param tenantDomain User tenant domain.
* @return AuthenticationResult.
*/
@Override
public AuthenticationResult authenticateWithIdentifier(String loginIdentifierValue, Object credential, String tenantDomain) {
AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.FAIL);
if (StringUtils.isNotBlank(loginIdentifierValue) && StringUtils.isNotBlank(tenantDomain)) {
List<String> allowedAttributes = getAllowedClaimsForTenant(tenantDomain);
authenticationResult = MultiAttributeLoginDataHolder.getInstance().getMultiAttributeLoginResolver().authenticateWithIdentifier(loginIdentifierValue, allowedAttributes, credential, tenantDomain);
}
return authenticationResult;
}
Also used :
AuthenticationResult(org.wso2.carbon.user.core.common.AuthenticationResult)
Example 29 with AuthenticationResult
use of org.wso2.carbon.user.core.common.AuthenticationResult in project product-is by wso2.
the class UUIDUserStoreManagerService method getAuthenticationResultDTOFromAuthenticationResult.
private AuthenticationResultDTO getAuthenticationResultDTOFromAuthenticationResult(AuthenticationResult authenticationResult) {
AuthenticationResultDTO authenticationResultDTO = new AuthenticationResultDTO();
authenticationResultDTO.setAuthenticatedSubjectIdentifier(authenticationResult.getAuthenticatedSubjectIdentifier());
authenticationResultDTO.setAuthenticatedUser(getUserDTO(authenticationResult.getAuthenticatedUser().orElse(new User())));
authenticationResultDTO.setAuthenticationStatus(getAuthenticationStatusDTOFromAuthenticationStatus(authenticationResult.getAuthenticationStatus()));
authenticationResultDTO.setFailureReason(getFailureReasonDTOFromFailureReason(authenticationResult.getFailureReason().orElse(new FailureReason())));
return authenticationResultDTO;
}
Also used :
User(org.wso2.carbon.user.core.common.User)
AuthenticationResultDTO(org.wso2.carbon.identity.test.integration.service.dao.AuthenticationResultDTO)
FailureReason(org.wso2.carbon.user.core.common.FailureReason)
Aggregations
AuthenticationResult (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult)15
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)8
Test (org.testng.annotations.Test)8
AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)7
AuthenticationResult (org.wso2.carbon.user.core.common.AuthenticationResult)6
AuthenticationResultCacheEntry (org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationResultCacheEntry)5
OAuth2Parameters (org.wso2.carbon.identity.oauth2.model.OAuth2Parameters)5
HashMap (java.util.HashMap)4
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)4
AfterTest (org.testng.annotations.AfterTest)4
BeforeTest (org.testng.annotations.BeforeTest)4
RequestObject (org.wso2.carbon.identity.openidconnect.model.RequestObject)4
HttpServletResponse (javax.servlet.http.HttpServletResponse)3
MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)3
Response (javax.ws.rs.core.Response)3
OAuthResponse (org.apache.oltu.oauth2.common.message.OAuthResponse)3
Matchers.anyString (org.mockito.Matchers.anyString)3
CommonAuthResponseWrapper (org.wso2.carbon.identity.application.authentication.framework.model.CommonAuthResponseWrapper)3
AbstractIdentityUserOperationEventListener (org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener)3
ResolvedUserResult (org.wso2.carbon.identity.multi.attribute.login.mgt.ResolvedUserResult)3
