Example 1 with CustomScriptConfiguration
use of org.xdi.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class IdTokenFactory method setAmrClaim.
private void setAmrClaim(JsonWebResponse jwt, String acrValues) {
List<String> amrList = Lists.newArrayList();
CustomScriptConfiguration script = externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.BOTH, acrValues);
if (script != null) {
amrList.add(Integer.toString(script.getLevel()));
PersonAuthenticationType externalAuthenticator = (PersonAuthenticationType) script.getExternalType();
int apiVersion = externalAuthenticator.getApiVersion();
if (apiVersion > 3) {
Map<String, String> authenticationMethodClaimsOrNull = externalAuthenticator.getAuthenticationMethodClaims();
if (authenticationMethodClaimsOrNull != null) {
for (String key : authenticationMethodClaimsOrNull.keySet()) {
amrList.add(key + ":" + authenticationMethodClaimsOrNull.get(key));
}
}
}
}
jwt.getClaims().setClaim(JwtClaimName.AUTHENTICATION_METHOD_REFERENCES, amrList);
}
Also used :
PersonAuthenticationType(org.xdi.model.custom.script.type.auth.PersonAuthenticationType)
CustomScriptConfiguration(org.xdi.model.custom.script.conf.CustomScriptConfiguration)
Example 2 with CustomScriptConfiguration
use of org.xdi.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class Authenticator method prepareAuthenticationForStepImpl.
private String prepareAuthenticationForStepImpl() {
SessionState sessionState = sessionStateService.getSessionState();
Map<String, String> sessionIdAttributes = sessionStateService.getSessionAttributes(sessionState);
if (sessionIdAttributes == null) {
log.error("Failed to get attributes from session");
return Constants.RESULT_EXPIRED;
}
// Set current state into identity to allow use in login form and
// authentication scripts
identity.setSessionState(sessionState);
if (!externalAuthenticationService.isEnabled(AuthenticationScriptUsageType.INTERACTIVE)) {
return Constants.RESULT_SUCCESS;
}
initCustomAuthenticatorVariables(sessionIdAttributes);
if (StringHelper.isEmpty(this.authAcr)) {
return Constants.RESULT_SUCCESS;
}
if ((this.authStep == null) || (this.authStep < 1)) {
return Constants.RESULT_NO_PERMISSIONS;
}
CustomScriptConfiguration customScriptConfiguration = externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, this.authAcr);
if (customScriptConfiguration == null) {
log.error("Failed to get CustomScriptConfiguration. auth_step: '{}', acr: '{}'", this.authStep, this.authAcr);
return Constants.RESULT_FAILURE;
}
String currentauthAcr = customScriptConfiguration.getName();
customScriptConfiguration = externalAuthenticationService.determineExternalAuthenticatorForWorkflow(AuthenticationScriptUsageType.INTERACTIVE, customScriptConfiguration);
if (customScriptConfiguration == null) {
return Constants.RESULT_FAILURE;
} else {
String determinedauthAcr = customScriptConfiguration.getName();
if (!StringHelper.equalsIgnoreCase(currentauthAcr, determinedauthAcr)) {
// Redirect user to alternative login workflow
String redirectTo = externalAuthenticationService.executeExternalGetPageForStep(customScriptConfiguration, this.authStep);
if (StringHelper.isEmpty(redirectTo)) {
redirectTo = "/login.xhtml";
}
CustomScriptConfiguration determinedCustomScriptConfiguration = externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, determinedauthAcr);
if (determinedCustomScriptConfiguration == null) {
log.error("Failed to get determined CustomScriptConfiguration. auth_step: '{}', acr: '{}'", this.authStep, this.authAcr);
return Constants.RESULT_FAILURE;
}
log.debug("Redirect to page: '{}'. Force to use acr: '{}'", redirectTo, determinedauthAcr);
determinedauthAcr = determinedCustomScriptConfiguration.getName();
String determinedAuthLevel = Integer.toString(determinedCustomScriptConfiguration.getLevel());
sessionIdAttributes.put("acr", determinedauthAcr);
sessionIdAttributes.put("auth_level", determinedAuthLevel);
sessionIdAttributes.put("auth_step", Integer.toString(1));
if (sessionState != null) {
boolean updateResult = updateSession(sessionState, sessionIdAttributes);
if (!updateResult) {
return Constants.RESULT_EXPIRED;
}
}
facesService.redirect(redirectTo);
return Constants.RESULT_SUCCESS;
}
}
// Check if all previous steps had passed
boolean passedPreviousSteps = isPassedPreviousAuthSteps(sessionIdAttributes, this.authStep);
if (!passedPreviousSteps) {
log.error("There are authentication steps not marked as passed. acr: '{}', auth_step: '{}'", this.authAcr, this.authStep);
return Constants.RESULT_FAILURE;
}
Boolean result = externalAuthenticationService.executeExternalPrepareForStep(customScriptConfiguration, externalContext.getRequestParameterValuesMap(), this.authStep);
if ((result != null) && result) {
// Store/Update extra parameters in session attributes map
updateExtraParameters(customScriptConfiguration, this.authStep, sessionIdAttributes);
if (sessionState != null) {
boolean updateResult = updateSession(sessionState, sessionIdAttributes);
if (!updateResult) {
return Constants.RESULT_FAILURE;
}
}
return Constants.RESULT_SUCCESS;
} else {
return Constants.RESULT_FAILURE;
}
}
Also used :
SessionState(org.xdi.oxauth.model.common.SessionState)
CustomScriptConfiguration(org.xdi.model.custom.script.conf.CustomScriptConfiguration)
Example 3 with CustomScriptConfiguration
use of org.xdi.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class ExternalAuthenticationService method groupCustomScriptConfigurationsMapByUsageType.
private Map<AuthenticationScriptUsageType, List<CustomScriptConfiguration>> groupCustomScriptConfigurationsMapByUsageType(Map<String, CustomScriptConfiguration> customScriptConfigurationsMap) {
Map<AuthenticationScriptUsageType, List<CustomScriptConfiguration>> newCustomScriptConfigurationsMapByUsageType = new HashMap<AuthenticationScriptUsageType, List<CustomScriptConfiguration>>();
for (AuthenticationScriptUsageType usageType : AuthenticationScriptUsageType.values()) {
List<CustomScriptConfiguration> currCustomScriptConfigurationsMapByUsageType = new ArrayList<CustomScriptConfiguration>();
for (CustomScriptConfiguration customScriptConfiguration : customScriptConfigurationsMap.values()) {
if (!isValidateUsageType(usageType, customScriptConfiguration)) {
continue;
}
currCustomScriptConfigurationsMapByUsageType.add(customScriptConfiguration);
}
newCustomScriptConfigurationsMapByUsageType.put(usageType, currCustomScriptConfigurationsMapByUsageType);
}
return newCustomScriptConfigurationsMapByUsageType;
}
Also used :
CustomScriptConfiguration(org.xdi.model.custom.script.conf.CustomScriptConfiguration)
AuthenticationScriptUsageType(org.xdi.model.AuthenticationScriptUsageType)
Example 4 with CustomScriptConfiguration
use of org.xdi.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class ExternalAuthenticationService method determineDefaultCustomScriptConfigurationsMap.
private Map<AuthenticationScriptUsageType, CustomScriptConfiguration> determineDefaultCustomScriptConfigurationsMap(Map<String, CustomScriptConfiguration> customScriptConfigurationsMap) {
Map<AuthenticationScriptUsageType, CustomScriptConfiguration> newDefaultCustomScriptConfigurationsMap = new HashMap<AuthenticationScriptUsageType, CustomScriptConfiguration>();
for (AuthenticationScriptUsageType usageType : AuthenticationScriptUsageType.values()) {
CustomScriptConfiguration defaultExternalAuthenticator = null;
for (CustomScriptConfiguration customScriptConfiguration : customScriptConfigurationsMapByUsageType.get(usageType)) {
// Determine default authenticator
if ((defaultExternalAuthenticator == null) || (defaultExternalAuthenticator.getLevel() < customScriptConfiguration.getLevel())) {
defaultExternalAuthenticator = customScriptConfiguration;
}
}
newDefaultCustomScriptConfigurationsMap.put(usageType, defaultExternalAuthenticator);
}
return newDefaultCustomScriptConfigurationsMap;
}
Also used :
AuthenticationScriptUsageType(org.xdi.model.AuthenticationScriptUsageType)
CustomScriptConfiguration(org.xdi.model.custom.script.conf.CustomScriptConfiguration)
Example 5 with CustomScriptConfiguration
use of org.xdi.model.custom.script.conf.CustomScriptConfiguration in project oxAuth by GluuFederation.
the class ExternalAuthenticationService method getInternalCustomScriptConfiguration.
private CustomScriptConfiguration getInternalCustomScriptConfiguration(GluuLdapConfiguration ldapAuthConfig) {
CustomScriptConfiguration customScriptConfiguration = getInternalCustomScriptConfiguration();
customScriptConfiguration.getCustomScript().setName(ldapAuthConfig.getConfigId());
return customScriptConfiguration;
}
Also used :
CustomScriptConfiguration(org.xdi.model.custom.script.conf.CustomScriptConfiguration)
Aggregations
CustomScriptConfiguration (org.xdi.model.custom.script.conf.CustomScriptConfiguration)19
SessionState (org.xdi.oxauth.model.common.SessionState)4
ArrayList (java.util.ArrayList)2
HashMap (java.util.HashMap)2
AuthenticationScriptUsageType (org.xdi.model.AuthenticationScriptUsageType)2
SimpleCustomProperty (org.xdi.model.SimpleCustomProperty)2
CustomScript (org.xdi.model.custom.script.model.CustomScript)2
IOException (java.io.IOException)1
Principal (java.security.Principal)1
HashSet (java.util.HashSet)1
List (java.util.List)1
Entry (java.util.Map.Entry)1
Set (java.util.Set)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
EntryPersistenceException (org.gluu.site.ldap.persistence.exception.EntryPersistenceException)1
CustomScriptType (org.xdi.model.custom.script.CustomScriptType)1
AuthenticationCustomScript (org.xdi.model.custom.script.model.auth.AuthenticationCustomScript)1
BaseExternalType (org.xdi.model.custom.script.type.BaseExternalType)1
PersonAuthenticationType (org.xdi.model.custom.script.type.auth.PersonAuthenticationType)1
SimplePrincipal (org.xdi.model.security.SimplePrincipal)1
