Java Code Examples for org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext#getCurrentStep()
The following examples show how to use
org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext#getCurrentStep() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DefaultRequestCoordinator.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
private void handleIdentifierRequestInPreviousSteps(AuthenticationContext context) {
boolean isIDFAuthenticatorFound = false;
int currentStep = context.getCurrentStep();
if (log.isDebugEnabled()) {
log.debug("Started to handle the IDF request as previous steps since the current steps cannot handle the" +
" IDF request");
}
while (currentStep > 1 && !isIDFAuthenticatorFound) {
currentStep = currentStep - 1;
isIDFAuthenticatorFound = isIDFAuthenticatorFoundInStep(context.getSequenceConfig().getStepMap().get(currentStep));
}
if (isIDFAuthenticatorFound) {
context.setCurrentStep(currentStep);
context.setProperty(BACK_TO_PREVIOUS_STEP, true);
//IDF should be the first step.
context.getCurrentAuthenticatedIdPs().clear();
} else {
if (log.isDebugEnabled()) {
log.debug("IDF requests cannot handle in any of the previous steps.");
}
}
}
Example 2
| Source File: DefaultStepHandler.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
protected void handleResponse(HttpServletRequest request, HttpServletResponse response,
AuthenticationContext context) throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("Receive a response from the external party");
}
SequenceConfig sequenceConfig = context.getSequenceConfig();
int currentStep = context.getCurrentStep();
boolean isNoneCanHandle = true;
StepConfig stepConfig = sequenceConfig.getStepMap().get(currentStep);
for (AuthenticatorConfig authenticatorConfig : stepConfig.getAuthenticatorList()) {
ApplicationAuthenticator authenticator = authenticatorConfig
.getApplicationAuthenticator();
// Call authenticate if canHandle
if (authenticator != null && authenticator.canHandle(request)
&& (context.getCurrentAuthenticator() == null || authenticator.getName()
.equals(context.getCurrentAuthenticator()))) {
isNoneCanHandle = false;
if (log.isDebugEnabled()) {
log.debug(authenticator.getName() + " can handle the request.");
}
doAuthentication(request, response, context, authenticatorConfig);
break;
}
}
if (isNoneCanHandle) {
throw new FrameworkException("No authenticator can handle the request in step : " + currentStep);
}
}
Example 3
| Source File: DefaultStepHandler.java From carbon-identity with Apache License 2.0 | 5 votes |
|
protected void handleResponse(HttpServletRequest request, HttpServletResponse response,
AuthenticationContext context) throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("Receive a response from the external party");
}
SequenceConfig sequenceConfig = context.getSequenceConfig();
int currentStep = context.getCurrentStep();
boolean isNoneCanHandle = true;
StepConfig stepConfig = sequenceConfig.getStepMap().get(currentStep);
for (AuthenticatorConfig authenticatorConfig : stepConfig.getAuthenticatorList()) {
ApplicationAuthenticator authenticator = authenticatorConfig
.getApplicationAuthenticator();
// Call authenticate if canHandle
if (authenticator != null && authenticator.canHandle(request)
&& (context.getCurrentAuthenticator() == null || authenticator.getName()
.equals(context.getCurrentAuthenticator()))) {
isNoneCanHandle = false;
if (log.isDebugEnabled()) {
log.debug(authenticator.getName() + " can handle the request.");
}
doAuthentication(request, response, context, authenticatorConfig);
break;
}
}
if (isNoneCanHandle) {
throw new FrameworkException("No authenticator can handle the request in step : " + currentStep);
}
}
Example 4
| Source File: DefaultAuthenticationRequestHandler.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
/**
* Executes the authentication flow
*
* @param request
* @param response
* @throws FrameworkException
*/
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
AuthenticationContext context) throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("In authentication flow");
}
if (context.isReturning()) {
// if "Deny" or "Cancel" pressed on the login page.
if (request.getParameter(FrameworkConstants.RequestParams.DENY) != null) {
handleDenyFromLoginPage(request, response, context);
return;
}
// handle remember-me option from the login page
handleRememberMeOptionFromLoginPage(request, context);
}
int currentStep = context.getCurrentStep();
// if this is the start of the authentication flow
if (currentStep == 0) {
handleSequenceStart(request, response, context);
}
SequenceConfig seqConfig = context.getSequenceConfig();
List<AuthenticatorConfig> reqPathAuthenticators = seqConfig.getReqPathAuthenticators();
try {
UserStorePreferenceOrderSupplier<List<String>> userStorePreferenceOrderSupplier =
FrameworkUtils.getUserStorePreferenceOrderSupplier(context, null);
if (userStorePreferenceOrderSupplier != null) {
// Add the user store preference supplier to the container UserMgtContext.
UserMgtContext userMgtContext = new UserMgtContext();
userMgtContext.setUserStorePreferenceOrderSupplier(userStorePreferenceOrderSupplier);
UserCoreUtil.setUserMgtContextInThreadLocal(userMgtContext);
}
// if SP has request path authenticators configured and this is start of
// the flow
if (reqPathAuthenticators != null && !reqPathAuthenticators.isEmpty() && currentStep == 0) {
// call request path sequence handler
FrameworkUtils.getRequestPathBasedSequenceHandler().handle(request, response, context);
}
// if no request path authenticators or handler returned cannot handle
if (!context.getSequenceConfig().isCompleted()
|| (reqPathAuthenticators == null || reqPathAuthenticators.isEmpty())) {
// To keep track of whether particular request goes through the step based sequence handler.
context.setProperty(FrameworkConstants.STEP_BASED_SEQUENCE_HANDLER_TRIGGERED, true);
// call step based sequence handler
FrameworkUtils.getStepBasedSequenceHandler().handle(request, response, context);
}
} finally {
UserCoreUtil.removeUserMgtContextInThreadLocal();
}
// handle post authentication
handlePostAuthentication(request, response, context);
// if flow completed, send response back
if (canConcludeFlow(context)) {
concludeFlow(request, response, context);
}
}
Example 5
| Source File: DefaultStepHandler.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
protected void handleRequestFromLoginPage(HttpServletRequest request,
HttpServletResponse response, AuthenticationContext context)
throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("Relieved a request from the multi option page");
}
SequenceConfig sequenceConfig = context.getSequenceConfig();
int currentStep = context.getCurrentStep();
StepConfig stepConfig = sequenceConfig.getStepMap().get(currentStep);
// if request from the login page with a selected IdP
String selectedIdp = request.getParameter(FrameworkConstants.RequestParams.IDP);
if (selectedIdp != null) {
if (log.isDebugEnabled()) {
log.debug("User has selected IdP: " + selectedIdp);
}
try {
ExternalIdPConfig externalIdPConfig = ConfigurationFacade.getInstance()
.getIdPConfigByName(selectedIdp, context.getTenantDomain());
// TODO [IMPORTANT] validate the idp is inside the step.
context.setExternalIdP(externalIdPConfig);
} catch (IdentityProviderManagementException e) {
log.error("Exception while getting IdP by name", e);
}
}
for (AuthenticatorConfig authenticatorConfig : stepConfig.getAuthenticatorList()) {
ApplicationAuthenticator authenticator = authenticatorConfig
.getApplicationAuthenticator();
if (authenticator != null && authenticator.getName().equalsIgnoreCase(
request.getParameter(FrameworkConstants.RequestParams.AUTHENTICATOR))) {
if (selectedIdp != null && authenticatorConfig.getIdps().get(selectedIdp) == null) {
// if the selected idp name is not configured for the application, throw error since
// this is an invalid case.
throw new FrameworkException("Authenticators configured for application and user selected idp " +
"does not match. Possible tampering of parameters in login page.");
}
doAuthentication(request, response, context, authenticatorConfig);
return;
}
}
}
Example 6
| Source File: DefaultAuthenticationRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Executes the authentication flow
*
* @param request
* @param response
* @throws FrameworkException
*/
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
AuthenticationContext context) throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("In authentication flow");
}
if (context.isReturning()) {
// if "Deny" or "Cancel" pressed on the login page.
if (request.getParameter(FrameworkConstants.RequestParams.DENY) != null) {
handleDenyFromLoginPage(request, response, context);
return;
}
// handle remember-me option from the login page
handleRememberMeOptionFromLoginPage(request, context);
}
int currentStep = context.getCurrentStep();
// if this is the start of the authentication flow
if (currentStep == 0) {
handleSequenceStart(request, response, context);
}
SequenceConfig seqConfig = context.getSequenceConfig();
List<AuthenticatorConfig> reqPathAuthenticators = seqConfig.getReqPathAuthenticators();
// if SP has request path authenticators configured and this is start of
// the flow
if (reqPathAuthenticators != null && !reqPathAuthenticators.isEmpty() && currentStep == 0) {
// call request path sequence handler
FrameworkUtils.getRequestPathBasedSequenceHandler().handle(request, response, context);
}
// if no request path authenticators or handler returned cannot handle
if (!context.getSequenceConfig().isCompleted()
|| (reqPathAuthenticators == null || reqPathAuthenticators.isEmpty())) {
// call step based sequence handler
FrameworkUtils.getStepBasedSequenceHandler().handle(request, response, context);
}
// if flow completed, send response back
if (context.getSequenceConfig().isCompleted()) {
concludeFlow(request, response, context);
} else { // redirecting outside
FrameworkUtils.addAuthenticationContextToCache(context.getContextIdentifier(), context);
}
}
Example 7
| Source File: DefaultStepHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
protected void handleRequestFromLoginPage(HttpServletRequest request,
HttpServletResponse response, AuthenticationContext context)
throws FrameworkException {
if (log.isDebugEnabled()) {
log.debug("Relieved a request from the multi option page");
}
SequenceConfig sequenceConfig = context.getSequenceConfig();
int currentStep = context.getCurrentStep();
StepConfig stepConfig = sequenceConfig.getStepMap().get(currentStep);
// if request from the login page with a selected IdP
String selectedIdp = request.getParameter(FrameworkConstants.RequestParams.IDP);
if (selectedIdp != null) {
if (log.isDebugEnabled()) {
log.debug("User has selected IdP: " + selectedIdp);
}
try {
ExternalIdPConfig externalIdPConfig = ConfigurationFacade.getInstance()
.getIdPConfigByName(selectedIdp, context.getTenantDomain());
// TODO [IMPORTANT] validate the idp is inside the step.
context.setExternalIdP(externalIdPConfig);
} catch (IdentityProviderManagementException e) {
log.error("Exception while getting IdP by name", e);
}
}
for (AuthenticatorConfig authenticatorConfig : stepConfig.getAuthenticatorList()) {
ApplicationAuthenticator authenticator = authenticatorConfig
.getApplicationAuthenticator();
// TODO [IMPORTANT] validate the authenticator is inside the step.
if (authenticator != null && authenticator.getName().equalsIgnoreCase(
request.getParameter(FrameworkConstants.RequestParams.AUTHENTICATOR))) {
doAuthentication(request, response, context, authenticatorConfig);
return;
}
}
// TODO handle idp null
// TODO handle authenticator name unmatching
}
