Skip to content

Commit

Permalink
Improve authentication service
Browse files Browse the repository at this point in the history
  • Loading branch information
janakamarasena committed Oct 19, 2023
1 parent 49eb315 commit 18a338b
Show file tree
Hide file tree
Showing 6 changed files with 74 additions and 27 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -140,8 +140,10 @@ default boolean isAPIBasedAuthenticationSupported() {
*
* @param context Authentication context.
* @return AuthenticatorData containing authentication initiation data.
* @throws AuthenticationFailedException Authentication failed exception.
*/
default Optional<AuthenticatorData> getAuthInitiationData(AuthenticationContext context) {
default Optional<AuthenticatorData> getAuthInitiationData(AuthenticationContext context) throws
AuthenticationFailedException {

return Optional.empty();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,8 @@ private void handleIntermediateAuthResponse(AuthServiceRequestWrapper request, A
List<AuthenticatorData> authenticatorDataList;
if (isMultiOptionsResponse) {
responseData.setAuthenticatorSelectionRequired(true);
authenticatorDataList = getAuthenticatorBasicData(response.getAuthenticators());
authenticatorDataList = getAuthenticatorBasicData(response.getAuthenticators(),
request.getAuthInitiationData());
} else {
authenticatorDataList = request.getAuthInitiationData();
}
Expand All @@ -133,7 +134,6 @@ private void handleSuccessAuthResponse(AuthServiceRequestWrapper request, AuthSe
private void handleFailedAuthResponse(AuthServiceRequestWrapper request, AuthServiceResponseWrapper response,
AuthServiceResponse authServiceResponse) throws AuthServiceException {

// TODO: Improve error handling. Different authenticator seems to pass errors in slightly different ways.
String errorCode = null;
String errorMessage = null;
if (request.isAuthFlowConcluded()) {
Expand Down Expand Up @@ -178,7 +178,9 @@ private String getErrorMessage(AuthServiceResponseWrapper response) throws AuthS
return queryParams.get(AuthServiceConstants.AUTH_FAILURE_MSG_PARAM);
}

private List<AuthenticatorData> getAuthenticatorBasicData(String authenticatorList) throws AuthServiceException {
private List<AuthenticatorData> getAuthenticatorBasicData(String authenticatorList,
List<AuthenticatorData> authInitiationData)
throws AuthServiceException {

List<AuthenticatorData> authenticatorDataList = new ArrayList<>();
String[] authenticatorAndIdpsArr = StringUtils.split(authenticatorList,
Expand All @@ -187,6 +189,14 @@ private List<AuthenticatorData> getAuthenticatorBasicData(String authenticatorLi
String[] authenticatorIdpSeperatedArr = StringUtils.split(authenticatorAndIdps,
AuthServiceConstants.AUTHENTICATOR_IDP_SEPARATOR);
String name = authenticatorIdpSeperatedArr[0];

// Some authentication options would directly send the complete data. ex: basic authenticator.
AuthenticatorData authenticatorData = getAuthenticatorData(name, authInitiationData);
if (authenticatorData != null) {
authenticatorDataList.add(authenticatorData);
continue;
}

ApplicationAuthenticator authenticator = FrameworkUtils.getAppAuthenticatorByName(name);
if (authenticator == null) {
throw new AuthServiceException("Authenticator not found for name: " + name);
Expand All @@ -198,10 +208,11 @@ private List<AuthenticatorData> getAuthenticatorBasicData(String authenticatorLi
}
continue;
}

// The first element is the authenticator name hence its skipped to get the idp.
for (int i = 1; i < authenticatorIdpSeperatedArr.length; i++) {
String idp = authenticatorIdpSeperatedArr[i];
AuthenticatorData authenticatorData = new AuthenticatorData();
authenticatorData = new AuthenticatorData();
authenticatorData.setName(name);
authenticatorData.setIdp(idp);
authenticatorData.setDisplayName(authenticator.getFriendlyName());
Expand All @@ -212,6 +223,17 @@ private List<AuthenticatorData> getAuthenticatorBasicData(String authenticatorLi
return authenticatorDataList;
}

private AuthenticatorData getAuthenticatorData(String authenticator,
List<AuthenticatorData> authenticatorDataList) {

for (AuthenticatorData authenticatorData : authenticatorDataList) {
if (StringUtils.equals(authenticatorData.getName(), authenticator)) {
return authenticatorData;
}
}
return null;
}

private boolean isAuthFlowSuccessful(AuthServiceRequestWrapper request) {

return AuthenticatorFlowStatus.SUCCESS_COMPLETED == request.getAuthFlowStatus();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1441,7 +1441,7 @@ private String resolveUserResidentOrganization(AuthenticatedUser authenticatedUs
}

private void handleAPIBasedAuthenticationData(HttpServletRequest request, ApplicationAuthenticator authenticator,
AuthenticationContext context) {
AuthenticationContext context) throws AuthenticationFailedException {

if (isAPIBasedAuthenticationFlow(request) && authenticator.isAPIBasedAuthenticationSupported()) {
authenticator.getAuthInitiationData(context).ifPresent(authInitiationData -> {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,10 @@

package org.wso2.carbon.identity.application.authentication.framework.model;

import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
* Holds the data related to an authenticator during an authentication flow.
Expand All @@ -34,18 +34,9 @@ public class AuthenticatorData {
private String idp;
private String i18nKey;
private List<AuthenticatorParamMetadata> authParams = new ArrayList<>();
private Map<String, String> additionalData = new HashMap<>();
private AdditionalData additionalDataObj;

public AdditionalData getAdditionalDataObj() {

return additionalDataObj;
}

public void setAdditionalData(AdditionalData additionalDataObj) {

this.additionalDataObj = additionalDataObj;
}
private List<String> requiredParams = new ArrayList<>();
private FrameworkConstants.AuthenticatorPromptType promptType;
private AdditionalData additionalData;

public String getI18nKey() {

Expand Down Expand Up @@ -97,12 +88,32 @@ public void setAuthParams(List<AuthenticatorParamMetadata> authParams) {
this.authParams = authParams;
}

public Map<String, String> getAdditionalData() {
public List<String> getRequiredParams() {

return requiredParams;
}

public void setRequiredParams(List<String> requiredParams) {

this.requiredParams = requiredParams;
}

public FrameworkConstants.AuthenticatorPromptType getPromptType() {

return promptType;
}

public void setPromptType(FrameworkConstants.AuthenticatorPromptType promptType) {

this.promptType = promptType;
}

public AdditionalData getAdditionalData() {

return additionalData;
}

public void setAdditionalData(Map<String, String> additionalData) {
public void setAdditionalData(AdditionalData additionalData) {

this.additionalData = additionalData;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,6 @@ public class AuthenticatorParamMetadata {
private boolean isConfidential = false;
private boolean isRequired = false;
private int paramOrder;
private int paramGroup = 0;
private String i18nKey;

public AuthenticatorParamMetadata(String name, FrameworkConstants.AuthenticatorParamType type, int paramOrder) {
Expand Down Expand Up @@ -91,13 +90,13 @@ public void setParamOrder(int paramOrder) {
this.paramOrder = paramOrder;
}

public int getParamGroup() {
public String getI18nKey() {

return paramGroup;
return i18nKey;
}

public void setParamGroup(int paramGroup) {
public void setI18nKey(String i18nKey) {

this.paramGroup = paramGroup;
this.i18nKey = i18nKey;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -750,4 +750,17 @@ public enum AuthenticatorParamType {
STRING,
INTEGER,
}

/**
* Enum for authenticator prompt type.
* USER_PROMPT - Obtain data from user input.
* INTERNAL_PROMPT - Generate required data internally.
* REDIRECTION_PROMPT - Requires redirection.
*/
public enum AuthenticatorPromptType {

USER_PROMPT,
INTERNAL_PROMPT,
REDIRECTION_PROMPT
}
}

0 comments on commit 18a338b

Please sign in to comment.