Skip to content

Commit

Permalink
Add check to determine API based auth flow
Browse files Browse the repository at this point in the history
  • Loading branch information
@janakamarasena
janakamarasena committed Oct 17, 2023
1 parent 80be93c commit 85c914e
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 12 deletions.
37 changes: 25 additions & 12 deletions ...n/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -725,18 +725,8 @@ protected void doAuthentication(HttpServletRequest request, HttpServletResponse
request.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, status);
/* If this is an authentication initiation and the authenticator supports API based authentication
we need to send the auth initiation data in order to support performing API based authentication.*/
if (status == AuthenticatorFlowStatus.INCOMPLETE && authenticator.isAPIBasedAuthenticationSupported()) {
authenticator.getAuthInitiationData(context).ifPresent(authInitiationData -> {
List<AuthenticatorData> authInitiationDataList =
(List<AuthenticatorData>) request
.getAttribute(AuthServiceConstants.AUTH_SERVICE_AUTH_INITIATION_DATA);
if (authInitiationDataList == null) {
authInitiationDataList = new ArrayList<>();
request.setAttribute(AuthServiceConstants.AUTH_SERVICE_AUTH_INITIATION_DATA,
authInitiationDataList);
}
authInitiationDataList.add(authInitiationData);
});
if (status == AuthenticatorFlowStatus.INCOMPLETE) {
handleAPIBasedAuthenticationData(request, authenticator, context);
}

if (LOG.isDebugEnabled()) {
Expand Down Expand Up @@ -1449,4 +1439,27 @@ private String resolveUserResidentOrganization(AuthenticatedUser authenticatedUs
}
throw new FrameworkException("User resident organization could not found");
}

private void handleAPIBasedAuthenticationData(HttpServletRequest request, ApplicationAuthenticator authenticator,
AuthenticationContext context) {

if (isAPIBasedAuthenticationFlow(request) && authenticator.isAPIBasedAuthenticationSupported()) {
authenticator.getAuthInitiationData(context).ifPresent(authInitiationData -> {
List<AuthenticatorData> authInitiationDataList =
(List<AuthenticatorData>) request
.getAttribute(AuthServiceConstants.AUTH_SERVICE_AUTH_INITIATION_DATA);
if (authInitiationDataList == null) {
authInitiationDataList = new ArrayList<>();
request.setAttribute(AuthServiceConstants.AUTH_SERVICE_AUTH_INITIATION_DATA,
authInitiationDataList);
}
authInitiationDataList.add(authInitiationData);
});
}
}

private boolean isAPIBasedAuthenticationFlow(HttpServletRequest request) {

return Boolean.TRUE.equals(request.getAttribute(FrameworkConstants.IS_API_BASED_AUTH_FLOW));
}
}
1 change: 1 addition & 0 deletions ...ty/application/authentication/framework/model/auth/service/AuthServiceRequestWrapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ public AuthServiceRequestWrapper(HttpServletRequest request, Map<String, String[
this.parameters = parameters;
setSessionDataKey(parameters);
skipNonceCookieValidation();
this.setAttribute(FrameworkConstants.IS_API_BASED_AUTH_FLOW, true);
}

@Override
Expand Down
1 change: 1 addition & 0 deletions ...rg/wso2/carbon/identity/application/authentication/framework/util/FrameworkConstants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ public abstract class FrameworkConstants {
public static final String SKIP_NONCE_COOKIE_VALIDATION = "SkipNonceCookieValidation";
public static final String IS_MULTI_OPS_RESPONSE = "isMultiOptionsResponse";
public static final String IS_AUTH_FLOW_CONCLUDED = "isAuthFlowConcluded";
public static final String IS_API_BASED_AUTH_FLOW = "isAPIBasedAuthFlow";

// This is to support sign-up form to be displayed in the provisioning flow, as when trying to displaying the
// sign-up form, we validate whether self-sign up is enabled.
Expand Down

0 comments on commit 85c914e

Please sign in to comment.