org.wso2.carbon.identity.authenticator.InweboAuthenticator.java Source code

Java tutorial

Introduction

Here is the source code for org.wso2.carbon.identity.authenticator.InweboAuthenticator.java

Source

/*
 *  Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
 *
 *  WSO2 Inc. licenses this file to you under the Apache License,
 *  Version 2.0 (the "License"); you may not use this file except
 *  in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *  http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing,
 *  software distributed under the License is distributed on an
 *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 *  KIND, either express or implied.  See the License for the
 *  specific language governing permissions and limitations
 *  under the License.
 *
 */
package org.wso2.carbon.identity.authenticator;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.LocalApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;

import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

/**
 * Authenticator of Inwebo
 */
public class InweboAuthenticator extends AbstractApplicationAuthenticator
        implements FederatedApplicationAuthenticator {

    private static Log log = LogFactory.getLog(InweboAuthenticator.class);
    private static final long serialVersionUID = -4154255583070524018L;
    private String pushResponse = null;
    private String userId = null;

    /**
     * Check whether the authentication or logout request can be handled by the authenticator
     */
    @Override
    public boolean canHandle(HttpServletRequest request) {

        if (log.isDebugEnabled()) {
            log.debug("Inside InweboAuthenticator.canHandle()");
        }
        return (!StringUtils.isEmpty(request.getParameter("inwebo")));
    }

    /**
     * initiate the authentication request
     */
    @Override
    protected void initiateAuthenticationRequest(HttpServletRequest request, HttpServletResponse response,
            AuthenticationContext context) throws AuthenticationFailedException {
        String loginPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL();
        loginPage = loginPage.replace(InweboConstants.INWEBO_LOGINPAGE, InweboConstants.INWEBO_PAGE);
        try {
            String retryParam = "";
            if (context.isRetrying()) {
                retryParam = InweboConstants.RETRY_PARAM;
            }
            response.sendRedirect(response.encodeRedirectURL(loginPage + "?" + FrameworkConstants.SESSION_DATA_KEY
                    + "=" + context.getContextIdentifier() + retryParam));
        } catch (IOException e) {
            throw new AuthenticationFailedException("Error while redirecting", e);
        }
    }

    /**
     * Get the configuration properties of UI
     */
    @Override
    public List<Property> getConfigurationProperties() {
        List<Property> configProperties = new ArrayList<Property>();
        Property serviceId = new Property();
        serviceId.setName(InweboConstants.SERVICE_ID);
        serviceId.setDisplayName("Service Id");
        serviceId.setRequired(true);
        serviceId.setDescription("Enter your service id");
        configProperties.add(serviceId);

        Property p12file = new Property();
        p12file.setName(InweboConstants.INWEBO_P12FILE);
        p12file.setDisplayName("Certificate File");
        p12file.setRequired(true);
        p12file.setDescription("Enter your p12_file path");
        configProperties.add(p12file);

        Property p12password = new Property();
        p12password.setName(InweboConstants.INWEBO_P12PASSWORD);
        p12password.setDisplayName("Certificate Password");
        p12password.setRequired(true);
        p12password.setConfidential(true);
        p12password.setDescription("Enter your p12_password");
        configProperties.add(p12password);

        Property retryCount = new Property();
        retryCount.setName(InweboConstants.RETRY_COUNT);
        retryCount.setDisplayName("Waiting Time");
        retryCount.setDescription("Waiting time for authentication in seconds(<10)");
        configProperties.add(retryCount);

        Property retryInterval = new Property();
        retryInterval.setName(InweboConstants.RETRY_INTERVAL);
        retryInterval.setDisplayName("Retry Interval");
        retryInterval.setDescription("Retrying time interval in ms(eg 1000)");
        configProperties.add(retryInterval);

        return configProperties;
    }

    /**
     * Process the response of the Inwebo end-point
     */
    @Override
    protected void processAuthenticationResponse(HttpServletRequest request, HttpServletResponse response,
            AuthenticationContext context) throws AuthenticationFailedException {
        int waitTime;
        int retryInterval;
        String username = null;

        //Getting the last authenticated local user
        for (Integer stepMap : context.getSequenceConfig().getStepMap().keySet())
            if (context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedUser() != null
                    && context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedAutenticator()
                            .getApplicationAuthenticator() instanceof LocalApplicationAuthenticator) {
                username = String
                        .valueOf(context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedUser());
                break;
            }
        if (username != null) {
            UserRealm userRealm = null;
            try {
                String tenantDomain = MultitenantUtils.getTenantDomain(username);
                int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
                RealmService realmService = IdentityTenantUtil.getRealmService();
                userRealm = (UserRealm) realmService.getTenantUserRealm(tenantId);
                username = MultitenantUtils.getTenantAwareUsername(username);
                if (userRealm != null) {
                    userId = userRealm.getUserStoreManager()
                            .getUserClaimValue(username, InweboConstants.INWEBO_USERID, null).toString();
                } else {
                    throw new AuthenticationFailedException(
                            "Cannot find the user claim for the given userId: " + userId);
                }
            } catch (UserStoreException e) {
                throw new AuthenticationFailedException("Error while getting the user realm" + e.getMessage(), e);
            }
        }
        Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
        if (authenticatorProperties != null) {
            String serviceId = authenticatorProperties.get(InweboConstants.SERVICE_ID);
            String p12file = authenticatorProperties.get(InweboConstants.INWEBO_P12FILE);
            String p12password = authenticatorProperties.get(InweboConstants.INWEBO_P12PASSWORD);
            if (!StringUtils.isEmpty(authenticatorProperties.get(InweboConstants.RETRY_COUNT))) {
                waitTime = Integer.parseInt(authenticatorProperties.get(InweboConstants.RETRY_COUNT));
            } else {
                waitTime = Integer.parseInt(InweboConstants.WAITTIME_DEFAULT);
            }
            if (!StringUtils.isEmpty(authenticatorProperties.get(InweboConstants.RETRY_INTERVAL))) {
                retryInterval = Integer.parseInt(authenticatorProperties.get(InweboConstants.RETRY_INTERVAL));
            } else {
                retryInterval = Integer.parseInt(InweboConstants.RETRYINTERVAL_DEFAULT);
            }
            PushRestCall push = new PushRestCall(serviceId, p12file, p12password, userId, waitTime, retryInterval);
            pushResponse = push.run();

            if (pushResponse.contains(InweboConstants.PUSHRESPONSE)) {
                if (log.isDebugEnabled()) {
                    log.info("Authentication successful");
                }
                context.setSubject(AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(userId));
            } else {
                throw new AuthenticationFailedException("Authentication failed");
            }
            pushResponse = null;
            userId = null;
        } else {
            throw new AuthenticationFailedException("Required parameters are empty");
        }
    }

    @Override
    protected boolean retryAuthenticationEnabled() {
        return true;
    }

    /**
     * Get the friendly name of the Authenticator
     */
    @Override
    public String getFriendlyName() {
        return InweboConstants.AUTHENTICATOR_FRIENDLY_NAME;
    }

    /**
     * Get the name of the Authenticator
     */
    @Override
    public String getName() {
        return InweboConstants.AUTHENTICATOR_NAME;
    }

    /**
     * Get the Context identifier sent with the request.
     */
    public String getContextIdentifier(HttpServletRequest httpServletRequest) {
        return null;
    }
}