From 6121b29807c0e0a0d97e52a0a05740b39cd0415f Mon Sep 17 00:00:00 2001 From: thisarawelmilla Date: Sat, 31 Aug 2024 22:48:05 +0530 Subject: [PATCH] Add authentication Types for authenticators. --- .../framework/ApplicationAuthenticator.java | 13 +++++++++++++ .../JITProvisioningPostAuthenticationHandler.java | 13 +++++++++++-- .../request/impl/PostAuthAssociationHandler.java | 7 ++++++- .../impl/DefaultStepBasedSequenceHandler.java | 6 +++++- .../handler/step/impl/DefaultStepHandler.java | 6 +++++- .../framework/util/FrameworkUtils.java | 7 ++++++- .../impl/PostAuthAssociationHandlerTest.java | 2 ++ 7 files changed, 48 insertions(+), 6 deletions(-) diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/ApplicationAuthenticator.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/ApplicationAuthenticator.java index 6c974a31d83b..b78e85aa6f49 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/ApplicationAuthenticator.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/ApplicationAuthenticator.java @@ -171,4 +171,17 @@ default String getI18nKey() { return StringUtils.EMPTY; } + default AuthenticatorType getAuthenticatorType() { + + return AuthenticatorType.SYSTEM; + } + + /** + * The Authentication Type - SYSTEM: system define authenticator, CUSTOM: user defined authentication extension. + */ + enum AuthenticatorType { + + SYSTEM, + CUSTOM + } } diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/JITProvisioningPostAuthenticationHandler.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/JITProvisioningPostAuthenticationHandler.java index 8a9939ea241d..e073603d863d 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/JITProvisioningPostAuthenticationHandler.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/JITProvisioningPostAuthenticationHandler.java @@ -34,6 +34,7 @@ import org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput; import org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput; import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator; +import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType; import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator; import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade; import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig; @@ -187,7 +188,11 @@ private PostAuthnHandlerFlowStatus handleResponseFlow(HttpServletRequest request AuthenticatorConfig authenticatorConfig = stepConfig.getAuthenticatedAutenticator(); ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator(); - if (authenticator instanceof FederatedApplicationAuthenticator) { + AuthenticatorType authenticatorType = authenticator.getAuthenticatorType(); + if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof + FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType) + && stepConfig.getAuthenticatedUser().isFederatedUser())) { + String externalIdPConfigName = stepConfig.getAuthenticatedIdP(); ExternalIdPConfig externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context); context.setExternalIdP(externalIdPConfig); @@ -295,7 +300,11 @@ private PostAuthnHandlerFlowStatus handleRequestFlow(HttpServletRequest request, } ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator(); - if (authenticator instanceof FederatedApplicationAuthenticator) { + AuthenticatorType authenticatorType = authenticator.getAuthenticatorType(); + if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof + FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType) + && stepConfig.getAuthenticatedUser().isFederatedUser())) { + String externalIdPConfigName = stepConfig.getAuthenticatedIdP(); ExternalIdPConfig externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context); context.setExternalIdP(externalIdPConfig); diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandler.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandler.java index ce831f298fd2..ff759fcb2392 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandler.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandler.java @@ -24,6 +24,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator; +import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType; import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator; import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig; import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig; @@ -114,7 +115,11 @@ public PostAuthnHandlerFlowStatus handle(HttpServletRequest request, HttpServlet } ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator(); - if (authenticator instanceof FederatedApplicationAuthenticator) { + AuthenticatorType authenticatorType = authenticator.getAuthenticatorType(); + if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof + FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType) + && stepConfig.getAuthenticatedUser().isFederatedUser())) { + if (stepConfig.isSubjectIdentifierStep()) { if (log.isDebugEnabled()) { log.debug(authenticator.getName() + " has been set up for subject identifier step."); diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/DefaultStepBasedSequenceHandler.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/DefaultStepBasedSequenceHandler.java index 3b5b4634cb38..5dc981a0c69a 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/DefaultStepBasedSequenceHandler.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/DefaultStepBasedSequenceHandler.java @@ -24,6 +24,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator; +import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType; import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler; import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator; import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade; @@ -289,7 +290,10 @@ protected void handlePostAuthentication(HttpServletRequest request, stepCount++; - if (authenticator instanceof FederatedApplicationAuthenticator) { + AuthenticatorType authenticatorType = authenticator.getAuthenticatorType(); + if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof + FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType) + && stepConfig.getAuthenticatedUser().isFederatedUser())) { ExternalIdPConfig externalIdPConfig = null; try { diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java index 3633d3c01097..d8ed4e2f4ede 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java @@ -28,6 +28,7 @@ import org.wso2.carbon.CarbonConstants; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator; +import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType; import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler; import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus; import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator; @@ -771,7 +772,10 @@ protected void doAuthentication(HttpServletRequest request, HttpServletResponse context.getSubject().setAccessingOrganization(userResidentOrganization); } - if (authenticator instanceof FederatedApplicationAuthenticator) { + AuthenticatorType authenticatorType = authenticator.getAuthenticatorType(); + if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof + FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType) + && context.getSubject().isFederatedUser())) { if (context.getSubject().getUserName() == null) { // Set subject identifier as the default username for federated users diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java index 88c9a095f651..b79c71165b99 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java @@ -38,6 +38,7 @@ import org.wso2.carbon.core.util.CryptoException; import org.wso2.carbon.core.util.CryptoUtil; import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator; +import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType; import org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher; import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler; import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus; @@ -3395,7 +3396,11 @@ public static boolean isJITProvisioningEnabled(AuthenticationContext context) } ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator(); - if (authenticator instanceof FederatedApplicationAuthenticator) { + AuthenticatorType authenticatorType = authenticator.getAuthenticatorType(); + if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof + FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType) + && stepConfig.getAuthenticatedUser().isFederatedUser())) { + ExternalIdPConfig externalIdPConfig; String externalIdPConfigName = stepConfig.getAuthenticatedIdP(); externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context); diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandlerTest.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandlerTest.java index 9c172b60891f..6acc4d4045d9 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandlerTest.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandlerTest.java @@ -212,6 +212,8 @@ private AuthenticationContext processAndGetAuthenticationContext(ServiceProvider if (isFederated) { applicationAuthenticator = mock(FederatedApplicationAuthenticator.class); } + when(applicationAuthenticator.getAuthenticatorType()) + .thenReturn(ApplicationAuthenticator.AuthenticatorType.SYSTEM); when(applicationAuthenticator.getName()).thenReturn("Authenticator1"); if (withAuthenticatedUser) {