Improve auth framework with authenticator type.

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/ApplicationAuthenticator.java

@@ -23,6 +23,7 @@
 import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
 import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
 import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatorData;
+import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
 import org.wso2.carbon.identity.application.common.model.Property;
 
 import java.io.Serializable;
@@ -171,4 +172,13 @@ default String getI18nKey() {
         return StringUtils.EMPTY;
     }
 
+    /**
+     * Get the authenticator type (LOCAL, FEDERATED or CUSTOM)
+     *
+     * @return Authenticator Type.
+     */
+    default FrameworkConstants.AuthenticatorType getAuthenticatorType() {
+
+        return FrameworkConstants.AuthenticatorType.UNDEFINED;
+    }
 }

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/JITProvisioningPostAuthenticationHandler.java

@@ -34,7 +34,6 @@
 import org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput;
 import org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput;
 import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
-import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
 import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
 import org.wso2.carbon.identity.application.authentication.framework.config.model.ExternalIdPConfig;
@@ -93,6 +92,7 @@
 
 import static org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.ALLOW_LOGIN_TO_IDP;
+import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.AuthenticatorType;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.SEND_ONLY_LOCALLY_MAPPED_ROLES_OF_IDP;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.EMAIL_ADDRESS_CLAIM;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_ENCRYPTING_TOTP_SECRET_KEY;
@@ -187,7 +187,9 @@ private PostAuthnHandlerFlowStatus handleResponseFlow(HttpServletRequest request
             AuthenticatorConfig authenticatorConfig = stepConfig.getAuthenticatedAutenticator();
             ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();
 
-            if (authenticator instanceof FederatedApplicationAuthenticator) {
+            if (AuthenticatorType.FEDERATED.equals(authenticator.getAuthenticatorType()) ||
+                    (AuthenticatorType.CUSTOM.equals(authenticator.getAuthenticatorType())
+                            && stepConfig.getAuthenticatedUser().isFederatedUser())) {
                 String externalIdPConfigName = stepConfig.getAuthenticatedIdP();
                 ExternalIdPConfig externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context);
                 context.setExternalIdP(externalIdPConfig);
@@ -295,7 +297,9 @@ private PostAuthnHandlerFlowStatus handleRequestFlow(HttpServletRequest request,
             }
             ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();
 
-            if (authenticator instanceof FederatedApplicationAuthenticator) {
+            if (AuthenticatorType.FEDERATED.equals(authenticator.getAuthenticatorType()) ||
+                    (AuthenticatorType.CUSTOM.equals(authenticator.getAuthenticatorType()) &&
+                            stepConfig.getAuthenticatedUser().isFederatedUser())) {
                 String externalIdPConfigName = stepConfig.getAuthenticatedIdP();
                 ExternalIdPConfig externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context);
                 context.setExternalIdP(externalIdPConfig);

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandler.java

@@ -24,7 +24,6 @@
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
-import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
 import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
 import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
@@ -53,6 +52,7 @@
 import javax.servlet.http.HttpServletResponse;
 
 import static org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
+import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.AuthenticatorType;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.USER_TENANT_DOMAIN;
 
 /**
@@ -114,7 +114,9 @@ public PostAuthnHandlerFlowStatus handle(HttpServletRequest request, HttpServlet
             }
             ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();
 
-            if (authenticator instanceof FederatedApplicationAuthenticator) {
+            if (AuthenticatorType.FEDERATED.equals(authenticator.getAuthenticatorType()) ||
+                    (AuthenticatorType.CUSTOM.equals(authenticator.getAuthenticatorType()) &&
+                        stepConfig.getAuthenticatedUser().isFederatedUser())) {
                 if (stepConfig.isSubjectIdentifierStep()) {
                     if (log.isDebugEnabled()) {
                         log.debug(authenticator.getName() + " has been set up for subject identifier step.");

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/DefaultStepBasedSequenceHandler.java

@@ -25,7 +25,6 @@
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler;
-import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
 import org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig;
 import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
@@ -60,8 +59,10 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.AuthenticatorType;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.CONFIG_ALLOW_SP_REQUESTED_FED_CLAIMS_ONLY;
 
+
 /**
  * Default implementation of step based sequence handler.
  */
@@ -289,7 +290,9 @@ protected void handlePostAuthentication(HttpServletRequest request,
 
             stepCount++;
 
-            if (authenticator instanceof FederatedApplicationAuthenticator) {
+            if (AuthenticatorType.FEDERATED.equals(authenticator.getAuthenticatorType()) ||
+                    (AuthenticatorType.CUSTOM.equals(authenticator.getAuthenticatorType()) &&
+                        stepConfig.getAuthenticatedUser().isFederatedUser())) {
 
                 ExternalIdPConfig externalIdPConfig = null;
                 try {

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java

@@ -30,7 +30,6 @@
 import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler;
 import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
-import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.LocalApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
 import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder;
@@ -87,6 +86,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.AuthenticatorType;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.BASIC_AUTH_MECHANISM;
 import static org.wso2.carbon.identity.base.IdentityConstants.FEDERATED_IDP_SESSION_ID;
 
@@ -713,7 +713,9 @@ protected void doAuthentication(HttpServletRequest request, HttpServletResponse
         }
 
         String idpName = FrameworkConstants.LOCAL_IDP_NAME;
-        if (context.getExternalIdP() != null && authenticator instanceof FederatedApplicationAuthenticator) {
+        if (context.getExternalIdP() != null &&
+                (AuthenticatorType.FEDERATED.equals(authenticator.getAuthenticatorType()) ||
+                    AuthenticatorType.CUSTOM.equals(authenticator.getAuthenticatorType()))) {
             idpName = context.getExternalIdP().getIdPName();
         }
         // Add Diagnostic Logs for the selected authenticator by the user.
@@ -771,7 +773,9 @@ protected void doAuthentication(HttpServletRequest request, HttpServletResponse
                 context.getSubject().setAccessingOrganization(userResidentOrganization);
             }
 
-            if (authenticator instanceof FederatedApplicationAuthenticator) {
+            if (AuthenticatorType.FEDERATED.equals(authenticator.getAuthenticatorType()) ||
+                    (AuthenticatorType.CUSTOM.equals(authenticator.getAuthenticatorType())
+                            && context.getSubject().isFederatedUser())) {
 
                 if (context.getSubject().getUserName() == null) {
                     // Set subject identifier as the default username for federated users

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkConstants.java

@@ -817,4 +817,17 @@ public enum AuthenticatorMessageType {
         INFO,
         ERROR
     }
+
+    /**
+     * Default application related constants.
+     */
+    public enum AuthenticatorType {
+
+        LOCAL,
+        FEDERATED,
+        REQUEST_PATH,
+        FLOW_HANDLER,
+        CUSTOM,
+        UNDEFINED
+    }
 }

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java

@@ -41,7 +41,6 @@
 import org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher;
 import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler;
 import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
-import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
 import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCache;
 import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCacheEntry;
 import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationContextCacheKey;
@@ -201,6 +200,7 @@
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Application.CONSOLE_APP_PATH;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Application.MY_ACCOUNT_APP;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Application.MY_ACCOUNT_APP_PATH;
+import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.AuthenticatorType;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.CONTEXT_PROP_INVALID_EMAIL_USERNAME;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.AUTHENTICATION_CONTEXT_EXPIRY_VALIDATION;
 import static org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants.Config.SKIP_LOCAL_USER_SEARCH_FOR_AUTHENTICATION_FLOW_HANDLERS;
@@ -3395,7 +3395,9 @@ public static boolean isJITProvisioningEnabled(AuthenticationContext context)
             }
             ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();
 
-            if (authenticator instanceof FederatedApplicationAuthenticator) {
+            if (AuthenticatorType.FEDERATED.equals(authenticator.getAuthenticatorType()) ||
+                    (AuthenticatorType.CUSTOM.equals(authenticator.getAuthenticatorType())
+                            && stepConfig.getAuthenticatedUser().isFederatedUser())) {
                 ExternalIdPConfig externalIdPConfig;
                 String externalIdPConfigName = stepConfig.getAuthenticatedIdP();
                 externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context);

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/JITProvisioningPostAuthenticationHandlerTest.java

@@ -195,6 +195,11 @@ private AuthenticationContext processAndGetAuthenticationContext(ServiceProvider
 
         if (isFederated) {
             applicationAuthenticator = mock(FederatedApplicationAuthenticator.class);
+            lenient().when(applicationAuthenticator.getAuthenticatorType())
+                    .thenReturn(FrameworkConstants.AuthenticatorType.FEDERATED);
+        } else {
+            lenient().when(applicationAuthenticator.getAuthenticatorType())
+                    .thenReturn(FrameworkConstants.AuthenticatorType.LOCAL);
         }
         lenient().when(applicationAuthenticator.getName()).thenReturn("Authenticator1");
 

components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/PostAuthAssociationHandlerTest.java

@@ -211,6 +211,11 @@ private AuthenticationContext processAndGetAuthenticationContext(ServiceProvider
 
         if (isFederated) {
             applicationAuthenticator = mock(FederatedApplicationAuthenticator.class);
+            when(applicationAuthenticator.getAuthenticatorType())
+                    .thenReturn(FrameworkConstants.AuthenticatorType.FEDERATED);
+        } else {
+            when(applicationAuthenticator.getAuthenticatorType())
+                    .thenReturn(FrameworkConstants.AuthenticatorType.LOCAL);
         }
         when(applicationAuthenticator.getName()).thenReturn("Authenticator1");