Skip to content

Commit

Permalink
Add authentication Types for authenticators.
Browse files Browse the repository at this point in the history
  • Loading branch information
Thisara-Welmilla committed Sep 1, 2024
1 parent 9e32b08 commit da06b15
Show file tree
Hide file tree
Showing 8 changed files with 50 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -171,4 +171,17 @@ default String getI18nKey() {
return StringUtils.EMPTY;
}

default AuthenticatorType getAuthenticatorType() {

return AuthenticatorType.SYSTEM;
}

/**
* The Authentication Type - SYSTEM: system define authenticator, CUSTOM: user defined authentication extension.
*/
enum AuthenticatorType {

SYSTEM,
CUSTOM
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
import org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput;
import org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
Expand Down Expand Up @@ -187,7 +188,11 @@ private PostAuthnHandlerFlowStatus handleResponseFlow(HttpServletRequest request
AuthenticatorConfig authenticatorConfig = stepConfig.getAuthenticatedAutenticator();
ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();

if (authenticator instanceof FederatedApplicationAuthenticator) {
AuthenticatorType authenticatorType = authenticator.getAuthenticatorType();
if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof
FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType)
&& stepConfig.getAuthenticatedUser().isFederatedUser())) {

String externalIdPConfigName = stepConfig.getAuthenticatedIdP();
ExternalIdPConfig externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context);
context.setExternalIdP(externalIdPConfig);
Expand Down Expand Up @@ -295,7 +300,11 @@ private PostAuthnHandlerFlowStatus handleRequestFlow(HttpServletRequest request,
}
ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();

if (authenticator instanceof FederatedApplicationAuthenticator) {
AuthenticatorType authenticatorType = authenticator.getAuthenticatorType();
if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof
FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType)
&& stepConfig.getAuthenticatedUser().isFederatedUser())) {

String externalIdPConfigName = stepConfig.getAuthenticatedIdP();
ExternalIdPConfig externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context);
context.setExternalIdP(externalIdPConfig);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
Expand Down Expand Up @@ -114,7 +115,11 @@ public PostAuthnHandlerFlowStatus handle(HttpServletRequest request, HttpServlet
}
ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();

if (authenticator instanceof FederatedApplicationAuthenticator) {
AuthenticatorType authenticatorType = authenticator.getAuthenticatorType();
if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof
FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType)
&& stepConfig.getAuthenticatedUser().isFederatedUser())) {

if (stepConfig.isSubjectIdentifierStep()) {
if (log.isDebugEnabled()) {
log.debug(authenticator.getName() + " has been set up for subject identifier step.");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
Expand Down Expand Up @@ -289,7 +290,10 @@ protected void handlePostAuthentication(HttpServletRequest request,

stepCount++;

if (authenticator instanceof FederatedApplicationAuthenticator) {
AuthenticatorType authenticatorType = authenticator.getAuthenticatorType();
if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof
FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType)
&& stepConfig.getAuthenticatedUser().isFederatedUser())) {

ExternalIdPConfig externalIdPConfig = null;
try {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
Expand Down Expand Up @@ -771,7 +772,10 @@ protected void doAuthentication(HttpServletRequest request, HttpServletResponse
context.getSubject().setAccessingOrganization(userResidentOrganization);
}

if (authenticator instanceof FederatedApplicationAuthenticator) {
AuthenticatorType authenticatorType = authenticator.getAuthenticatorType();
if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof
FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType)
&& context.getSubject().isFederatedUser())) {

if (context.getSubject().getUserName() == null) {
// Set subject identifier as the default username for federated users
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator.AuthenticatorType;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticationDataPublisher;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticationFlowHandler;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
Expand Down Expand Up @@ -3395,7 +3396,11 @@ public static boolean isJITProvisioningEnabled(AuthenticationContext context)
}
ApplicationAuthenticator authenticator = authenticatorConfig.getApplicationAuthenticator();

if (authenticator instanceof FederatedApplicationAuthenticator) {
AuthenticatorType authenticatorType = authenticator.getAuthenticatorType();
if ((AuthenticatorType.SYSTEM.equals(authenticatorType) && authenticator instanceof
FederatedApplicationAuthenticator) || (AuthenticatorType.CUSTOM.equals(authenticatorType)
&& stepConfig.getAuthenticatedUser().isFederatedUser())) {

ExternalIdPConfig externalIdPConfig;
String externalIdPConfigName = stepConfig.getAuthenticatedIdP();
externalIdPConfig = getExternalIdpConfig(externalIdPConfigName, context);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,6 @@
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.anyString;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.lenient;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.mockStatic;
Expand Down Expand Up @@ -165,7 +164,8 @@ public void testHandleWithAuthenticatedUserWithFederatedIdp() throws FrameworkEx
configurationFacade.when(ConfigurationFacade::getInstance).thenReturn(mockConfigurationFacade);
IdentityProvider identityProvider = getTestIdentityProvider("default-tp-1.xml");
ExternalIdPConfig externalIdPConfig = new ExternalIdPConfig(identityProvider);
doReturn(externalIdPConfig).when(mockConfigurationFacade).getIdPConfigByName(eq(null), anyString());
lenient().doReturn(externalIdPConfig).when(mockConfigurationFacade)
.getIdPConfigByName(eq(null), anyString());

PostAuthnHandlerFlowStatus postAuthnHandlerFlowStatus = postJITProvisioningHandler
.handle(request, response, context);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,8 @@ private AuthenticationContext processAndGetAuthenticationContext(ServiceProvider
if (isFederated) {
applicationAuthenticator = mock(FederatedApplicationAuthenticator.class);
}
when(applicationAuthenticator.getAuthenticatorType())
.thenReturn(ApplicationAuthenticator.AuthenticatorType.SYSTEM);
when(applicationAuthenticator.getName()).thenReturn("Authenticator1");

if (withAuthenticatedUser) {
Expand Down

0 comments on commit da06b15

Please sign in to comment.