/* * Copyright (C) 2019 Authlete, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, * either express or implied. See the License for the specific * language governing permissions and limitations under the * License. */ package com.authlete.jaxrs.server.ad; import static org.glassfish.jersey.client.ClientProperties.CONNECT_TIMEOUT; import static org.glassfish.jersey.client.ClientProperties.READ_TIMEOUT; import javax.ws.rs.client.Client; import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import org.glassfish.jersey.client.ClientConfig; import com.authlete.jaxrs.server.ServerConfig; import com.authlete.jaxrs.server.ad.dto.AsyncAuthenticationRequest; import com.authlete.jaxrs.server.ad.dto.AsyncAuthenticationResponse; import com.authlete.jaxrs.server.ad.dto.PollAuthenticationRequest; import com.authlete.jaxrs.server.ad.dto.PollAuthenticationResponse; import com.authlete.jaxrs.server.ad.dto.PollAuthenticationResultRequest; import com.authlete.jaxrs.server.ad.dto.PollAuthenticationResultResponse; import com.authlete.jaxrs.server.ad.dto.SyncAuthenticationRequest; import com.authlete.jaxrs.server.ad.dto.SyncAuthenticationResponse; /** * A class to communicate with <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim"> * Authlete CIBA authentication device simulator API</a>. * * @see <a href="https://cibasim.authlete.com">Authlete CIBA authentication * device simulator</a> * * @see <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim">Authlete CIBA authentication device simulator API</a> * * @author Hideki Ikeda */ public class AuthenticationDevice { /** * The limit values for end-user authentication/authorization timeout defined * by <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim">Authlete * CIBA authentication device simulator API</a>. */ public static final int AUTH_TIMEOUT_MIN = 5; public static final int AUTH_TIMEOUT_MAX = 60; /** * Authlete CIBA authentication simulator API endpoints. */ private static final String SYNC_ENDPOINT_PATH = "/api/authenticate/sync"; private static final String ASYNC_ENDPOINT_PATH = "/api/authenticate/async"; private static final String POLL_ENDPOINT_PATH = "/api/authenticate/poll"; private static final String POLL_RESULT_ENDPOINT_PATH = "/api/authenticate/result"; /** * Parameters required to communicate with the authentication device simulator. */ private static final String sBaseUrl = ServerConfig.getAuthleteAdBaseUrl(); private static final String sWorkspace = ServerConfig.getAuthleteAdWorkspace(); private static final int sSyncConnectTimeout = ServerConfig.getAuthleteAdSyncConnectTimeout(); private static final int sSyncAdditionalReadTimeout = ServerConfig.getAuthleteAdSyncAdditionalReadTimeout(); private static final int sAsyncConnectTimeout = ServerConfig.getAuthleteAdAsyncConnectTimeout(); private static final int sAsyncReadTimeout = ServerConfig.getAuthleteAdAsyncReadTimeout(); private static final int sPollConnectTimeout = ServerConfig.getAuthleteAdPollConnectTimeout(); private static final int sPollReadTimeout = ServerConfig.getAuthleteAdPollReadTimeout(); private static final int sPollResultConnectTimeout = ServerConfig.getAuthleteAdPollResultConnectTimeout(); private static final int sPollResultReadTimeout = ServerConfig.getAuthleteAdPollResultReadTimeout(); private static Client createClient(int readTimeout, int connectTimeout) { // Client configuration. ClientConfig config = new ClientConfig(); // Read timeout. config.property(READ_TIMEOUT, readTimeout); // Connect timeout. config.property(CONNECT_TIMEOUT, connectTimeout); // The client that synchronously communicates with the authentication device simulator. return ClientBuilder.newClient(config); } /** * Send a request to the authentication device simulator for end-user authentication * and authorization in synchronous mode. * * @param subject * The subject of the end-user to be authenticated and asked to authorize * the client application. * * @param message * A message to be shown to the end-user on the authentication device. * * @param authTimeout * The value of timeout in seconds for the end-user authentication/authorization * on the authentication device. * * @param actionizeToken * A token that is used with the actionize endpoint ({@code /api/atuhenticate/actionize}) * to automate authentication device responses. * * @return * A response from the authentication device. */ public static SyncAuthenticationResponse sync(String subject, String message, int authTimeout, String actionizeToken) { // Determine the read timeout in milliseconds based on the value of the // authentication timeout. This should be a bit longer than the timeout // for end-user authentication/authorization. int readTimeout = authTimeout * 1000 + sSyncAdditionalReadTimeout; // Create a web client to communicate with the authentication device. Client client = createClient(readTimeout, sSyncConnectTimeout); // A request to be sent to the authentication device. SyncAuthenticationRequest request = new SyncAuthenticationRequest() .setWorkspace(sWorkspace) .setUser(subject) .setMessage(message) .setTimeout(authTimeout) .setActionizeToken(actionizeToken); // Send the request as an HTTP POST request. return post(client, SYNC_ENDPOINT_PATH, request, SyncAuthenticationResponse.class); } /** * Send a request to the authentication device simulator for for end-user authentication * and authorization in asynchronous mode. * * @param subject * The subject of the end-user to be authenticated and asked to authorize * the client application. * * @param message * A message to be shown to the end-user on the authentication device. * * @param authTimeout * The value of timeout in seconds for the end-user authentication/authorization * on the authentication device. * * @param actionizeToken * A token that is used with the actionize endpoint ({@code /api/atuhenticate/actionize}) * to automate authentication device responses. * * @return * A response from the authentication device simulator. */ public static AsyncAuthenticationResponse async(String subject, String message, int authTimeout, String actionizeToken) { // Create a web client to communicate with the authentication device. Client client = createClient(sAsyncReadTimeout, sAsyncConnectTimeout); // A request to be sent to the authentication device. AsyncAuthenticationRequest request = new AsyncAuthenticationRequest() .setWorkspace(sWorkspace) .setUser(subject) .setMessage(message) .setTimeout(authTimeout) .setActionizeToken(actionizeToken); // Send the request as an HTTP POST request. return post(client, ASYNC_ENDPOINT_PATH, request, AsyncAuthenticationResponse.class); } /** * Send a request to the authentication device simulator for end-user authentication * and authorization in poll mode. * * @param subject * The subject of the end-user to be authenticated and asked to authorize * the client application. * * @param message * A message to be shown to the end-user on the authentication device. * * @param authTimeout * The value of timeout in seconds for the end-user authentication/authorization * on the authentication device. * * @param actionizeToken * A token that is used with the actionize endpoint ({@code /api/atuhenticate/actionize}) * to automate authentication device responses. * * @return * A response from the authentication device simulator. */ public static PollAuthenticationResponse poll(String subject, String message, int authTimeout, String actionizeToken) { // Create a web client to communicate with the authentication device. Client client = createClient(sPollReadTimeout, sPollConnectTimeout); // A request to be sent to the authentication device. PollAuthenticationRequest request = new PollAuthenticationRequest() .setWorkspace(sWorkspace) .setUser(subject) .setMessage(message) .setTimeout(authTimeout) .setActionizeToken(actionizeToken); // Send the request as an HTTP POST request. return post(client, POLL_ENDPOINT_PATH, request, PollAuthenticationResponse.class); } /** * Send a request to the authentication device simulator for fetching the result * of the end-user authentication and authorization in poll mode. * * @param requestId * A request ID that was returned from the authentication simlator's * poll result endpoint ({@code /api/authenticate/result}). * * @return * A response from the authentication device simulator. */ public static PollAuthenticationResultResponse pollResult(String requestId) { // Create a web client to communicate with the authentication device. Client client = createClient(sPollResultReadTimeout, sPollResultConnectTimeout); // A request to be sent to the authentication device. PollAuthenticationResultRequest request = new PollAuthenticationResultRequest() .setRequestId(requestId); // Send the request as an HTTP POST request. return post(client, POLL_RESULT_ENDPOINT_PATH, request, PollAuthenticationResultResponse.class); } private static <TRequest, TResponse> TResponse post(Client client, String path, TRequest request, Class<TResponse> responseClass) { try { // Send the request to the authentication device as a HTTP Post request. return client .target(sBaseUrl) .path(path) .request() .post(Entity.json(request), responseClass); } finally { // Close the client. client.close(); } } }