Package com.okta.authn.sdk.impl.client

Class DefaultAuthenticationClient

    • Constructor Detail

      • DefaultAuthenticationClient

        public DefaultAuthenticationClient​(com.okta.sdk.impl.config.ClientConfiguration clientConfiguration)
        Instantiates a new AuthenticationClient instance that will communicate with the Okta REST API. See the class-level JavaDoc for a usage example.
        Parameters:
        clientConfiguration - the ClientConfiguration containing the connection information

    • Method Detail

      • authenticate

        public AuthenticationResponse authenticate​(java.lang.String username,
                                           char[] password,
                                           java.lang.String relayState,
                                           AuthenticationStateHandler stateHandler)
                                    throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Initiates a username and password login against Okta's Authentication API. A user should not be considered logged in until both the response status is {code SUCCESS} and the sessionToken is non null.
        Specified by:
        authenticate in interface AuthenticationClient
        Parameters:
        username - User’s non-qualified short-name (e.g. dade.murphy) or unique fully-qualified login (e.g dade.murphy@example.com)
        password - User’s password credential
        relayState - Optional state value that is persisted for the lifetime of the authentication transaction
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationFailureException - when username or password are invalid
        AuthenticationException - any other authentication related error

      • changePassword

        public AuthenticationResponse changePassword​(char[] oldPassword,
                                             char[] newPassword,
                                             java.lang.String stateToken,
                                             AuthenticationStateHandler stateHandler)
                                      throws AuthenticationException
        Description copied from interface: AuthenticationClient
        This operation changes a user’s password by providing the existing password and the new password password for authentication transactions with either the PASSWORD_EXPIRED or PASSWORD_WARN state.
        Specified by:
        changePassword in interface AuthenticationClient
        Parameters:
        oldPassword - User’s current password that is expired or about to expire
        newPassword - New password for user
        stateToken - state token for current transaction
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        CredentialsException - thrown if old password is invalid, or the new password fails to meet the requirements of the password policy
        AuthenticationException - any other authentication related error

      • changePassword

        public AuthenticationResponse changePassword​(ChangePasswordRequest changePasswordRequest,
                                             RequestContext requestContext,
                                             AuthenticationStateHandler stateHandler)
                                      throws AuthenticationException
        Description copied from interface: AuthenticationClient
        This operation changes a user’s password by providing the existing password and the new password password for authentication transactions with either the PASSWORD_EXPIRED or PASSWORD_WARN state.
        Specified by:
        changePassword in interface AuthenticationClient
        Parameters:
        changePasswordRequest - a request object holds all attributes sent to the remote API.
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        CredentialsException - thrown if old password is invalid, or the new password fails to meet the requirements of the password policy
        AuthenticationException - any other authentication related error

      • resetPassword

        public AuthenticationResponse resetPassword​(char[] newPassword,
                                            java.lang.String stateToken,
                                            AuthenticationStateHandler stateHandler)
                                     throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Resets a user’s password to complete a recovery transaction with a PASSWORD_RESET state.
        Specified by:
        resetPassword in interface AuthenticationClient
        Parameters:
        newPassword - User’s new password
        stateToken - state token for current transaction
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        CredentialsException - thrown if old password is invalid, or the new password fails to meet the requirements of the password policy
        AuthenticationException - any other authentication related error

      • recoverPassword

        public AuthenticationResponse recoverPassword​(java.lang.String username,
                                              FactorType factorType,
                                              java.lang.String relayState,
                                              AuthenticationStateHandler stateHandler)
                                       throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Starts a new password recovery transaction for a given user and issues a recovery token that can be used to reset a user’s password.
        Specified by:
        recoverPassword in interface AuthenticationClient
        Parameters:
        username - User’s non-qualified short-name (e.g. dade.murphy) or unique fully-qualified login (dade.murphy@example.com)
        factorType - Recovery factor to use for primary authentication
        relayState - Optional state value that is persisted for the lifetime of the recovery transaction
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • challengeFactor

        public AuthenticationResponse challengeFactor​(java.lang.String factorId,
                                              java.lang.String stateToken,
                                              RequestContext requestContext,
                                              AuthenticationStateHandler stateHandler)
                                       throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Requests a challenge factor be sent to the user via the corresponding {code}factorId{code}.
        Specified by:
        challengeFactor in interface AuthenticationClient
        Parameters:
        factorId - id of factor returned from enrollment
        stateToken - state token for current transaction
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • verifyFactor

        public AuthenticationResponse verifyFactor​(java.lang.String factorId,
                                           java.lang.String stateToken,
                                           RequestContext requestContext,
                                           AuthenticationStateHandler stateHandler)
                                    throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Verifies the state of a factor. Some factors (Push, Duo, etc) depend on a user action, this method can be used to poll the state of the a factor and transition to the next state when completed.
        Specified by:
        verifyFactor in interface AuthenticationClient
        Parameters:
        factorId - id of factor returned from enrollment
        stateToken - state token for current transaction
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • verifyFactor

        public AuthenticationResponse verifyFactor​(java.lang.String factorId,
                                           VerifyFactorRequest request,
                                           RequestContext requestContext,
                                           AuthenticationStateHandler stateHandler)
                                    throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Verifies an enrolled factor for an authentication transaction with the MFA_REQUIRED or MFA_CHALLENGE state
        Specified by:
        verifyFactor in interface AuthenticationClient
        Parameters:
        factorId - id of factor returned from enrollment
        request - the request object containing the required attributes to fulfill the verification
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • activateFactor

        public AuthenticationResponse activateFactor​(java.lang.String factorId,
                                             ActivateFactorRequest request,
                                             RequestContext requestContext,
                                             AuthenticationStateHandler stateHandler)
                                      throws AuthenticationException
        Description copied from interface: AuthenticationClient
        The sms, call and token:software:totp factor types require activation to complete the enrollment process.
        Specified by:
        activateFactor in interface AuthenticationClient
        Parameters:
        factorId - id of factor returned from enrollment
        request - the request object containing the required attributes to fulfill the activation
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • unlockAccount

        public AuthenticationResponse unlockAccount​(java.lang.String username,
                                            FactorType factorType,
                                            java.lang.String relayState,
                                            AuthenticationStateHandler stateHandler)
                                     throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Starts a new unlock recovery transaction for a given user and issues a recovery token that can be used to unlock a user’s account.
        Specified by:
        unlockAccount in interface AuthenticationClient
        Parameters:
        username - User’s non-qualified short-name (dade.murphy) or unique fully-qualified login (dade.murphy@example.com)
        factorType - Recovery factor to use for primary authentication
        relayState - Optional state value that is persisted for the lifetime of the recovery transaction
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • resendActivateFactor

        public AuthenticationResponse resendActivateFactor​(java.lang.String factorId,
                                                   java.lang.String stateToken,
                                                   RequestContext requestContext,
                                                   AuthenticationStateHandler stateHandler)
                                            throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Resend an activation factor challenge to a user. Factors that require the challenge sent to the user (push, call, sms, etc) may need to be resent to ensure delivery.
        Specified by:
        resendActivateFactor in interface AuthenticationClient
        Parameters:
        factorId - id of factor returned from enrollment
        stateToken - state token for current transaction
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • resendVerifyFactor

        public AuthenticationResponse resendVerifyFactor​(java.lang.String factorId,
                                                 java.lang.String stateToken,
                                                 RequestContext requestContext,
                                                 AuthenticationStateHandler stateHandler)
                                          throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Resend a factor verification challenge to a user. Factors that require the challenge sent to the user (push, call, sms, etc) may need to be resent to ensure delivery.
        Specified by:
        resendVerifyFactor in interface AuthenticationClient
        Parameters:
        factorId - id of factor returned from enrollment
        stateToken - state token for current transaction
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • sendActivationEmail

        public AuthenticationResponse sendActivationEmail​(java.lang.String factorId,
                                                  java.lang.String stateToken,
                                                  RequestContext requestContext,
                                                  AuthenticationStateHandler stateHandler)
                                           throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Sends an activation email when the user is unable to scan the QR code provided as part of an Okta Verify transaction. If for any reason the user can't scan the QR code, they can use the link provided in email or SMS to complete the transaction.
        Specified by:
        sendActivationEmail in interface AuthenticationClient
        Parameters:
        factorId - id of factor returned from enrollment
        stateToken - state token for current transaction
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • verifyActivation

        public AuthenticationResponse verifyActivation​(java.lang.String factorId,
                                               java.lang.String stateToken,
                                               RequestContext requestContext,
                                               AuthenticationStateHandler stateHandler)
                                        throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Returns the state of factor's activation. Some factors (Push, Duo, etc) depend on a user action, this method can be used to poll the state of the a factor's activation and transition to the next state when completed.
        Specified by:
        verifyActivation in interface AuthenticationClient
        stateToken - state token for current transaction
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error

      • verifyRecoveryToken

        public AuthenticationResponse verifyRecoveryToken​(java.lang.String recoveryToken,
                                                  RequestContext requestContext,
                                                  AuthenticationStateHandler stateHandler)
                                           throws AuthenticationException
        Description copied from interface: AuthenticationClient
        Validates a recovery token that was distributed to the end user to continue the recovery transaction.
        Specified by:
        verifyRecoveryToken in interface AuthenticationClient
        Parameters:
        recoveryToken - Recovery token that was distributed to the end user via out-of-band mechanism such as email
        requestContext - additional request headers and query parameters used for this request
        stateHandler - State handler that handles the resulting status change corresponding to the Okta authentication state machine
        Returns:
        An authentication response
        Throws:
        AuthenticationException - any other authentication related error