Package com.okta.idx.sdk.api.client

Class IDXAuthenticationWrapper

  • public class IDXAuthenticationWrapper
extends java.lang.Object
    Wrapper to enable a client to interact with the backend IDX APIs.

    • Constructor Detail

      • IDXAuthenticationWrapper

        public IDXAuthenticationWrapper​(java.lang.String issuer,
                                java.lang.String clientId,
                                java.lang.String clientSecret,
                                java.util.Set<java.lang.String> scopes,
                                java.lang.String redirectUri)
        Creates IDXAuthenticationWrapper instance.
        Parameters:
        issuer - the issuer url
        clientId - the client id
        clientSecret - the client secret
        scopes - the set of scopes
        redirectUri - the redirect uri

      • IDXAuthenticationWrapper

        public IDXAuthenticationWrapper​(java.lang.String issuer,
                                java.lang.String clientId,
                                java.lang.String clientSecret,
                                java.util.Set<java.lang.String> scopes,
                                java.lang.String redirectUri,
                                DeviceContext deviceContext)
        Creates IDXAuthenticationWrapper instance.
        Parameters:
        issuer - the issuer url
        clientId - the client id
        clientSecret - the client secret
        scopes - the set of scopes
        redirectUri - the redirect uri
        deviceContext - the device context information

    • Method Detail

      • authenticate

        public AuthenticationResponse authenticate​(AuthenticationOptions authenticationOptions,
                                           ProceedContext proceedContext)
        Authenticate user with the supplied Authentication options (username and password) and returns the Authentication response object that contains: - IDX Client context - Token (access_token/id_token/refresh_token) object - Authentication status

        Note: This requires 'Password' as the ONLY required factor in app Sign-on policy configuration.

        Parameters:
        authenticationOptions - the Authenticator options
        proceedContext - the proceed context for the transaction
        Returns:
        the Authentication response

      • recoverPassword

        public AuthenticationResponse recoverPassword​(java.lang.String username,
                                              ProceedContext proceedContext)
        Recover Password with the supplied username.
        Parameters:
        username - the username
        proceedContext - the proceed context
        Returns:
        the Authentication response

      • register

        public AuthenticationResponse register​(ProceedContext proceedContext,
                                       UserProfile userProfile)
        Register new user with the supplied user profile reference.
        Parameters:
        proceedContext - the ProceedContext
        userProfile - the user profile
        Returns:
        the Authentication response

      • selectAuthenticator

        public AuthenticationResponse selectAuthenticator​(ProceedContext proceedContext,
                                                  Authenticator authenticator)
        Select authenticator of the supplied type.
        Parameters:
        proceedContext - the ProceedContext
        authenticator - the authenticator
        Returns:
        the Authentication response

      • enrollAuthenticator

        public AuthenticationResponse enrollAuthenticator​(ProceedContext proceedContext,
                                                  Authenticator.Factor factor)
        Enroll authenticator of the supplied type.
        Parameters:
        proceedContext - the ProceedContext
        factor - the factor
        Returns:
        the Authentication response

      • verifyAuthenticator

        public AuthenticationResponse verifyAuthenticator​(ProceedContext proceedContext,
                                                  VerifyAuthenticatorOptions verifyAuthenticatorOptions)
        Verify Authenticator with the supplied authenticator options.
        Parameters:
        proceedContext - the ProceedContext
        verifyAuthenticatorOptions - the verify Authenticator options
        Returns:
        the Authentication response

      • verifyAuthenticator

        public AuthenticationResponse verifyAuthenticator​(ProceedContext proceedContext,
                                                  VerifyAuthenticatorAnswer verifyAuthenticatorAnswer)
        Verify Authenticator with the supplied authenticator options.
        Parameters:
        proceedContext - the ProceedContext
        verifyAuthenticatorAnswer - the verify Authenticator answer
        Returns:
        the Authentication response

      • verifyWebAuthn

        public AuthenticationResponse verifyWebAuthn​(ProceedContext proceedContext,
                                             WebAuthnRequest webauthnRequest)
        Verify Webauthn Authenticator.
        Parameters:
        proceedContext - the ProceedContext
        webauthnRequest - object
        Returns:
        the Authentication response

      • submitPhoneAuthenticator

        public AuthenticationResponse submitPhoneAuthenticator​(ProceedContext proceedContext,
                                                       java.lang.String phone,
                                                       Authenticator.Factor factor)
        Submit phone authenticator enrollment with the provided phone number.
        Parameters:
        proceedContext - the ProceedContext
        phone - the phone number
        factor - factor
        Returns:
        the Authentication response

      • skipAuthenticatorEnrollment

        public AuthenticationResponse skipAuthenticatorEnrollment​(ProceedContext proceedContext)
        Skip optional authenticator enrollment.
        Parameters:
        proceedContext - the ProceedContext
        Returns:
        the Authentication response

      • resend

        public AuthenticationResponse resend​(ProceedContext proceedContext)
        Resend code.
        Parameters:
        proceedContext - the ProceedContext
        Returns:
        the Authentication response

      • cancel

        public AuthenticationResponse cancel​(ProceedContext proceedContext)
        Cancel transaction.
        Parameters:
        proceedContext - the ProceedContext
        Returns:
        the Authentication response

      • getClientContext

        public IDXClientContext getClientContext()
                                  throws ProcessingException
        Get IDX client context by calling interact endpoint. ClientContext reference contains the interaction handle and PKCE params.

        This function can be used by the client applications to get a handle of IDXClientContext which can be used to reenter/resume the flow.

        Returns:
        the idx client context
        Throws:
        ProcessingException - if the backend interact API call fails

      • revokeToken

        public void revokeToken​(TokenType tokenType,
                        java.lang.String token)
        Revoke the oauth2 token.
        Parameters:
        tokenType - the token type (access|refresh)
        token - the token

      • introspect

        public AuthenticationResponse introspect​(IDXClientContext clientContext)
        Introspect to get the current state of the authentication. This is useful when doing social auth, and not getting back an interaction_code.
        Parameters:
        clientContext - the client context
        Returns:
        a AuthenticationResponse with a status representing the current location in the authentication flow.

      • fetchSignUpFormValues

        public AuthenticationResponse fetchSignUpFormValues​(ProceedContext proceedContext)
        Populate UI form values for signing up a new user.
        Parameters:
        proceedContext - the proceedContext
        Returns:
        the authentication response

      • verifyEmailToken

        public com.okta.commons.http.Response verifyEmailToken​(java.lang.String token)
                                                throws ProcessingException
        Helper to verify the token query parameter contained in the link of user verification email.
        Parameters:
        token - the token string.
        Returns:
        response object.
        Throws:
        ProcessingException - when there is an error

      • getPollInfo

        public PollInfo getPollInfo​(AuthenticationResponse authenticationResponse)
        Helper to get polling information from authentication response.
        Parameters:
        authenticationResponse - the authentication response
        Returns:
        polling info wrapper object.

      • isSkipAuthenticatorPresent

        public boolean isSkipAuthenticatorPresent​(ProceedContext proceedContext)
        Helper to check if we have optional authenticators to skip in current remediation step.
        Parameters:
        proceedContext - the ProceedContext
        Returns:
        true if we have optional authenticators to skip; false otherwise.

      • beginPasswordRecovery

        public AuthenticationResponse beginPasswordRecovery​(java.lang.String token)
        Begin password recovery flow with a recovery token

      • beginUserActivation

        public AuthenticationResponse beginUserActivation​(java.lang.String token)
        Begin password recovery flow with an activation token

      • fetchTokenWithInteractionCode

        public AuthenticationResponse fetchTokenWithInteractionCode​(ProceedContext proceedContext,
                                                            java.lang.String interactionCode)
        Exchange interaction code for token

      • fetchTokenWithInteractionCode

        @Deprecated
public AuthenticationResponse fetchTokenWithInteractionCode​(java.lang.String issuer,
                                                            ProceedContext proceedContext,
                                                            java.lang.String interactionCode)
        Deprecated.
        the issuer param is automatically resolved.
        Exchange interaction code for token.