Package com.okta.idx.sdk.api.client

Class IDXAuthenticationWrapper

java.lang.Object
com.okta.idx.sdk.api.client.IDXAuthenticationWrapper
public class IDXAuthenticationWrapper extends Object
Wrapper to enable a client to interact with the backend IDX APIs.

  • Constructor Details

    • IDXAuthenticationWrapper

      public IDXAuthenticationWrapper()
      Creates IDXAuthenticationWrapper instance.

    • IDXAuthenticationWrapper

      public IDXAuthenticationWrapper(String issuer, String clientId, String clientSecret, Set<String> scopes, String redirectUri)
      Creates IDXAuthenticationWrapper instance.
      Parameters:
      issuer - the issuer url
      clientId - the client id
      clientSecret - the client secret
      scopes - the set of scopes
      redirectUri - the redirect uri

  • Method Details

    • authenticate

      public AuthenticationResponse authenticate(AuthenticationOptions authenticationOptions, ProceedContext proceedContext)
      Authenticate user with the supplied Authentication options (username and password) and returns the Authentication response object that contains: - IDX Client context - Token (access_token/id_token/refresh_token) object - Authentication status

      Note: This requires 'Password' as the ONLY required factor in app Sign-on policy configuration.

      Parameters:
      authenticationOptions - the Authenticator options
      proceedContext - the proceed context for the transaction
      Returns:
      the Authentication response

    • recoverPassword

      public AuthenticationResponse recoverPassword(String username, ProceedContext proceedContext)
      Recover Password with the supplied username.
      Parameters:
      username - the username
      proceedContext - the proceed context
      Returns:
      the Authentication response

    • register

      public AuthenticationResponse register(ProceedContext proceedContext, UserProfile userProfile, Credentials credentials)
      Register new user with the supplied user profile reference.
      Parameters:
      proceedContext - the ProceedContext
      userProfile - the user profile
      credentials - the password (optional)
      Returns:
      the Authentication response

    • selectAuthenticator

      public AuthenticationResponse selectAuthenticator(ProceedContext proceedContext, Authenticator authenticator)
      Select authenticator of the supplied type.
      Parameters:
      proceedContext - the ProceedContext
      authenticator - the authenticator
      Returns:
      the Authentication response

    • selectFactor

      public AuthenticationResponse selectFactor(ProceedContext proceedContext, Authenticator.Factor factor)
      Select authenticator of the supplied type.
      Parameters:
      proceedContext - the ProceedContext
      factor - the factor
      Returns:
      the Authentication response

    • enrollAuthenticator

      public AuthenticationResponse enrollAuthenticator(ProceedContext proceedContext, String authenticatorId)

    • verifyAuthenticator

      public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyAuthenticatorOptions verifyAuthenticatorOptions)
      Verify Authenticator with the supplied authenticator options.
      Parameters:
      proceedContext - the ProceedContext
      verifyAuthenticatorOptions - verify authenticator options
      Returns:
      the Authentication response

    • verifyAuthenticator

      public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyAuthenticatorAnswer verifyAuthenticatorAnswer)
      Verify Authenticator with the supplied authenticator options.
      Parameters:
      proceedContext - the ProceedContext
      verifyAuthenticatorAnswer - the verify Authenticator answer
      Returns:
      the Authentication response

    • verifyAuthenticator

      public AuthenticationResponse verifyAuthenticator(ProceedContext proceedContext, VerifyChannelDataOptions verifyChannelDataOptions)

    • verifyWebAuthn

      public AuthenticationResponse verifyWebAuthn(ProceedContext proceedContext, WebAuthnRequest webauthnRequest)
      Verify Webauthn Authenticator.
      Parameters:
      proceedContext - the ProceedContext
      webauthnRequest - object
      Returns:
      the Authentication response

    • submitPhoneAuthenticator

      public AuthenticationResponse submitPhoneAuthenticator(ProceedContext proceedContext, String phone, Authenticator.Factor factor)
      Submit phone authenticator enrollment with the provided phone number.
      Parameters:
      proceedContext - the ProceedContext
      phone - the phone number
      factor - factor
      Returns:
      the Authentication response

    • skipAuthenticatorEnrollment

      public AuthenticationResponse skipAuthenticatorEnrollment(ProceedContext proceedContext)
      Skip optional authenticator enrollment.
      Parameters:
      proceedContext - the ProceedContext
      Returns:
      the Authentication response

    • resend

      public AuthenticationResponse resend(ProceedContext proceedContext)
      Resend code.
      Parameters:
      proceedContext - the ProceedContext
      Returns:
      the Authentication response

    • cancel

      public AuthenticationResponse cancel(ProceedContext proceedContext)
      Cancel transaction.
      Parameters:
      proceedContext - the ProceedContext
      Returns:
      the Authentication response

    • poll

      public AuthenticationResponse poll(ProceedContext proceedContext)
      Handle Polling.
      Parameters:
      proceedContext - the ProceedContext
      Returns:
      the Authentication response

    • getClientContext

      public IDXClientContext getClientContext() throws ProcessingException
      Get IDX client context by calling interact endpoint. ClientContext reference contains the interaction handle and PKCE params.

      This function can be used by the client applications to get a handle of IDXClientContext which can be used to reenter/resume the flow.

      Returns:
      the idx client context
      Throws:
      ProcessingException - if the backend interact API call fails

    • revokeToken

      public void revokeToken(TokenType tokenType, String token)
      Revoke the oauth2 token.
      Parameters:
      tokenType - the token type (access|refresh)
      token - the token

    • introspect

      public AuthenticationResponse introspect(IDXClientContext clientContext)
      Introspect to get the current state of the authentication. This is useful when doing social auth, and not getting back an interaction_code.
      Parameters:
      clientContext - the client context
      Returns:
      a AuthenticationResponse with a status representing the current location in the authentication flow.

    • fetchSignUpFormValues

      public AuthenticationResponse fetchSignUpFormValues(ProceedContext proceedContext)
      Populate UI form values for signing up a new user.
      Parameters:
      proceedContext - the proceedContext
      Returns:
      the authentication response

    • verifyEmailToken

      public com.okta.commons.http.Response verifyEmailToken(String token) throws ProcessingException
      Helper to verify the token query parameter contained in the link of user verification email.
      Parameters:
      token - the token string.
      Returns:
      response object.
      Throws:
      ProcessingException - when there is an error

    • getPollInfo

      public PollInfo getPollInfo(AuthenticationResponse authenticationResponse)
      Helper to get polling information from authentication response.
      Parameters:
      authenticationResponse - the authentication response
      Returns:
      polling info wrapper object.

    • isSkipAuthenticatorPresent

      public boolean isSkipAuthenticatorPresent(ProceedContext proceedContext)
      Helper to check if we have optional authenticators to skip in current remediation step.
      Parameters:
      proceedContext - the ProceedContext
      Returns:
      true if we have optional authenticators to skip; false otherwise.

    • begin

      public AuthenticationResponse begin()
      Begin flow without any recovery or activation token or request context.
      Returns:
      authentication response

    • begin

      public AuthenticationResponse begin(RequestContext requestContext)
      Begin flow with RequestContext reference.
      Parameters:
      requestContext - the RequestContext
      Returns:
      authentication response

    • beginPasswordRecovery

      public AuthenticationResponse beginPasswordRecovery(String token, RequestContext requestContext)
      Begin password recovery flow with a recovery token.
      Parameters:
      token - recovery token
      requestContext - request context (optional)
      Returns:
      authentication response

    • beginUserActivation

      public AuthenticationResponse beginUserActivation(String token, RequestContext requestContext)
      Begin password recovery flow with an activation token.
      Parameters:
      token - activation token
      requestContext - request context (optional)
      Returns:
      authentication response

    • fetchTokenWithInteractionCode

      public AuthenticationResponse fetchTokenWithInteractionCode(ProceedContext proceedContext, String interactionCode)
      Exchange interaction code for token.
      Parameters:
      proceedContext - proceed context
      interactionCode - interaction code
      Returns:
      authentication response