-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathintegrationsteps java
103 lines (77 loc) · 4.62 KB
/
integrationsteps java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
### Your app displays the sign-in page
When the user launches the app, it will display the sign-in page.
Build a sign-in page that captures their username and password.
<div class="half wireframe-border">
<!--
Source image: https://www.figma.com/file/YH5Zhzp66kGCglrXQUag2E/%F0%9F%93%8A-Updated-Diagrams-for-Dev-Docs?node-id=3398%3A36678&t=wzNwSZkdctajVush-1 sign-in-form-username-password
-->
</div>
Call `IDXAuthenticationWrapper.begin()` and get a new [`ProceedContext`](https://github.com/okta/okta-idx-java/blob/master/api/src/main/java/com/okta/idx/sdk/api/client/ProceedContext.java) object to begin the authentication process.
```java
AuthenticationResponse beginResponse = idxAuthenticationWrapper.begin();
ProceedContext proceedContext = beginResponse.getProceedContext();
```
### The user submits their username and password
Create an `AuthenticationOptions` object and assign its `Username` and `Password` properties to the values entered by the user to capture their login credentials. Pass this object as a parameter to `IDXAuthenticationWrapper.authenticate()`.
```java
AuthenticationResponse authenticationResponse =
idxAuthenticationWrapper.authenticate(
new AuthenticationOptions(username, password),
beginResponse.getProceedContext()
);
```
### Your app processes the authentication response
`IDXAuthenticationWrapper.authenticate()` returns an [`AuthenticationResponse`](https://github.com/okta/okta-idx-java/blob/master/api/src/main/java/com/okta/idx/sdk/api/response/AuthenticationResponse.java) object with an [`AuthenticationStatus`](https://github.com/okta/okta-idx-java/blob/master/api/src/main/java/com/okta/idx/sdk/api/model/AuthenticationStatus.java) property indicating the status of the sign-in flow. Handle the returned `AuthenticationStatus` value accordingly:
#### Processing successful login
After the user supplies their correct password, the Java SDK will return an `AuthenticationResponse` object with `AuthenticationStatus=SUCCESS`. Use the `AuthenticationResponse.getTokenResponse()` method to retrieve the required tokens (access, refresh, ID) for authenticated user activity.
```java
public ModelAndView handleTerminalTransitions(AuthenticationResponse response, HttpSession session) {
Util.updateSession(session, response.getProceedContext());
if (response.getTokenResponse() != null) {
return homeHelper.proceedToHome(response.getTokenResponse(), session);
}
if (response.getAuthenticators() == null && response.getErrors().size() > 0) {
ModelAndView modelAndView = new ModelAndView("error");
modelAndView.addObject("errors", response.getErrors());
return modelAndView;
}
if (response.getAuthenticationStatus() == SKIP_COMPLETE) {
ModelAndView modelAndView = homeHelper.proceedToHome(response.getTokenResponse(), session);
modelAndView.addObject("info", response.getErrors());
return modelAndView;
}
return null;
}
```
#### Handling other authentication statuses
The app must handle other returned [AuthenticationStatus](https://github.com/okta/okta-idx-java/blob/master/api/src/main/java/com/okta/idx/sdk/api/model/AuthenticationStatus.java) values in cases where the sign-in flow is unsuccessful or if additional validation is required.
Below is an example:
```java
...
switch (response.getAuthenticationStatus()) {
case AWAITING_PASSWORD_RESET:
return registerPasswordForm("Reset Password");
case PASSWORD_EXPIRED:
return registerPasswordForm("Password Expired");
case AWAITING_AUTHENTICATOR_SELECTION:
case AWAITING_AUTHENTICATOR_VERIFICATION_DATA:
return selectAuthenticatorForm(response, "Select Authenticator", session);
case AWAITING_AUTHENTICATOR_VERIFICATION:
return verifyForm();
case AWAITING_AUTHENTICATOR_ENROLLMENT_SELECTION:
return selectAuthenticatorForm(response, "Enroll Authenticator", session);
default:
return unsupportedPolicy();
}
...
```
#### Failed authentication
There's no explicit failed status from `AuthenticationStatus`. Check the response handler for an error in `AuthenticationResponse` for failed authentication, and handle the flow accordingly. For example:
```java
if (responseHandler.needsToShowErrors(authenticationResponse)) {
ModelAndView modelAndView = new ModelAndView("redirect:/login");
modelAndView.addObject("errors", authenticationResponse.getErrors());
return modelAndView;
}
```