Skip to content

Commit

Permalink
Issue #9 chores: Added more logs to check the issue
Browse files Browse the repository at this point in the history
  • Loading branch information
@shriharshs
shriharshs committed Nov 10, 2017
1 parent 9a5584e commit bfe2d32
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 6 deletions.
38 changes: 32 additions & 6 deletions keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,10 @@ private enum CODE_STATUS {


public void authenticate(AuthenticationFlowContext context) {
logger.debug("authenticate called ... context = " + context);
logger.debug("KeycloakSmsAuthenticator@authenticate called ... context = " + context);

UserModel user = context.getUser();
logger.debug("KeycloakSmsAuthenticator@authenticate - User = " + user.getUsername());

List<String> mobileNumberCreds = user.getAttribute(KeycloakSmsAuthenticatorConstants.ATTR_MOBILE);

Expand All @@ -60,9 +62,10 @@ public void authenticate(AuthenticationFlowContext context) {
}

if (mobileNumber != null) {
logger.debug("KeycloakSmsAuthenticator@authenticate - Sending SMS - " + mobileNumber);
sendSMS(context, mobileNumber);
} else if (!TextUtils.isEmpty(userEmail)) {
logger.debug("Trying to send email to - " + userEmail);
logger.debug("KeycloakSmsAuthenticator@authenticate - Sending Email - " + userEmail);
sendEmail(context);
} else {
// The mobile number is NOT configured --> complain
Expand All @@ -78,6 +81,7 @@ private void sendSMS(AuthenticationFlowContext context, String mobileNumber) {
long nrOfDigits = KeycloakSmsAuthenticatorUtil.getConfigLong(context.getAuthenticatorConfig(), KeycloakSmsAuthenticatorConstants.CONF_PRP_SMS_CODE_LENGTH, 8L);
logger.debug("Using nrOfDigits " + nrOfDigits);

logger.debug("KeycloakSmsAuthenticator@sendSMS");

long ttl = KeycloakSmsAuthenticatorUtil.getConfigLong(context.getAuthenticatorConfig(), KeycloakSmsAuthenticatorConstants.CONF_PRP_SMS_CODE_TTL, 10 * 60L); // 10 minutes in s

Expand All @@ -98,7 +102,7 @@ private void sendSMS(AuthenticationFlowContext context, String mobileNumber) {
}

private void sendEmail(AuthenticationFlowContext context) {
logger.debug("sendEmail : entering");
logger.debug("KeycloakSmsAuthenticator@sendEmail");

UserModel user = context.getUser();
AuthenticationSessionModel authenticationSession = context.getAuthenticationSession();
Expand Down Expand Up @@ -172,29 +176,45 @@ private void sendEmail(AuthenticationFlowContext context) {

public void action(AuthenticationFlowContext context) {
logger.debug("action called ... context = " + context);
logger.debug("KeycloakSmsAuthenticator@action called ... for User = " + context.getUser().getUsername());
CODE_STATUS status = validateCode(context);
Response challenge = null;
switch (status) {
case EXPIRED:
logger.debug("KeycloakSmsAuthenticator@action - EXPIRED");
challenge = context.form()
.setError("code is expired")
.createForm("sms-validation.ftl");
context.failureChallenge(AuthenticationFlowError.EXPIRED_CODE, challenge);
break;

case INVALID:
logger.debug("KeycloakSmsAuthenticator@action - INVALID");

if (context.getExecution().getRequirement() == AuthenticationExecutionModel.Requirement.OPTIONAL ||
context.getExecution().getRequirement() == AuthenticationExecutionModel.Requirement.ALTERNATIVE) {
logger.debug("KeycloakSmsAuthenticator@action - OPTIONAL || ALTERNATIVE");

logger.debug("Calling context.attempted()");
context.attempted();
} else if (context.getExecution().getRequirement() == AuthenticationExecutionModel.Requirement.REQUIRED) {
logger.debug("KeycloakSmsAuthenticator@action - INVALID_CREDENTIALS");

challenge = context.form()
.setError("Invalid code specified, please enter it again")
.createForm("sms-validation.ftl");
context.failureChallenge(AuthenticationFlowError.INVALID_CREDENTIALS, challenge);
} else {
// Something strange happened
logger.warn("Undefined execution ...");
logger.debug("KeycloakSmsAuthenticator@action - SOMETHING STRANGE HAPPENED!");
logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getRequirement());
logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getAuthenticator());
logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getAuthenticatorConfig());
logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getFlowId());
logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getId());
logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getParentFlow());
logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getPriority());
}
break;

Expand All @@ -208,6 +228,8 @@ public void action(AuthenticationFlowContext context) {
// Store the code + expiration time in a UserCredential. Keycloak will persist these in the DB.
// When the code is validated on another node (in a clustered environment) the other nodes have access to it's values too.
private void storeSMSCode(AuthenticationFlowContext context, String code, Long expiringAt) {
logger.debug("KeycloakSmsAuthenticator@storeSMSCode" + "User name = " + context.getUser().getUsername());

UserCredentialModel credentials = new UserCredentialModel();
credentials.setType(KeycloakSmsAuthenticatorConstants.USR_CRED_MDL_SMS_CODE);
credentials.setValue(code);
Expand All @@ -221,6 +243,7 @@ private void storeSMSCode(AuthenticationFlowContext context, String code, Long e


protected CODE_STATUS validateCode(AuthenticationFlowContext context) {
logger.debug("KeycloakSmsAuthenticator@validateCode");
CODE_STATUS result = CODE_STATUS.INVALID;

logger.debug("validateCode called ... ");
Expand All @@ -234,12 +257,15 @@ protected CODE_STATUS validateCode(AuthenticationFlowContext context) {
CredentialModel expectedCode = (CredentialModel) codeCreds.get(0);
/*CredentialModel expTimeString = (CredentialModel) timeCreds.get(0);*/

logger.debug("Expected code = " + expectedCode + " entered code = " + enteredCode);
logger.debug("KeycloakSmsAuthenticator@validateCode " + "User name = " + context.getUser().getUsername());
logger.debug("KeycloakSmsAuthenticator@validateCode " + "Expected code = " + expectedCode.getValue() + " entered code = " + enteredCode);

if (expectedCode != null) {
result = enteredCode.equals(expectedCode.getValue()) ? CODE_STATUS.VALID : CODE_STATUS.INVALID;
}
logger.debug("result : " + result);

logger.debug("KeycloakSmsAuthenticator@validateCode- Result -" + result);
return result;
}

Expand All @@ -249,12 +275,12 @@ public boolean requiresUser() {
}

public boolean configuredFor(KeycloakSession session, RealmModel realm, UserModel user) {
logger.debug("configuredFor called ... session=" + session + ", realm=" + realm + ", user=" + user);
logger.debug("KeycloakSmsAuthenticator@validateCode configuredFor called ... session=" + session + ", realm=" + realm + ", user=" + user);
return true;
}

public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user) {
logger.debug("setRequiredActions called ... session=" + session + ", realm=" + realm + ", user=" + user);
logger.debug("KeycloakSmsAuthenticator@validateCode - setRequiredActions called ... session=" + session + ", realm=" + realm + ", user=" + user);
}

public void close() {
Expand Down
8 changes: 8 additions & 0 deletions ...ovider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticatorCredentialProvider.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package org.sunbird.keycloak;

import org.jboss.logging.Logger;
import org.keycloak.common.util.Time;
import org.keycloak.credential.*;
import org.keycloak.models.KeycloakSession;
Expand All @@ -18,6 +19,8 @@
* Created by nickpack on 09/08/2017.
*/
public class KeycloakSmsAuthenticatorCredentialProvider implements CredentialProvider, CredentialInputValidator, CredentialInputUpdater, OnUserCache {
private static Logger logger = Logger.getLogger(KeycloakSmsAuthenticatorCredentialProvider.class);

private static final String CACHE_KEY = KeycloakSmsAuthenticatorCredentialProvider.class.getName() + "." + KeycloakSmsAuthenticatorConstants.USR_CRED_MDL_SMS_CODE;

private final KeycloakSession session;
Expand All @@ -42,6 +45,8 @@ private CredentialModel getSecret(RealmModel realm, UserModel user) {

@Override
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
logger.debug("KeycloakSmsAuthenticatorCredentialProvider@action called ... for User = " + user.getUsername());

if (!KeycloakSmsAuthenticatorConstants.USR_CRED_MDL_SMS_CODE.equals(input.getType())) return false;
if (!(input instanceof UserCredentialModel)) return false;
UserCredentialModel credInput = (UserCredentialModel) input;
Expand All @@ -52,9 +57,12 @@ public boolean updateCredential(RealmModel realm, UserModel user, CredentialInpu
secret.setValue(credInput.getValue());
secret.setCreatedDate(Time.currentTimeMillis());
session.userCredentialManager().createCredential(realm, user, secret);
logger.debug("KeycloakSmsAuthenticatorCredentialProvider@action New Credentials added for User = " + user.getUsername());

} else {
creds.get(0).setValue(credInput.getValue());
session.userCredentialManager().updateCredential(realm, user, creds.get(0));
logger.debug("KeycloakSmsAuthenticatorCredentialProvider@action Credentials updated for User = " + user.getUsername());
}
session.userCache().evict(realm, user);
return true;
Expand Down

0 comments on commit bfe2d32

Please sign in to comment.