diff --git a/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticator.java b/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticator.java index a60eed44..947bf6de 100644 --- a/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticator.java +++ b/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticator.java @@ -47,8 +47,10 @@ private enum CODE_STATUS { public void authenticate(AuthenticationFlowContext context) { - logger.debug("authenticate called ... context = " + context); + logger.debug("KeycloakSmsAuthenticator@authenticate called ... context = " + context); + UserModel user = context.getUser(); + logger.debug("KeycloakSmsAuthenticator@authenticate - User = " + user.getUsername()); List mobileNumberCreds = user.getAttribute(KeycloakSmsAuthenticatorConstants.ATTR_MOBILE); @@ -60,9 +62,10 @@ public void authenticate(AuthenticationFlowContext context) { } if (mobileNumber != null) { + logger.debug("KeycloakSmsAuthenticator@authenticate - Sending SMS - " + mobileNumber); sendSMS(context, mobileNumber); } else if (!TextUtils.isEmpty(userEmail)) { - logger.debug("Trying to send email to - " + userEmail); + logger.debug("KeycloakSmsAuthenticator@authenticate - Sending Email - " + userEmail); sendEmail(context); } else { // The mobile number is NOT configured --> complain @@ -78,6 +81,7 @@ private void sendSMS(AuthenticationFlowContext context, String mobileNumber) { long nrOfDigits = KeycloakSmsAuthenticatorUtil.getConfigLong(context.getAuthenticatorConfig(), KeycloakSmsAuthenticatorConstants.CONF_PRP_SMS_CODE_LENGTH, 8L); logger.debug("Using nrOfDigits " + nrOfDigits); + logger.debug("KeycloakSmsAuthenticator@sendSMS"); long ttl = KeycloakSmsAuthenticatorUtil.getConfigLong(context.getAuthenticatorConfig(), KeycloakSmsAuthenticatorConstants.CONF_PRP_SMS_CODE_TTL, 10 * 60L); // 10 minutes in s @@ -98,7 +102,7 @@ private void sendSMS(AuthenticationFlowContext context, String mobileNumber) { } private void sendEmail(AuthenticationFlowContext context) { - logger.debug("sendEmail : entering"); + logger.debug("KeycloakSmsAuthenticator@sendEmail"); UserModel user = context.getUser(); AuthenticationSessionModel authenticationSession = context.getAuthenticationSession(); @@ -172,10 +176,12 @@ private void sendEmail(AuthenticationFlowContext context) { public void action(AuthenticationFlowContext context) { logger.debug("action called ... context = " + context); + logger.debug("KeycloakSmsAuthenticator@action called ... for User = " + context.getUser().getUsername()); CODE_STATUS status = validateCode(context); Response challenge = null; switch (status) { case EXPIRED: + logger.debug("KeycloakSmsAuthenticator@action - EXPIRED"); challenge = context.form() .setError("code is expired") .createForm("sms-validation.ftl"); @@ -183,11 +189,17 @@ public void action(AuthenticationFlowContext context) { break; case INVALID: + logger.debug("KeycloakSmsAuthenticator@action - INVALID"); + if (context.getExecution().getRequirement() == AuthenticationExecutionModel.Requirement.OPTIONAL || context.getExecution().getRequirement() == AuthenticationExecutionModel.Requirement.ALTERNATIVE) { + logger.debug("KeycloakSmsAuthenticator@action - OPTIONAL || ALTERNATIVE"); + logger.debug("Calling context.attempted()"); context.attempted(); } else if (context.getExecution().getRequirement() == AuthenticationExecutionModel.Requirement.REQUIRED) { + logger.debug("KeycloakSmsAuthenticator@action - INVALID_CREDENTIALS"); + challenge = context.form() .setError("Invalid code specified, please enter it again") .createForm("sms-validation.ftl"); @@ -195,6 +207,14 @@ public void action(AuthenticationFlowContext context) { } else { // Something strange happened logger.warn("Undefined execution ..."); + logger.debug("KeycloakSmsAuthenticator@action - SOMETHING STRANGE HAPPENED!"); + logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getRequirement()); + logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getAuthenticator()); + logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getAuthenticatorConfig()); + logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getFlowId()); + logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getId()); + logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getParentFlow()); + logger.debug("KeycloakSmsAuthenticator@action - " + context.getExecution().getPriority()); } break; @@ -208,6 +228,8 @@ public void action(AuthenticationFlowContext context) { // Store the code + expiration time in a UserCredential. Keycloak will persist these in the DB. // When the code is validated on another node (in a clustered environment) the other nodes have access to it's values too. private void storeSMSCode(AuthenticationFlowContext context, String code, Long expiringAt) { + logger.debug("KeycloakSmsAuthenticator@storeSMSCode" + "User name = " + context.getUser().getUsername()); + UserCredentialModel credentials = new UserCredentialModel(); credentials.setType(KeycloakSmsAuthenticatorConstants.USR_CRED_MDL_SMS_CODE); credentials.setValue(code); @@ -221,6 +243,7 @@ private void storeSMSCode(AuthenticationFlowContext context, String code, Long e protected CODE_STATUS validateCode(AuthenticationFlowContext context) { + logger.debug("KeycloakSmsAuthenticator@validateCode"); CODE_STATUS result = CODE_STATUS.INVALID; logger.debug("validateCode called ... "); @@ -234,12 +257,15 @@ protected CODE_STATUS validateCode(AuthenticationFlowContext context) { CredentialModel expectedCode = (CredentialModel) codeCreds.get(0); /*CredentialModel expTimeString = (CredentialModel) timeCreds.get(0);*/ - logger.debug("Expected code = " + expectedCode + " entered code = " + enteredCode); + logger.debug("KeycloakSmsAuthenticator@validateCode " + "User name = " + context.getUser().getUsername()); + logger.debug("KeycloakSmsAuthenticator@validateCode " + "Expected code = " + expectedCode.getValue() + " entered code = " + enteredCode); if (expectedCode != null) { result = enteredCode.equals(expectedCode.getValue()) ? CODE_STATUS.VALID : CODE_STATUS.INVALID; } logger.debug("result : " + result); + + logger.debug("KeycloakSmsAuthenticator@validateCode- Result -" + result); return result; } @@ -249,12 +275,12 @@ public boolean requiresUser() { } public boolean configuredFor(KeycloakSession session, RealmModel realm, UserModel user) { - logger.debug("configuredFor called ... session=" + session + ", realm=" + realm + ", user=" + user); + logger.debug("KeycloakSmsAuthenticator@validateCode configuredFor called ... session=" + session + ", realm=" + realm + ", user=" + user); return true; } public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user) { - logger.debug("setRequiredActions called ... session=" + session + ", realm=" + realm + ", user=" + user); + logger.debug("KeycloakSmsAuthenticator@validateCode - setRequiredActions called ... session=" + session + ", realm=" + realm + ", user=" + user); } public void close() { diff --git a/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticatorCredentialProvider.java b/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticatorCredentialProvider.java index 558dcd88..a0a15ec7 100644 --- a/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticatorCredentialProvider.java +++ b/keycloak/sms-provider/src/main/java/org/sunbird/keycloak/KeycloakSmsAuthenticatorCredentialProvider.java @@ -1,5 +1,6 @@ package org.sunbird.keycloak; +import org.jboss.logging.Logger; import org.keycloak.common.util.Time; import org.keycloak.credential.*; import org.keycloak.models.KeycloakSession; @@ -18,6 +19,8 @@ * Created by nickpack on 09/08/2017. */ public class KeycloakSmsAuthenticatorCredentialProvider implements CredentialProvider, CredentialInputValidator, CredentialInputUpdater, OnUserCache { + private static Logger logger = Logger.getLogger(KeycloakSmsAuthenticatorCredentialProvider.class); + private static final String CACHE_KEY = KeycloakSmsAuthenticatorCredentialProvider.class.getName() + "." + KeycloakSmsAuthenticatorConstants.USR_CRED_MDL_SMS_CODE; private final KeycloakSession session; @@ -42,6 +45,8 @@ private CredentialModel getSecret(RealmModel realm, UserModel user) { @Override public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) { + logger.debug("KeycloakSmsAuthenticatorCredentialProvider@action called ... for User = " + user.getUsername()); + if (!KeycloakSmsAuthenticatorConstants.USR_CRED_MDL_SMS_CODE.equals(input.getType())) return false; if (!(input instanceof UserCredentialModel)) return false; UserCredentialModel credInput = (UserCredentialModel) input; @@ -52,9 +57,12 @@ public boolean updateCredential(RealmModel realm, UserModel user, CredentialInpu secret.setValue(credInput.getValue()); secret.setCreatedDate(Time.currentTimeMillis()); session.userCredentialManager().createCredential(realm, user, secret); + logger.debug("KeycloakSmsAuthenticatorCredentialProvider@action New Credentials added for User = " + user.getUsername()); + } else { creds.get(0).setValue(credInput.getValue()); session.userCredentialManager().updateCredential(realm, user, creds.get(0)); + logger.debug("KeycloakSmsAuthenticatorCredentialProvider@action Credentials updated for User = " + user.getUsername()); } session.userCache().evict(realm, user); return true;