def authenticate(self, configurationAttributes, requestParameters, step):
        userService = CdiUtil.bean(UserService)
        authenticationService = CdiUtil.bean(AuthenticationService)

        identity = CdiUtil.bean(Identity)
        session_attributes = identity.getSessionId().getSessionAttributes()

        form_passcode = ServerUtil.getFirstValue(requestParameters, "passcode")
        form_name = ServerUtil.getFirstValue(requestParameters,
                                             "TwilioSmsloginForm")

        print "TwilioSMS. form_response_passcode: %s" % str(form_passcode)

        if step == 1:
            print "TwilioSMS. Step 1 Password Authentication"
            identity = CdiUtil.bean(Identity)
            credentials = identity.getCredentials()

            user_name = credentials.getUsername()
            user_password = credentials.getPassword()

            logged_in = False
            if StringHelper.isNotEmptyString(
                    user_name) and StringHelper.isNotEmptyString(
                        user_password):
                logged_in = authenticationService.authenticate(
                    user_name, user_password)

            if not logged_in:
                return False

            # Get the Person's number and generate a code
            foundUser = None
            try:
                foundUser = userService.getUserByAttribute("uid", user_name)
            except:
                print 'TwilioSMS, Error retrieving user %s from LDAP' % (
                    user_name)
                return False

            try:
                mobile_number = foundUser.getAttribute("phoneNumberVerified")
            except:
                print 'TwilioSMS, Error finding mobile number for' % (
                    user_name)
                return False

            # Generate Random six digit code and store it in array
            code = random.randint(100000, 999999)

            # Get code and save it in LDAP temporarily with special session entry
            identity.setWorkingParameter("code", code)

            # Store user phone number in authentication session
            identity.setWorkingParameter("mobile_number", mobile_number)

            client = TwilioRestClient(self.ACCOUNT_SID, self.AUTH_TOKEN)
            bodyParam = BasicNameValuePair("Body", str(code))
            toParam = BasicNameValuePair("To", mobile_number)
            fromParam = BasicNameValuePair("From", self.FROM_NUMBER)

            params = ArrayList()
            params.add(bodyParam)
            params.add(toParam)
            params.add(fromParam)

            try:
                messageFactory = client.getAccount().getMessageFactory()
                message = messageFactory.create(params)

                print 'TwilioSMs, Message Sid: %s' % (message.getSid())
                return True
            except Exception, ex:
                print "TwilioSMS. Error sending message to Twilio"
                print "TwilioSMS. Unexpected error:", ex

            return False
Beispiel #2
0
    def authenticate(self, configurationAttributes, requestParameters, step):
        context = Contexts.getEventContext()
        userService = UserService.instance()
        session_attributes = context.get("sessionAttributes")

        form_passcode = ServerUtil.getFirstValue(requestParameters, "passcode")
        form_name = ServerUtil.getFirstValue(requestParameters,
                                             "TwilioSmsloginForm")

        print "TwilioSMS. form_response_passcode: %s" % str(form_passcode)

        if step == 1:
            print "TwilioSMS. Step 1 Password Authentication"
            credentials = Identity.instance().getCredentials()
            user_name = credentials.getUsername()
            user_password = credentials.getPassword()

            logged_in = False
            if StringHelper.isNotEmptyString(
                    user_name) and StringHelper.isNotEmptyString(
                        user_password):
                logged_in = userService.authenticate(user_name, user_password)

            if not logged_in:
                return False

            # Get the Person's number and generate a code
            foundUser = None
            try:
                foundUser = userService.getUserByAttribute("uid", user_name)
            except:
                print 'TwilioSMS, Error retrieving user %s from LDAP' % (
                    user_name)
                return False

            try:
                mobile_number = foundUser.getAttribute("phoneNumberVerified")
            except:
                print 'TwilioSMS, Error finding mobile number for' % (
                    user_name)
                return False

            # Generate Random six digit code and store it in array
            code = random.randint(100000, 999999)

            # Get code and save it in LDAP temporarily with special session entry
            context.set("code", code)

            client = TwilioRestClient(self.ACCOUNT_SID, self.AUTH_TOKEN)
            bodyParam = BasicNameValuePair("Body", str(code))
            toParam = BasicNameValuePair("To", mobile_number)
            fromParam = BasicNameValuePair("From", self.FROM_NUMBER)

            params = ArrayList()
            params.add(bodyParam)
            params.add(toParam)
            params.add(fromParam)

            try:
                messageFactory = client.getAccount().getMessageFactory()
                message = messageFactory.create(params)

                print 'TwilioSMs, Message Sid: %s' % (message.getSid())
                return True
            except:
                print "TwilioSMS. Error sending message to Twilio"

            return False
        elif step == 2:
            # Retrieve the session attribute
            print "TwilioSMS. Step 2 SMS/OTP Authentication"
            code = session_attributes.get("code")
            print "TwilioSMS. Code: %s" % str(code)

            if code is None:
                print "TwilioSMS. Failed to find previously sent code"
                return False

            if form_passcode is None:
                print "TwilioSMS. Passcode is empty"
                return False

            if len(form_passcode) != 6:
                print "TwilioSMS. Passcode from response is not 6 digits: %s" % form_passcode
                return False

            if form_passcode == code:
                print "TiwlioSMS, SUCCESS! User entered the same code!"
                return True

            print "TwilioSMS. FAIL! User entered the wrong code! %s != %s" % (
                form_passcode, code)

            return False

        print "TwilioSMS. ERROR: step param not found or != (1|2)"

        return False
    def authenticate(self, configurationAttributes, requestParameters, step):
        context = Contexts.getEventContext()
        userService = UserService.instance()
    	
        if (step == 1):
            printOut("Step 1 Password Authentication")
            credentials = Identity.instance().getCredentials()
            user_name = credentials.getUsername()
            user_password = credentials.getPassword()

            logged_in = False
            if (StringHelper.isNotEmptyString(user_name) and StringHelper.isNotEmptyString(user_password)):
                logged_in = userService.authenticate(user_name, user_password)

            if (not logged_in):
                return False
            
            # Get Custom Properties
            ACCOUNT_SID = None
            AUTH_TOKEN = None
            FROM_NUMBER = None
            try:
                ACCOUNT_SID = configurationAttributes.get("twilio_sid").getValue2()
            except:
                printOut('Missing required configuration attribute "twilio_sid"')
            try:
                AUTH_TOKEN = configurationAttributes.get("twilio_token").getValue2()
            except:
                printOut('Missing required configuration attribute "twilio_token")
	    	try:
                FROM_NUMBER = configurationAttributes.get("from_number").getValue2()
            except:
                printOut('Missing required configuration attribute "from_number"')
            if None in (ACCOUNT_SID, AUTH_TOKEN, FROM_NUMBER):
                return False
    		
            # Get the Person's number and generate a code
            foundUser = None
            try:
                foundUser = userService.getUserByAttribute("uid", user_name)
            except:
                printOut('Error retrieving user %s from LDAP' % user_name)
                return False
            try:
                mobile_number = foundUser.getAttribute("mobile")
            except:
                printOut("Error finding mobile number for
	    		return False

            # Generate Random six digit code
            code = random.randint(100000,999999)
            context.set("code", code)
            client = TwilioRestClient(ACCOUNT_SID, AUTH_TOKEN)
            bodyParam = BasicNameValuePair("Body", code)
            toParam = BasicNameValuePair("To", mobile_number)
            fromParam = BasicNameValuePair("From", FROM_NUMBER)
            params = ArrayList()
            params.add(bodyParam)
            params.add(toParam)
            params.add(fromParam)

            messageFactory = client.getAccount().getMessageFactory()
            message = messageFactory.create(params)
            printOut("Message Sid: %s" % message.getSid())
            return True

        elif (step == 2):
            code = sessionAttributes.get("code")
            if (code is None):
                printOut("Failed to find previously sent code")
                return False
            form_passcode = requestParameters.get("passcode")[0].strip()
            if len(form_passcode) != 6:
                printOut("Invalid passcode length from form: %s" % form_passcode)
            if form_passcode == code:
                return True
            else:
                return False
            
        else:
            return False

    def prepareForStep(self, configurationAttributes, requestParameters, step):
        if (step == 1):
            print "TwilioSMS. Prepare for Step 1"
            return True
        elif (step == 2):
            print "TwilioSMS. Prepare for Step 2"
            return True
        else:
            return False

    def printOut(s):
        print "TwilioSmsAuthenticator: %s" % s

    def getExtraParametersForStep(self, configurationAttributes, step):
        if (step == 2):
            return Arrays.asList("code")
        return None
        
    def getCountAuthenticationSteps(self, configurationAttributes):
        return 2

    def getPageForStep(self, configurationAttributes, step):
        if (step == 2):
            return "/auth/twilio/twiliologin.xhtml"
        return ""

    def logout(self, configurationAttributes, requestParameters):
        return True
Beispiel #4
0
    def authenticate(self, configurationAttributes, requestParameters, step):
        context = Contexts.getEventContext()
        userService = UserService.instance()
        session_attributes = context.get("sessionAttributes")

        form_passcode = ServerUtil.getFirstValue(requestParameters, "passcode")
        form_name = ServerUtil.getFirstValue(requestParameters, "TwilioSmsloginForm")

        print "TwilioSMS. form_response_passcode: %s" % str(form_passcode)
        
        if step == 1:
            print "TwilioSMS. Step 1 Password Authentication"
            credentials = Identity.instance().getCredentials()
            user_name = credentials.getUsername()
            user_password = credentials.getPassword()
            
            logged_in = False
            if StringHelper.isNotEmptyString(user_name) and StringHelper.isNotEmptyString(user_password):
                logged_in = userService.authenticate(user_name, user_password)
            
            if not logged_in:
                return False

            # Get the Person's number and generate a code
            foundUser = None
            try:
                foundUser = userService.getUserByAttribute("uid", user_name)
            except:
                print 'TwilioSMS, Error retrieving user %s from LDAP' % (user_name)
                return False

            try:
                mobile_number = foundUser.getAttribute("phoneNumberVerified")
            except:
                print 'TwilioSMS, Error finding mobile number for' % (user_name) 
                return False
                        
            # Generate Random six digit code and store it in array
            code = random.randint(100000, 999999)
            
            # Get code and save it in LDAP temporarily with special session entry 
            context.set("code", code)

            client = TwilioRestClient(self.ACCOUNT_SID, self.AUTH_TOKEN)
            bodyParam = BasicNameValuePair("Body", str(code))
            toParam = BasicNameValuePair("To", mobile_number)
            fromParam = BasicNameValuePair("From", self.FROM_NUMBER)

            params = ArrayList()
            params.add(bodyParam)
            params.add(toParam)
            params.add(fromParam)
            
            try:
                messageFactory = client.getAccount().getMessageFactory()
                message = messageFactory.create(params)

                print 'TwilioSMs, Message Sid: %s' % (message.getSid())
                return True
            except:
                print "TwilioSMS. Error sending message to Twilio"

            return False
        elif step == 2:
            # Retrieve the session attribute
            print "TwilioSMS. Step 2 SMS/OTP Authentication"
            code = session_attributes.get("code")
            print "TwilioSMS. Code: %s" % str(code)
    
            if code is None:
                print "TwilioSMS. Failed to find previously sent code"
                return False 
    
            if form_passcode is None:
                print "TwilioSMS. Passcode is empty"
                return False 
    
            if len(form_passcode) != 6:
                print "TwilioSMS. Passcode from response is not 6 digits: %s" % form_passcode
                return False

            if form_passcode == code:
                print "TiwlioSMS, SUCCESS! User entered the same code!" 
                return True

            print "TwilioSMS. FAIL! User entered the wrong code! %s != %s" % (form_passcode, code)

            return False            

        print "TwilioSMS. ERROR: step param not found or != (1|2)"

        return False
    def authenticate(self, configurationAttributes, requestParameters, step):
    	context = Contexts.getEventContext()
    	userService = UserService.instance()
    	
        if (step == 1):
            printOut("Step 1 Password Authentication")
            credentials = Identity.instance().getCredentials()
            user_name = credentials.getUsername()
            user_password = credentials.getPassword()

            logged_in = False
            if (StringHelper.isNotEmptyString(user_name) and StringHelper.isNotEmptyString(user_password)):
                logged_in = userService.authenticate(user_name, user_password)

            if (not logged_in):
                return False
            
            # Get Custom Properties
            ACCOUNT_SID = None
    		AUTH_TOKEN = None
    		FROM_NUMBER = None
            try:    
	            ACCOUNT_SID = configurationAttributes.get("twilio_sid").getValue2()
	    	except:
	    		printOut('Missing required configuration attribute "twilio_sid"')
	    	try:
	    		AUTH_TOKEN = configurationAttributes.get("twilio_token").getValue2()
	    	except:
	    		printOut('Missing required configuration attribute "twilio_token")
	    	try:
	    		FROM_NUMBER = configurationAttributes.get("from_number").getValue2()
	    	except:
	    		printOut('Missing required configuration attribute "from_number"')
	    	if None in (ACCOUNT_SID, AUTH_TOKEN, FROM_NUMBER):
	    		return False
    		
    		# Get the Person's number and generate a code
    		foundUser = None
    		try:
	    		foundUser = userService.getUserByAttribute("uid", user_name)
	    	except:
	    		printOut('Error retrieving user %s from LDAP' % user_name)
	    		return False
	    	try:
	    		mobile_number = foundUser.getAttribute("mobile")
	    	except:
	    		printOut("Error finding mobile number for 
	    		return False
	    		
	    	# Generate Random six digit code
    		code = random.randint(100000,999999)
    		context.set("code", code)
    		
    		client = TwilioRestClient(ACCOUNT_SID, AUTH_TOKEN)
    		bodyParam = BasicNameValuePair("Body", code)
    		toParam = BasicNameValuePair("To", mobile_number)
    		fromParam = BasicNameValuePair("From", FROM_NUMBER)
    		params = ArrayList()
    		params.add(bodyParam)
    		params.add(toParam)
    		params.add(fromParam)
    		    		
			messageFactory = client.getAccount().getMessageFactory()
			message = messageFactory.create(params)
			printOut("Message Sid: %s" % message.getSid())
            return True

        elif (step == 2):
        	code = sessionAttributes.get("code")
        	if (code is None):
                printOut("Failed to find previously sent code")
                return False
            form_passcode = requestParameters.get("passcode")[0].strip()
            if len(form_passcode) != 6:
            	printOut("Invalid passcode length from form: %s" % form_passcode)
            if form_passcode == code:
            	return True
            else:
            	return False
            
        else:
            return False

    def prepareForStep(self, configurationAttributes, requestParameters, step):
        if (step == 1):
            print "TwilioSMS. Prepare for Step 1"
            return True
        elif (step == 2):
            print "TwilioSMS. Prepare for Step 2"
            return True
        else:
            return False

	def printOut(s):
		print "TwilioSmsAuthenticator: %s" % s

    def getExtraParametersForStep(self, configurationAttributes, step):
        if (step == 2):
            return Arrays.asList("code")
        return None
        
    def getCountAuthenticationSteps(self, configurationAttributes):
        return 2

    def getPageForStep(self, configurationAttributes, step):
        if (step == 2):
            return "/auth/twilio/twiliologin.xhtml"
        return ""

    def logout(self, configurationAttributes, requestParameters):
        return True