class PersonAuthentication(PersonAuthenticationType): def __init__(self, currentTimeMillis): self.currentTimeMillis = currentTimeMillis self.pf = PFAuth() def init(self, configurationAttributes): print "PhoneFactor. Initialization" pf_cert_path = configurationAttributes.get("pf_cert_path").getValue2() pf_creds_file = configurationAttributes.get("pf_creds_file").getValue2() # Load credentials from file f = open(pf_creds_file, 'r') try: creds = json.loads(f.read()) except: return False finally: f.close() certPassword = creds["CERT_PASSWORD"] try: stringEncrypter = StringEncrypter.defaultInstance() certPassword = stringEncrypter.decrypt(certPassword) except: return False self.pf.initialize(pf_cert_path, certPassword) print "PhoneFactor. Initialized successfully" return True def destroy(self, configurationAttributes): print "PhoneFactor. Destroy" print "PhoneFactor. Destroyed successfully" return True def getApiVersion(self): return 1 def isValidAuthenticationMethod(self, usageType, configurationAttributes): return True def getAlternativeAuthenticationMethod(self, usageType, configurationAttributes): return None def authenticate(self, configurationAttributes, requestParameters, step): credentials = Identity.instance().getCredentials() user_name = credentials.getUsername() if (step == 1): print "PhoneFactor. Authenticate for step 1" user_password = credentials.getPassword() logged_in = False if (StringHelper.isNotEmptyString(user_name) and StringHelper.isNotEmptyString(user_password)): userService = UserService.instance() logged_in = userService.authenticate(user_name, user_password) if (not logged_in): return False return True elif (step == 2): print "PhoneFactor. Authenticate for step 2" passed_step1 = self.isPassedDefaultAuthentication if (not passed_step1): return False pf_phone_number_attr = configurationAttributes.get("pf_phone_number_attr").getValue2() # Get user entry from credentials credentials_user = credentials.getUser() userService = UserService.instance() phone_number_with_country_code_attr = userService.getCustomAttribute(credentials_user, pf_phone_number_attr) if (phone_number_with_country_code_attr == None): print "PhoneFactor. Authenticate for step 2. There is no phone number: ", user_name return False phone_number_with_country_code = phone_number_with_country_code_attr.getValue() if (phone_number_with_country_code == None): print "PhoneFactor. Authenticate for step 2. There is no phone number: ", user_name return False pf_country_delimiter = configurationAttributes.get("pf_country_delimiter").getValue2() phone_number_with_country_code_array = string.split(phone_number_with_country_code, pf_country_delimiter, 1) phone_number_with_country_code_array_len = len(phone_number_with_country_code_array) if (phone_number_with_country_code_array_len == 1): country_code = "" phone_number = phone_number_with_country_code_array[0] else: country_code = phone_number_with_country_code_array[0] phone_number = phone_number_with_country_code_array[1] print "PhoneFactor. Authenticate for step 2. user_name: ", user_name, ", country_code: ", country_code, ", phone_number: ", phone_number pf_auth_result = None try: pf_auth_result = self.pf.authenticate(user_name, country_code, phone_number, None, None, None) except SecurityException, err: print "PhoneFactor. Authenticate for step 2. BAD AUTH -- Security issue: ", err except TimeoutException, err: print "PhoneFactor. Authenticate for step 2. BAD AUTH -- Server timeout: ", err except PFException, err: print "PhoneFactor. Authenticate for step 2. BAD AUTH -- PFAuth failed with a PFException: ", err
class PersonAuthentication(PersonAuthenticationType): def __init__(self, currentTimeMillis): self.currentTimeMillis = currentTimeMillis self.pf = PFAuth() def init(self, configurationAttributes): print "PhoneFactor. Initialization" pf_cert_path = configurationAttributes.get("pf_cert_path").getValue2() pf_creds_file = configurationAttributes.get( "pf_creds_file").getValue2() # Load credentials from file f = open(pf_creds_file, 'r') try: creds = json.loads(f.read()) except: return False finally: f.close() certPassword = creds["CERT_PASSWORD"] try: stringEncrypter = StringEncrypter.defaultInstance() certPassword = stringEncrypter.decrypt(certPassword) except: return False self.pf.initialize(pf_cert_path, certPassword) print "PhoneFactor. Initialized successfully" return True def destroy(self, configurationAttributes): print "PhoneFactor. Destroy" print "PhoneFactor. Destroyed successfully" return True def getApiVersion(self): return 1 def isValidAuthenticationMethod(self, usageType, configurationAttributes): return True def getAlternativeAuthenticationMethod(self, usageType, configurationAttributes): return None def authenticate(self, configurationAttributes, requestParameters, step): credentials = Identity.instance().getCredentials() user_name = credentials.getUsername() if (step == 1): print "PhoneFactor. Authenticate for step 1" user_password = credentials.getPassword() logged_in = False if (StringHelper.isNotEmptyString(user_name) and StringHelper.isNotEmptyString(user_password)): userService = UserService.instance() logged_in = userService.authenticate(user_name, user_password) if (not logged_in): return False return True elif (step == 2): print "PhoneFactor. Authenticate for step 2" passed_step1 = self.isPassedDefaultAuthentication if (not passed_step1): return False pf_phone_number_attr = configurationAttributes.get( "pf_phone_number_attr").getValue2() # Get user entry from credentials authenticationService = AuthenticationService.instance() credentials_user = authenticationService.getAuthenticatedUser() userService = UserService.instance() phone_number_with_country_code_attr = userService.getCustomAttribute( credentials_user, pf_phone_number_attr) if (phone_number_with_country_code_attr == None): print "PhoneFactor. Authenticate for step 2. There is no phone number: ", user_name return False phone_number_with_country_code = phone_number_with_country_code_attr.getValue( ) if (phone_number_with_country_code == None): print "PhoneFactor. Authenticate for step 2. There is no phone number: ", user_name return False pf_country_delimiter = configurationAttributes.get( "pf_country_delimiter").getValue2() phone_number_with_country_code_array = string.split( phone_number_with_country_code, pf_country_delimiter, 1) phone_number_with_country_code_array_len = len( phone_number_with_country_code_array) if (phone_number_with_country_code_array_len == 1): country_code = "" phone_number = phone_number_with_country_code_array[0] else: country_code = phone_number_with_country_code_array[0] phone_number = phone_number_with_country_code_array[1] print "PhoneFactor. Authenticate for step 2. user_name: ", user_name, ", country_code: ", country_code, ", phone_number: ", phone_number pf_auth_result = None try: pf_auth_result = self.pf.authenticate(user_name, country_code, phone_number, None, None, None) except SecurityException, err: print "PhoneFactor. Authenticate for step 2. BAD AUTH -- Security issue: ", err except TimeoutException, err: print "PhoneFactor. Authenticate for step 2. BAD AUTH -- Server timeout: ", err except PFException, err: print "PhoneFactor. Authenticate for step 2. BAD AUTH -- PFAuth failed with a PFException: ", err