License: Apache License 2.0

Java 100.00%

identity-outbound-auth-sms-otp's Introduction

identity-outbound-auth-sms-otp

Welcome to the WSO2 Identity Server (IS) SMS OTP Authenticator.

WSO2 IS is one of the best Identity Servers, which enables you to offload your identity and user entitlement management burden totally from your application. It comes with many features, supports many industry standards and most importantly it allows you to extent it according to your security requirements. This repo contains Authenticators written to work with different third party systems.

With WSO2 IS, there are lot of provisioning capabilities available. There are 3 major concepts as Inbound, outbound provisioning and Just-In-Time provisioning. Inbound provisioning means , provisioning users and groups from an external system to IS. Outbound provisioning means , provisioning users from IS to other external systems. JIT provisioning means , once a user tries to login from an external IDP, a user can be created on the fly in IS with JIT. Repos under this account holds such components invlove in communicating with external systems.

identity-outbound-auth-sms-otp's People

Contributors

Stargazers

Watchers

Forkers

thulasikav rkathees hmrajas andypower darshanasbg elilmathas pushpalanka gdrdabarera omindu danushkaf kesavany nilasini nuwandiw test-coverage-enforce-bot biruntha dilin993 emswbandara sachi-d denuwanthi gayanm nalakas harsha1979 kavindu-dodan abilashini ayshsandu hastef88 abhishekdesilva mefarazath godwinamila somindatommy hauntingecho sachiniwettasinghe tharindu-b-hewage piraveena nuwan-walisundara thushaaanthan tharakawijekoon madurangasiriwardena nipunibhagya vihanga-liyanage senthalan thanujalk shanchathusanda93 rksk pamodaaw avishkajayasundara anuradhask mifrazmurthaja thumimku edroot gangani dinikasen thiloshon lakshani chinthakarukshan chamathns kanapriya isuruhettiarachchi sachinisiriwardene maneeshaindrachapa nipunthathsara bhagyasakalanka chanikaruchini shaheenia sanjulamadurapperuma lahiruls maliesha tiffany-silva wenodpathirana lashinijay yasara-y edwardsj89 dinzie95 piyarathnalakmali akila94 thanhnm2vng sahandilshan nalakagunathilaka deshankoswatte yathindrak thamindudilshan yogyagamage chathurangap688 wathsara avarjana rushannanayakkara ratnajothy ziyamsanthosh hwupathum imalshag mpmadhavig kasuniranasinghe14 rashmini malshan1998 nisho06 yoshani thisara-welmilla asha15 gershom96 lochanaedirisinghe

identity-outbound-auth-sms-otp's Issues

AuthenticationEndpointContextListener Exception

Hi,

When I deploy the war file smsotpauthenticationendpoint.war in webapp folder, and start the server, I am getting below error. Can you help me what I doing wrong here? By the way, I am using WSO2 Identity Server 5.0.0

Thanks,
Azim

Error configuring application listener of class org.wso2.carbon.identity.application.authentication.endpoint.util.listener.AuthenticationEndpointContextListener {org.apache.catalina.core.StandardContext}
java.lang.ClassNotFoundException: org.wso2.carbon.identity.application.authentication.endpoint.util.listener.AuthenticationEndpointContextListener
at org.wso2.carbon.webapp.mgt.loader.CarbonWebappClassLoader.loadClass(CarbonWebappClassLoader.java:138)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1559)
at org.apache.catalina.core.DefaultInstanceManager.loadClass(DefaultInstanceManager.java:532)
at org.apache.catalina.core.DefaultInstanceManager.loadClassMaybePrivileged(DefaultInstanceManager.java:514)
at org.apache.catalina.core.DefaultInstanceManager.newInstance(DefaultInstanceManager.java:133)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4727)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5285)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:633)
at org.wso2.carbon.tomcat.internal.CarbonTomcat.addWebApp(CarbonTomcat.java:280)
at org.wso2.carbon.tomcat.internal.CarbonTomcat.addWebApp(CarbonTomcat.java:177)
at org.wso2.carbon.webapp.mgt.TomcatGenericWebappsDeployer.handleWebappDeployment(TomcatGenericWebappsDeployer.java:222)
at org.wso2.carbon.webapp.mgt.TomcatGenericWebappsDeployer.handleWarWebappDeployment(TomcatGenericWebappsDeployer.java:174)
at org.wso2.carbon.webapp.mgt.TomcatGenericWebappsDeployer.handleHotDeployment(TomcatGenericWebappsDeployer.java:141)
at org.wso2.carbon.webapp.mgt.TomcatGenericWebappsDeployer.deploy(TomcatGenericWebappsDeployer.java:116)
at org.wso2.carbon.webapp.mgt.AbstractWebappDeployer.deployThisWebApp(AbstractWebappDeployer.java:140)
at org.wso2.carbon.webapp.mgt.AbstractWebappDeployer.deploy(AbstractWebappDeployer.java:90)
at org.wso2.carbon.webapp.deployer.WebappDeployer.deploy(WebappDeployer.java:42)
at org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136)
at org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:807)
at org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144)
at org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377)
at org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254)
at org.apache.axis2.deployment.DeploymentEngine.loadServices(DeploymentEngine.java:135)
at org.wso2.carbon.core.CarbonAxisConfigurator.loadServices(CarbonAxisConfigurator.java:464)
at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContext(ConfigurationContextFactory.java:95)
at org.wso2.carbon.core.CarbonConfigurationContextFactory.createNewConfigurationContext(CarbonConfigurationContextFactory.java:65)
at org.wso2.carbon.core.init.CarbonServerManager.initializeCarbon(CarbonServerManager.java:398)
at org.wso2.carbon.core.init.CarbonServerManager.start(CarbonServerManager.java:219)
at org.wso2.carbon.core.internal.CarbonCoreServiceComponent.activate(CarbonCoreServiceComponent.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347)
at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
at org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81)
at org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40)
at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1267)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1186)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1081)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5027)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5314)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
TID: [0] [IS] [2016-08-04 12:23:55,683] ERROR {org.apache.catalina.core.StandardContext} - Skipped installing application listeners due to previous error(s) {org.apache.catalina.core.StandardContext}
TID: [0] [IS] [2016-08-04 12:23:55,683] ERROR {org.apache.catalina.core.StandardContext} - Error listenerStart {org.apache.catalina.core.StandardContext}
TID: [0] [IS] [2016-08-04 12:23:55,683] ERROR {org.apache.catalina.core.StandardContext} - Context [/smsotpauthenticationendpoint] startup failed due to previous errors {org.apache.catalina.core.StandardContext}
TID: [0] [IS] [2016-08-04 12:23:56,167] ERROR {org.wso2.carbon.tomcat.internal.CarbonTomcat} - Cannot stop context {org.wso2.carbon.tomcat.internal.CarbonTomcat}
org.apache.catalina.LifecycleException: An invalid Lifecycle transition was attempted ([before_stop]) for component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/smsotpauthenticationendpoint]] in state [DESTROYED]

SMSOTP is not working as expected

If the user has no mobile claim value, the mobile.jsp page is displayed to allow user to insert the own mobile number, but after submitted the form an error occurs in tenant mode.
I tested face-book login using an account with attribute email = [email protected]. since in first login (sign up) the user with username = [email protected] is not yet provisioned on Active Directory, the login fails. Thats is authentication flow is failed when the user is not found on Active Directory.
Since the parameter "userAttribute" (email) must contains the social attribute, it may not be valid for all type of social authenticator.
For example the attribute "email" is a valid social attribute for Facebook and Google Idp, but not for Foursquare Idp. Infact to test Fourquare social login correctly I had to configure the parameter "userAttribute" like the following
<Parameter name="userAttribute">http://wso2.org/foursquare/claims/email</Parameter>
So I suppose that a possible solution would be to configure more than one "userAttribute" parameters (one for each Idp type, for example as showed below) and in the connector implement a logic to read the correct one depending on Idp type.

<Parameter name="userAttributeFacebook">email</Parameter>
<Parameter name="userAttributeGoogle">email</Parameter>
<Parameter name="userAttributeFoursquare">http://wso2.org/foursquare/claims/email</Parameter>

SMS OPT is not working correctly

Description:
There seems to be inconsistency in SMS OTP extension packed with IS 5.7.0 and IS-KM 5.7.0. This causes IS-KM throw the following exception,

ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} -  Exception in Authentication Framework
java.lang.NullPointerException
atorg.wso2.carbon.identity.authenticator.smsotp.SMSOTPAuthenticator.processAuthenticationResponse(SMSOTPAuthenticator.java:625)
at org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:78)
at org.wso2.carbon.identity.authenticator.smsotp.SMSOTPAuthenticator.process(SMSOTPAuthenticator.java:109)
at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:500

Invalid SMS URL not handled properly

Description:
When invalid sms url provided it does not provide an error in UI. Only prints a error log.
Suggested Labels:

Suggested Assignees:

Affected Product Version:

OS, DB, other environment details and versions:

Steps to reproduce:

Related Issues:

When the user enters an incorrect token the page refreshes with an error message and mobile number is showing as null.

Description:
When the user enters an incorrect token the page refreshes with an error message and mobile number is showing as null. Issue occurs since screenvalue parameter which indicates set of digits of the mobile number is missing in the error response.

Authenticator need to send screenvalue in the redirect URL for erroneous scenarios.

Suggested Labels:
bug

Suggested Assignees:

Affected Product Version:

OS, DB, other environment details and versions:

Steps to reproduce:

Related Issues:

Able to generate alphanumeric OTP token and the Token length should be configurable and able to configure validity time of the token.

Description:
Currently, SMSOTP authenticator only supports to generate 6 digit OTP token only. Need to add the feature to generate configurable length alphanumeric token with the configurable expiry time.

Suggested Labels:
New Feature

Suggested Assignees:

Affected Product Version:

OS, DB, other environment details and versions:

Steps to reproduce:

Related Issues:

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

wso2-extensions / identity-outbound-auth-sms-otp Goto Github PK

identity-outbound-auth-sms-otp's Introduction

identity-outbound-auth-sms-otp

identity-outbound-auth-sms-otp's People

Contributors

Stargazers

Watchers

Forkers

identity-outbound-auth-sms-otp's Issues

Recommend Projects

Recommend Topics

Recommend Org