From d608511b9588d807add647d2e5ba22df36f3eab8 Mon Sep 17 00:00:00 2001
From: Ashan Thamara Palihakkara
<75057725+ashanthamara@users.noreply.github.com>
Date: Fri, 24 Nov 2023 11:55:03 +0530
Subject: [PATCH 1/2] added multiOptionURI parameter to the redirect url
---
.../pom.xml | 5 ++++
.../magiclink/MagicLinkAuthenticator.java | 24 ++++++++++++++++---
.../MagicLinkAuthenticatorConstants.java | 1 +
pom.xml | 7 ++++++
4 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/components/org.wso2.carbon.identity.application.authenticator.magiclink/pom.xml b/components/org.wso2.carbon.identity.application.authenticator.magiclink/pom.xml
index c0d3da7..57f156c 100644
--- a/components/org.wso2.carbon.identity.application.authenticator.magiclink/pom.xml
+++ b/components/org.wso2.carbon.identity.application.authenticator.magiclink/pom.xml
@@ -78,6 +78,10 @@
org.wso2.carbon.identity.organization.management.core
org.wso2.carbon.identity.organization.management.service
+
+ org.wso2.orbit.org.owasp.encoder
+ encoder
+
@@ -133,6 +137,7 @@
org.wso2.carbon.user.core.*; version="${carbon.kernel.package.import.version.range}",
org.wso2.carbon.identity.auth.attribute.handler.*;
version="${identity.governance.imp.pkg.version.range}",
+ org.owasp.encoder; version="${encoder.wso2.import.version.range}",
org.wso2.carbon.identity.application.authenticator.magiclink.internal,
diff --git a/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java b/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java
index c02a8e4..ddea2fb 100644
--- a/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java
+++ b/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java
@@ -22,6 +22,7 @@
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.owasp.encoder.Encode;
import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.LocalApplicationAuthenticator;
@@ -31,7 +32,6 @@
import org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException;
import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException;
-import org.wso2.carbon.identity.application.authentication.framework.model.AdditionalData;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatorData;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatorMessage;
@@ -79,9 +79,9 @@
import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.LogConstants.ActionIDs.VALIDATE_MAGIC_LINK_REQUEST;
import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.LogConstants.MAGIC_LINK_AUTH_SERVICE;
import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.MAGIC_LINK_TOKEN;
+import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.MULTI_OPTION_QUERY_PARAM;
import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.USERNAME_PARAM;
import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.USER_NAME;
-import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.USER_PROMPT;
import static org.wso2.carbon.identity.application.authenticator.magiclink.MagicLinkAuthenticatorConstants.MLT;
/**
@@ -171,6 +171,7 @@ protected void initiateAuthenticationRequest(HttpServletRequest request, HttpSer
context.setProperty(MagicLinkAuthenticatorConstants.IS_IDF_INITIATED_FROM_AUTHENTICATOR, true);
String loginPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL();
String queryParams = context.getContextIdIncludedQueryParams();
+ String multiOptionURI = getMultiOptionURIQueryParam(request);
try {
if (log.isDebugEnabled()) {
String logMsg = String.format("Redirecting to identifier first flow since " +
@@ -179,7 +180,8 @@ protected void initiateAuthenticationRequest(HttpServletRequest request, HttpSer
log.debug(logMsg);
}
String redirectUri = loginPage + ("?" + queryParams) + MagicLinkAuthenticatorConstants.AUTHENTICATORS +
- MagicLinkAuthenticatorConstants.IDF_HANDLER_NAME + ":" + MagicLinkAuthenticatorConstants.LOCAL;
+ MagicLinkAuthenticatorConstants.IDF_HANDLER_NAME + ":" + MagicLinkAuthenticatorConstants.LOCAL
+ + multiOptionURI;
response.sendRedirect(redirectUri);
if (LoggerUtils.isDiagnosticLogsEnabled() && finalDiagnosticLogBuilder != null) {
finalDiagnosticLogBuilder.resultMessage("Redirecting to identifier first flow since the last " +
@@ -674,4 +676,20 @@ private void setAuthParamsForIdfInitiatedFromMagicLink(AuthenticatorData authent
authenticatorParamMetadataList.add(usernameMetadata);
authenticatorData.setAuthParams(authenticatorParamMetadataList);
}
+
+ /**
+ * Get the multi option URI query params.
+ *
+ * @param request HttpServletRequest.
+ */
+ private static String getMultiOptionURIQueryParam(HttpServletRequest request) {
+
+ String multiOptionURI = "";
+ if (request != null) {
+ multiOptionURI = request.getParameter(MULTI_OPTION_QUERY_PARAM);
+ multiOptionURI = multiOptionURI != null ? "&" + MULTI_OPTION_QUERY_PARAM + "=" +
+ Encode.forUriComponent(multiOptionURI) : "";
+ }
+ return multiOptionURI;
+ }
}
diff --git a/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticatorConstants.java b/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticatorConstants.java
index 9f044ca..4a5a48e 100644
--- a/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticatorConstants.java
+++ b/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticatorConstants.java
@@ -56,6 +56,7 @@ private MagicLinkAuthenticatorConstants() {
public static final String EXPIRYTIME = "expiry-time";
public static final String IS_API_BASED_AUTHENTICATION_SUPPORTED = "isAPIBasedAuthenticationSupported";
public static final String CALLBACK_URL = "callbackUrl";
+ public static final String MULTI_OPTION_QUERY_PARAM = "multiOptionURI";
/**
* Constants related to log management.
diff --git a/pom.xml b/pom.xml
index 5a41f69..5c62c65 100644
--- a/pom.xml
+++ b/pom.xml
@@ -97,6 +97,11 @@
org.wso2.carbon.identity.auth.attribute.handler
${identity.governance.version}
+
+ org.wso2.orbit.org.owasp.encoder
+ encoder
+ ${owasp.encoder.version}
+
@@ -222,6 +227,7 @@
1.8.23
1.0.55
+ 1.2.0.wso2v1
6.9.10
@@ -241,6 +247,7 @@
[4.5.0, 5.0.0)
[1.0.1, 2.0.0)
[1.5.0, 3.0.0)
+ [1.2.0, 2.0.0)
3.0.5
3.2.0
From d2ebf5ad000f6351c68488ce87d17239df33e5de Mon Sep 17 00:00:00 2001
From: Ashan Thamara Palihakkara
<75057725+ashanthamara@users.noreply.github.com>
Date: Thu, 18 Jan 2024 18:15:05 +0530
Subject: [PATCH 2/2] Add missing import
---
.../authenticator/magiclink/MagicLinkAuthenticator.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java b/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java
index 9201f70..a4a2efe 100644
--- a/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java
+++ b/components/org.wso2.carbon.identity.application.authenticator.magiclink/src/main/java/org/wso2/carbon/identity/application/authenticator/magiclink/MagicLinkAuthenticator.java
@@ -32,6 +32,7 @@
import org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException;
import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException;
+import org.wso2.carbon.identity.application.authentication.framework.model.AdditionalData;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatorData;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatorMessage;