Hi Maduranga,
Yes, we will have 2 objects(authenticationOptions and authenticatorParams)
inside the 2nd parameter. I have done the implementation to support this
template,
executeStep(<stepNo>, { authenticationOptions : <authenticationOptions>,
*authenticatorParams : {local : <authenticatorName> : { <key> : <value>},*
*
federated : <idpName> : { <key> : <value> }*
},
{onSuccess: function(){<someFunction>}, onFail: function(){<someFunction>}})
Here is the sample,
function onInitialRequest(context) {
executeStep(1,
{
authenticatorParams: {
local : {
"BasicAuthenticator" :{
"userName" : "alex",
"domain" : "localhost"
},
"SMSOTP" :{ "foo" : "abc"}
},
federated : {
"FacebookIdp" : { "foo" : "xyz"}
}
},
{
onSuccess: function (context) {
executeStep(2);
}
}
);
}
thanks,
On Mon, Jun 18, 2018 at 9:43 AM Maduranga Siriwardena <[email protected]>
wrote:
> Hi Sagara,
>
> I think "foo" : "alex" is a parameter passed to the authenticator. And
> yes, if we can provide a little bit meaningful example it would be easier
> to understand.
>
> @Senthalan Kanagalingam <[email protected]> , I was under the impression
> that we are providing the parameters for the authenticators as a different
> JSON object, rather than using the same authenticationOptions object which
> is intended to filter the authenticators prompted in the step. Have we
> finalized this? I think if we can provide 2 objects named "stepOptions" and
> "authenticatorParams" (we can decide the names) it would be better than
> using the same object.
>
> Thanks,
>
> On Fri, Jun 15, 2018 at 7:20 PM Sagara Gunathunga <[email protected]> wrote:
>
>>
>> Do we have authenticator with "foo" : "alex" ? when you provide sample
>> please make sure to provide sample closer to real world, please provide a
>> real example.
>>
>> Thanks !
>>
>> On Fri, Jun 15, 2018 at 6:56 PM, Senthalan Kanagalingam <
>> [email protected]> wrote:
>>
>>> Hi all,
>>>
>>> We are having an update in the structure of the basic syntax. Here is a
>>> sample,
>>>
>>> function onInitialRequest(context) {
>>> executeStep(1,
>>> {
>>> authenticationOptions: {
>>> local : {
>>> "BasicAuthenticator" :{
>>> "foo" : "alex",
>>> "domain" : "localhost"
>>> },
>>> "SMSOTP" :{ "foo" : "abc"}
>>> },
>>> federated : {
>>> "FacebookIdp" : { "foo" : "xyz"}
>>> }
>>> },
>>> {
>>> onSuccess: function (context) {
>>> executeStep(2);
>>> }
>>> }
>>> );
>>> }
>>>
>>> We can have 2 objects inside "authenticationOptions". In "local", we can
>>> specify the authenticator identifier and map of parameters (key-value
>>> pair). And in "federated", we can specify the parameter map for the
>>> federated identity provider.
>>>
>>> And place note that the value of the parameter has to be String.
>>>
>>> thanks,
>>>
>>> On Wed, Jun 13, 2018 at 6:49 PM Senthalan Kanagalingam <
>>> [email protected]> wrote:
>>>
>>>> [update]
>>>>
>>>> hi all,
>>>>
>>>> We had an offline discussion and decided to change the authentication
>>>> script syntax. We will be having an extra object in the 2nd parameter in
>>>> the executeStep which is introduced to filter the authenticators[1].
>>>> There we can specify the authenticator and parameter
>>>>
>>>> executeStep(<stepNo>, { authenticationOptions : <listOfAuthenticators>,
>>>> *authenticatorParams : [ {authenticator : <authenticatorName>,*
>>>>
>>>> *params : { <paramKey> : <paranValue> }*
>>>>
>>>> *]*,
>>>>
>>>> {onSuccess: function(){<someFunction>}, onFail: function(){<
>>>> someFunction>}})
>>>>
>>>>
>>>>
>>>> An example will be,
>>>>
>>>> function onInitialRequest (context) {
>>>> executeStep(1 ,{ authenticationOptions : [{ authenticator : "Sample
>>>> HardwareKey Authenticator"},{ idp : "google" }],
>>>> authenticatorParams : [{ authenticator : "Sample HardwareKey
>>>> Authenticator",
>>>> params : {
>>>> "foo" : "xyz"
>>>> }},
>>>> { idp : "google",
>>>> params : {
>>>> "foo" : "abc"
>>>> }}]
>>>> },{
>>>> onSuccess : function(context) {
>>>> executeStep(2);
>>>> }
>>>> });
>>>> }
>>>>
>>>> In authenticator (java code), we can access the parameter map defined
>>>> by the script for that particular authenticator using getRuntimeParams()
>>>> method.
>>>>
>>>> Please share your idea about this new syntax change and the method name.
>>>>
>>>>
>>>> [1] - "[IS] Filtering authentication options of a step by script"
>>>>
>>>>
>>>> On Tue, Jun 12, 2018 at 5:32 PM Senthalan Kanagalingam <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> With an offline discussion we decided to change the definition from
>>>>> parameter to property.
>>>>>
>>>>> context.*property*.foo = "xyz";
>>>>> and/or
>>>>> context.*property*['foo'] = "xyz";
>>>>>
>>>>> So in the authenticator we can access using getScriptProperty("foo");
>>>>>
>>>>> thanks,
>>>>> Senthalan.
>>>>>
>>>>> On Mon, Jun 11, 2018 at 3:45 PM Senthalan Kanagalingam <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hi Pulasthi,
>>>>>>
>>>>>> On Mon, Jun 11, 2018 at 11:36 AM Pulasthi Mahawithana <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Hi Senthalan,
>>>>>>>
>>>>>>> On Mon, Jun 11, 2018 at 11:10 AM Senthalan Kanagalingam <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> I am working on the $subject. The purpose of this implementation is
>>>>>>>> to have application-specific configurations for authenticators.
>>>>>>>> Currently,
>>>>>>>> we can static configurations for the authenticators in the
>>>>>>>> application-authentication.xml file.
>>>>>>>>
>>>>>>>> In the script, we can set the parameters as follow, If we want to
>>>>>>>> pass the foo to the authenticator,
>>>>>>>>
>>>>>>>> context.foo = "xyz";
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>> Shall we change this to following to avoid any conflicts with
>>>>>>> existing context objects?
>>>>>>>
>>>>>>> context.parameter.foo = "xyz";
>>>>>>> and/or
>>>>>>> context.parameter['foo'] = "xyz";
>>>>>>>
>>>>>>
>>>>>> + 1. I have implemented with the suggestions.
>>>>>>
>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> We can get back the value in the authenticators( executed after
>>>>>>>> this definition) by calling context.getScriptParameter("foo")
>>>>>>>>
>>>>>>>> I have developed a POC for this. I have created a new map in the
>>>>>>>> "AuthenticationContext" to save these parameters.
>>>>>>>>
>>>>>>>> Please share your thoughts about this implementation.
>>>>>>>>
>>>>>>>> thanks,
>>>>>>>> Senthalan.
>>>>>>>>
>>>>>>>>
>>>>>>>> *Senthalan Kanagalingam*
>>>>>>>> *Software Engineer - WSO2 Inc.*
>>>>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>>>>> <http://wso2.com/signature>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> *Pulasthi Mahawithana*
>>>>>>> Associate Technical Lead
>>>>>>> WSO2 Inc., http://wso2.com/
>>>>>>> Mobile: +94-71-5179022
>>>>>>> Blog: https://medium.com/@pulasthi7/
>>>>>>>
>>>>>>> <https://wso2.com/signature>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> *Senthalan Kanagalingam*
>>>>>> *Software Engineer - WSO2 Inc.*
>>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>>> <http://wso2.com/signature>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> *Senthalan Kanagalingam*
>>>>> *Software Engineer - WSO2 Inc.*
>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>> <http://wso2.com/signature>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *Senthalan Kanagalingam*
>>>> *Software Engineer - WSO2 Inc.*
>>>> *Mobile : +94 (0) 77 18 77 466*
>>>> <http://wso2.com/signature>
>>>>
>>>
>>>
>>> --
>>>
>>> *Senthalan Kanagalingam*
>>> *Software Engineer - WSO2 Inc.*
>>> *Mobile : +94 (0) 77 18 77 466*
>>> <http://wso2.com/signature>
>>>
>>
>>
>>
>> --
>> Sagara Gunathunga
>>
>> Director; WSO2, Inc.; http://wso2.com
>> Linkedin; http://www.linkedin.com/in/ssagara
>> Blog ; http://ssagara.blogspot.com
>> Mobile : +9471 <+94%2071%20565%209887>2149951
>>
>>
>
> --
> Maduranga Siriwardena
> Senior Software Engineer
> WSO2 Inc; http://wso2.com/
>
> Email: [email protected]
> Mobile: +94718990591
> Blog: *https://madurangasiriwardena.wordpress.com/
> <https://madurangasiriwardena.wordpress.com/>*
> <http://wso2.com/signature>
>
--
*Senthalan Kanagalingam*
*Software Engineer - WSO2 Inc.*
*Mobile : +94 (0) 77 18 77 466*
<http://wso2.com/signature>
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
