How this new architecture works with application-authentication.xml file,
say we have same parameter name with different names in
application-authentication.xml
file and the script ?
I guess we have completed an approach to get user inputs during the
authentication flow, can those user inputs assign to these parameters ?
Thanks !
On Mon, Jun 18, 2018 at 11:22 AM, Ayesha Dissanayaka <aye...@wso2.com>
wrote:
>
>
> On Mon, Jun 18, 2018 at 11:04 AM, Maduranga Siriwardena <
> madura...@wso2.com> wrote:
>
>> Hi Senthalan,
>>
>> "stepOptions" is gives a better meaning than "authenticationOptions" as I
>> feel.
>>
>> Shall we rename the object key to "stepOptions"? Please suggest any
>> better name, if the name "stepOptions" doesn't convey the meaning what
>> it is intended for.
>>
>
> Shall we use just "authenticators"?
>
>
>>
>> Thanks,
>>
>> On Mon, Jun 18, 2018 at 10:14 AM Senthalan Kanagalingam <
>> sentha...@wso2.com> wrote:
>>
>>> Hi Maduranga,
>>>
>>> Yes, we will have 2 objects(authenticationOptions and
>>> authenticatorParams) inside the 2nd parameter. I have done the
>>> implementation to support this template,
>>>
>>> executeStep(<stepNo>, { authenticationOptions : <authenticationOptions
>>> >,
>>> *authenticatorParams : {local : <authenticatorName> : { <key> :
>>> <value>},*
>>> *
>>> federated : <idpName> : { <key> : <value> }*
>>> },
>>> {onSuccess: function(){<someFunction>}, onFail:
>>> function(){<someFunction>}})
>>>
>>> Here is the sample,
>>>
>>> function onInitialRequest(context) {
>>> executeStep(1,
>>> {
>>> authenticatorParams: {
>>> local : {
>>> "BasicAuthenticator" :{
>>> "userName" : "alex",
>>> "domain" : "localhost"
>>> },
>>> "SMSOTP" :{ "foo" : "abc"}
>>> },
>>> federated : {
>>> "FacebookIdp" : { "foo" : "xyz"}
>>> }
>>> },
>>> {
>>> onSuccess: function (context) {
>>> executeStep(2);
>>> }
>>> }
>>> );
>>> }
>>>
>>> thanks,
>>>
>>> On Mon, Jun 18, 2018 at 9:43 AM Maduranga Siriwardena <
>>> madura...@wso2.com> wrote:
>>>
>>>> Hi Sagara,
>>>>
>>>> I think "foo" : "alex" is a parameter passed to the authenticator. And
>>>> yes, if we can provide a little bit meaningful example it would be easier
>>>> to understand.
>>>>
>>>> @Senthalan Kanagalingam <sentha...@wso2.com> , I was under the
>>>> impression that we are providing the parameters for the authenticators as a
>>>> different JSON object, rather than using the same authenticationOptions
>>>> object which is intended to filter the authenticators prompted in the step.
>>>> Have we finalized this? I think if we can provide 2 objects named
>>>> "stepOptions" and "authenticatorParams" (we can decide the names) it would
>>>> be better than using the same object.
>>>>
>>>> Thanks,
>>>>
>>>> On Fri, Jun 15, 2018 at 7:20 PM Sagara Gunathunga <sag...@wso2.com>
>>>> wrote:
>>>>
>>>>>
>>>>> Do we have authenticator with "foo" : "alex" ? when you provide
>>>>> sample please make sure to provide sample closer to real world, please
>>>>> provide a real example.
>>>>>
>>>>> Thanks !
>>>>>
>>>>> On Fri, Jun 15, 2018 at 6:56 PM, Senthalan Kanagalingam <
>>>>> sentha...@wso2.com> wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> We are having an update in the structure of the basic syntax. Here is
>>>>>> a sample,
>>>>>>
>>>>>> function onInitialRequest(context) {
>>>>>> executeStep(1,
>>>>>> {
>>>>>> authenticationOptions: {
>>>>>> local : {
>>>>>> "BasicAuthenticator" :{
>>>>>> "foo" : "alex",
>>>>>> "domain" :
>>>>>> "localhost"
>>>>>> },
>>>>>> "SMSOTP" :{ "foo" : "abc"}
>>>>>> },
>>>>>> federated : {
>>>>>> "FacebookIdp" : { "foo" : "xyz"}
>>>>>> }
>>>>>> },
>>>>>> {
>>>>>> onSuccess: function (context) {
>>>>>> executeStep(2);
>>>>>> }
>>>>>> }
>>>>>> );
>>>>>> }
>>>>>>
>>>>>> We can have 2 objects inside "authenticationOptions". In "local", we
>>>>>> can specify the authenticator identifier and map of parameters (key-value
>>>>>> pair). And in "federated", we can specify the parameter map for the
>>>>>> federated identity provider.
>>>>>>
>>>>>> And place note that the value of the parameter has to be String.
>>>>>>
>>>>>> thanks,
>>>>>>
>>>>>> On Wed, Jun 13, 2018 at 6:49 PM Senthalan Kanagalingam <
>>>>>> sentha...@wso2.com> wrote:
>>>>>>
>>>>>>> [update]
>>>>>>>
>>>>>>> hi all,
>>>>>>>
>>>>>>> We had an offline discussion and decided to change the
>>>>>>> authentication script syntax. We will be having an extra object in the
>>>>>>> 2nd
>>>>>>> parameter in the executeStep which is introduced to filter the
>>>>>>> authenticators[1]. There we can specify the authenticator and parameter
>>>>>>>
>>>>>>> executeStep(<stepNo>, { authenticationOptions :
>>>>>>> <listOfAuthenticators>,
>>>>>>> *authenticatorParams : [ {authenticator : <authenticatorName>,*
>>>>>>>
>>>>>>> *params : { <paramKey> : <paranValue> }*
>>>>>>>
>>>>>>> *]*,
>>>>>>>
>>>>>>> {onSuccess: function(){<someFunction>}, onFail: function(){<
>>>>>>> someFunction>}})
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> An example will be,
>>>>>>>
>>>>>>> function onInitialRequest (context) {
>>>>>>> executeStep(1 ,{ authenticationOptions : [{ authenticator :
>>>>>>> "Sample HardwareKey Authenticator"},{ idp : "google" }],
>>>>>>> authenticatorParams : [{ authenticator : "Sample HardwareKey
>>>>>>> Authenticator",
>>>>>>> params : {
>>>>>>> "foo" : "xyz"
>>>>>>> }},
>>>>>>> { idp : "google",
>>>>>>> params : {
>>>>>>> "foo" : "abc"
>>>>>>> }}]
>>>>>>> },{
>>>>>>> onSuccess : function(context) {
>>>>>>> executeStep(2);
>>>>>>> }
>>>>>>> });
>>>>>>> }
>>>>>>>
>>>>>>> In authenticator (java code), we can access the parameter map
>>>>>>> defined by the script for that particular authenticator using
>>>>>>> getRuntimeParams() method.
>>>>>>>
>>>>>>> Please share your idea about this new syntax change and the method
>>>>>>> name.
>>>>>>>
>>>>>>>
>>>>>>> [1] - "[IS] Filtering authentication options of a step by script"
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Jun 12, 2018 at 5:32 PM Senthalan Kanagalingam <
>>>>>>> sentha...@wso2.com> wrote:
>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> With an offline discussion we decided to change the definition from
>>>>>>>> parameter to property.
>>>>>>>>
>>>>>>>> context.*property*.foo = "xyz";
>>>>>>>> and/or
>>>>>>>> context.*property*['foo'] = "xyz";
>>>>>>>>
>>>>>>>> So in the authenticator we can access using
>>>>>>>> getScriptProperty("foo");
>>>>>>>>
>>>>>>>> thanks,
>>>>>>>> Senthalan.
>>>>>>>>
>>>>>>>> On Mon, Jun 11, 2018 at 3:45 PM Senthalan Kanagalingam <
>>>>>>>> sentha...@wso2.com> wrote:
>>>>>>>>
>>>>>>>>> Hi Pulasthi,
>>>>>>>>>
>>>>>>>>> On Mon, Jun 11, 2018 at 11:36 AM Pulasthi Mahawithana <
>>>>>>>>> pulast...@wso2.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Senthalan,
>>>>>>>>>>
>>>>>>>>>> On Mon, Jun 11, 2018 at 11:10 AM Senthalan Kanagalingam <
>>>>>>>>>> sentha...@wso2.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi all,
>>>>>>>>>>>
>>>>>>>>>>> I am working on the $subject. The purpose of this implementation
>>>>>>>>>>> is to have application-specific configurations for authenticators.
>>>>>>>>>>> Currently, we can static configurations for the authenticators in
>>>>>>>>>>> the
>>>>>>>>>>> application-authentication.xml file.
>>>>>>>>>>>
>>>>>>>>>>> In the script, we can set the parameters as follow, If we want
>>>>>>>>>>> to pass the foo to the authenticator,
>>>>>>>>>>>
>>>>>>>>>>> context.foo = "xyz";
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> Shall we change this to following to avoid any conflicts with
>>>>>>>>>> existing context objects?
>>>>>>>>>>
>>>>>>>>>> context.parameter.foo = "xyz";
>>>>>>>>>> and/or
>>>>>>>>>> context.parameter['foo'] = "xyz";
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> + 1. I have implemented with the suggestions.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> We can get back the value in the authenticators( executed after
>>>>>>>>>>> this definition) by calling context.getScriptParameter("foo")
>>>>>>>>>>>
>>>>>>>>>>> I have developed a POC for this. I have created a new map in the
>>>>>>>>>>> "AuthenticationContext" to save these parameters.
>>>>>>>>>>>
>>>>>>>>>>> Please share your thoughts about this implementation.
>>>>>>>>>>>
>>>>>>>>>>> thanks,
>>>>>>>>>>> Senthalan.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> *Senthalan Kanagalingam*
>>>>>>>>>>> *Software Engineer - WSO2 Inc.*
>>>>>>>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>>>>>>>> <http://wso2.com/signature>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> *Pulasthi Mahawithana*
>>>>>>>>>> Associate Technical Lead
>>>>>>>>>> WSO2 Inc., http://wso2.com/
>>>>>>>>>> Mobile: +94-71-5179022
>>>>>>>>>> Blog: https://medium.com/@pulasthi7/
>>>>>>>>>>
>>>>>>>>>> <https://wso2.com/signature>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>>
>>>>>>>>> *Senthalan Kanagalingam*
>>>>>>>>> *Software Engineer - WSO2 Inc.*
>>>>>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>>>>>> <http://wso2.com/signature>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> *Senthalan Kanagalingam*
>>>>>>>> *Software Engineer - WSO2 Inc.*
>>>>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>>>>> <http://wso2.com/signature>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> *Senthalan Kanagalingam*
>>>>>>> *Software Engineer - WSO2 Inc.*
>>>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>>>> <http://wso2.com/signature>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> *Senthalan Kanagalingam*
>>>>>> *Software Engineer - WSO2 Inc.*
>>>>>> *Mobile : +94 (0) 77 18 77 466*
>>>>>> <http://wso2.com/signature>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Sagara Gunathunga
>>>>>
>>>>> Director; WSO2, Inc.; http://wso2.com
>>>>> Linkedin; http://www.linkedin.com/in/ssagara
>>>>> Blog ; http://ssagara.blogspot.com
>>>>> Mobile : +9471 <+94%2071%20565%209887>2149951
>>>>>
>>>>>
>>>>
>>>> --
>>>> Maduranga Siriwardena
>>>> Senior Software Engineer
>>>> WSO2 Inc; http://wso2.com/
>>>>
>>>> Email: madura...@wso2.com
>>>> Mobile: +94718990591
>>>> Blog: *https://madurangasiriwardena.wordpress.com/
>>>> <https://madurangasiriwardena.wordpress.com/>*
>>>> <http://wso2.com/signature>
>>>>
>>>
>>>
>>> --
>>>
>>> *Senthalan Kanagalingam*
>>> *Software Engineer - WSO2 Inc.*
>>> *Mobile : +94 (0) 77 18 77 466*
>>> <http://wso2.com/signature>
>>>
>>
>>
>> --
>> Maduranga Siriwardena
>> Senior Software Engineer
>> WSO2 Inc; http://wso2.com/
>>
>> Email: madura...@wso2.com
>> Mobile: +94718990591
>> Blog: *https://madurangasiriwardena.wordpress.com/
>> <https://madurangasiriwardena.wordpress.com/>*
>> <http://wso2.com/signature>
>>
>> _______________________________________________
>> Architecture mailing list
>> Architecture@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> *Ayesha Dissanayaka*
> Senior Software Engineer,
> WSO2, Inc : http://wso2.com
> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg>
> 20, Palm grove Avenue, Colombo 3
> E-Mail: aye...@wso2.com <ayshsa...@gmail.com>
>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>
--
Sagara Gunathunga
Director; WSO2, Inc.; http://wso2.com
Linkedin; http://www.linkedin.com/in/ssagara
Blog ; http://ssagara.blogspot.com
Mobile : +9471 <+94%2071%20565%209887>2149951
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
