Merge pull request #1244 from stormpath/GA_Refactor

Refactor GoogleAuthenticatorChallenge to allow for setting code along with challenge.

Author: dogeared

api/src/main/java/com/stormpath/sdk/challenge/google/GoogleAuthenticatorChallenge.java

@@ -29,6 +29,13 @@
  *
  * @since 1.1.0
  */
-public interface GoogleAuthenticatorChallenge extends Challenge<GoogleAuthenticatorFactor,GoogleAuthenticatorChallengeStatus>{
+public interface GoogleAuthenticatorChallenge extends Challenge<GoogleAuthenticatorFactor, GoogleAuthenticatorChallengeStatus> {
 
+     /**
+      * A GoogleAuthenticatorChallenge can be validated at the same time the challenge is created by setting the code on the challenge.
+      *
+      * @param code the code the validated at the same time the GoogleAuthenticatorChallenge is created
+      * @since 1.4.0
+      */
+     void setCode(String code);
 }

api/src/main/java/com/stormpath/sdk/challenge/google/GoogleAuthenticatorChallenges.java

@@ -58,7 +58,7 @@ public final class GoogleAuthenticatorChallenges extends Challenges {
     }
 
     private static final Class<CreateChallengeRequestBuilder> BUILDER_CLASS =
-            Classes.forName("com.stormpath.sdk.impl.challenge.DefaultCreateChallengeRequestBuilder");
+            Classes.forName("com.stormpath.sdk.impl.challenge.google.DefaultGoogleAuthenticatorCreateChallengeRequestBuilder");
 
     //Prevent instantiation outside of outer class.
     //Use getInstance() to retrieve the singleton instance.
@@ -152,9 +152,9 @@ public static EqualsExpressionFactory status() {
      *
      * @since 1.1.0
      */
-    public static CreateChallengeRequestBuilder<GoogleAuthenticatorChallenge> newCreateRequestFor(GoogleAuthenticatorChallenge challenge) {
-        Constructor ctor = Classes.getConstructor(BUILDER_CLASS, Challenge.class);
-        return (CreateChallengeRequestBuilder<GoogleAuthenticatorChallenge>) Classes.instantiate(ctor, challenge);
+    public static GoogleAuthenticatorCreateChallengeRequestBuilder newCreateRequestFor(GoogleAuthenticatorChallenge challenge) {
+        Constructor ctor = Classes.getConstructor(BUILDER_CLASS, GoogleAuthenticatorChallenge.class);
+        return (GoogleAuthenticatorCreateChallengeRequestBuilder) Classes.instantiate(ctor, challenge);
     }
 
     private static EqualsExpressionFactory newEqualsExpressionFactory(String propName) {

api/src/main/java/com/stormpath/sdk/challenge/google/GoogleAuthenticatorCreateChallengeRequest.java

@@ -0,0 +1,27 @@
+/*
+ * Copyright 2017 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.stormpath.sdk.challenge.google;
+
+import com.stormpath.sdk.challenge.CreateChallengeRequest;
+
+/**
+ * A Google Authenticator specific create challenge request
+ *
+ * Google Authenticator challenges can validate a code at the same time that the challenge is created.
+ *
+ * @since 1.4.0
+ */
+public interface GoogleAuthenticatorCreateChallengeRequest extends CreateChallengeRequest {}

api/src/main/java/com/stormpath/sdk/challenge/google/GoogleAuthenticatorCreateChallengeRequestBuilder.java

@@ -0,0 +1,35 @@
+/*
+ * Copyright 2017 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.stormpath.sdk.challenge.google;
+
+import com.stormpath.sdk.challenge.CreateChallengeRequestBuilder;
+
+/**
+ * A builder to construct {@link GoogleAuthenticatorCreateChallengeRequest}s Google Authenticator specific create challenge requests.
+ *
+ * Google Authenticator can both create the challenge and set the code in one API call.
+ * See {@link com.stormpath.sdk.factor.google.GoogleAuthenticatorFactor}
+ *
+ * @since 1.4.0
+ */
+public interface GoogleAuthenticatorCreateChallengeRequestBuilder  extends CreateChallengeRequestBuilder<GoogleAuthenticatorChallenge> {
+
+    /**
+     * @param code to be used to validate the challenge for the {@link com.stormpath.sdk.factor.google.GoogleAuthenticatorFactor}
+     * @return GoogleAuthenticatorCreateChallengeRequestBuilder for method chaining with the builder pattern
+     */
+    GoogleAuthenticatorCreateChallengeRequestBuilder withCode(String code);
+}

api/src/main/java/com/stormpath/sdk/factor/google/GoogleAuthenticatorFactor.java

@@ -22,8 +22,16 @@
  * A {@code GoogleAuthenticatorFactor} is a Factor that represents a two-step verification services using
  * the Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP),
  * for authenticating users of mobile applications by Google.
- * When issuing a challenge via an GoogleAuthenticatorFactor, a code is sent to the Google Authenticator app,
- * and the user can enter the received code back into the system to verify/complete the challenge.
+ * <p/>
+ * The TOTP algorithm determines the next valid code without the requirement for any communication between server and
+ * TOTP client.
+ * <p/>
+ * As such, the challenge can be created with the code at the same time:
+ * <p/>
+ *
+ * <pre>
+ * GoogleAuthenticatorChallenge challenge = googleAuthenticatorFactor.createChallenge(code);
+ * </pre>
  *
  * @since 1.1.0
  */
@@ -80,4 +88,13 @@ public interface GoogleAuthenticatorFactor<T extends GoogleAuthenticatorChalleng
      * @return the base64QRImage.
      */
     String getBase64QrImage();
+
+    /**
+     *
+     * @param code The code to validate the challenge that is created. With Google Authenticator, you can create a
+     *             challenge and validate it all in one call.
+     * @return the {@link GoogleAuthenticatorChallenge}
+     * @since 1.4.0
+     */
+    GoogleAuthenticatorChallenge createChallenge(String code);
 }

extensions/httpclient/src/test/groovy/com/stormpath/sdk/impl/challenge/GoogleAuthenticatorChallengeIT.groovy

@@ -43,7 +43,7 @@ import static org.testng.Assert.assertNotNull
 class GoogleAuthenticatorChallengeIT extends AbstractMultiFactorIT {
 
     @Test
-    void testSuccessfulGoogleAuthenticatorChallenge() {
+    void testSuccessfulGoogleAuthenticatorChallengeWithCode() {
         Directory dir = client.instantiate(Directory)
         dir.name = uniquify("Java SDK: ${this.getClass().getSimpleName()}.${new Object(){}.getClass().getEnclosingMethod().getName()}")
         dir = client.currentTenant.createDirectory(dir);
@@ -60,6 +60,24 @@ class GoogleAuthenticatorChallengeIT extends AbstractMultiFactorIT {
         assertGoogleAuthenticatorChallengeResponse(factor, getCurrentValidCode(factor), 'SUCCESS')
     }
 
+    @Test
+    void testSuccessfulGoogleAuthenticatorChallengeTwoStep() {
+        Directory dir = client.instantiate(Directory)
+        dir.name = uniquify("Java SDK: ${this.getClass().getSimpleName()}.${new Object(){}.getClass().getEnclosingMethod().getName()}")
+        dir = client.currentTenant.createDirectory(dir);
+        deleteOnTeardown(dir)
+        Account account = createTempAccountInDir(dir)
+
+        def randomAccountName = uniquify("Random Account Name")
+        def randomIssuer = uniquify("Random Issuer")
+        def factor = createGoogleAuthenticatorFactor(account, randomIssuer, randomAccountName)
+        assertGoogleAuthenticatorFactorFields(factor, randomIssuer, randomAccountName)
+
+        sleepToAvoidCrossingThirtySecondMark()
+
+        GoogleAuthenticatorChallenge challenge = createChallengeWithCode(factor)
+        assertTrue challenge.validate(getCurrentValidCode(factor))
+    }
 
     @Test
     void testGoogleAuthenticatorChallengeWithGarbageCode() {
@@ -75,7 +93,7 @@ class GoogleAuthenticatorChallengeIT extends AbstractMultiFactorIT {
 
         Throwable e = null
         try {
-            createChallenge(factor, "bogus")
+            createChallengeWithCode(factor, "bogus")
         } catch (ResourceException re) {
             e = re
             assertEquals(re.status, 400)
@@ -98,7 +116,7 @@ class GoogleAuthenticatorChallengeIT extends AbstractMultiFactorIT {
 
         Throwable e = null
         try {
-            createChallenge(factor, "123456")
+            createChallengeWithCode(factor, "123456")
         } catch (ResourceException re) {
             e = re
             assertEquals(re.status, 400)
@@ -127,7 +145,7 @@ class GoogleAuthenticatorChallengeIT extends AbstractMultiFactorIT {
 
     private void assertGoogleAuthenticatorChallengeResponse(GoogleAuthenticatorFactor factor, String code, String status, String verificationStatus = 'VERIFIED') {
         String factorHref = factor.href
-        GoogleAuthenticatorChallenge challenge = createChallenge(factor, code)
+        GoogleAuthenticatorChallenge challenge = createChallengeWithCode(factor, code)
         assertInitialChallengeFields(challenge, status, false)
 
         FactorOptions options = Factors.options().withChallenges().withMostRecentChallenge()
@@ -182,13 +200,19 @@ class GoogleAuthenticatorChallengeIT extends AbstractMultiFactorIT {
         sleep(secondsToWait * 1000)
     }
 
-    private GoogleAuthenticatorChallenge createChallenge(GoogleAuthenticatorFactor factor, String code = null) {
+    private GoogleAuthenticatorChallenge createChallengeWithCode(GoogleAuthenticatorFactor factor, String code = null) {
         def challenge = client.instantiate(GoogleAuthenticatorChallenge.class)
         challenge.setCode(code)
         ChallengeOptions options = Challenges.GOOGLE_AUTHENTICATOR.options().withFactor()
         return factor.createChallenge(Challenges.GOOGLE_AUTHENTICATOR.newCreateRequestFor(challenge).withResponseOptions(options).build())
     }
 
+    private GoogleAuthenticatorChallenge createChallengeWithoutCode(GoogleAuthenticatorFactor factor) {
+        def challenge = client.instantiate(GoogleAuthenticatorChallenge.class)
+        ChallengeOptions options = Challenges.GOOGLE_AUTHENTICATOR.options().withFactor()
+        return factor.createChallenge(Challenges.GOOGLE_AUTHENTICATOR.newCreateRequestFor(challenge).withResponseOptions(options).build())
+    }
+
     private String getCurrentValidCode(GoogleAuthenticatorFactor factor) {
         return getCurrentCode(factor, true)
     }

impl/src/main/java/com/stormpath/sdk/impl/challenge/AbstractChallenge.java

@@ -31,7 +31,7 @@
 public abstract class AbstractChallenge<T extends Factor, R extends Enum> extends AbstractInstanceResource implements Challenge<T,R> {
 
     public static final EnumProperty<Enum> STATUS = new EnumProperty<>("status", Enum.class);
-    static final StringProperty CODE = new StringProperty("code");
+    public static final StringProperty CODE = new StringProperty("code");
     static final ResourceReference<Account> ACCOUNT = new ResourceReference<>("account", Account.class);
     static final ResourceReference<? extends Factor> FACTOR = new ResourceReference<>("factor", Factor.class);
     public static final DateProperty CREATED_AT = new DateProperty("createdAt");
@@ -92,16 +92,11 @@ public Challenge setFactor(T factor) {
     @Override
     public boolean validate(String code) {
         Assert.notNull(code, "code can not be null.");
-        setCode(code);
+        setProperty(CODE, code);
         Challenge returnedChallenge = getDataStore().create(getHref(), this);
         if ((returnedChallenge.getStatus()).name().equals("SUCCESS")) {
             return true;
         }
         return false;
     }
-
-    protected Challenge setCode(String code) {
-        setProperty(CODE, code);
-        return this;
-    }
 }

impl/src/main/java/com/stormpath/sdk/impl/challenge/DefaultCreateChallengeRequestBuilder.java

@@ -24,10 +24,10 @@
 /**
  * @since 1.1.0
  */
-public class DefaultCreateChallengeRequestBuilder<T extends Challenge> implements CreateChallengeRequestBuilder {
+public class DefaultCreateChallengeRequestBuilder<T extends Challenge> implements CreateChallengeRequestBuilder<T> {
 
-    private final T challenge;
-    private ChallengeOptions options;
+    protected final T challenge;
+    protected ChallengeOptions options;
 
     public DefaultCreateChallengeRequestBuilder(T challenge) {
         Assert.notNull(challenge, "Challenge can't be null.");

impl/src/main/java/com/stormpath/sdk/impl/challenge/google/DefaultGoogleAuthenticatorChallenge.java

@@ -27,7 +27,7 @@
 /**
  * @since 1.1.0
  */
-public class DefaultGoogleAuthenticatorChallenge extends AbstractChallenge<GoogleAuthenticatorFactor, GoogleAuthenticatorChallengeStatus> implements GoogleAuthenticatorChallenge{
+public class DefaultGoogleAuthenticatorChallenge extends AbstractChallenge<GoogleAuthenticatorFactor, GoogleAuthenticatorChallengeStatus> implements GoogleAuthenticatorChallenge {
 
     static final Map<String, Property> PROPERTY_DESCRIPTORS = AbstractChallenge.PROPERTY_DESCRIPTORS;
 
@@ -53,4 +53,9 @@ public GoogleAuthenticatorChallengeStatus getStatus() {
         }
         return GoogleAuthenticatorChallengeStatus.valueOf(value.toUpperCase());
     }
+
+    @Override
+    public void setCode(String code) {
+        setProperty(CODE, code);
+    }
 }

impl/src/main/java/com/stormpath/sdk/impl/challenge/google/DefaultGoogleAuthenticatorCreateChallengeRequest.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2017 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.stormpath.sdk.impl.challenge.google;
+
+import com.stormpath.sdk.challenge.Challenge;
+import com.stormpath.sdk.challenge.ChallengeOptions;
+import com.stormpath.sdk.challenge.google.GoogleAuthenticatorCreateChallengeRequest;
+import com.stormpath.sdk.impl.challenge.DefaultCreateChallengeRequest;
+
+/**
+ * @since 1.4.0
+ */
+public class DefaultGoogleAuthenticatorCreateChallengeRequest extends DefaultCreateChallengeRequest implements GoogleAuthenticatorCreateChallengeRequest {
+
+    public DefaultGoogleAuthenticatorCreateChallengeRequest(Challenge challenge, ChallengeOptions options) {
+        super(challenge, options);
+    }
+}