boolean verifyCode(String code, String requiredAction, String alternativeRequiredAction) {
if (!verifyCode(code)) {
return false;
} else if (!(clientCode.isValidAction(requiredAction)
|| clientCode.isValidAction(alternativeRequiredAction))) {
event.client(clientCode.getClientSession().getClient());
event.error(Errors.INVALID_CODE);
response = ErrorPage.error(session, Messages.INVALID_CODE);
return false;
} else if (!(clientCode.isActionActive(requiredAction)
|| clientCode.isActionActive(alternativeRequiredAction))) {
event.client(clientCode.getClientSession().getClient());
event.clone().error(Errors.EXPIRED_CODE);
if (clientCode
.getClientSession()
.getAction()
.equals(ClientSessionModel.Action.AUTHENTICATE.name())) {
AuthenticationProcessor.resetFlow(clientCode.getClientSession());
response =
processAuthentication(null, clientCode.getClientSession(), Messages.LOGIN_TIMEOUT);
} else {
if (clientCode.getClientSession().getUserSession() == null) {
session.sessions().removeClientSession(realm, clientCode.getClientSession());
}
response = ErrorPage.error(session, Messages.EXPIRED_CODE);
}
return false;
} else {
return true;
}
}
protected Response processFlow(
String execution,
ClientSessionModel clientSession,
String flowPath,
AuthenticationFlowModel flow,
String errorMessage) {
AuthenticationProcessor processor = new AuthenticationProcessor();
processor
.setClientSession(clientSession)
.setFlowPath(flowPath)
.setFlowId(flow.getId())
.setConnection(clientConnection)
.setEventBuilder(event)
.setProtector(authManager.getProtector())
.setRealm(realm)
.setSession(session)
.setUriInfo(uriInfo)
.setRequest(request);
if (errorMessage != null)
processor.setForwardedErrorMessage(new FormMessage(null, errorMessage));
try {
if (execution != null) {
return processor.authenticationAction(execution);
} else {
return processor.authenticate();
}
} catch (Exception e) {
return processor.handleBrowserException(e);
}
}