java.lang.Object
- io.mosip.kernel.auth.controller.AuthController

```
@CrossOrigin
@RestController
public class AuthController
extends Object
```
Controller APIs for Authentication and Authorization

Since:

1.0.0

Author:

Ramadurai Pandian

Constructor Summary

Constructors
Constructor Description

AuthController()

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method	Description
`ResponseWrapper<UserPasswordResponseDto>`	`addPassword(@Valid RequestWrapper<UserPasswordRequestDto> userPasswordRequestDto)`	Create a user account in Data Store
`ResponseWrapper<AuthNResponse>`	`authenticateUseridPwd(@Valid RequestWrapper<LoginUser> request, javax.servlet.http.HttpServletResponse res)`	Deprecated.
`ResponseWrapper<AuthZResponseDto>`	`changePassword(String appId, @Valid RequestWrapper<PasswordDto> passwordDto)`	This API will change the password of the particular user
`ResponseWrapper<AuthNResponse>`	`clientIdSecretKey(@Valid RequestWrapper<ClientSecret> clientSecretDto, javax.servlet.http.HttpServletResponse res)`	API to authenticate using clientId and secretKey clientSecretDto is of type `ClientSecretDto`
`ResponseWrapper<AuthNResponseDto>`	`getAllAuthTokens(@Valid RequestWrapper<LoginUserWithClientId> request, javax.servlet.http.HttpServletResponse res)`	Internal API used by syncdata delegate API
`ResponseWrapper<AuthNResponseDto>`	`getAllAuthTokensForOTP(@Valid RequestWrapper<UserOtp> request, javax.servlet.http.HttpServletResponse res)`	Internal API used by syncdata delegate API
`ResponseWrapper<RolesListDto>`	`getAllRoles(String appId)`
`ResponseWrapper<MosipUserListDto>`	`getListOfUsersDetails(RequestWrapper<UserDetailsRequestDto> userDetails, String appId)`
`ResponseWrapper<RIdDto>`	`getRId(String appId, String userId)`	This API will fetch RID based on appId and userId.
`ResponseWrapper<MosipUserDto>`	`getUserDetailBasedOnMobileNumber(String mobile, String appId)`
`ResponseWrapper<UserDetailsResponseDto>`	`getUserDetailBasedOnUserId(String appId, RequestWrapper<UserDetailsRequestDto> userDetails)`	Gets the user detail based on user id.
`ResponseWrapper<MosipUserSaltListDto>`	`getUserDetailsWithSalt(RequestWrapper<UserDetailsRequestDto> userDetails, String appId)`
`ResponseWrapper<AuthZResponseDto>`	`getUserName(String appId, String userId)`	Fetch username based on the user id.
`ResponseWrapper<UserNameDto>`	`getUsernameBasedOnMobileNumber(String mobile, String appId)`
`ResponseWrapper<UserRoleDto>`	`getUserRole(String appId, String userId)`
`ResponseWrapper<AuthNResponse>`	`invalidateToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse res)`	API to invalidate token when both refresh and auth token expires
`void`	`login(String state, String redirectURI, javax.servlet.http.HttpServletResponse res)`	Deprecated.
`void`	`loginRedirect(String redirectURI, String state, String sessionState, String code, String stateCookie, javax.servlet.http.HttpServletResponse res)`	Deprecated.
`ResponseWrapper<AuthResponseDto>`	`logoutUser(String token, javax.servlet.http.HttpServletResponse res)`
`ResponseWrapper<AuthNResponseDto>`	`refreshAuthToken(String appId, RefreshTokenRequest refreshTokenRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse res)`	Internal API used by syncdata delegate API
`ResponseWrapper<AuthNResponse>`	`refreshToken(String appId, RefreshTokenRequest refreshTokenRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse res)`	API to retry token when auth token expires
`ResponseWrapper<AuthZResponseDto>`	`resetPassword(String appId, @Valid RequestWrapper<PasswordDto> passwordDto)`	This API will reset the password of the particular user
`ResponseWrapper<AuthNResponse>`	`sendOTP(@Valid RequestWrapper<OtpUser> otpUserDto)`	API to send OTP otpUser is of type `OtpUser`
`ResponseWrapper<AuthNResponse>`	`userIdOTP(@Valid RequestWrapper<UserOtp> userOtpDto, javax.servlet.http.HttpServletResponse res)`	API to validate OTP with user Id userOtp is of type `UserOtp`
`ResponseWrapper<MosipUserDto>`	`validateAdminToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse res)`	API to validate token
`ResponseWrapper<MosipUserDto>`	`validateToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse res)`	API to validate token
`ResponseWrapper<ValidationResponseDto>`	`validateUserName(String userId, String appId)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- AuthController
```
public AuthController()
```

Method Detail

authenticateUseridPwd

@Deprecated
@ResponseFilter
@PostMapping("/authenticate/useridPwd")
public ResponseWrapper<AuthNResponse> authenticateUseridPwd(@RequestBody @Valid
                                                            @Valid RequestWrapper<LoginUser> request,
                                                            javax.servlet.http.HttpServletResponse res)
                                                     throws Exception

Deprecated.

API to authenticate using userName and password request is of type LoginUser

Returns:: ResponseEntity Cookie value with Auth token
Throws:: Exception

sendOTP

@ResponseFilter
@PostMapping("/authenticate/sendotp")
@ResponseStatus(OK)
public ResponseWrapper<AuthNResponse> sendOTP(@RequestBody @Valid
                                              @Valid RequestWrapper<OtpUser> otpUserDto)
                                       throws Exception

API to send OTP otpUser is of type OtpUser

Returns:: ResponseEntity with OTP Sent message
Throws:: Exception

userIdOTP

@ResponseFilter
@PostMapping("/authenticate/useridOTP")
public ResponseWrapper<AuthNResponse> userIdOTP(@RequestBody @Valid
                                                @Valid RequestWrapper<UserOtp> userOtpDto,
                                                javax.servlet.http.HttpServletResponse res)
                                         throws Exception

API to validate OTP with user Id userOtp is of type UserOtp

Returns:: ResponseEntity with Cookie value with Auth token
Throws:: Exception

clientIdSecretKey

@ResponseFilter
@PostMapping("/authenticate/clientidsecretkey")
public ResponseWrapper<AuthNResponse> clientIdSecretKey(@RequestBody @Valid
                                                        @Valid RequestWrapper<ClientSecret> clientSecretDto,
                                                        javax.servlet.http.HttpServletResponse res)
                                                 throws Exception

API to authenticate using clientId and secretKey clientSecretDto is of type ClientSecretDto

Returns:: ResponseEntity with Cookie value with Auth token
Throws:: Exception

validateToken

@ResponseFilter
@PostMapping("/authorize/validateToken")
public ResponseWrapper<MosipUserDto> validateToken(javax.servlet.http.HttpServletRequest request,
                                                   javax.servlet.http.HttpServletResponse res)
                                            throws AuthManagerException,
                                                   Exception

API to validate token

Returns:: ResponseEntity with MosipUserDto
Throws:: AuthManagerException; Exception

validateAdminToken

@ResponseFilter
@GetMapping("/authorize/admin/validateToken")
public ResponseWrapper<MosipUserDto> validateAdminToken(javax.servlet.http.HttpServletRequest request,
                                                        javax.servlet.http.HttpServletResponse res)

API to validate token

Returns:: ResponseEntity with MosipUserDto
Throws:: IOException; com.fasterxml.jackson.databind.JsonMappingException; com.fasterxml.jackson.core.JsonParseException

refreshToken

@ResponseFilter
@PostMapping("/authorize/refreshToken/{appid}")
public ResponseWrapper<AuthNResponse> refreshToken(@PathVariable("appid")
                                                   String appId,
                                                   @RequestBody
                                                   RefreshTokenRequest refreshTokenRequest,
                                                   javax.servlet.http.HttpServletRequest request,
                                                   javax.servlet.http.HttpServletResponse res)
                                            throws Exception

API to retry token when auth token expires

Returns:: ResponseEntity with MosipUserDto
Throws:: Exception

invalidateToken

@ResponseFilter
@PostMapping("/authorize/invalidateToken")
public ResponseWrapper<AuthNResponse> invalidateToken(javax.servlet.http.HttpServletRequest request,
                                                      javax.servlet.http.HttpServletResponse res)
                                               throws Exception

API to invalidate token when both refresh and auth token expires

Returns:: ResponseEntity with MosipUserDto
Throws:: Exception

getAllRoles

@ResponseFilter
@GetMapping("/roles/{appid}")
public ResponseWrapper<RolesListDto> getAllRoles(@PathVariable("appid")
                                                 String appId)
                                          throws Exception

Throws:: Exception

getListOfUsersDetails

@ResponseFilter
@PostMapping("/userdetails/{appid}")
public ResponseWrapper<MosipUserListDto> getListOfUsersDetails(@RequestBody
                                                               RequestWrapper<UserDetailsRequestDto> userDetails,
                                                               @PathVariable("appid")
                                                               String appId)
                                                        throws Exception

Throws:: Exception

getUserDetailsWithSalt

@ResponseFilter
@PostMapping("/usersaltdetails/{appid}")
public ResponseWrapper<MosipUserSaltListDto> getUserDetailsWithSalt(@RequestBody
                                                                    RequestWrapper<UserDetailsRequestDto> userDetails,
                                                                    @PathVariable("appid")
                                                                    String appId)
                                                             throws Exception

Throws:: Exception

getRId

@ResponseFilter
@GetMapping("rid/{appid}/{userid}")
public ResponseWrapper<RIdDto> getRId(@PathVariable("appid")
                                      String appId,
                                      @PathVariable("userid")
                                      String userId)
                               throws Exception

This API will fetch RID based on appId and userId.

Parameters:: appId - - application Id; userId - - user Id
Returns:: RIdDto
Throws:: Exception

getUserName

@ResponseFilter
@GetMapping("unblock/{appid}/{userid}")
public ResponseWrapper<AuthZResponseDto> getUserName(@PathVariable("appid")
                                                     String appId,
                                                     @PathVariable("userid")
                                                     String userId)
                                              throws Exception

Fetch username based on the user id.

Parameters:: appId - - application id; userId - - user id
Returns:: UserNameDto
Throws:: Exception - - exception is thrown if

changePassword

@ResponseFilter
@PostMapping("/changepassword/{appid}")
public ResponseWrapper<AuthZResponseDto> changePassword(@PathVariable("appid")
                                                        String appId,
                                                        @RequestBody @Valid
                                                        @Valid RequestWrapper<PasswordDto> passwordDto)
                                                 throws Exception

This API will change the password of the particular user

Parameters:: appId - - applicationId; passwordDto - - PasswordDto
Returns:: AuthZResponseDto
Throws:: Exception

resetPassword

@ResponseFilter
@PostMapping("/resetpassword/{appid}")
public ResponseWrapper<AuthZResponseDto> resetPassword(@PathVariable("appid")
                                                       String appId,
                                                       @RequestBody @Valid
                                                       @Valid RequestWrapper<PasswordDto> passwordDto)
                                                throws Exception

This API will reset the password of the particular user

Parameters:: appId - - applicationId; passwordDto - -PasswordDto
Returns:: AuthZResponseDto
Throws:: Exception

getUsernameBasedOnMobileNumber

@ResponseFilter
@GetMapping("/username/{appid}/{mobilenumber}")
public ResponseWrapper<UserNameDto> getUsernameBasedOnMobileNumber(@PathVariable("mobilenumber")
                                                                   String mobile,
                                                                   @PathVariable("appid")
                                                                   String appId)
                                                            throws Exception

Parameters:: mobile - - mobile number; appId - - applicationId
Returns:: UserNameDto
Throws:: Exception

addPassword

@ResponseFilter
@PostMapping("/user/addpassword")
public ResponseWrapper<UserPasswordResponseDto> addPassword(@RequestBody @Valid
                                                            @Valid RequestWrapper<UserPasswordRequestDto> userPasswordRequestDto)

Create a user account in Data Store

Parameters:: userCreationRequestDto - UserRegistrationRequestDto
Returns:: UserRegistrationResponseDto

getUserRole

@GetMapping("/role/{appId}/{userId}")
@ResponseFilter
public ResponseWrapper<UserRoleDto> getUserRole(@PathVariable("appId")
                                                String appId,
                                                @PathVariable("userId")
                                                String userId)
                                         throws Exception

Throws:: Exception

getUserDetailBasedOnMobileNumber

@ResponseFilter
@GetMapping("/userdetail/{appid}/{mobilenumber}")
public ResponseWrapper<MosipUserDto> getUserDetailBasedOnMobileNumber(@PathVariable("mobilenumber")
                                                                      String mobile,
                                                                      @PathVariable("appid")
                                                                      String appId)
                                                               throws Exception

Parameters:: mobile - - mobile number; appId - - applicationId
Returns:: MosipUserDto
Throws:: Exception

validateUserName

@ResponseFilter
@GetMapping("/validate/{appid}/{userid}")
public ResponseWrapper<ValidationResponseDto> validateUserName(@PathVariable("userid")
                                                               String userId,
                                                               @PathVariable("appid")
                                                               String appId)

Parameters:: mobile - - mobile number; appId - - applicationId
Returns:: MosipUserDto
Throws:: Exception

getUserDetailBasedOnUserId

@ResponseFilter
@PostMapping("/userdetail/regid/{appid}")
public ResponseWrapper<UserDetailsResponseDto> getUserDetailBasedOnUserId(@PathVariable("appid")
                                                                          String appId,
                                                                          @RequestBody
                                                                          RequestWrapper<UserDetailsRequestDto> userDetails)

Gets the user detail based on user id.

Parameters:: appId - the app id; userId - the user id
Returns:: UserDetailsDto

logoutUser

@ResponseFilter
@DeleteMapping("/logout/user")
public ResponseWrapper<AuthResponseDto> logoutUser(@CookieValue(value="Authorization",required=false)
                                                   String token,
                                                   javax.servlet.http.HttpServletResponse res)

Parameters:: req - - HttpServletRequest; res - - HttpServletResponse
Returns:: ResponseWrapper

login

@Deprecated
@GetMapping("/login/{redirectURI}")
public void login(@CookieValue("state")
                  String state,
                  @PathVariable("redirectURI")
                  String redirectURI,
                  javax.servlet.http.HttpServletResponse res)
           throws IOException

Deprecated.

Throws:: IOException

loginRedirect

@Deprecated
@GetMapping("/login-redirect/{redirectURI}")
public void loginRedirect(@PathVariable("redirectURI")
                          String redirectURI,
                          @RequestParam("state")
                          String state,
                          @RequestParam("session_state")
                          String sessionState,
                          @RequestParam("code")
                          String code,
                          @CookieValue("state")
                          String stateCookie,
                          javax.servlet.http.HttpServletResponse res)
                   throws IOException

Deprecated.

Throws:: IOException

getAllAuthTokens

@ResponseFilter
@PostMapping("/authenticate/internal/useridPwd")
public ResponseWrapper<AuthNResponseDto> getAllAuthTokens(@RequestBody @Valid
                                                          @Valid RequestWrapper<LoginUserWithClientId> request,
                                                          javax.servlet.http.HttpServletResponse res)
                                                   throws Exception

Internal API used by syncdata delegate API

Parameters:: request -; res -
Returns:
Throws:: Exception

getAllAuthTokensForOTP

@ResponseFilter
@PostMapping("/authenticate/internal/userotp")
public ResponseWrapper<AuthNResponseDto> getAllAuthTokensForOTP(@RequestBody @Valid
                                                                @Valid RequestWrapper<UserOtp> request,
                                                                javax.servlet.http.HttpServletResponse res)
                                                         throws Exception

Internal API used by syncdata delegate API

Parameters:: request -; res -
Returns:
Throws:: Exception

refreshAuthToken

@ResponseFilter
@PostMapping("/authorize/internal/refreshToken/{appid}")
public ResponseWrapper<AuthNResponseDto> refreshAuthToken(@PathVariable("appid")
                                                          String appId,
                                                          @RequestBody
                                                          RefreshTokenRequest refreshTokenRequest,
                                                          javax.servlet.http.HttpServletRequest request,
                                                          javax.servlet.http.HttpServletResponse res)
                                                   throws Exception

Internal API used by syncdata delegate API

Parameters:: appId -; refreshTokenRequest -; request -; res -
Returns:
Throws:: Exception

Class AuthController

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

AuthController

Method Detail

authenticateUseridPwd

sendOTP

userIdOTP

clientIdSecretKey

validateToken

validateAdminToken

refreshToken

invalidateToken

getAllRoles

getListOfUsersDetails

getUserDetailsWithSalt

getRId

getUserName

changePassword

resetPassword

getUsernameBasedOnMobileNumber

addPassword

getUserRole

getUserDetailBasedOnMobileNumber

validateUserName

getUserDetailBasedOnUserId

logoutUser

login

loginRedirect

getAllAuthTokens

getAllAuthTokensForOTP

refreshAuthToken