20 Developing Custom Challenge Processors 20-1 20 Developing Custom Challenge Processors The OAAM Server provides a challenge processor framework that allows for custom implementations of challenge mechanisms. This chapter contains the following sections: ■ What are Challenge Processors ■ Code Challenge Processors ■ Define the Delivery Channel Types for the Challenge Processors ■ Configure User Input Properties ■ Configure the Challenge Pads Used for Challenge Types

20.1 What are Challenge Processors

A challenge processor is java code that implements the ChallengeProcessorIntf interface or extends the AbstractChallengeProcessor class. Challenge processors can be created to perform the following tasks for a challenge: ■ Generate challenge secret password to send to the user. ■ Validate the user answer ■ Control delivery wait page if needed ■ Check if delivery service is available if needed For example, to use SMS, you must implement a method for generating the secret PIN and checking the status of the send and the class that is called for by a challenge type.

20.2 Code Challenge Processors

This section contains information on the challenge processor class and methods to implement. An implementation example is also provided for your reference.

20.2.1 Class

To implement a challenge processor, you will need to extend the following class: com.bharosa.uio.processor.challenge.AbstractChallengeProcessor Later, you will compile the code by adding oaam.jar from ORACLE_IDM_ HOME\oaam\cli\lib folder to the build classpath. 20-2 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager For instructions on customizing, extending, or overriding Oracle Adaptive Access Manager properties, refer to Chapter 7, Customizing Oracle Adaptive Access Manager.

20.2.2 Methods

The methods used in a challenge processor are listed in the sections following.

20.2.3 Example: Email Challenge Processor Implementation

An implementation of the email challenge processor is shown as follows: package oracle.oaam.challenge.processor.challenge; import com.bharosa.common.util.; import com.bharosa.uio.util.UIOUtil; import com.bharosa.uio.util.UIOSessionData; import com.bharosa.common.logger.Logger; import java.io.Serializable; Email Challenge Processor - provides OTP Code generation, delivery and validation public class EmailChallengeProcessor extends com.bharosa.uio.processor.challenge.AbstractOTPChallengeProcessor implements Serializable{ static Logger logger = Logger.getLoggerEmailChallengeProcessor.class; public EmailChallengeProcessor { } Generates OTP Code and stores it in sessionData param sessionData data object available for the session param isRetry boolean value if method was called as a result of a failed answer attempt return protected boolean generateSecretUIOSessionData sessionData, boolean isRety { String otpCode = sessionData.getOTPCode; Table 20–1 Challenge Processor Methods Methods Description protected boolean generateSecretUIOSessionData sessionData, boolean isRetry This method is used to generate code to send to client protected boolean validateAnswerUIOSessionData sessionData, String answer This method is used to validate the user answer. public String checkDeliveryStatusUIOSessionData sessionData, boolean userWaiting, boolean isRetry This method is used if you want to provide a wait until message is sent. public boolean isServiceAvailableUIOSessionData sessionData This method is used to check if external service is available.