Created
March 22, 2024 16:22
-
-
Save NilukaSripalim/367deafcf8698af10b6d298fc2f2ec02 to your computer and use it in GitHub Desktop.
[WSO2][Asgardeo]This script ensures that only users authenticated via federation can access the application, providing an additional layer of security against unauthorized access attempts via username and password.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Adaptive script to allow access only via federation and block access via login and password | |
// Error page to redirect unauthorized users, | |
// can be either an absolute URL or relative URL to server root, or empty/null | |
// null/empty value will redirect to the default error page | |
var errorPage = ''; | |
// Additional query parameters to be added to the above URL. | |
// Hint: Use i18n keys for error messages | |
var errorPageParameters = { | |
'status': 'Unauthorized', | |
'statusMsg': 'Access only allowed via federation. Login with username and password is not permitted.' | |
}; | |
var onLoginRequest = function(context) { | |
executeStep(1, { | |
onSuccess: function(context) { | |
var authenticationStep = context.steps[1]; | |
// Check if the user authenticated via federation | |
if (authenticationStep.idp != 'LOCAL') { | |
// Allow access if authenticated via federation | |
// executeStep(2); | |
} else { | |
// Block access and redirect to an error page if authenticated via login/password | |
sendError(errorPage, errorPageParameters); | |
} | |
} | |
}); | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment