Class CiClient

java.lang.Object
com.ibm.security.access.ciclient.CiClientBase
com.ibm.security.access.ciclient.CiClient

public class CiClient extends com.ibm.security.access.ciclient.CiClientBase
Convenience wrapper for the HTTP client to simplify/standardize CI requests.
  • Constructor Details

    • CiClient

      public CiClient()
  • Method Details

    • getAccessToken

      public static AccessToken getAccessToken(CiServerConnection connection)
      Fetches the IBM Verify Identity Access token for the configured CI Server Connection. This method first attempts to get the token from a LRU cache, and if the token is not in the cache, or has expired, a new token it retrieved.
      Parameters:
      connection - The CI Server Connection which contains details required for the access token flow, client ID and client secret.
      Returns:
      The AccessToken object.
    • getUser

      public static String getUser(CiServerConnection connection, String username)
      Fetches the IBM Verify user object as a JSON String. The user object will be in SCIM format.
      Parameters:
      connection - The CI Server Connection.
      username - The username of the CI user.
      Returns:
      A JSON String representation of the user.
    • getUser

      public static String getUser(CiServerConnection connection, String username, String locale)
      Fetches the IBM Verify user object as a JSON String. The user object will be in SCIM format.
      Parameters:
      connection - The CI Server Connection.
      username - The username of the CI user.
      locale - The locale to use in the Accept-Language header.
      Returns:
      A JSON String representation of the user.
    • basicAuthentication

      public static boolean basicAuthentication(CiServerConnection connection, String username, String password)
    • basicAuthentication

      public static boolean basicAuthentication(CiServerConnection connection, String username, String password, String locale)
      Performs username/password authentication against IBM Verify.
      Parameters:
      connection - The CI Server Connection.
      username - The username of the CI user.
      password - The password of the CI user.
      locale - The locale to use in the Accept-Language header.
      Returns:
      A boolean indicating if the authentication succeeded or failed.
    • registerAuthenticator

      public static HttpResponse registerAuthenticator(CiServerConnection connection, String json, boolean respAsJson)
      Registers an authenticator with IBM Verify. If respAsJson is true, then the qrcodeInResponse query string param will be set to true. This means the response from CI will be JSON with the base64 encoded QR code, rather than the default response which is the QR code as an image.
      Parameters:
      connection - The CI Server Connection.
      json - The authentication registration payload.
      respAsJson - A boolean indicating if the response should be JSON or an image.
      Returns:
      The HTTP response. Can be null if the request failed.
    • registerAuthenticator

      public static HttpResponse registerAuthenticator(CiServerConnection connection, String json, boolean respAsJson, String locale)
      Registers an authenticator with IBM Verify. If respAsJson is true, then the qrcodeInResponse query string param will be set to true. This means the response from CI will be JSON with the base64 encoded QR code, rather than the default response which is the QR code as an image.
      Parameters:
      connection - The CI Server Connection.
      json - The authentication registration payload.
      respAsJson - A boolean indicating if the response should be JSON or an image.
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • getAuthenticators

      public static HttpResponse getAuthenticators(CiServerConnection connection, String userId)
      Fetch all authenticators registered with userId set as the owner.
      Parameters:
      connection - The CI Server Connection.
      userId - The user's SCIM ID.
      Returns:
      The HTTP response. Can be null if the request failed.
    • getAuthenticators

      public static HttpResponse getAuthenticators(CiServerConnection connection, String userId, String locale)
      Fetch all authenticators that are owned by the provided SCIM user ID.
      Parameters:
      connection - The CI Server Connection.
      userId - The user's SCIM ID.
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • getAuthenticators

      public static HttpResponse getAuthenticators(CiServerConnection connection, String userId, String locale, String search)
      Fetch all authenticators that are owned by the provided SCIM user ID.
      Parameters:
      connection - The CI Server Connection.
      userId - The user's SCIM ID.
      locale - The locale to use in the Accept-Language header.
      search - The search parameters to apply to the request. Must be of the form attribute=value. For example: "enabled=true"
      Returns:
      The HTTP response. Can be null if the request failed.
    • getFactors

      public static HttpResponse getFactors(CiServerConnection connection, String search, String locale)
      Fetch a list of authentication factors based on an optional search string. If the search string is null, all factors across all users will be returned.
      Parameters:
      connection - The CI Server Connection.
      search - The search parameters to apply to the request. Must be of the form attribute=value. For example: 'userId="61200033O2"invalid input: '&validated'=true'
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • getFactor

      public static HttpResponse getFactor(CiServerConnection connection, String type, String id, String locale)
      Fetch a specific authentication factor with the given type and ID.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "totp", "emailotp", "smsotp", "fido2", etc.
      id - The ID of the authentication factor
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • enrollFactor

      public static HttpResponse enrollFactor(CiServerConnection connection, String type, String json, String queryParams, String locale)
      Enroll an authentication factor with provided type and JSON payload.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "totp", "emailotp", "smsotp", "fido2", etc.
      json - The JSON payload of the enrollment.
      queryParams - The query parameters to apply to the request. Must be of the form key=value. For example: 'qrCodeInResponse=true'
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • getFactorVerifications

      public static HttpResponse getFactorVerifications(CiServerConnection connection, String type, String id, String locale)
      Fetch a list of verifications for the provided authentication factor.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "emailotp", "smsotp", etc.
      id - The ID of the authentication factor
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • getFactorVerification

      public static HttpResponse getFactorVerification(CiServerConnection connection, String type, String id, String verificationId, String locale)
      Fetch a specific verification.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "emailotp", "smsotp", etc.
      id - The ID of the authentication factor
      verificationId - The ID of the verification
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • createFactorVerification

      public static HttpResponse createFactorVerification(CiServerConnection connection, String type, String id, String json, String locale)
      Create a verification for the specified enrollment.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "emailotp", "smsotp", etc.
      id - The ID of the authentication factor
      json - The JSON payload of the enrollment.
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • updateFactor

      public static HttpResponse updateFactor(CiServerConnection connection, String type, String id, String json, String locale)
      Update a specific authentication factor with the provided ID, type, and JSON payload.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "totp", "emailotp", "smsotp", "fido2", etc.
      id - The ID of the authentication factor
      json - The JSON payload of the enrollment.
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • deleteFactor

      public static HttpResponse deleteFactor(CiServerConnection connection, String type, String id, String locale)
      Delete a specific authentication factor with the provided ID and type.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "totp", "emailotp", "smsotp", "fido2", etc.
      id - The ID of the authentication factor
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • verifyTOTPFactor

      public static HttpResponse verifyTOTPFactor(CiServerConnection connection, String id, String json, String locale)
      Complete a TOTP verification with the provided OTP payload.
      Parameters:
      connection - The CI Server Connection.
      id - The ID of the authentication factor
      json - The JSON payload of the verification.
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • verifyFactor

      public static HttpResponse verifyFactor(CiServerConnection connection, String type, String id, String verificationId, String json, String locale)
      Complete a verification with the provided payload for a specific authentication factor.
      Parameters:
      connection - The CI Server Connection.
      type - The type of the authentication factor. For example "emailotp", "smsotp", etc.
      id - The ID of the authentication factor
      verificationId - The ID of the verification
      json - The JSON payload of the verification.
      locale - The locale to use in the Accept-Language header, or null if not required.
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.1.0
    • getFactors

      public static HttpResponse getFactors(CiServerConnection connection, String userId, String locale, String search)
      Deprecated.
      It is not recommended to use this method as it has the userId attribute hardcoded. Use getFactors(CiServerConnection, String, String) instead.
      Fetch the authentication factors that are owned by the provided SCIM user ID.
      Parameters:
      connection - The CI Server Connection.
      userId - The user's SCIM ID.
      locale - The locale to use in the Accept-Language header, or null if not required.
      search - The search parameters to apply to the request. Must be of the form attribute=value. For example: "validated=true"
      Returns:
      The HTTP response. Can be null if the request failed.
      Since:
      Verify Identity Access v10.0.0.0
    • getAuthenticator

      public static HttpResponse getAuthenticator(CiServerConnection connection, String id)
      Fetches a specific authenticator with the provided ID.
      Parameters:
      connection - The CI Server Connection.
      id - The ID of the authenticator
      Returns:
      The HTTP response. Can be null if the request failed.
    • getAuthenticator

      public static HttpResponse getAuthenticator(CiServerConnection connection, String id, String locale)
      Fetches a specific authenticator with the provided ID.
      Parameters:
      connection - The CI Server Connection.
      id - The ID of the authenticator
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • updateAuthenticator

      public static HttpResponse updateAuthenticator(CiServerConnection connection, String id, String json)
      Update an authenticator with the provided JSON payload.
      Parameters:
      connection - The CI Server Connection.
      id - The ID of the authenticator
      json - The updated JSON payload of the authenticator.
      Returns:
      The HTTP response. Can be null if the request failed.
    • updateAuthenticator

      public static HttpResponse updateAuthenticator(CiServerConnection connection, String id, String json, String locale)
      Update an authenticator with the provided JSON payload.
      Parameters:
      connection - The CI Server Connection.
      id - The ID of the authenticator
      json - The updated JSON payload of the authenticator.
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • deleteAuthenticator

      public static HttpResponse deleteAuthenticator(CiServerConnection connection, String id)
      Delete the authenticator with the provided ID.
      Parameters:
      connection - The CI Server Connection.
      id - The ID of the authenticator
      Returns:
      The HTTP response. Can be null if the request failed.
    • deleteAuthenticator

      public static HttpResponse deleteAuthenticator(CiServerConnection connection, String id, String locale)
      Delete the authenticator with the provided ID.
      Parameters:
      connection - The CI Server Connection.
      id - The ID of the authenticator
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • createTransaction

      public static HttpResponse createTransaction(CiServerConnection connection, String authenticatorId, String json)
      Create an IBM Verify transaction.
      Parameters:
      connection - The CI Server Connection.
      authenticatorId - The ID of the authenticator
      json - The JSON payload of the transaction.
      Returns:
      The HTTP response. Can be null if the request failed.
    • createTransaction

      public static HttpResponse createTransaction(CiServerConnection connection, String authenticatorId, String json, String locale)
      Create an IBM Verify transaction.
      Parameters:
      connection - The CI Server Connection.
      authenticatorId - The ID of the authenticator
      json - The JSON payload of the transaction.
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • getTransactions

      public static HttpResponse getTransactions(CiServerConnection connection, String authenticatorId)
      Fetch all transactions for the provided authenticator ID.
      Parameters:
      connection - The CI Server Connection.
      authenticatorId - The ID of the authenticator
      Returns:
      The HTTP response. Can be null if the request failed.
    • getTransactions

      public static HttpResponse getTransactions(CiServerConnection connection, String authenticatorId, String locale)
      Fetch all transactions for the provided authenticator ID.
      Parameters:
      connection - The CI Server Connection.
      authenticatorId - The ID of the authenticator
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • getTransaction

      public static HttpResponse getTransaction(CiServerConnection connection, String authenticatorId, String id)
      Fetch a specific transaction for the provided authenticator ID.
      Parameters:
      connection - The CI Server Connection.
      authenticatorId - The ID of the authenticator
      transactionId - The ID of the transaction
      Returns:
      The HTTP response. Can be null if the request failed.
    • getTransaction

      public static HttpResponse getTransaction(CiServerConnection connection, String authenticatorId, String transactionId, String locale)
      Fetch a specific transaction for the provided authenticator ID.
      Parameters:
      connection - The CI Server Connection.
      authenticatorId - The ID of the authenticator
      transactionId - The ID of the transaction
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Can be null if the request failed.
    • getRequest

      public static HttpResponse getRequest(CiServerConnection connection, String url)
      Generic CI get method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to GET
      Returns:
      The HTTP response. Null if invalid URL or no response.
    • getRequest

      public static HttpResponse getRequest(CiServerConnection connection, String url, String locale)
      Generic CI get method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to GET
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Null if invalid URL or no response.
    • postRequest

      public static HttpResponse postRequest(CiServerConnection connection, String url, String json)
      Generic CI POST method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to POST
      json - The JSON payload.
      Returns:
      The HTTP response. Null if invalid URL or no response.
    • postRequest

      public static HttpResponse postRequest(CiServerConnection connection, String url, String json, String locale)
      Generic CI POST method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to POST
      json - The JSON payload.
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Null if invalid URL or no response.
    • putRequest

      public static HttpResponse putRequest(CiServerConnection connection, String url, String json)
      Generic CI PUT method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to PUT
      json - The JSON payload.
      Returns:
      The HTTP response. Null if invalid URL or no response.
    • putRequest

      public static HttpResponse putRequest(CiServerConnection connection, String url, String json, String locale)
      Generic CI PUT method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to PUT
      json - The JSON payload.
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Null if invalid URL or no response.
    • deleteRequest

      public static HttpResponse deleteRequest(CiServerConnection connection, String url)
      Generic CI DELETE method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to DELETE
      Returns:
      The HTTP response. Null if invalid URL or no response.
    • deleteRequest

      public static HttpResponse deleteRequest(CiServerConnection connection, String url, String locale)
      Generic CI DELETE method.
      Parameters:
      connection - The CI Server Connection.
      url - The URL to DELETE
      locale - The locale to use in the Accept-Language header.
      Returns:
      The HTTP response. Null if invalid URL or no response.