Mfa multitenancy

src/main/java/io/supertokens/pluginInterface/mfa/MfaFirstFactors.java

@@ -0,0 +1,114 @@
+/*
+ *    Copyright (c) 2023, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.mfa;
+
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonPrimitive;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+public class MfaFirstFactors {
+    private static final Set<String> BUILT_IN_FACTORS = Set.of(
+        "emailpassword",
+        "thirdparty",
+        "otp-email",
+        "otp-phone",
+        "link-email",
+        "link-phone"
+    );
+
+    public final String[] builtIn;
+    public final String[] custom;
+
+    public MfaFirstFactors(String[] builtIn, String[] custom) {
+        this.builtIn = builtIn == null ? new String[0] : builtIn;
+        this.custom = custom == null ? new String[0] : custom;
+    }
+
+    public JsonElement toJson() {
+        JsonArray result = new JsonArray();
+        for (String factor : builtIn) {
+            result.add(new JsonPrimitive(factor));
+        }
+
+        for (String factor : custom) {
+            JsonObject customFactor = new JsonObject();
+            customFactor.addProperty("type", "custom");
+            customFactor.addProperty("id", factor);
+            result.add(customFactor);
+        }
+
+        return result;
+    }
+
+    public static MfaFirstFactors fromJson(JsonElement input) {
+        List<String> builtIn = new ArrayList<>();
+        List<String> custom = new ArrayList<>();
+
+        if (!input.isJsonArray()) throw new IllegalArgumentException("Input must be a json array");
+
+        for (JsonElement elem : input.getAsJsonArray()) {
+            if (elem.isJsonPrimitive()) {
+                String factor = elem.getAsString();
+                if (BUILT_IN_FACTORS.contains(factor)) {
+                    builtIn.add(factor);
+                } else {
+                    throw new IllegalArgumentException("Factor " + factor + " is not a built-in factor");
+                }
+            } else if (elem.isJsonObject()) {
+                JsonObject factor = elem.getAsJsonObject();
+                if (factor.has("type") && factor.get("type").getAsString().equals("custom")) {
+                    String factorStr = factor.get("id").getAsString();
+                    if (BUILT_IN_FACTORS.contains(factorStr)) {
+                        throw new IllegalArgumentException("Factor " + factorStr + " cannot be used as a custom factor");
+                    }
+                    custom.add(factorStr);
+                } else {
+                    throw new IllegalArgumentException("Invalid custom factor in the input");
+                }
+            }
+        }
+
+        return new MfaFirstFactors(
+            builtIn.toArray(new String[0]),
+            custom.toArray(new String[0])
+        );
+    }
+
+    public boolean equals(Object other) {
+        if (!(other instanceof MfaFirstFactors)) {
+            return false;
+        }
+
+        MfaFirstFactors otherMfaFirstFactors = (MfaFirstFactors) other;
+
+        Set<String> thisFactors = new HashSet<>();
+        thisFactors.addAll(Set.of(this.builtIn));
+        thisFactors.addAll(Set.of(this.custom));
+
+        Set<String> otherFactors = new HashSet<>();
+        otherFactors.addAll(Set.of(otherMfaFirstFactors.builtIn));
+        otherFactors.addAll(Set.of(otherMfaFirstFactors.custom));
+
+        return thisFactors.equals(otherFactors);
+    }
+}

src/main/java/io/supertokens/pluginInterface/multitenancy/MfaConfig.java

@@ -0,0 +1,45 @@
+/*
+ *    Copyright (c) 2023, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.multitenancy;
+
+import io.supertokens.pluginInterface.mfa.MfaFirstFactors;
+
+import java.util.HashSet;
+import java.util.Set;
+
+public class MfaConfig {
+    public final MfaFirstFactors firstFactors;
+    public final String[] defaultRequiredFactors;
+
+    public MfaConfig(MfaFirstFactors firstFactors, String[] defaultRequiredFactors) {
+        this.firstFactors = firstFactors == null ? new MfaFirstFactors(null, null) : firstFactors;
+        this.defaultRequiredFactors = defaultRequiredFactors == null ? new String[0] : defaultRequiredFactors;
+    }
+
+    @Override
+    public boolean equals(Object other) {
+        if (other instanceof MfaConfig) {
+            MfaConfig otherMfaConfig = (MfaConfig) other;
+
+            Set<String> thisdefaultRequiredFactors = Set.of(this.defaultRequiredFactors);
+            Set<String> otherdefaultRequiredFactors = Set.of(otherMfaConfig.defaultRequiredFactors);
+
+            return this.firstFactors.equals(otherMfaConfig.firstFactors) && thisdefaultRequiredFactors.equals(otherdefaultRequiredFactors);
+        }
+        return false;
+    }
+}

src/main/java/io/supertokens/pluginInterface/multitenancy/TenantConfig.java

@@ -17,9 +17,11 @@
 package io.supertokens.pluginInterface.multitenancy;
 
 import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
 import com.google.gson.JsonObject;
 import com.google.gson.annotations.SerializedName;
 import io.supertokens.pluginInterface.Storage;
+import io.supertokens.pluginInterface.mfa.MfaFirstFactors;
 
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
@@ -41,27 +43,46 @@ public class TenantConfig {
     @SerializedName("passwordless")
     public final PasswordlessConfig passwordlessConfig;
 
+    @Nonnull
+    @SerializedName("totp")
+    public final TotpConfig totpConfig;
+
+    @Nonnull
+    @SerializedName("mfa")
+    public final MfaConfig mfaConfig;
+
     @Nonnull
     public final JsonObject coreConfig;
 
     public TenantConfig(@Nonnull TenantIdentifier tenantIdentifier, @Nonnull EmailPasswordConfig emailPasswordConfig,
                         @Nonnull ThirdPartyConfig thirdPartyConfig,
-                        @Nonnull PasswordlessConfig passwordlessConfig, @Nullable JsonObject coreConfig) {
+                        @Nonnull PasswordlessConfig passwordlessConfig,
+                        @Nonnull TotpConfig totpConfig,
+                        @Nonnull MfaConfig mfaConfig,
+                        @Nullable JsonObject coreConfig) {
         this.tenantIdentifier = tenantIdentifier;
         this.coreConfig = coreConfig == null ? new JsonObject() : coreConfig;
         this.emailPasswordConfig = emailPasswordConfig;
         this.passwordlessConfig = passwordlessConfig;
         this.thirdPartyConfig = thirdPartyConfig;
+        this.totpConfig = totpConfig;
+        this.mfaConfig = mfaConfig;
     }
 
     public TenantConfig(TenantConfig other) {
         // copy constructor, that does a deep copy
-        Gson gson = new Gson();
         this.tenantIdentifier = new TenantIdentifier(other.tenantIdentifier.getConnectionUriDomain(), other.tenantIdentifier.getAppId(), other.tenantIdentifier.getTenantId());
-        this.coreConfig = gson.fromJson(other.coreConfig.toString(), JsonObject.class);
+        this.coreConfig = new Gson().fromJson(other.coreConfig.toString(), JsonObject.class);
         this.emailPasswordConfig = new EmailPasswordConfig(other.emailPasswordConfig.enabled);
         this.passwordlessConfig = new PasswordlessConfig(other.passwordlessConfig.enabled);
-        this.thirdPartyConfig = gson.fromJson(gson.toJsonTree(other.thirdPartyConfig).getAsJsonObject(), ThirdPartyConfig.class);
+        this.thirdPartyConfig = new ThirdPartyConfig(other.thirdPartyConfig.enabled, other.thirdPartyConfig.providers.clone());
+        this.totpConfig = new TotpConfig(other.totpConfig.enabled);
+        this.mfaConfig = new MfaConfig(
+                new MfaFirstFactors(
+                        other.mfaConfig.firstFactors.builtIn.clone(),
+                        other.mfaConfig.firstFactors.custom.clone()
+                ),
+                other.mfaConfig.defaultRequiredFactors.clone());
     }
 
     public boolean deepEquals(TenantConfig other) {
@@ -72,6 +93,8 @@ public boolean deepEquals(TenantConfig other) {
                 this.emailPasswordConfig.equals(other.emailPasswordConfig) &&
                 this.passwordlessConfig.equals(other.passwordlessConfig) &&
                 this.thirdPartyConfig.equals(other.thirdPartyConfig) &&
+                this.totpConfig.equals(other.totpConfig) &&
+                this.mfaConfig.equals(other.mfaConfig) &&
                 this.coreConfig.equals(other.coreConfig);
     }
 
@@ -93,6 +116,7 @@ public JsonObject toJson(boolean shouldProtectDbConfig, Storage storage, String[
         Gson gson = new Gson();
         JsonObject tenantConfigObject = gson.toJsonTree(this).getAsJsonObject();
         tenantConfigObject.addProperty("tenantId", this.tenantIdentifier.getTenantId());
+        tenantConfigObject.get("mfa").getAsJsonObject().add("firstFactors", this.mfaConfig.firstFactors.toJson());
 
         if (shouldProtectDbConfig) {
             String[] protectedConfigs = storage.getProtectedConfigsFromSuperTokensSaaSUsers();

src/main/java/io/supertokens/pluginInterface/multitenancy/ThirdPartyConfig.java

@@ -21,8 +21,7 @@
 
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
-import java.util.Arrays;
-import java.util.Objects;
+import java.util.*;
 
 public class ThirdPartyConfig {
     public final boolean enabled;
@@ -108,11 +107,10 @@ public boolean equals(Object other) {
             if (other instanceof Provider) {
                 Provider otherProvider = (Provider) other;
                 return otherProvider.thirdPartyId.equals(this.thirdPartyId) &&
-                        otherProvider.name.equals(this.name) &&
-                        Arrays.equals(otherProvider.clients, this.clients) &&
+                        Objects.equals(otherProvider.name, this.name) &&
+                        unorderedArrayEquals(otherProvider.clients, this.clients) &&
                         Objects.equals(otherProvider.authorizationEndpoint, this.authorizationEndpoint) &&
-                        Objects.equals(otherProvider.authorizationEndpointQueryParams,
-                                this.authorizationEndpointQueryParams) &&
+                        Objects.equals(otherProvider.authorizationEndpointQueryParams, this.authorizationEndpointQueryParams) &&
                         Objects.equals(otherProvider.tokenEndpoint, this.tokenEndpoint) &&
                         Objects.equals(otherProvider.tokenEndpointBodyParams, this.tokenEndpointBodyParams) &&
                         Objects.equals(otherProvider.userInfoEndpoint, this.userInfoEndpoint) &&
@@ -225,12 +223,42 @@ public boolean equals(Object other) {
         }
     }
 
+    public static boolean unorderedArrayEquals(Object[] array1, Object[] array2) {
+        Set<Object> items1 = Set.of(array1);
+        Set<Object> items2 = new HashSet<>();
+        items2.addAll(Arrays.asList(array2));
+
+
+        if (items1.size() != items2.size()) return false;
+
+        for (Object p1 : items1) {
+            boolean found = false;
+            for (Object p2 : items2) {
+                if (p1.equals(p2)) {
+                    found = true;
+                    break;
+                }
+            }
+
+            if (!found) {
+                return false;
+            } else {
+                items2.remove(p1);
+            }
+        }
+
+        return true;
+    }
+
     @Override
     public boolean equals(Object other) {
         if (other instanceof ThirdPartyConfig) {
             ThirdPartyConfig otherThirdPartyConfig = (ThirdPartyConfig) other;
+
+
             return otherThirdPartyConfig.enabled == this.enabled &&
-                    Arrays.equals(otherThirdPartyConfig.providers, this.providers);
+                    unorderedArrayEquals(this.providers, otherThirdPartyConfig.providers);
+
         }
         return false;
     }

src/main/java/io/supertokens/pluginInterface/multitenancy/TotpConfig.java

@@ -0,0 +1,34 @@
+/*
+ *    Copyright (c) 2023, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.multitenancy;
+
+public class TotpConfig {
+    public boolean enabled;
+
+    public TotpConfig(boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    @Override
+    public boolean equals(Object other) {
+        if (other instanceof TotpConfig) {
+            TotpConfig otherTotpConfig = (TotpConfig) other;
+            return otherTotpConfig.enabled == this.enabled;
+        }
+        return false;
+    }
+}