Search in sources :

Example 1 with SecurityQuestionAnswerDTO

use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.

the class PageSecurityQuestions method savePerformed.

private void savePerformed(final AjaxRequestTarget target) {
    int correctAnswers = 0;
    for (MyPasswordQuestionsPanel type : pqPanels) {
        List<SecurityQuestionAnswerDTO> userQuestionList = questions.getUserQuestionAnswers();
        if (userQuestionList != null) {
            for (SecurityQuestionAnswerDTO securityQuestionAnswerDTO : userQuestionList) {
                // TODO do this in a proper way, what is this.
                String results = StringEscapeUtils.unescapeHtml4(type.get(MyPasswordQuestionsPanel.ID_QUESTION).getDefaultModelObjectAsString());
                if (getQuestionIdentifierFromQuestion(results).trim().equalsIgnoreCase(securityQuestionAnswerDTO.getPwdQuestionIdentifier().trim())) {
                    if (((TextField<String>) type.get(MyPasswordQuestionsPanel.ID_ANSWER)).getModelObject().equalsIgnoreCase(securityQuestionAnswerDTO.getPwdAnswer())) {
                        correctAnswers++;
                    }
                }
            }
        }
    }
    if (questionNumber == correctAnswers) {
        getSession().removeAttribute(SESSION_ATTRIBUTE_POID);
        runPrivileged((Producer<Object>) () -> {
            resetPassword(user.asObjectable(), target);
            return null;
        });
    } else {
        warn(getString("pageSecurityQuestions.message.WrongAnswer"));
        target.add(getFeedbackPanel());
    }
}
Also used : SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO) MyPasswordQuestionsPanel(com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel) PrismObject(com.evolveum.midpoint.prism.PrismObject)

Example 2 with SecurityQuestionAnswerDTO

use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.

the class PageSecurityQuestions method createUsersSecurityQuestionsList.

private List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> user) {
    SecurityQuestionsCredentialsType credentialsPolicyType = user.asObjectable().getCredentials().getSecurityQuestions();
    if (credentialsPolicyType == null) {
        return null;
    }
    List<SecurityQuestionAnswerType> secQuestAnsList = credentialsPolicyType.getQuestionAnswer();
    if (secQuestAnsList != null) {
        List<SecurityQuestionAnswerDTO> secQuestAnsListDTO = new ArrayList<>();
        for (SecurityQuestionAnswerType securityQuestionAnswerType : secQuestAnsList) {
            Protector protector = getPrismContext().getDefaultProtector();
            String decoded = "";
            if (securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
                try {
                    decoded = protector.decryptString(securityQuestionAnswerType.getQuestionAnswer());
                } catch (EncryptionException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }
            }
            secQuestAnsListDTO.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), decoded));
        }
        return secQuestAnsListDTO;
    } else {
        return null;
    }
}
Also used : SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO) ArrayList(java.util.ArrayList) EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException) Protector(com.evolveum.midpoint.prism.crypto.Protector)

Example 3 with SecurityQuestionAnswerDTO

use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.

the class SecurityQuestionsPanel method executePasswordQuestionsAndAnswers.

/**
 * method for get existing questions and answer from user credentials
 *
 * @author oguzhan
 */
public List<SecurityQuestionAnswerDTO> executePasswordQuestionsAndAnswers(List<SecurityQuestionAnswerDTO> userQuestionList, List<SecurityQuestionDefinitionType> policyQuestionList, int panelNumber) {
    int userQuest = 0;
    LOGGER.debug("executePasswordQuestionsAndAnswers");
    List<SecurityQuestionAnswerDTO> secQuestionAnswer = new ArrayList<>();
    for (SecurityQuestionDefinitionType securityQuestionDefinitionType : policyQuestionList) {
        // user's question List loop to match the questions
        for (int i = userQuest; i < userQuestionList.size(); i++) {
            SecurityQuestionAnswerDTO dto = userQuestionList.get(i);
            if (dto.getPwdQuestionIdentifier().trim().compareTo(securityQuestionDefinitionType.getIdentifier().trim()) == 0) {
                SecurityQuestionAnswerDTO a = new SecurityQuestionAnswerDTO(dto.getPwdQuestionIdentifier(), dto.getPwdAnswer(), dto.getPwdQuestion());
                a = checkIfQuestionIsValidSingle(a, securityQuestionDefinitionType);
                secQuestionAnswer.add(a);
                panelNumber++;
                userQuest++;
                break;
            } else if (dto.getPwdQuestionIdentifier().trim().compareTo(securityQuestionDefinitionType.getIdentifier().trim()) != 0) {
                SecurityQuestionDefinitionType def = policyQuestionList.get(panelNumber);
                SecurityQuestionAnswerDTO a = new SecurityQuestionAnswerDTO(def.getIdentifier(), "", def.getQuestionText());
                a.setPwdQuestion(securityQuestionDefinitionType.getQuestionText());
                secQuestionAnswer.add(a);
                dto.setPwdQuestionIdentifier(securityQuestionDefinitionType.getIdentifier().trim());
                panelNumber++;
                userQuest++;
                break;
            }
        }
    }
    return secQuestionAnswer;
}
Also used : SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO) ArrayList(java.util.ArrayList)

Example 4 with SecurityQuestionAnswerDTO

use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.

the class SecurityQuestionsPanel method executeAddingQuestions.

/**
 * method for adding questions to user credentials
 *
 * @author oguzhan
 */
public List<SecurityQuestionAnswerDTO> executeAddingQuestions(int questionNumber, int panelNumber, List<SecurityQuestionDefinitionType> policyQuestionList) {
    LOGGER.debug("executeAddingQuestions");
    List<SecurityQuestionAnswerDTO> questionsAnswer = new ArrayList<>();
    for (int i = 0; i < questionNumber; i++) {
        SecurityQuestionDefinitionType def = policyQuestionList.get(panelNumber);
        SecurityQuestionAnswerDTO a = new SecurityQuestionAnswerDTO(def.getIdentifier(), "", def.getQuestionText());
        questionsAnswer.add(a);
        panelNumber++;
    }
    return questionsAnswer;
}
Also used : SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO) ArrayList(java.util.ArrayList)

Example 5 with SecurityQuestionAnswerDTO

use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.

the class SecurityQuestionsPanel method onSavePerformed.

public void onSavePerformed(AjaxRequestTarget target) {
    Task task = getPageBase().createSimpleTask(OPERATION_SAVE_QUESTIONS);
    OperationResult result = new OperationResult(OPERATION_SAVE_QUESTIONS);
    List<SecurityQuestionAnswerType> answerTypeList = new ArrayList<>();
    try {
        int listnum = 0;
        for (SecurityQuestionAnswerDTO answerDto : getModelObject().getActualQuestionAnswers()) {
            SecurityQuestionAnswerType answerType = new SecurityQuestionAnswerType();
            ProtectedStringType answer = new ProtectedStringType();
            if (StringUtils.isEmpty(answerDto.getPwdAnswer())) {
                // target.add(getPageBase().getFeedbackPanel());
                continue;
            }
            answer.setClearValue(answerDto.getPwdAnswer());
            if (!answer.isEncrypted()) {
                WebComponentUtil.encryptProtectedString(answer, true, getPageBase().getMidpointApplication());
            }
            answerType.setQuestionAnswer(answer);
            answerType.setQuestionIdentifier(answerDto.getPwdQuestionIdentifier());
            answerTypeList.add(answerType);
            listnum++;
        }
        // fill in answerType data here
        ItemPath path = ItemPath.create(UserType.F_CREDENTIALS, CredentialsType.F_SECURITY_QUESTIONS, SecurityQuestionsCredentialsType.F_QUESTION_ANSWER);
        String useroid = getModelObject().getFocusOid();
        ObjectDelta<UserType> objectDelta = getPrismContext().deltaFactory().object().createModificationReplaceContainer(UserType.class, useroid, path, answerTypeList.toArray(new SecurityQuestionAnswerType[answerTypeList.size()]));
        Collection<ObjectDelta<? extends ObjectType>> deltas = MiscSchemaUtil.createCollection(objectDelta);
        getPageBase().getModelService().executeChanges(deltas, null, task, result);
        success(getString("message.success"));
        target.add(getPageBase().getFeedbackPanel());
    } catch (Exception ex) {
        error(getString("message.error"));
        target.add(getPageBase().getFeedbackPanel());
        ex.printStackTrace();
    }
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ArrayList(java.util.ArrayList) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException) SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO) ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Aggregations

SecurityQuestionAnswerDTO (com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)13 ArrayList (java.util.ArrayList)8 EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)7 MyPasswordQuestionsPanel (com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel)5 Protector (com.evolveum.midpoint.prism.crypto.Protector)4 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)3 Task (com.evolveum.midpoint.task.api.Task)3 SecurityQuestionDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionDefinitionType)2 Iterator (java.util.Iterator)2 RestartResponseException (org.apache.wicket.RestartResponseException)2 Form (org.apache.wicket.markup.html.form.Form)2 LoadableModel (com.evolveum.midpoint.gui.api.model.LoadableModel)1 GuiProfiledPrincipal (com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)1 PrismObject (com.evolveum.midpoint.prism.PrismObject)1 ObjectDelta (com.evolveum.midpoint.prism.delta.ObjectDelta)1 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)1 MidpointForm (com.evolveum.midpoint.web.component.form.MidpointForm)1 PasswordQuestionsDto (com.evolveum.midpoint.web.page.admin.home.dto.PasswordQuestionsDto)1 CredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType)1 SecurityQuestionAnswerType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType)1