use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType in project midpoint by Evolveum.
the class TestSecurityQuestionsAuthenticationEvaluator method getSecurityQuestionAnswer.
private SecurityQuestionAnswerType getSecurityQuestionAnswer() {
SecurityQuestionAnswerType questionAnswer = new SecurityQuestionAnswerType();
questionAnswer.setQuestionIdentifier(SECURITY_QUESTION_ID);
ProtectedStringType protectedString = new ProtectedStringType();
protectedString.setClearValue(SECURITY_QUESTION_GOOD_ANSWER_GUYBRUSH);
questionAnswer.setQuestionAnswer(protectedString);
return questionAnswer;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType in project midpoint by Evolveum.
the class PageMyPasswordQuestions method createUsersSecurityQuestionsList.
public List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> user) {
LOGGER.debug("Security Questions Loading for user: " + user.getOid());
if (user.asObjectable().getCredentials() != null && user.asObjectable().getCredentials().getSecurityQuestions() != null) {
List<SecurityQuestionAnswerType> secQuestAnsList = user.asObjectable().getCredentials().getSecurityQuestions().getQuestionAnswer();
if (secQuestAnsList != null) {
LOGGER.debug("User SecurityQuestion ANswer List is Not null");
List<SecurityQuestionAnswerDTO> secQuestAnswListDTO = new ArrayList<SecurityQuestionAnswerDTO>();
for (Iterator iterator = secQuestAnsList.iterator(); iterator.hasNext(); ) {
SecurityQuestionAnswerType securityQuestionAnswerType = (SecurityQuestionAnswerType) iterator.next();
Protector protector = getPrismContext().getDefaultProtector();
String decoded = "";
if (securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
try {
decoded = protector.decryptString(securityQuestionAnswerType.getQuestionAnswer());
} catch (EncryptionException e) {
LoggingUtils.logUnexpectedException(LOGGER, "Couldn't decrypt user answer", e);
}
}
//LOGGER.debug("SecAnswerIdentifier:"+securityQuestionAnswerType.getQuestionIdentifier());
secQuestAnswListDTO.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), decoded));
}
return secQuestAnswListDTO;
}
}
return null;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType in project midpoint by Evolveum.
the class SecurityQuestionAuthneticationEvaluatorImpl method passwordMatches.
@Override
protected boolean passwordMatches(ConnectionEnvironment connEnv, MidPointPrincipal principal, SecurityQuestionsCredentialsType passwordType, SecurityQuestionsAuthenticationContext authCtx) {
SecurityQuestionsCredentialsPolicyType policy = authCtx.getPolicy();
Integer iNumberOfQuestions = policy.getQuestionNumber();
int numberOfQuestions = 0;
if (iNumberOfQuestions != null) {
numberOfQuestions = iNumberOfQuestions.intValue();
}
Map<String, String> enteredQuestionsAnswers = authCtx.getQuestionAnswerMap();
if (numberOfQuestions > enteredQuestionsAnswers.size()) {
return false;
}
List<SecurityQuestionAnswerType> quetionsAnswers = passwordType.getQuestionAnswer();
int matched = 0;
for (SecurityQuestionAnswerType questionAnswer : quetionsAnswers) {
String enteredAnswer = enteredQuestionsAnswers.get(questionAnswer.getQuestionIdentifier());
if (StringUtils.isNotBlank(enteredAnswer)) {
if (decryptAndMatch(connEnv, principal, questionAnswer.getQuestionAnswer(), enteredAnswer)) {
matched++;
}
}
}
return matched > 0 && matched >= numberOfQuestions;
}
Aggregations