Search in sources :

Example 6 with SecurityQuestionAnswerType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType in project midpoint by Evolveum.

the class TestSecurityQuestionsAuthenticationEvaluator method getSecurityQuestionAnswer.

private SecurityQuestionAnswerType getSecurityQuestionAnswer() {
    SecurityQuestionAnswerType questionAnswer = new SecurityQuestionAnswerType();
    questionAnswer.setQuestionIdentifier(SECURITY_QUESTION_ID);
    ProtectedStringType protectedString = new ProtectedStringType();
    protectedString.setClearValue(SECURITY_QUESTION_GOOD_ANSWER_GUYBRUSH);
    questionAnswer.setQuestionAnswer(protectedString);
    return questionAnswer;
}
Also used : SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)

Example 7 with SecurityQuestionAnswerType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType in project midpoint by Evolveum.

the class PageMyPasswordQuestions method createUsersSecurityQuestionsList.

public List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> user) {
    LOGGER.debug("Security Questions Loading for user: " + user.getOid());
    if (user.asObjectable().getCredentials() != null && user.asObjectable().getCredentials().getSecurityQuestions() != null) {
        List<SecurityQuestionAnswerType> secQuestAnsList = user.asObjectable().getCredentials().getSecurityQuestions().getQuestionAnswer();
        if (secQuestAnsList != null) {
            LOGGER.debug("User SecurityQuestion ANswer List is Not null");
            List<SecurityQuestionAnswerDTO> secQuestAnswListDTO = new ArrayList<SecurityQuestionAnswerDTO>();
            for (Iterator iterator = secQuestAnsList.iterator(); iterator.hasNext(); ) {
                SecurityQuestionAnswerType securityQuestionAnswerType = (SecurityQuestionAnswerType) iterator.next();
                Protector protector = getPrismContext().getDefaultProtector();
                String decoded = "";
                if (securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
                    try {
                        decoded = protector.decryptString(securityQuestionAnswerType.getQuestionAnswer());
                    } catch (EncryptionException e) {
                        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't decrypt user answer", e);
                    }
                }
                //LOGGER.debug("SecAnswerIdentifier:"+securityQuestionAnswerType.getQuestionIdentifier());
                secQuestAnswListDTO.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), decoded));
            }
            return secQuestAnswListDTO;
        }
    }
    return null;
}
Also used : SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException) SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType) Protector(com.evolveum.midpoint.prism.crypto.Protector)

Example 8 with SecurityQuestionAnswerType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType in project midpoint by Evolveum.

the class SecurityQuestionAuthneticationEvaluatorImpl method passwordMatches.

@Override
protected boolean passwordMatches(ConnectionEnvironment connEnv, MidPointPrincipal principal, SecurityQuestionsCredentialsType passwordType, SecurityQuestionsAuthenticationContext authCtx) {
    SecurityQuestionsCredentialsPolicyType policy = authCtx.getPolicy();
    Integer iNumberOfQuestions = policy.getQuestionNumber();
    int numberOfQuestions = 0;
    if (iNumberOfQuestions != null) {
        numberOfQuestions = iNumberOfQuestions.intValue();
    }
    Map<String, String> enteredQuestionsAnswers = authCtx.getQuestionAnswerMap();
    if (numberOfQuestions > enteredQuestionsAnswers.size()) {
        return false;
    }
    List<SecurityQuestionAnswerType> quetionsAnswers = passwordType.getQuestionAnswer();
    int matched = 0;
    for (SecurityQuestionAnswerType questionAnswer : quetionsAnswers) {
        String enteredAnswer = enteredQuestionsAnswers.get(questionAnswer.getQuestionIdentifier());
        if (StringUtils.isNotBlank(enteredAnswer)) {
            if (decryptAndMatch(connEnv, principal, questionAnswer.getQuestionAnswer(), enteredAnswer)) {
                matched++;
            }
        }
    }
    return matched > 0 && matched >= numberOfQuestions;
}
Also used : SecurityQuestionsCredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType) SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType)

Aggregations

SecurityQuestionAnswerType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType)8 EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)3 SecurityQuestionsCredentialsType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType)3 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)3 ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)3 Iterator (java.util.Iterator)3 Protector (com.evolveum.midpoint.prism.crypto.Protector)2 SecurityQuestionAnswerDTO (com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)2 ArrayList (java.util.ArrayList)2 SecurityQuestionsAuthenticationContext (com.evolveum.midpoint.model.api.context.SecurityQuestionsAuthenticationContext)1 PrismObject (com.evolveum.midpoint.prism.PrismObject)1 ObjectDelta (com.evolveum.midpoint.prism.delta.ObjectDelta)1 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)1 SchemaRegistry (com.evolveum.midpoint.prism.schema.SchemaRegistry)1 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)1 Task (com.evolveum.midpoint.task.api.Task)1 MyPasswordQuestionsPanel (com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel)1 CredentialsType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType)1 ObjectType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType)1 SecurityQuestionDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionDefinitionType)1