Example 11 with AccountTokenDO
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class ActionTokenServiceImpl method generateFromOtp.
@Override
public Try<ActionTokenBO> generateFromOtp(final String passwordId, final String otp, final String action) {
final String otpToken = passwordId + ":" + otp;
final Either<Exception, Optional<AccountBO>> otpResult = otpVerifier.verifyAccountToken(otpToken).map(accountsService::getById);
if (otpResult.isLeft()) {
return Try.failure(otpResult.getLeft());
}
final AccountBO account = otpResult.get().orElse(null);
if (account == null) {
return Try.failure(new ServiceException(ErrorCode.ACCOUNT_DOES_NOT_EXIST, "The account associated with that OTP no longer exists"));
}
final AccountTokenDO token = generateToken(account, action);
return Try.success(ActionTokenBO.builder().accountId(account.getId()).token(token.getToken()).validFor(TOKEN_LIFETIME.toSeconds()).build());
}
Also used :
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
Optional(java.util.Optional)
ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)
Example 12 with AccountTokenDO
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class CredentialsServiceImpl method resetPasswordByToken.
@Override
public Optional<CredentialsBO> resetPasswordByToken(final String token, final String plainPassword) {
final AccountTokenDO accountToken = accountTokensRepository.getByToken(token).join().orElseThrow(() -> new ServiceNotFoundException(ErrorCode.TOKEN_EXPIRED_OR_DOES_NOT_EXIST, "AccountDO token " + token + " does not exist"));
if (accountToken.getExpiresAt().isBefore(OffsetDateTime.now())) {
throw new ServiceException(ErrorCode.EXPIRED_TOKEN, "Token " + token + " has expired");
}
final String credentialsId = Optional.ofNullable(accountToken.getAdditionalInformation()).map(m -> m.get("credentialsId")).orElseThrow(() -> new ServiceException(ErrorCode.INVALID_TOKEN, "Reset token was not mapped to any credentials"));
return updatePassword(credentialsId, plainPassword);
}
Also used :
ServiceMapper(com.nexblocks.authguard.service.mappers.ServiceMapper)
MessageBus(com.nexblocks.authguard.emb.MessageBus)
CryptographicRandom(com.nexblocks.authguard.service.random.CryptographicRandom)
Inject(com.google.inject.Inject)
CredentialsRepository(com.nexblocks.authguard.dal.persistence.CredentialsRepository)
CredentialsDO(com.nexblocks.authguard.dal.model.CredentialsDO)
ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)
ServiceNotFoundException(com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)
ResetTokenMessage(com.nexblocks.authguard.service.messaging.ResetTokenMessage)
CredentialsService(com.nexblocks.authguard.service.CredentialsService)
ArrayList(java.util.ArrayList)
AccountsService(com.nexblocks.authguard.service.AccountsService)
Duration(java.time.Duration)
ServiceConflictException(com.nexblocks.authguard.service.exceptions.ServiceConflictException)
com.nexblocks.authguard.basic.passwords(com.nexblocks.authguard.basic.passwords)
IdempotencyService(com.nexblocks.authguard.service.IdempotencyService)
ErrorCode(com.nexblocks.authguard.service.exceptions.codes.ErrorCode)
ImmutableMap(com.google.common.collect.ImmutableMap)
Set(java.util.Set)
AccountTokensRepository(com.nexblocks.authguard.dal.cache.AccountTokensRepository)
com.nexblocks.authguard.service.model(com.nexblocks.authguard.service.model)
Collectors(java.util.stream.Collectors)
Messages(com.nexblocks.authguard.emb.Messages)
CredentialsAuditRepository(com.nexblocks.authguard.dal.persistence.CredentialsAuditRepository)
List(java.util.List)
OffsetDateTime(java.time.OffsetDateTime)
Optional(java.util.Optional)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
ID(com.nexblocks.authguard.service.util.ID)
ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
ServiceNotFoundException(com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)
Example 13 with AccountTokenDO
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class CredentialsServiceImpl method generateResetToken.
@Override
public PasswordResetTokenBO generateResetToken(final String identifier, final boolean returnToken, final String domain) {
final CredentialsBO credentials = getByUsername(identifier, domain).orElseThrow(() -> new ServiceNotFoundException(ErrorCode.CREDENTIALS_DOES_NOT_EXIST, "Unknown identifier"));
final AccountBO account = accountsService.getById(credentials.getAccountId()).orElseThrow(() -> new ServiceException(ErrorCode.ACCOUNT_DOES_NOT_EXIST, "Credentials found for the identifier but no account was associated with it. This could be the " + "result of deleting an account without deleting its credentials"));
final OffsetDateTime now = OffsetDateTime.now();
final AccountTokenDO accountToken = AccountTokenDO.builder().id(ID.generate()).token(cryptographicRandom.base64Url(RESET_TOKEN_SIZE)).associatedAccountId(account.getId()).additionalInformation(ImmutableMap.of("credentialsId", credentials.getId())).expiresAt(now.plus(TOKEN_LIFETIME)).build();
accountTokensRepository.save(accountToken).join();
messageBus.publish(CREDENTIALS_CHANNEL, Messages.resetTokenGenerated(new ResetTokenMessage(account, accountToken)));
return PasswordResetTokenBO.builder().token(returnToken ? accountToken.getToken() : null).issuedAt(now.toEpochSecond()).expiresAt(accountToken.getExpiresAt().toEpochSecond()).build();
}
Also used :
ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)
OffsetDateTime(java.time.OffsetDateTime)
ServiceNotFoundException(com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
ResetTokenMessage(com.nexblocks.authguard.service.messaging.ResetTokenMessage)
Example 14 with AccountTokenDO
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class VerificationServiceImpl method verifyEmail.
@Override
public void verifyEmail(final String verificationToken) {
final AccountTokenDO accountToken = accountTokensRepository.getByToken(verificationToken).join().orElseThrow(() -> new ServiceNotFoundException(ErrorCode.TOKEN_EXPIRED_OR_DOES_NOT_EXIST, "AccountDO token " + verificationToken + " does not exist"));
if (accountToken.getExpiresAt().isBefore(OffsetDateTime.now())) {
throw new ServiceException(ErrorCode.EXPIRED_TOKEN, "Token " + verificationToken + " has expired");
}
final String verifiedEmail = Optional.ofNullable(accountToken.getAdditionalInformation()).map(additional -> additional.get(TARGET_EMAIL_PROPERTY)).orElseThrow(() -> new ServiceException(ErrorCode.INVALID_TOKEN, "Invalid account token: no valid additional information"));
final AccountBO account = accountsService.getById(accountToken.getAssociatedAccountId()).orElseThrow(() -> new ServiceNotFoundException(ErrorCode.ACCOUNT_DOES_NOT_EXIST, "AccountDO " + accountToken.getAssociatedAccountId() + " does not exist"));
final AccountBO updated;
if (verifiedEmail.equals(account.getEmail().getEmail())) {
updated = account.withEmail(account.getEmail().withVerified(true));
} else if (verifiedEmail.equals(account.getBackupEmail().getEmail())) {
updated = account.withBackupEmail(account.getBackupEmail().withVerified(true));
} else {
throw new ServiceException(ErrorCode.INVALID_TOKEN, "Account " + account.getId() + " does not contain the " + "email associated with the verification token");
}
accountsService.update(updated);
}
Also used :
ErrorCode(com.nexblocks.authguard.service.exceptions.codes.ErrorCode)
OffsetDateTime(java.time.OffsetDateTime)
AccountsService(com.nexblocks.authguard.service.AccountsService)
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
Inject(com.google.inject.Inject)
ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)
Optional(java.util.Optional)
AccountTokensRepository(com.nexblocks.authguard.dal.cache.AccountTokensRepository)
ServiceNotFoundException(com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
VerificationService(com.nexblocks.authguard.service.VerificationService)
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
ServiceNotFoundException(com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)
Example 15 with AccountTokenDO
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class EmailPasswordlessSubscriberTest method onValidMessage.
@Test
void onValidMessage() {
final AccountTokenDO accountToken = AccountTokenDO.builder().token("token").build();
final AccountBO account = AccountBO.builder().email(AccountEmailBO.builder().email("user@test.net").build()).firstName("first").lastName("second").build();
final PasswordlessMessageBody messageBody = new PasswordlessMessageBody(accountToken, account);
final Message message = Messages.passwordlessGenerated(messageBody);
final ImmutableEmail expectedEmail = ImmutableEmail.builder().template("passwordless").to(account.getEmail().getEmail()).parameters(ImmutableMap.of("token", accountToken.getToken(), "firstName", account.getFirstName(), "lastName", account.getLastName())).build();
emailPasswordlessSubscriber.onMessage(message);
final ArgumentCaptor<ImmutableEmail> sentEmailCaptor = ArgumentCaptor.forClass(ImmutableEmail.class);
Mockito.verify(emailProvider).send(sentEmailCaptor.capture());
assertThat(sentEmailCaptor.getValue()).isEqualTo(expectedEmail);
}
Also used :
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
Message(com.nexblocks.authguard.emb.model.Message)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
ImmutableEmail(com.nexblocks.authguard.external.email.ImmutableEmail)
PasswordlessMessageBody(com.nexblocks.authguard.basic.passwordless.PasswordlessMessageBody)
Test(org.junit.jupiter.api.Test)
Aggregations
AccountTokenDO (com.nexblocks.authguard.dal.model.AccountTokenDO)36
Test (org.junit.jupiter.api.Test)22
AccountBO (com.nexblocks.authguard.service.model.AccountBO)21
Message (com.nexblocks.authguard.emb.model.Message)9
PasswordlessMessageBody (com.nexblocks.authguard.basic.passwordless.PasswordlessMessageBody)8
ServiceException (com.nexblocks.authguard.service.exceptions.ServiceException)8
AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)7
AccountTokensRepository (com.nexblocks.authguard.dal.cache.AccountTokensRepository)6
AuthRequestBO (com.nexblocks.authguard.service.model.AuthRequestBO)6
ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)5
ResetTokenMessage (com.nexblocks.authguard.service.messaging.ResetTokenMessage)5
OffsetDateTime (java.time.OffsetDateTime)5
ImmutableEmail (com.nexblocks.authguard.external.email.ImmutableEmail)4
ImmutableTextMessage (com.nexblocks.authguard.external.sms.ImmutableTextMessage)3
ServiceNotFoundException (com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)3
ActionTokenBO (com.nexblocks.authguard.service.model.ActionTokenBO)3
Optional (java.util.Optional)3
Inject (com.google.inject.Inject)2
AccountsService (com.nexblocks.authguard.service.AccountsService)2
ErrorCode (com.nexblocks.authguard.service.exceptions.codes.ErrorCode)2
