Search in sources :

Example 21 with AccountBO

use of com.nexblocks.authguard.service.model.AccountBO in project AuthGuard by AuthGuard.

the class VerificationServiceImpl method verifyEmail.

@Override
public void verifyEmail(final String verificationToken) {
    final AccountTokenDO accountToken = accountTokensRepository.getByToken(verificationToken).join().orElseThrow(() -> new ServiceNotFoundException(ErrorCode.TOKEN_EXPIRED_OR_DOES_NOT_EXIST, "AccountDO token " + verificationToken + " does not exist"));
    if (accountToken.getExpiresAt().isBefore(OffsetDateTime.now())) {
        throw new ServiceException(ErrorCode.EXPIRED_TOKEN, "Token " + verificationToken + " has expired");
    }
    final String verifiedEmail = Optional.ofNullable(accountToken.getAdditionalInformation()).map(additional -> additional.get(TARGET_EMAIL_PROPERTY)).orElseThrow(() -> new ServiceException(ErrorCode.INVALID_TOKEN, "Invalid account token: no valid additional information"));
    final AccountBO account = accountsService.getById(accountToken.getAssociatedAccountId()).orElseThrow(() -> new ServiceNotFoundException(ErrorCode.ACCOUNT_DOES_NOT_EXIST, "AccountDO " + accountToken.getAssociatedAccountId() + " does not exist"));
    final AccountBO updated;
    if (verifiedEmail.equals(account.getEmail().getEmail())) {
        updated = account.withEmail(account.getEmail().withVerified(true));
    } else if (verifiedEmail.equals(account.getBackupEmail().getEmail())) {
        updated = account.withBackupEmail(account.getBackupEmail().withVerified(true));
    } else {
        throw new ServiceException(ErrorCode.INVALID_TOKEN, "Account " + account.getId() + " does not contain the " + "email associated with the verification token");
    }
    accountsService.update(updated);
}
Also used : ErrorCode(com.nexblocks.authguard.service.exceptions.codes.ErrorCode) OffsetDateTime(java.time.OffsetDateTime) AccountsService(com.nexblocks.authguard.service.AccountsService) AccountBO(com.nexblocks.authguard.service.model.AccountBO) Inject(com.google.inject.Inject) ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException) Optional(java.util.Optional) AccountTokensRepository(com.nexblocks.authguard.dal.cache.AccountTokensRepository) ServiceNotFoundException(com.nexblocks.authguard.service.exceptions.ServiceNotFoundException) AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) VerificationService(com.nexblocks.authguard.service.VerificationService) AccountBO(com.nexblocks.authguard.service.model.AccountBO) ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException) AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) ServiceNotFoundException(com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)

Example 22 with AccountBO

use of com.nexblocks.authguard.service.model.AccountBO in project AuthGuard by AuthGuard.

the class EmailOtpSubscriber method onMessage.

@Override
public void onMessage(final Message message) {
    if (message.getEventType() == EventType.OTP_GENERATED) {
        final OtpMessageBody messageBody = (OtpMessageBody) message.getMessageBody();
        final AccountBO account = messageBody.getAccount();
        final OneTimePasswordBO otp = messageBody.getOtp();
        if (messageBody.isByEmail()) {
            sendEmail(account, otp);
        } else {
            LOG.warn("Email OTP subscriber is enabled but a OTP event was received not to be sent by email");
        }
    }
}
Also used : OtpMessageBody(com.nexblocks.authguard.basic.otp.OtpMessageBody) AccountBO(com.nexblocks.authguard.service.model.AccountBO) OneTimePasswordBO(com.nexblocks.authguard.service.model.OneTimePasswordBO)

Example 23 with AccountBO

use of com.nexblocks.authguard.service.model.AccountBO in project AuthGuard by AuthGuard.

the class EmailOtpSubscriberTest method onValidMessageNoEmail.

@Test
void onValidMessageNoEmail() {
    final OneTimePasswordBO otp = OneTimePasswordBO.builder().password("password").build();
    final AccountBO account = AccountBO.builder().build();
    final OtpMessageBody messageBody = new OtpMessageBody(otp, account, true, false);
    final Message message = Messages.otpGenerated(messageBody);
    otpSubscriber.onMessage(message);
    Mockito.verify(emailProvider, Mockito.never()).send(Mockito.any());
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) OtpMessageBody(com.nexblocks.authguard.basic.otp.OtpMessageBody) Message(com.nexblocks.authguard.emb.model.Message) OneTimePasswordBO(com.nexblocks.authguard.service.model.OneTimePasswordBO) Test(org.junit.jupiter.api.Test)

Example 24 with AccountBO

use of com.nexblocks.authguard.service.model.AccountBO in project AuthGuard by AuthGuard.

the class EmailOtpSubscriberTest method onValidMessage.

@Test
void onValidMessage() {
    final OneTimePasswordBO otp = OneTimePasswordBO.builder().password("password").build();
    final AccountBO account = AccountBO.builder().email(AccountEmailBO.builder().email("user@test.net").build()).firstName("first").lastName("second").build();
    final OtpMessageBody messageBody = new OtpMessageBody(otp, account, true, false);
    final Message message = Messages.otpGenerated(messageBody);
    final ImmutableEmail expectedEmail = ImmutableEmail.builder().template("otp").to(account.getEmail().getEmail()).parameters(ImmutableMap.of("password", otp.getPassword(), "firstName", account.getFirstName(), "lastName", account.getLastName())).build();
    otpSubscriber.onMessage(message);
    final ArgumentCaptor<ImmutableEmail> sentEmailCaptor = ArgumentCaptor.forClass(ImmutableEmail.class);
    Mockito.verify(emailProvider).send(sentEmailCaptor.capture());
    assertThat(sentEmailCaptor.getValue()).isEqualTo(expectedEmail);
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) OtpMessageBody(com.nexblocks.authguard.basic.otp.OtpMessageBody) Message(com.nexblocks.authguard.emb.model.Message) OneTimePasswordBO(com.nexblocks.authguard.service.model.OneTimePasswordBO) ImmutableEmail(com.nexblocks.authguard.external.email.ImmutableEmail) Test(org.junit.jupiter.api.Test)

Example 25 with AccountBO

use of com.nexblocks.authguard.service.model.AccountBO in project AuthGuard by AuthGuard.

the class EmailOtpSubscriberTest method onWrongMessageType.

@Test
void onWrongMessageType() {
    final OneTimePasswordBO otp = OneTimePasswordBO.builder().password("password").build();
    final AccountBO account = AccountBO.builder().email(AccountEmailBO.builder().email("user@test.net").build()).build();
    final OtpMessageBody messageBody = new OtpMessageBody(otp, account, true, false);
    final Message message = Messages.otpGenerated(messageBody).withEventType(EventType.ADMIN);
    otpSubscriber.onMessage(message);
    Mockito.verify(emailProvider, Mockito.never()).send(Mockito.any());
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) OtpMessageBody(com.nexblocks.authguard.basic.otp.OtpMessageBody) Message(com.nexblocks.authguard.emb.model.Message) OneTimePasswordBO(com.nexblocks.authguard.service.model.OneTimePasswordBO) Test(org.junit.jupiter.api.Test)

Aggregations

AccountBO (com.nexblocks.authguard.service.model.AccountBO)55 Test (org.junit.jupiter.api.Test)43 AccountTokenDO (com.nexblocks.authguard.dal.model.AccountTokenDO)21 Message (com.nexblocks.authguard.emb.model.Message)15 AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)15 OtpMessageBody (com.nexblocks.authguard.basic.otp.OtpMessageBody)8 PasswordlessMessageBody (com.nexblocks.authguard.basic.passwordless.PasswordlessMessageBody)8 OneTimePasswordBO (com.nexblocks.authguard.service.model.OneTimePasswordBO)8 ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)7 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)6 ImmutableTextMessage (com.nexblocks.authguard.external.sms.ImmutableTextMessage)6 RequestContextBO (com.nexblocks.authguard.service.model.RequestContextBO)6 ImmutableEmail (com.nexblocks.authguard.external.email.ImmutableEmail)5 JwtConfig (com.nexblocks.authguard.service.config.JwtConfig)5 StrategyConfig (com.nexblocks.authguard.service.config.StrategyConfig)5 ServiceException (com.nexblocks.authguard.service.exceptions.ServiceException)5 AuthRequestBO (com.nexblocks.authguard.service.model.AuthRequestBO)5 CreateAccountRequestDTO (com.nexblocks.authguard.api.dto.requests.CreateAccountRequestDTO)4 OtpConfig (com.nexblocks.authguard.basic.config.OtpConfig)4 CreateCompleteAccountRequestDTO (com.nexblocks.authguard.api.dto.requests.CreateCompleteAccountRequestDTO)3