Search in sources :

Example 6 with ResponseSet

use of com.novell.ldapchai.cr.ResponseSet in project pwm by pwm-project.

the class RestChallengesServer method doFormGetChallengeData.

@RestMethodHandler(method = HttpMethod.GET, produces = HttpContentType.json)
public RestResultBean doFormGetChallengeData(final RestRequest restRequest) throws PwmUnrecoverableException {
    final boolean answers = restRequest.readParameterAsBoolean("answers");
    final boolean helpdesk = restRequest.readParameterAsBoolean("helpdesk");
    final String username = restRequest.readParameterAsString(FIELD_USERNAME, PwmHttpRequestWrapper.Flag.BypassValidation);
    try {
        if (answers && !restRequest.getPwmApplication().getConfig().readSettingAsBoolean(PwmSetting.ENABLE_WEBSERVICES_READANSWERS)) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "retrieval of answers is not permitted"));
        }
        final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
        // gather data
        final ResponseSet responseSet;
        final ChallengeSet challengeSet;
        final ChallengeSet helpdeskChallengeSet;
        final String outputUsername;
        final ChaiUser chaiUser = targetUserIdentity.getChaiUser();
        final Locale userLocale = restRequest.getLocale();
        final CrService crService = restRequest.getPwmApplication().getCrService();
        responseSet = crService.readUserResponseSet(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), chaiUser);
        final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), chaiUser, userLocale);
        final ChallengeProfile challengeProfile = crService.readUserChallengeProfile(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), chaiUser, passwordPolicy, userLocale);
        challengeSet = challengeProfile.getChallengeSet();
        helpdeskChallengeSet = challengeProfile.getHelpdeskChallengeSet();
        outputUsername = targetUserIdentity.getUserIdentity().toDelimitedKey();
        // build output
        final JsonChallengesData jsonData = new JsonChallengesData();
        {
            jsonData.username = outputUsername;
            if (responseSet != null) {
                jsonData.challenges = responseSet.asChallengeBeans(answers);
                if (helpdesk) {
                    jsonData.helpdeskChallenges = responseSet.asHelpdeskChallengeBeans(answers);
                }
                jsonData.minimumRandoms = responseSet.getChallengeSet().getMinRandomRequired();
            }
            final Policy policy = new Policy();
            if (challengeSet != null) {
                policy.challenges = challengesToBeans(challengeSet.getChallenges());
                policy.minimumRandoms = challengeSet.getMinRandomRequired();
            }
            if (helpdeskChallengeSet != null && helpdesk) {
                policy.helpdeskChallenges = challengesToBeans(helpdeskChallengeSet.getChallenges());
            }
            if (policy.challenges != null || policy.helpdeskChallenges != null) {
                jsonData.policy = policy;
            }
        }
        // update statistics
        StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_CHALLENGES);
        return RestResultBean.withData(jsonData);
    } catch (ChaiException e) {
        final String errorMsg = "unexpected error building json response: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
        return RestResultBean.fromError(restRequest, errorInformation);
    }
}
Also used : Locale(java.util.Locale) PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy) ChallengeSet(com.novell.ldapchai.cr.ChallengeSet) ChallengeProfile(password.pwm.config.profile.ChallengeProfile) ResponseSet(com.novell.ldapchai.cr.ResponseSet) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) CrService(password.pwm.util.operations.CrService) ErrorInformation(password.pwm.error.ErrorInformation) ChaiUser(com.novell.ldapchai.ChaiUser) PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy) ChaiException(com.novell.ldapchai.exception.ChaiException) RestMethodHandler(password.pwm.ws.server.RestMethodHandler)

Example 7 with ResponseSet

use of com.novell.ldapchai.cr.ResponseSet in project pwm by pwm-project.

the class ExportResponsesCommand method doCommand.

@Override
void doCommand() throws Exception {
    final PwmApplication pwmApplication = cliEnvironment.getPwmApplication();
    final File outputFile = (File) cliEnvironment.getOptions().get(CliParameters.REQUIRED_NEW_OUTPUT_FILE.getName());
    JavaHelper.pause(2000);
    final long startTime = System.currentTimeMillis();
    final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
    final SearchConfiguration searchConfiguration = SearchConfiguration.builder().enableValueEscaping(false).username("*").build();
    final String systemRecordDelimiter = System.getProperty("line.separator");
    final Writer writer = new BufferedWriter(new PrintWriter(outputFile, PwmConstants.DEFAULT_CHARSET.toString()));
    final Map<UserIdentity, Map<String, String>> results = userSearchEngine.performMultiUserSearch(searchConfiguration, Integer.MAX_VALUE, Collections.emptyList(), SessionLabel.SYSTEM_LABEL);
    out("searching " + results.size() + " users for stored responses to write to " + outputFile.getAbsolutePath() + "....");
    int counter = 0;
    for (final UserIdentity identity : results.keySet()) {
        final ChaiUser user = pwmApplication.getProxiedChaiUser(identity);
        final ResponseSet responseSet = pwmApplication.getCrService().readUserResponseSet(null, identity, user);
        if (responseSet != null) {
            counter++;
            out("found responses for '" + user + "', writing to output.");
            final RestChallengesServer.JsonChallengesData outputData = new RestChallengesServer.JsonChallengesData();
            outputData.challenges = responseSet.asChallengeBeans(true);
            outputData.helpdeskChallenges = responseSet.asHelpdeskChallengeBeans(true);
            outputData.minimumRandoms = responseSet.getChallengeSet().minimumResponses();
            outputData.username = identity.toDelimitedKey();
            writer.write(JsonUtil.serialize(outputData));
            writer.write(systemRecordDelimiter);
        } else {
            out("skipping '" + user.toString() + "', no stored responses.");
        }
    }
    writer.close();
    out("output complete, " + counter + " responses exported in " + TimeDuration.fromCurrent(startTime).asCompactString());
}
Also used : PwmApplication(password.pwm.PwmApplication) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) ResponseSet(com.novell.ldapchai.cr.ResponseSet) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) BufferedWriter(java.io.BufferedWriter) ChaiUser(com.novell.ldapchai.ChaiUser) RestChallengesServer(password.pwm.ws.server.rest.RestChallengesServer) File(java.io.File) Map(java.util.Map) PrintWriter(java.io.PrintWriter) BufferedWriter(java.io.BufferedWriter) Writer(java.io.Writer) PrintWriter(java.io.PrintWriter)

Example 8 with ResponseSet

use of com.novell.ldapchai.cr.ResponseSet in project pwm by pwm-project.

the class DbCrOperator method readResponseSet.

public ResponseSet readResponseSet(final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID) throws PwmUnrecoverableException {
    if (userGUID == null || userGUID.length() < 1) {
        final String errorMsg = "user " + theUser.getEntryDN() + " does not have a guid, unable to search for responses in remote database";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_GUID, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    }
    try {
        final DatabaseAccessor databaseAccessor = pwmApplication.getDatabaseService().getAccessor();
        final String responseStringBlob = databaseAccessor.get(DatabaseTable.PWM_RESPONSES, userGUID);
        if (responseStringBlob != null && responseStringBlob.length() > 0) {
            final ResponseSet userResponseSet = ChaiResponseSet.parseChaiResponseSetXML(responseStringBlob, theUser);
            LOGGER.debug("found responses for " + theUser.getEntryDN() + " in remote database: " + userResponseSet.toString());
            return userResponseSet;
        } else {
            LOGGER.trace("user guid for " + theUser.getEntryDN() + " not found in remote database (key=" + userGUID + ")");
        }
    } catch (ChaiValidationException e) {
        final String errorMsg = "unexpected error reading responses for " + theUser.getEntryDN() + " from remote database: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    } catch (PwmOperationalException e) {
        final String errorMsg = "unexpected error reading responses for " + theUser.getEntryDN() + " from remote database: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(e.getErrorInformation().getError(), errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    }
    return null;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) ChaiValidationException(com.novell.ldapchai.exception.ChaiValidationException) ChaiResponseSet(com.novell.ldapchai.cr.ChaiResponseSet) ResponseSet(com.novell.ldapchai.cr.ResponseSet) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) DatabaseAccessor(password.pwm.util.db.DatabaseAccessor) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 9 with ResponseSet

use of com.novell.ldapchai.cr.ResponseSet in project pwm by pwm-project.

the class LocalDbCrOperator method readResponseSet.

public ResponseSet readResponseSet(final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID) throws PwmUnrecoverableException {
    if (userGUID == null || userGUID.length() < 1) {
        final String errorMsg = "unable to read guid for user " + userIdentity.toString() + ", unable to search for responses in LocalDB";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_GUID, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    }
    if (localDB == null) {
        final String errorMsg = "LocalDB is not available, unable to search for user responses";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_LOCALDB_UNAVAILABLE, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    }
    try {
        final String responseStringBlob = localDB.get(LocalDB.DB.RESPONSE_STORAGE, userGUID);
        if (responseStringBlob != null && responseStringBlob.length() > 0) {
            final ResponseSet userResponseSet = ChaiResponseSet.parseChaiResponseSetXML(responseStringBlob, theUser);
            LOGGER.debug("found user responses in LocalDB: " + userResponseSet.toString());
            return userResponseSet;
        }
    } catch (LocalDBException e) {
        final String errorMsg = "unexpected LocalDB error reading responses: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    } catch (ChaiException e) {
        final String errorMsg = "unexpected chai error reading responses from LocalDB: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    }
    return null;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) ChaiResponseSet(com.novell.ldapchai.cr.ChaiResponseSet) ResponseSet(com.novell.ldapchai.cr.ResponseSet) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) LocalDBException(password.pwm.util.localdb.LocalDBException) ChaiException(com.novell.ldapchai.exception.ChaiException)

Example 10 with ResponseSet

use of com.novell.ldapchai.cr.ResponseSet in project pwm by pwm-project.

the class RestVerifyResponsesServer method doSetChallengeDataJson.

@RestMethodHandler(method = HttpMethod.POST, consumes = HttpContentType.json, produces = HttpContentType.json)
public RestResultBean doSetChallengeDataJson(final RestRequest restRequest) throws IOException, PwmUnrecoverableException {
    final Instant startTime = Instant.now();
    final JsonPutChallengesInput jsonInput = RestUtility.deserializeJsonBody(restRequest, JsonPutChallengesInput.class);
    final String username = RestUtility.readValueFromJsonAndParam(jsonInput.getUsername(), restRequest.readParameterAsString("username", PwmHttpRequestWrapper.Flag.BypassValidation), "username");
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
    LOGGER.debug(restRequest.getSessionLabel(), "beginning /verifyresponses REST service against " + (targetUserIdentity.isSelf() ? "self" : targetUserIdentity.getUserIdentity().toDisplayString()));
    try {
        final ResponseSet responseSet = restRequest.getPwmApplication().getCrService().readUserResponseSet(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiUser());
        final boolean verified = responseSet.test(jsonInput.toCrMap());
        final RestResultBean restResultBean = RestResultBean.forSuccessMessage(verified, restRequest, Message.Success_Unknown);
        LOGGER.debug(restRequest.getSessionLabel(), "completed /verifyresponses REST service in " + TimeDuration.fromCurrent(startTime).asCompactString() + ", response: " + JsonUtil.serialize(restResultBean));
        return restResultBean;
    } catch (ChaiUnavailableException e) {
        throw PwmUnrecoverableException.fromChaiException(e);
    }
}
Also used : ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) Instant(java.time.Instant) ResponseSet(com.novell.ldapchai.cr.ResponseSet) RestResultBean(password.pwm.ws.server.RestResultBean) RestMethodHandler(password.pwm.ws.server.RestMethodHandler)

Aggregations

ResponseSet (com.novell.ldapchai.cr.ResponseSet)11 ErrorInformation (password.pwm.error.ErrorInformation)7 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)7 ChaiUser (com.novell.ldapchai.ChaiUser)4 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)4 ChaiValidationException (com.novell.ldapchai.exception.ChaiValidationException)4 ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)3 ChaiException (com.novell.ldapchai.exception.ChaiException)3 PwmApplication (password.pwm.PwmApplication)3 UserIdentity (password.pwm.bean.UserIdentity)3 ChaiResponseSet (com.novell.ldapchai.cr.ChaiResponseSet)2 Locale (java.util.Locale)2 ForgottenPasswordBean (password.pwm.http.bean.ForgottenPasswordBean)2 UserInfo (password.pwm.ldap.UserInfo)2 RestMethodHandler (password.pwm.ws.server.RestMethodHandler)2 Challenge (com.novell.ldapchai.cr.Challenge)1 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)1 NmasResponseSet (com.novell.ldapchai.impl.edir.NmasResponseSet)1 BufferedWriter (java.io.BufferedWriter)1 File (java.io.File)1