Search in sources :

Example 1 with ScaleJSPasswordRequest

use of com.tremolosecurity.scalejs.password.data.ScaleJSPasswordRequest in project OpenUnison by TremoloSecurity.

the class ScalePassword method doFilter.

@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
    Gson gson = new Gson();
    request.getServletRequest().setAttribute("com.tremolosecurity.unison.proxy.noRedirectOnError", "com.tremolosecurity.unison.proxy.noRedirectOnError");
    if (request.getRequestURI().endsWith("/password/config")) {
        response.setContentType("application/json");
        ScalePasswordUser ssru = new ScalePasswordUser();
        ssru.setConfig(scaleConfig);
        AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
        Attribute displayNameAttribute = userData.getAttribs().get(this.scaleConfig.getDisplayNameAttribute());
        if (displayNameAttribute != null) {
            ssru.setDisplayName(displayNameAttribute.getValues().get(0));
        } else {
            ssru.setDisplayName("Unknown");
        }
        ScaleJSUtils.addCacheHeaders(response);
        response.getWriter().println(gson.toJson(ssru).trim());
    } else if (request.getMethod().equalsIgnoreCase("POST") && request.getRequestURI().endsWith("/password/submit")) {
        AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
        String json = new String((byte[]) request.getAttribute(ProxySys.MSG_BODY));
        ScaleJSPasswordRequest sr = gson.fromJson(json, ScaleJSPasswordRequest.class);
        ScaleError errors = new ScaleError();
        if (sr.getPassword1() == null || sr.getPassword2() == null) {
            errors.getErrors().add("Passwords are missing");
        } else if (!sr.getPassword1().equals(sr.getPassword2())) {
            errors.getErrors().add("Passwords do not match");
        } else {
            List<String> valErrors = this.validator.validate(sr.getPassword1(), userData);
            if (valErrors != null && !valErrors.isEmpty()) {
                errors.getErrors().addAll(valErrors);
            }
            if (errors.getErrors().isEmpty()) {
                ConfigManager cfgMgr = GlobalEntries.getGlobalEntries().getConfigManager();
                WFCall wfCall = new WFCall();
                wfCall.setName(this.scaleConfig.getWorkflowName());
                wfCall.setReason(this.scaleConfig.getReason());
                wfCall.setUidAttributeName(this.scaleConfig.getUidAttribute());
                if (this.scaleConfig.isRunSynchronously()) {
                    wfCall.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_SYNC);
                } else {
                    wfCall.getRequestParams().put(ProvisioningParams.UNISON_EXEC_TYPE, ProvisioningParams.UNISON_EXEC_ASYNC);
                }
                TremoloUser tu = new TremoloUser();
                tu.setUid(userData.getAttribs().get(this.scaleConfig.getUidAttribute()).getValues().get(0));
                tu.getAttributes().add(new Attribute(this.scaleConfig.getUidAttribute(), userData.getAttribs().get(this.scaleConfig.getUidAttribute()).getValues().get(0)));
                tu.setUserPassword(sr.getPassword1());
                wfCall.setUser(tu);
                try {
                    com.tremolosecurity.provisioning.workflow.ExecuteWorkflow exec = new com.tremolosecurity.provisioning.workflow.ExecuteWorkflow();
                    exec.execute(wfCall, GlobalEntries.getGlobalEntries().getConfigManager());
                } catch (Exception e) {
                    logger.error("Could not update user", e);
                    if (this.scaleConfig.isRunSynchronously()) {
                        errors.getErrors().add("Unable to set your password, make sure it meets with complexity requirements");
                    } else {
                        errors.getErrors().add("Please contact your system administrator");
                    }
                }
            }
        }
        if (errors.getErrors().size() > 0) {
            response.setStatus(500);
            response.getWriter().print(gson.toJson(errors).trim());
            response.getWriter().flush();
        }
    }
}
Also used : AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) WFCall(com.tremolosecurity.provisioning.service.util.WFCall) Attribute(com.tremolosecurity.saml.Attribute) Gson(com.google.gson.Gson) ScalePasswordUser(com.tremolosecurity.scalejs.password.data.ScalePasswordUser) ScaleError(com.tremolosecurity.scalejs.data.ScaleError) ScaleJSPasswordRequest(com.tremolosecurity.scalejs.password.data.ScaleJSPasswordRequest) AuthController(com.tremolosecurity.proxy.auth.AuthController) ConfigManager(com.tremolosecurity.config.util.ConfigManager) TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser)

Aggregations

Gson (com.google.gson.Gson)1 ConfigManager (com.tremolosecurity.config.util.ConfigManager)1 TremoloUser (com.tremolosecurity.provisioning.service.util.TremoloUser)1 WFCall (com.tremolosecurity.provisioning.service.util.WFCall)1 AuthController (com.tremolosecurity.proxy.auth.AuthController)1 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)1 Attribute (com.tremolosecurity.saml.Attribute)1 ScaleError (com.tremolosecurity.scalejs.data.ScaleError)1 ScaleJSPasswordRequest (com.tremolosecurity.scalejs.password.data.ScaleJSPasswordRequest)1 ScalePasswordUser (com.tremolosecurity.scalejs.password.data.ScalePasswordUser)1