Example 1 with PasswordDoesntMatchException
use of cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException in project perun by CESNET.
the class UsersManagerBlImpl method changePasswordRandom.
@Override
public String changePasswordRandom(PerunSession session, User user, String namespace) throws PasswordOperationTimeoutException, LoginNotExistsException, PasswordChangeFailedException, InvalidLoginException, PasswordStrengthException {
// first check if user has login in specified namespace!
String userLogin;
try {
Attribute userLoginAttribute = getPerunBl().getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":login-namespace:" + namespace);
userLogin = (String) userLoginAttribute.getValue();
} catch (WrongAttributeAssignmentException | AttributeNotExistsException e) {
// should not happen since the changePassword method passed
log.error("Unexpected exception when re-seting password to randomly generated for user {} in {}", user, namespace, e);
throw new InternalErrorException(e);
}
if (userLogin == null) {
log.warn("User {} has no login in {} namespace.", user, namespace);
throw new LoginNotExistsException("User has no login in " + namespace + " namespace.");
}
// generate and change password
PasswordManagerModule module = getPasswordManagerModule(session, namespace);
String newRandomPassword = module.generateRandomPassword(session, userLogin);
try {
changePassword(session, user, namespace, null, newRandomPassword, false);
} catch (PasswordDoesntMatchException | PasswordStrengthFailedException e) {
// should not happen when we are not using the old password and have good password generated
log.error("Unexpected exception when re-seting password to randomly generated for login {} in {}", userLogin, namespace, e);
throw new InternalErrorException(e);
}
// create template to return
String template = getPasswordResetTemplate(session, namespace);
return template.replace("{password}", StringEscapeUtils.escapeHtml4(newRandomPassword)).replace("{login}", StringEscapeUtils.escapeHtml4(userLogin));
}
Also used :
Attribute(cz.metacentrum.perun.core.api.Attribute)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
LoginNotExistsException(cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
PasswordManagerModule(cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule)
GenericPasswordManagerModule(cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
PasswordStrengthFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthFailedException)
PasswordDoesntMatchException(cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)
Example 2 with PasswordDoesntMatchException
use of cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException in project perun by CESNET.
the class UsersManagerBlImpl method changeNonAuthzPassword.
@Override
public void changeNonAuthzPassword(PerunSession sess, String token, String password, String lang) throws LoginNotExistsException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException, PasswordResetLinkExpiredException, PasswordResetLinkNotValidException, UserNotExistsException {
Map<String, Object> request = getUsersManagerImpl().loadPasswordResetRequest(sess, UUID.fromString(token));
User user = perunBl.getUsersManagerBl().getUserById(sess, (Integer) request.get("user_id"));
String namespace = (String) request.get("namespace");
String mail = (String) request.get("mail");
List<Attribute> logins = perunBl.getAttributesManagerBl().getLogins(sess, user);
String login = null;
for (Attribute a : logins) {
if (a.getFriendlyNameParameter().equals(namespace)) {
login = a.valueAsString();
break;
}
}
if (login == null)
throw new InternalErrorException(user.toString() + " doesn't have login in namespace: " + namespace);
// reset password without checking old
try {
changePassword(sess, user, namespace, "", password, false);
} catch (PasswordDoesntMatchException ex) {
// shouldn't happen
throw new InternalErrorException(ex);
}
// was changed - send notification to all member's emails
Set<String> emails = new HashSet<>();
// add mail used for reset request
if (mail != null && !mail.isEmpty())
emails.add(mail);
try {
Attribute a = perunBl.getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":preferredMail");
if (a != null && a.getValue() != null) {
emails.add((String) a.getValue());
}
} catch (WrongAttributeAssignmentException | AttributeNotExistsException ex) {
throw new InternalErrorException(ex);
}
List<Member> members = getPerunBl().getMembersManagerBl().getMembersByUser(sess, user);
for (Member member : members) {
try {
Attribute a = perunBl.getAttributesManagerBl().getAttribute(sess, member, AttributesManager.NS_MEMBER_ATTR_DEF + ":mail");
if (a != null && a.getValue() != null) {
emails.add((String) a.getValue());
}
} catch (WrongAttributeAssignmentException | AttributeNotExistsException ex) {
throw new InternalErrorException(ex);
}
}
// get template
String subject;
try {
Attribute subjectTemplateAttribute = perunBl.getAttributesManagerBl().getAttribute(sess, lang, AttributesManager.NS_ENTITYLESS_ATTR_DEF + ":nonAuthzPwdResetConfirmMailSubject:" + namespace);
subject = (String) subjectTemplateAttribute.getValue();
if (subject == null) {
subjectTemplateAttribute = perunBl.getAttributesManagerBl().getAttribute(sess, "en", AttributesManager.NS_ENTITYLESS_ATTR_DEF + ":nonAuthzPwdResetConfirmMailSubject:" + namespace);
subject = (String) subjectTemplateAttribute.getValue();
}
} catch (AttributeNotExistsException | WrongAttributeAssignmentException ex) {
throw new InternalErrorException(ex);
}
String message;
try {
Attribute messageTemplateAttribute = perunBl.getAttributesManagerBl().getAttribute(sess, lang, AttributesManager.NS_ENTITYLESS_ATTR_DEF + ":nonAuthzPwdResetConfirmMailTemplate:" + namespace);
message = (String) messageTemplateAttribute.getValue();
if (message == null) {
messageTemplateAttribute = perunBl.getAttributesManagerBl().getAttribute(sess, "en", AttributesManager.NS_ENTITYLESS_ATTR_DEF + ":nonAuthzPwdResetConfirmMailTemplate:" + namespace);
message = (String) messageTemplateAttribute.getValue();
}
} catch (AttributeNotExistsException | WrongAttributeAssignmentException ex) {
throw new InternalErrorException(ex);
}
for (String email : emails) {
Utils.sendPasswordResetConfirmationEmail(user, email, namespace, login, subject, message);
}
}
Also used :
OwnershipRemovedForSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipRemovedForSpecificUser)
User(cz.metacentrum.perun.core.api.User)
OwnershipEnabledForSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipEnabledForSpecificUser)
UserAddedToOwnersOfSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.UserAddedToOwnersOfSpecificUser)
UserExtSourceRemovedFromUser(cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceRemovedFromUser)
RichUser(cz.metacentrum.perun.core.api.RichUser)
OwnershipDisabledForSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipDisabledForSpecificUser)
UserExtSourceAddedToUser(cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceAddedToUser)
AllUserExtSourcesDeletedForUser(cz.metacentrum.perun.audit.events.UserManagerEvents.AllUserExtSourcesDeletedForUser)
Attribute(cz.metacentrum.perun.core.api.Attribute)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
Member(cz.metacentrum.perun.core.api.Member)
PasswordDoesntMatchException(cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)
HashSet(java.util.HashSet)
Example 3 with PasswordDoesntMatchException
use of cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException in project perun by CESNET.
the class UsersManagerBlImpl method changePassword.
@Override
public void changePassword(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) throws LoginNotExistsException, PasswordDoesntMatchException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException {
log.info("Changing password for {} in login-namespace {}.", user, loginNamespace);
// Get User login in loginNamespace
Attribute userLogin;
try {
userLogin = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":login-namespace:" + loginNamespace);
} catch (AttributeNotExistsException e) {
throw new LoginNotExistsException(e);
} catch (WrongAttributeAssignmentException e) {
throw new InternalErrorException(e);
}
PasswordManagerModule module = getPasswordManagerModule(sess, loginNamespace);
// Check password if it was requested
if (checkOldPassword) {
try {
module.checkPassword(sess, userLogin.valueAsString(), oldPassword);
} catch (PasswordDoesntMatchRuntimeException e) {
throw new PasswordDoesntMatchException(e);
} catch (PasswordOperationTimeoutRuntimeException e) {
throw new PasswordOperationTimeoutException(e);
} catch (Exception ex) {
// fallback for exception compatibility
throw new PasswordDoesntMatchException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".", ex);
}
}
// Change the password
try {
module.changePassword(sess, userLogin.valueAsString(), newPassword);
} catch (PasswordChangeFailedRuntimeException e) {
throw new PasswordChangeFailedException(e);
} catch (PasswordOperationTimeoutRuntimeException e) {
throw new PasswordOperationTimeoutException(e);
} catch (PasswordStrengthFailedRuntimeException e) {
throw new PasswordStrengthFailedException(e);
} catch (InvalidLoginException | PasswordStrengthException e) {
throw e;
} catch (Exception ex) {
// fallback for exception compatibility
throw new PasswordChangeFailedException("Password change failed for " + loginNamespace + ":" + userLogin + ".", ex);
}
// validate and set user ext sources
try {
this.validatePassword(sess, user, loginNamespace);
} catch (PasswordCreationFailedException ex) {
throw new PasswordChangeFailedException(ex);
}
}
Also used :
Attribute(cz.metacentrum.perun.core.api.Attribute)
LoginNotExistsException(cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
PasswordCreationFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordCreationFailedException)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
RelationExistsException(cz.metacentrum.perun.core.api.exceptions.RelationExistsException)
MemberAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.MemberAlreadyRemovedException)
PasswordCreationFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordCreationFailedException)
UserExtSourceAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceAlreadyRemovedException)
ExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
PasswordStrengthFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthFailedException)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
SpecificUserAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.SpecificUserAlreadyRemovedException)
AlreadyReservedLoginException(cz.metacentrum.perun.core.api.exceptions.AlreadyReservedLoginException)
SpecificUserOwnerAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.SpecificUserOwnerAlreadyRemovedException)
IllegalArgumentException(cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
AlreadyAdminException(cz.metacentrum.perun.core.api.exceptions.AlreadyAdminException)
PasswordChangeFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordChangeFailedException)
PasswordResetLinkExpiredException(cz.metacentrum.perun.core.api.exceptions.PasswordResetLinkExpiredException)
InvalidLoginException(cz.metacentrum.perun.core.api.exceptions.InvalidLoginException)
UserExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceNotExistsException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
MemberNotExistsException(cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
UserNotAdminException(cz.metacentrum.perun.core.api.exceptions.UserNotAdminException)
LoginNotExistsException(cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
PasswordStrengthException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthException)
PasswordDeletionFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordDeletionFailedException)
UserAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.UserAlreadyRemovedException)
PasswordOperationTimeoutException(cz.metacentrum.perun.core.api.exceptions.PasswordOperationTimeoutException)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
RelationNotExistsException(cz.metacentrum.perun.core.api.exceptions.RelationNotExistsException)
PasswordDoesntMatchException(cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
BanNotExistsException(cz.metacentrum.perun.core.api.exceptions.BanNotExistsException)
PasswordResetLinkNotValidException(cz.metacentrum.perun.core.api.exceptions.PasswordResetLinkNotValidException)
UserNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserNotExistsException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
AnonymizationNotSupportedException(cz.metacentrum.perun.core.api.exceptions.AnonymizationNotSupportedException)
PasswordOperationTimeoutException(cz.metacentrum.perun.core.api.exceptions.PasswordOperationTimeoutException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
InvalidLoginException(cz.metacentrum.perun.core.api.exceptions.InvalidLoginException)
PasswordManagerModule(cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule)
GenericPasswordManagerModule(cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule)
PasswordStrengthFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthFailedException)
PasswordDoesntMatchException(cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)
PasswordChangeFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordChangeFailedException)
PasswordStrengthException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthException)
Aggregations
Attribute (cz.metacentrum.perun.core.api.Attribute)3
AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)3
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)3
PasswordDoesntMatchException (cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)3
WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)3
LoginNotExistsException (cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)2
PasswordStrengthFailedException (cz.metacentrum.perun.core.api.exceptions.PasswordStrengthFailedException)2
AllUserExtSourcesDeletedForUser (cz.metacentrum.perun.audit.events.UserManagerEvents.AllUserExtSourcesDeletedForUser)1
OwnershipDisabledForSpecificUser (cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipDisabledForSpecificUser)1
OwnershipEnabledForSpecificUser (cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipEnabledForSpecificUser)1
OwnershipRemovedForSpecificUser (cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipRemovedForSpecificUser)1
UserAddedToOwnersOfSpecificUser (cz.metacentrum.perun.audit.events.UserManagerEvents.UserAddedToOwnersOfSpecificUser)1
UserExtSourceAddedToUser (cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceAddedToUser)1
UserExtSourceRemovedFromUser (cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceRemovedFromUser)1
Member (cz.metacentrum.perun.core.api.Member)1
RichUser (cz.metacentrum.perun.core.api.RichUser)1
User (cz.metacentrum.perun.core.api.User)1
AlreadyAdminException (cz.metacentrum.perun.core.api.exceptions.AlreadyAdminException)1
AlreadyReservedLoginException (cz.metacentrum.perun.core.api.exceptions.AlreadyReservedLoginException)1
AnonymizationNotSupportedException (cz.metacentrum.perun.core.api.exceptions.AnonymizationNotSupportedException)1
