use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.
the class EinfraPasswordManagerModule method validatePassword.
@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
if (user == null) {
user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, actualLoginNamespace);
}
if (user == null) {
log.warn("No user was found by login '{}' in {} namespace.", userLogin, actualLoginNamespace);
} else {
PerunBl perunBl = ((PerunBl) sess.getPerun());
// FIXME - find out more convenient place and support other namespaces
try {
Attribute attribute = perunBl.getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":lastPwdChangeTimestamp:einfra");
LocalDateTime now = LocalDateTime.now();
String value = now.format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"));
attribute.setValue(value);
perunBl.getAttributesManagerBl().setAttribute(sess, user, attribute);
} catch (AttributeNotExistsException ignore) {
// not supported by namespace
} catch (Exception ex) {
log.warn("Unable to set last password change timestamp for {} in {}", userLogin, actualLoginNamespace, ex);
}
// set extSources and extSource related attributes
try {
List<String> kerberosLogins = new ArrayList<>();
// Set META and EINFRA userExtSources
ExtSource extSource = perunBl.getExtSourcesManagerBl().getExtSourceByName(sess, "META");
UserExtSource ues = new UserExtSource(extSource, userLogin + "@META");
ues.setLoa(0);
try {
perunBl.getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
extSource = perunBl.getExtSourcesManagerBl().getExtSourceByName(sess, "EINFRA");
ues = new UserExtSource(extSource, userLogin + "@EINFRA");
ues.setLoa(0);
try {
perunBl.getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
extSource = perunBl.getExtSourcesManagerBl().getExtSourceByName(sess, "https://login.ics.muni.cz/idp/shibboleth");
ues = new UserExtSource(extSource, userLogin + "@meta.cesnet.cz");
ues.setLoa(0);
try {
perunBl.getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
// Store E-INFRA IdP UES
extSource = perunBl.getExtSourcesManagerBl().getExtSourceByName(sess, "https://idp.e-infra.cz/idp/");
ues = new UserExtSource(extSource, userLogin + "@idp.e-infra.cz");
ues.setLoa(0);
try {
perunBl.getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
// Store E-INFRA CERT IdP UES
extSource = perunBl.getExtSourcesManagerBl().getExtSourceByName(sess, "https://idp-cert.e-infra.cz/idp/");
ues = new UserExtSource(extSource, userLogin + "@idp-cert.e-infra.cz");
ues.setLoa(0);
try {
perunBl.getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
// Store also Kerberos logins
Attribute kerberosLoginsAttr = perunBl.getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + "kerberosLogins");
if (kerberosLoginsAttr != null && kerberosLoginsAttr.getValue() != null) {
kerberosLogins.addAll(kerberosLoginsAttr.valueAsList());
}
boolean someChange = false;
if (!kerberosLogins.contains(userLogin + "@EINFRA")) {
kerberosLogins.add(userLogin + "@EINFRA");
someChange = true;
}
if (!kerberosLogins.contains(userLogin + "@META")) {
kerberosLogins.add(userLogin + "@META");
someChange = true;
}
if (someChange && kerberosLoginsAttr != null) {
kerberosLoginsAttr.setValue(kerberosLogins);
perunBl.getAttributesManagerBl().setAttribute(sess, user, kerberosLoginsAttr);
}
} catch (WrongAttributeAssignmentException | AttributeNotExistsException | ExtSourceNotExistsException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
throw new InternalErrorException(ex);
}
}
// validate password
super.validatePassword(sess, userLogin, user);
}
use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.
the class IcsmuniczPasswordManagerModule method validatePassword.
@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
if (user == null) {
user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, actualLoginNamespace);
}
if (user == null) {
log.warn("No user was found by login '{}' in {} namespace.", userLogin, actualLoginNamespace);
} else {
// set extSources and extSource related attributes
try {
List<String> kerberosLogins = new ArrayList<>();
ExtSource extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().getExtSourceByName(sess, "ICS.MUNI.CZ");
UserExtSource ues = new UserExtSource(extSource, userLogin + "@ICS.MUNI.CZ");
ues.setLoa(0);
try {
((PerunBl) sess.getPerun()).getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
// Store also Kerberos logins
Attribute kerberosLoginsAttr = ((PerunBl) sess.getPerun()).getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + "kerberosLogins");
if (kerberosLoginsAttr != null && kerberosLoginsAttr.getValue() != null) {
kerberosLogins.addAll((List<String>) kerberosLoginsAttr.getValue());
}
if (!kerberosLogins.contains(userLogin + "@ICS.MUNI.CZ") && kerberosLoginsAttr != null) {
kerberosLogins.add(userLogin + "@ICS.MUNI.CZ");
kerberosLoginsAttr.setValue(kerberosLogins);
((PerunBl) sess.getPerun()).getAttributesManagerBl().setAttribute(sess, user, kerberosLoginsAttr);
}
} catch (WrongAttributeAssignmentException | AttributeNotExistsException | ExtSourceNotExistsException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
throw new InternalErrorException(ex);
}
}
// validate password
super.validatePassword(sess, userLogin, user);
}
use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.
the class SitolaPasswordManagerModule method validatePassword.
@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
if (user == null) {
user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, actualLoginNamespace);
}
if (user == null) {
log.warn("No user was found by login '{}' in {} namespace.", userLogin, actualLoginNamespace);
} else {
// set extSources and extSource related attributes
try {
List<String> kerberosLogins = new ArrayList<>();
ExtSource extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().getExtSourceByName(sess, "SITOLA.FI.MUNI.CZ");
UserExtSource ues = new UserExtSource(extSource, userLogin + "@SITOLA.FI.MUNI.CZ");
ues.setLoa(0);
try {
((PerunBl) sess.getPerun()).getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
// Store also Kerberos logins
Attribute kerberosLoginsAttr = ((PerunBl) sess.getPerun()).getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + "kerberosLogins");
if (kerberosLoginsAttr != null && kerberosLoginsAttr.getValue() != null) {
kerberosLogins.addAll((List<String>) kerberosLoginsAttr.getValue());
}
if (!kerberosLogins.contains(userLogin + "@SITOLA.FI.MUNI.CZ") && kerberosLoginsAttr != null) {
kerberosLogins.add(userLogin + "@SITOLA.FI.MUNI.CZ");
kerberosLoginsAttr.setValue(kerberosLogins);
((PerunBl) sess.getPerun()).getAttributesManagerBl().setAttribute(sess, user, kerberosLoginsAttr);
}
} catch (WrongAttributeAssignmentException | AttributeNotExistsException | ExtSourceNotExistsException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
throw new InternalErrorException(ex);
}
}
// validate password
super.validatePassword(sess, userLogin, user);
}
use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.
the class MuPasswordManagerModule method getUcoFromSessionUser.
/**
* Return MU UCO of a pwdmanager method caller from his UserExtSource in MU IdP.
*
* @param session Session to get user and identity from
* @return Part of API call params like: "<zmenil>UČO</zmenil>" or empty string.
*/
private String getUcoFromSessionUser(PerunSession session) {
PerunBl perunBl = (PerunBl) session.getPerun();
List<UserExtSource> ueses;
try {
if (session.getPerunPrincipal().getUser() != null) {
ueses = perunBl.getUsersManagerBl().getUserExtSources(session, session.getPerunPrincipal().getUser());
} else {
return "";
}
} catch (Exception ex) {
return "";
}
for (UserExtSource extSource : ueses) {
if (extSource.getExtSource().getName().equals("https://idp2.ics.muni.cz/idp/shibboleth") && extSource.getExtSource().getType().equals(ExtSourcesManager.EXTSOURCE_IDP)) {
String login = extSource.getLogin();
if (login != null) {
log.debug(" - Action triggered by {}", login.split("@")[0]);
return "<zmenil>" + login.split("@")[0] + "</zmenil>\n";
}
}
}
return "";
}
use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.
the class VsupPasswordManagerModule method validatePassword.
@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
if (user == null) {
user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, actualLoginNamespace);
}
if (user == null) {
log.warn("No user was found by login '{}' in {} namespace.", userLogin, actualLoginNamespace);
} else {
// set extSources and extSource related attributes
try {
// Add UES in their ActiveDirectory to access Perun by it
ExtSource extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().getExtSourceByName(sess, "AD");
UserExtSource ues = new UserExtSource(extSource, userLogin);
ues.setLoa(0);
try {
((PerunBl) sess.getPerun()).getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
} catch (ExtSourceNotExistsException ex) {
throw new InternalErrorException(ex);
}
}
// validate password
super.validatePassword(sess, userLogin, user);
}
Aggregations