Examples with PasswordManagerModule cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule used on opensource projects

Example 11 with PasswordManagerModule

use of cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule in project perun by CESNET.

the class UsersManagerBlImpl method changePasswordRandom.

@Override
public String changePasswordRandom(PerunSession session, User user, String namespace) throws PasswordOperationTimeoutException, LoginNotExistsException, PasswordChangeFailedException, InvalidLoginException, PasswordStrengthException {
    // first check if user has login in specified namespace!
    String userLogin;
    try {
        Attribute userLoginAttribute = getPerunBl().getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":login-namespace:" + namespace);
        userLogin = (String) userLoginAttribute.getValue();
    } catch (WrongAttributeAssignmentException | AttributeNotExistsException e) {
        // should not happen since the changePassword method passed
        log.error("Unexpected exception when re-seting password to randomly generated for user {} in {}", user, namespace, e);
        throw new InternalErrorException(e);
    }
    if (userLogin == null) {
        log.warn("User {} has no login in {} namespace.", user, namespace);
        throw new LoginNotExistsException("User has no login in " + namespace + " namespace.");
    }
    // generate and change password
    PasswordManagerModule module = getPasswordManagerModule(session, namespace);
    String newRandomPassword = module.generateRandomPassword(session, userLogin);
    try {
        changePassword(session, user, namespace, null, newRandomPassword, false);
    } catch (PasswordDoesntMatchException | PasswordStrengthFailedException e) {
        // should not happen when we are not using the old password and have good password generated
        log.error("Unexpected exception when re-seting password to randomly generated for login {} in {}", userLogin, namespace, e);
        throw new InternalErrorException(e);
    }
    // create template to return
    String template = getPasswordResetTemplate(session, namespace);
    return template.replace("{password}", StringEscapeUtils.escapeHtml4(newRandomPassword)).replace("{login}", StringEscapeUtils.escapeHtml4(userLogin));
}

Example 12 with PasswordManagerModule

use of cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule in project perun by CESNET.

the class UsersManagerBlImpl method reservePassword.

@Override
public void reservePassword(PerunSession sess, User user, String loginNamespace, String password) throws PasswordCreationFailedException, LoginNotExistsException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException {
    log.info("Reserving password for {} in login-namespace {}.", user, loginNamespace);
    // Get login.
    try {
        Attribute attr = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + AttributesManager.LOGIN_NAMESPACE + ":" + loginNamespace);
        if (attr.getValue() == null) {
            throw new LoginNotExistsException("Attribute containing login has empty value. Namespace: " + loginNamespace);
        }
        // Create the password
        PasswordManagerModule module = getPasswordManagerModule(sess, loginNamespace);
        try {
            module.reservePassword(sess, attr.valueAsString(), password);
        } catch (PasswordCreationFailedRuntimeException e) {
            throw new PasswordCreationFailedException(e);
        } catch (PasswordOperationTimeoutRuntimeException e) {
            throw new PasswordOperationTimeoutException(e);
        } catch (PasswordStrengthFailedRuntimeException e) {
            throw new PasswordStrengthFailedException(e);
        } catch (InvalidLoginException | PasswordStrengthException e) {
            throw e;
        } catch (Exception ex) {
            // fallback for exception compatibility
            throw new PasswordCreationFailedException("Password creation failed for " + loginNamespace + ":" + attr.valueAsString() + ".", ex);
        }
    } catch (AttributeNotExistsException e) {
        throw new LoginNotExistsException(e);
    } catch (WrongAttributeAssignmentException e) {
        throw new InternalErrorException(e);
    }
}

Example 13 with PasswordManagerModule

use of cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule in project perun by CESNET.

the class UsersManagerBlImpl method loginExist.

@Override
public boolean loginExist(PerunSession sess, User user, String loginNamespace) {
    log.info("Checking if login exists for user {} in login-namespace {}.", user, loginNamespace);
    // Check if login exists
    PasswordManagerModule module = getPasswordManagerModule(sess, loginNamespace);
    try {
        Attribute attr = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + AttributesManager.LOGIN_NAMESPACE + ":" + loginNamespace);
        if (attr.getValue() == null) {
            return false;
        }
        return module.loginExist(sess, attr.valueAsString());
    } catch (Exception ex) {
        throw new InternalErrorException(ex);
    }
}

Example 14 with PasswordManagerModule

use of cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule in project perun by CESNET.

the class UsersManagerBlImpl method createAlternativePassword.

@Override
public void createAlternativePassword(PerunSession sess, User user, String description, String loginNamespace, String password) throws PasswordCreationFailedException, LoginNotExistsException, PasswordStrengthException {
    String passwordId = Long.toString(System.currentTimeMillis());
    log.info("Creating alternative password for {} in login-namespace {} with description {} and passwordId {}.", user, loginNamespace, description, passwordId);
    try {
        Attribute userAlternativePassword = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, A_USER_DEF_ALT_PASSWORD_NAMESPACE + loginNamespace);
        Map<String, String> altPassValue = new LinkedHashMap<>();
        // Set not null value from altPassword attribute of this user
        if (userAlternativePassword.getValue() != null)
            altPassValue = userAlternativePassword.valueAsMap();
        // If password already exists, throw an exception
        if (altPassValue.containsKey(description))
            throw new ConsistencyErrorException("Password with this description already exists. Description: " + description);
        // set new value to attribute
        altPassValue.put(description, passwordId);
        userAlternativePassword.setValue(altPassValue);
        // set new attribute with value to perun
        getPerunBl().getAttributesManagerBl().setAttribute(sess, user, userAlternativePassword);
    } catch (WrongAttributeAssignmentException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
        throw new InternalErrorException(ex);
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    }
    // actually create password in the backend
    PasswordManagerModule module = getPasswordManagerModule(sess, loginNamespace);
    try {
        module.createAlternativePassword(sess, user, passwordId, password);
    } catch (PasswordCreationFailedRuntimeException ex) {
        throw new PasswordCreationFailedException(ex);
    } catch (LoginNotExistsRuntimeException ex) {
        throw new LoginNotExistsException(ex);
    } catch (PasswordStrengthException e) {
        throw e;
    } catch (Exception ex) {
        // fallback for exception compatibility
        throw new PasswordCreationFailedException("Alternative password creation failed for " + loginNamespace + ":" + passwordId + " of " + user + ".", ex);
    }
}

Example 15 with PasswordManagerModule

use of cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule in project perun by CESNET.

the class UsersManagerBlImpl method getPasswordManagerModule.

@Override
public PasswordManagerModule getPasswordManagerModule(PerunSession session, String namespace) {
    PasswordManagerModule module = getUsersManagerImpl().getPasswordManagerModule(session, namespace);
    if (module == null) {
        log.info("Password manager module for '{}' not found. Loading 'generic' password manager module instead.", namespace);
        module = getUsersManagerImpl().getPasswordManagerModule(session, "generic");
        if (module instanceof GenericPasswordManagerModule) {
            // set proper login-namespace to the generic module
            ((GenericPasswordManagerModule) module).setActualLoginNamespace(namespace);
        }
    }
    if (module == null) {
        log.error("No password manager module found by the class loader for both '{}' and 'generic' namespaces.", namespace);
        throw new InternalErrorException("No password manager module implementation found by the class loader for both '" + namespace + "' and 'generic' namespaces.");
    }
    return module;
}