Examples with PasswordResetData edu.harvard.iq.dataverse.passwordreset.PasswordResetData used on opensource projects

Example 1 with PasswordResetData

use of edu.harvard.iq.dataverse.passwordreset.PasswordResetData in project dataverse by IQSS.

the class AuthenticationServiceBean method convertBuiltInToShib.

// TODO should probably be moved to the Shib provider - this is a classic Shib-specific
// use case. This class should deal with general autnetications.
@Deprecated
public /**
 * @deprecated. Switch to convertBuiltInUserToRemoteUser instead.
 * @todo. Switch to convertBuiltInUserToRemoteUser instead.
 */
AuthenticatedUser convertBuiltInToShib(AuthenticatedUser builtInUserToConvert, String shibProviderId, UserIdentifier newUserIdentifierInLookupTable) {
    logger.info("converting user " + builtInUserToConvert.getId() + " from builtin to shib");
    String builtInUserIdentifier = builtInUserToConvert.getIdentifier();
    logger.info("builtin user identifier: " + builtInUserIdentifier);
    TypedQuery<AuthenticatedUserLookup> typedQuery = em.createQuery("SELECT OBJECT(o) FROM AuthenticatedUserLookup AS o WHERE o.authenticatedUser = :auid", AuthenticatedUserLookup.class);
    typedQuery.setParameter("auid", builtInUserToConvert);
    AuthenticatedUserLookup authuserLookup;
    try {
        authuserLookup = typedQuery.getSingleResult();
    } catch (NoResultException | NonUniqueResultException ex) {
        logger.info("exception caught: " + ex);
        return null;
    }
    if (authuserLookup == null) {
        return null;
    }
    String oldProviderId = authuserLookup.getAuthenticationProviderId();
    logger.info("we expect this to be 'builtin': " + oldProviderId);
    authuserLookup.setAuthenticationProviderId(shibProviderId);
    String oldUserLookupIdentifier = authuserLookup.getPersistentUserId();
    logger.info("this should be 'pete' or whatever the old builtin username was: " + oldUserLookupIdentifier);
    String perUserShibIdentifier = newUserIdentifierInLookupTable.getLookupStringPerAuthProvider();
    authuserLookup.setPersistentUserId(perUserShibIdentifier);
    /**
     * @todo this should be a transaction of some kind. We want to update
     * the authenticateduserlookup and also delete the row from the
     * builtinuser table in a single transaction.
     */
    em.persist(authuserLookup);
    String builtinUsername = builtInUserIdentifier.replaceFirst(AuthenticatedUser.IDENTIFIER_PREFIX, "");
    BuiltinUser builtin = builtinUserServiceBean.findByUserName(builtinUsername);
    if (builtin != null) {
        // These were created by AuthenticationResponse.Status.BREAKOUT in canLogInAsBuiltinUser
        List<PasswordResetData> oldTokens = passwordResetServiceBean.findPasswordResetDataByDataverseUser(builtin);
        for (PasswordResetData oldToken : oldTokens) {
            em.remove(oldToken);
        }
        em.remove(builtin);
    } else {
        logger.info("Couldn't delete builtin user because could find it based on username " + builtinUsername);
    }
    AuthenticatedUser shibUser = lookupUser(shibProviderId, perUserShibIdentifier);
    if (shibUser != null) {
        return shibUser;
    }
    return null;
}

Example 2 with PasswordResetData

use of edu.harvard.iq.dataverse.passwordreset.PasswordResetData in project dataverse by IQSS.

the class AuthenticationServiceBean method convertBuiltInUserToRemoteUser.

public AuthenticatedUser convertBuiltInUserToRemoteUser(AuthenticatedUser builtInUserToConvert, String newProviderId, UserIdentifier newUserIdentifierInLookupTable) {
    logger.info("converting user " + builtInUserToConvert.getId() + " from builtin to remote");
    String builtInUserIdentifier = builtInUserToConvert.getIdentifier();
    logger.info("builtin user identifier: " + builtInUserIdentifier);
    TypedQuery<AuthenticatedUserLookup> typedQuery = em.createQuery("SELECT OBJECT(o) FROM AuthenticatedUserLookup AS o WHERE o.authenticatedUser = :auid", AuthenticatedUserLookup.class);
    typedQuery.setParameter("auid", builtInUserToConvert);
    AuthenticatedUserLookup authuserLookup;
    try {
        authuserLookup = typedQuery.getSingleResult();
    } catch (NoResultException | NonUniqueResultException ex) {
        logger.info("exception caught: " + ex);
        return null;
    }
    if (authuserLookup == null) {
        return null;
    }
    String oldProviderId = authuserLookup.getAuthenticationProviderId();
    logger.info("we expect this to be 'builtin': " + oldProviderId);
    authuserLookup.setAuthenticationProviderId(newProviderId);
    String oldUserLookupIdentifier = authuserLookup.getPersistentUserId();
    logger.info("this should be 'pete' or whatever the old builtin username was: " + oldUserLookupIdentifier);
    String perUserIdentifier = newUserIdentifierInLookupTable.getLookupStringPerAuthProvider();
    authuserLookup.setPersistentUserId(perUserIdentifier);
    /**
     * @todo this should be a transaction of some kind. We want to update
     * the authenticateduserlookup and also delete the row from the
     * builtinuser table in a single transaction.
     */
    em.persist(authuserLookup);
    String builtinUsername = builtInUserIdentifier.replaceFirst(AuthenticatedUser.IDENTIFIER_PREFIX, "");
    BuiltinUser builtin = builtinUserServiceBean.findByUserName(builtinUsername);
    if (builtin != null) {
        // These were created by AuthenticationResponse.Status.BREAKOUT in canLogInAsBuiltinUser
        List<PasswordResetData> oldTokens = passwordResetServiceBean.findPasswordResetDataByDataverseUser(builtin);
        for (PasswordResetData oldToken : oldTokens) {
            em.remove(oldToken);
        }
        em.remove(builtin);
    } else {
        logger.info("Couldn't delete builtin user because could find it based on username " + builtinUsername);
    }
    AuthenticatedUser nonBuiltinUser = lookupUser(newProviderId, perUserIdentifier);
    if (nonBuiltinUser != null) {
        return nonBuiltinUser;
    }
    return null;
}