Search in sources :

Example 1 with SecurityAnswerVerificationConfig

use of org.forgerock.selfservice.stages.kba.SecurityAnswerVerificationConfig in project OpenAM by OpenRock.

the class ForgottenUsernameConfigProvider method getServiceConfig.

@Override
public ProcessInstanceConfig getServiceConfig(ForgottenUsernameConsoleConfig config, Context context, String realm) {
    List<StageConfig> stages = new ArrayList<>();
    if (config.isCaptchaEnabled()) {
        stages.add(new CaptchaStageConfig().setRecaptchaSiteKey(config.getCaptchaSiteKey()).setRecaptchaSecretKey(config.getCaptchaSecretKey()).setRecaptchaUri(config.getCaptchaVerificationUrl()));
    }
    stages.add(new UserQueryConfig().setValidQueryFields(config.getValidQueryAttributes()).setIdentityIdField("/username").setIdentityUsernameField("/username").setIdentityEmailField("/" + config.getEmailAttributeName() + "/0").setIdentityServiceUrl("/users"));
    if (config.isKbaEnabled()) {
        stages.add(new SecurityAnswerVerificationConfig(new KbaConfig()).setQuestions(config.getSecurityQuestions()).setKbaPropertyName("kbaInfo").setNumberOfQuestionsUserMustAnswer(config.getMinimumAnswersToVerify()).setIdentityServiceUrl("/users"));
    }
    if (config.isEmailEnabled()) {
        stages.add(new EmailUsernameConfig().setEmailServiceUrl("/email").setSubjectTranslations(config.getSubjectTranslations()).setMessageTranslations(config.getMessageTranslations()).setMimeType("text/html").setUsernameToken("%username%"));
    }
    if (config.isShowUsernameEnabled()) {
        stages.add(new RetrieveUsernameConfig());
    }
    String secret = SystemProperties.get(Constants.ENC_PWD_PROPERTY);
    JwtTokenHandlerConfig jwtTokenConfig = new JwtTokenHandlerConfig().setSharedKey(secret).setKeyPairAlgorithm("RSA").setKeyPairSize(1024).setJweAlgorithm(JweAlgorithm.RSAES_PKCS1_V1_5).setEncryptionMethod(EncryptionMethod.A128CBC_HS256).setJwsAlgorithm(JwsAlgorithm.HS256).setTokenLifeTimeInSeconds(config.getTokenExpiry());
    return new ProcessInstanceConfig().setStageConfigs(stages).setSnapshotTokenConfig(jwtTokenConfig).setStorageType(StorageType.STATELESS);
}
Also used : CaptchaStageConfig(org.forgerock.selfservice.stages.captcha.CaptchaStageConfig) JwtTokenHandlerConfig(org.forgerock.selfservice.stages.tokenhandlers.JwtTokenHandlerConfig) ArrayList(java.util.ArrayList) SecurityAnswerVerificationConfig(org.forgerock.selfservice.stages.kba.SecurityAnswerVerificationConfig) EmailUsernameConfig(org.forgerock.selfservice.stages.user.EmailUsernameConfig) RetrieveUsernameConfig(org.forgerock.selfservice.stages.user.RetrieveUsernameConfig) KbaConfig(org.forgerock.selfservice.stages.kba.KbaConfig) UserQueryConfig(org.forgerock.selfservice.stages.user.UserQueryConfig) CaptchaStageConfig(org.forgerock.selfservice.stages.captcha.CaptchaStageConfig) StageConfig(org.forgerock.selfservice.core.config.StageConfig) ProcessInstanceConfig(org.forgerock.selfservice.core.config.ProcessInstanceConfig)

Example 2 with SecurityAnswerVerificationConfig

use of org.forgerock.selfservice.stages.kba.SecurityAnswerVerificationConfig in project OpenAM by OpenRock.

the class ForgottenPasswordConfigProvider method getServiceConfig.

@Override
public ProcessInstanceConfig getServiceConfig(ForgottenPasswordConsoleConfig config, Context context, String realm) {
    List<StageConfig> stages = new ArrayList<>();
    if (config.isCaptchaEnabled()) {
        stages.add(new CaptchaStageConfig().setRecaptchaSiteKey(config.getCaptchaSiteKey()).setRecaptchaSecretKey(config.getCaptchaSecretKey()).setRecaptchaUri(config.getCaptchaVerificationUrl()));
    }
    stages.add(new UserQueryConfig().setValidQueryFields(config.getValidQueryAttributes()).setIdentityIdField("/username").setIdentityUsernameField("/username").setIdentityEmailField("/" + config.getEmailAttributeName() + "/0").setIdentityServiceUrl("/users"));
    if (config.isEmailEnabled()) {
        String serverUrl = config.getEmailVerificationUrl() + "&realm=" + realm;
        stages.add(new VerifyEmailAccountConfig().setEmailServiceUrl("/email").setIdentityEmailField(config.getEmailAttributeName()).setSubjectTranslations(config.getSubjectTranslations()).setMessageTranslations(config.getMessageTranslations()).setMimeType("text/html").setVerificationLinkToken("%link%").setVerificationLink(serverUrl));
    }
    if (config.isKbaEnabled()) {
        stages.add(new SecurityAnswerVerificationConfig(new KbaConfig()).setQuestions(config.getSecurityQuestions()).setKbaPropertyName("kbaInfo").setNumberOfQuestionsUserMustAnswer(config.getMinimumAnswersToVerify()).setIdentityServiceUrl("/users"));
    }
    stages.add(new ResetStageConfig().setIdentityServiceUrl("/users").setIdentityPasswordField("userPassword"));
    String secret = SystemProperties.get(Constants.ENC_PWD_PROPERTY);
    JwtTokenHandlerConfig jwtTokenConfig = new JwtTokenHandlerConfig().setSharedKey(secret).setKeyPairAlgorithm("RSA").setKeyPairSize(1024).setJweAlgorithm(JweAlgorithm.RSAES_PKCS1_V1_5).setEncryptionMethod(EncryptionMethod.A128CBC_HS256).setJwsAlgorithm(JwsAlgorithm.HS256).setTokenLifeTimeInSeconds(config.getTokenExpiry());
    return new ProcessInstanceConfig().setStageConfigs(stages).setSnapshotTokenConfig(jwtTokenConfig).setStorageType(StorageType.STATELESS);
}
Also used : CaptchaStageConfig(org.forgerock.selfservice.stages.captcha.CaptchaStageConfig) VerifyEmailAccountConfig(org.forgerock.selfservice.stages.email.VerifyEmailAccountConfig) JwtTokenHandlerConfig(org.forgerock.selfservice.stages.tokenhandlers.JwtTokenHandlerConfig) ArrayList(java.util.ArrayList) SecurityAnswerVerificationConfig(org.forgerock.selfservice.stages.kba.SecurityAnswerVerificationConfig) ResetStageConfig(org.forgerock.selfservice.stages.reset.ResetStageConfig) KbaConfig(org.forgerock.selfservice.stages.kba.KbaConfig) UserQueryConfig(org.forgerock.selfservice.stages.user.UserQueryConfig) ResetStageConfig(org.forgerock.selfservice.stages.reset.ResetStageConfig) CaptchaStageConfig(org.forgerock.selfservice.stages.captcha.CaptchaStageConfig) StageConfig(org.forgerock.selfservice.core.config.StageConfig) ProcessInstanceConfig(org.forgerock.selfservice.core.config.ProcessInstanceConfig)

Aggregations

ArrayList (java.util.ArrayList)2 ProcessInstanceConfig (org.forgerock.selfservice.core.config.ProcessInstanceConfig)2 StageConfig (org.forgerock.selfservice.core.config.StageConfig)2 CaptchaStageConfig (org.forgerock.selfservice.stages.captcha.CaptchaStageConfig)2 KbaConfig (org.forgerock.selfservice.stages.kba.KbaConfig)2 SecurityAnswerVerificationConfig (org.forgerock.selfservice.stages.kba.SecurityAnswerVerificationConfig)2 JwtTokenHandlerConfig (org.forgerock.selfservice.stages.tokenhandlers.JwtTokenHandlerConfig)2 UserQueryConfig (org.forgerock.selfservice.stages.user.UserQueryConfig)2 VerifyEmailAccountConfig (org.forgerock.selfservice.stages.email.VerifyEmailAccountConfig)1 ResetStageConfig (org.forgerock.selfservice.stages.reset.ResetStageConfig)1 EmailUsernameConfig (org.forgerock.selfservice.stages.user.EmailUsernameConfig)1 RetrieveUsernameConfig (org.forgerock.selfservice.stages.user.RetrieveUsernameConfig)1