use of org.ldaptive.LdapAttribute in project cas by apereo.
the class LdapPasswordManagementService method getSecurityQuestions.
@Override
public Map<String, String> getSecurityQuestions(final String username) {
final Map<String, String> set = new LinkedHashMap<>();
try {
final PasswordManagementProperties.Ldap ldap = passwordManagementProperties.getLdap();
final SearchFilter filter = Beans.newLdaptiveSearchFilter(ldap.getUserFilter(), Beans.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, Arrays.asList(username));
LOGGER.debug("Constructed LDAP filter [{}] to locate security questions", filter);
final ConnectionFactory factory = Beans.newLdaptivePooledConnectionFactory(ldap);
final Response<SearchResult> response = LdapUtils.executeSearchOperation(factory, ldap.getBaseDn(), filter);
LOGGER.debug("LDAP response for security questions [{}]", response);
if (LdapUtils.containsResultEntry(response)) {
final LdapEntry entry = response.getResult().getEntry();
LOGGER.debug("Located LDAP entry [{}] in the response", entry);
final Map<String, String> qs = passwordManagementProperties.getLdap().getSecurityQuestionsAttributes();
LOGGER.debug("Security question attributes are defined to be [{}]", qs);
qs.forEach((k, v) -> {
final LdapAttribute q = entry.getAttribute(k);
final LdapAttribute a = entry.getAttribute(v);
if (q != null && a != null && StringUtils.isNotBlank(q.getStringValue()) && StringUtils.isNotBlank(a.getStringValue())) {
LOGGER.debug("Added security question [{}]", q.getStringValue());
set.put(q.getStringValue(), a.getStringValue());
}
});
} else {
LOGGER.debug("LDAP response did not contain a result for security questions");
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return set;
}
use of org.ldaptive.LdapAttribute in project cas by apereo.
the class LdapPasswordManagementService method findEmail.
@Override
public String findEmail(final String username) {
try {
final PasswordManagementProperties.Ldap ldap = passwordManagementProperties.getLdap();
final SearchFilter filter = Beans.newLdaptiveSearchFilter(ldap.getUserFilter(), Beans.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, Arrays.asList(username));
LOGGER.debug("Constructed LDAP filter [{}] to locate account email", filter);
final ConnectionFactory factory = Beans.newLdaptivePooledConnectionFactory(ldap);
final Response<SearchResult> response = LdapUtils.executeSearchOperation(factory, ldap.getBaseDn(), filter);
LOGGER.debug("LDAP response to locate account email is [{}]", response);
if (LdapUtils.containsResultEntry(response)) {
final LdapEntry entry = response.getResult().getEntry();
LOGGER.debug("Found LDAP entry [{}] to use for the account email", entry);
final String attributeName = passwordManagementProperties.getReset().getEmailAttribute();
final LdapAttribute attr = entry.getAttribute(attributeName);
if (attr != null) {
final String email = attr.getStringValue();
LOGGER.debug("Found email address [{}] for user [{}]. Validating...", email, username);
if (EmailValidator.getInstance().isValid(email)) {
LOGGER.debug("Email address [{}] matches a valid email address", email);
return email;
} else {
LOGGER.error("Email [{}] is not a valid address", email);
}
} else {
LOGGER.error("Could not locate an LDAP attribute [{}] for [{}] and base DN [{}]", attributeName, filter.format(), ldap.getBaseDn());
}
return null;
} else {
LOGGER.error("Could not locate an LDAP entry for [{}] and base DN [{}]", filter.format(), ldap.getBaseDn());
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}
use of org.ldaptive.LdapAttribute in project cas by apereo.
the class LdapConsentRepository method findConsentDecision.
@Override
public ConsentDecision findConsentDecision(final Service service, final RegisteredService registeredService, final Authentication authentication) {
final String principal = authentication.getPrincipal().getId();
final LdapEntry entry = readConsentEntry(principal);
if (entry != null) {
final LdapAttribute consentDecisions = entry.getAttribute(this.ldap.getConsentAttributeName());
if (consentDecisions != null) {
final Collection<String> values = consentDecisions.getStringValues();
LOGGER.debug("Locating consent decision(s) for [{}] and service [{}]", principal, service.getId());
return values.stream().map(LdapConsentRepository::mapFromJson).filter(d -> d.getService().equals(service.getId())).findFirst().orElse(null);
}
}
return null;
}
use of org.ldaptive.LdapAttribute in project cas by apereo.
the class LdapPasswordManagementService method findEmail.
@Override
public String findEmail(final String username) {
try {
final PasswordManagementProperties.Ldap ldap = properties.getLdap();
final SearchFilter filter = LdapUtils.newLdaptiveSearchFilter(ldap.getSearchFilter(), LdapUtils.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, CollectionUtils.wrap(username));
LOGGER.debug("Constructed LDAP filter [{}] to locate account email", filter);
final ConnectionFactory factory = LdapUtils.newLdaptivePooledConnectionFactory(ldap);
final Response<SearchResult> response = LdapUtils.executeSearchOperation(factory, ldap.getBaseDn(), filter);
LOGGER.debug("LDAP response to locate account email is [{}]", response);
if (LdapUtils.containsResultEntry(response)) {
final LdapEntry entry = response.getResult().getEntry();
LOGGER.debug("Found LDAP entry [{}] to use for the account email", entry);
final String attributeName = properties.getReset().getEmailAttribute();
final LdapAttribute attr = entry.getAttribute(attributeName);
if (attr != null) {
final String email = attr.getStringValue();
LOGGER.debug("Found email address [{}] for user [{}]. Validating...", email, username);
if (EmailValidator.getInstance().isValid(email)) {
LOGGER.debug("Email address [{}] matches a valid email address", email);
return email;
}
LOGGER.error("Email [{}] is not a valid address", email);
} else {
LOGGER.error("Could not locate an LDAP attribute [{}] for [{}] and base DN [{}]", attributeName, filter.format(), ldap.getBaseDn());
}
return null;
}
LOGGER.error("Could not locate an LDAP entry for [{}] and base DN [{}]", filter.format(), ldap.getBaseDn());
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return null;
}
use of org.ldaptive.LdapAttribute in project cas by apereo.
the class LdapPasswordManagementService method getSecurityQuestions.
@Override
public Map<String, String> getSecurityQuestions(final String username) {
final Map<String, String> set = new LinkedHashMap<>();
try {
final PasswordManagementProperties.Ldap ldap = properties.getLdap();
final SearchFilter filter = LdapUtils.newLdaptiveSearchFilter(ldap.getSearchFilter(), LdapUtils.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, CollectionUtils.wrap(username));
LOGGER.debug("Constructed LDAP filter [{}] to locate security questions", filter);
final ConnectionFactory factory = LdapUtils.newLdaptivePooledConnectionFactory(ldap);
final Response<SearchResult> response = LdapUtils.executeSearchOperation(factory, ldap.getBaseDn(), filter);
LOGGER.debug("LDAP response for security questions [{}]", response);
if (LdapUtils.containsResultEntry(response)) {
final LdapEntry entry = response.getResult().getEntry();
LOGGER.debug("Located LDAP entry [{}] in the response", entry);
final Map<String, String> qs = properties.getLdap().getSecurityQuestionsAttributes();
LOGGER.debug("Security question attributes are defined to be [{}]", qs);
qs.forEach((k, v) -> {
final LdapAttribute q = entry.getAttribute(k);
final LdapAttribute a = entry.getAttribute(v);
if (q != null && a != null && StringUtils.isNotBlank(q.getStringValue()) && StringUtils.isNotBlank(a.getStringValue())) {
LOGGER.debug("Added security question [{}]", q.getStringValue());
set.put(q.getStringValue(), a.getStringValue());
}
});
} else {
LOGGER.debug("LDAP response did not contain a result for security questions");
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return set;
}
Aggregations