Search in sources :

Example 11 with UserDTO

use of org.wso2.carbon.apimgt.rest.api.store.dto.UserDTO in project carbon-identity-framework by wso2.

the class RecoveryProcessor method verifyConfirmationCode.

/**
 * This method is used to verify the confirmation code supplied by user. This invalidates
 * the current code and generates a new code and send to user.
 *
 * @param sequence TODO
 * @param username TODO
 * @param code
 * @param userDto
 * @return
 * @throws IdentityException
 */
public VerificationBean verifyConfirmationCode(int sequence, String username, String code) throws IdentityException {
    UserRecoveryDataDO dataDO = null;
    String internalCode = getUserInternalCodeStr(sequence, username, code);
    try {
        dataDO = dataStore.load(internalCode);
        if (dataDO != null && sequence != 2 && sequence != 40) {
            if (dataStore instanceof RegistryRecoveryDataStore) {
                dataStore.invalidate(internalCode);
            } else {
                dataStore.invalidate(dataDO);
            }
        }
    } catch (IdentityException e) {
        throw IdentityException.error("Error loading recovery data for user : " + username, e);
    }
    if (dataDO == null && (sequence == 30 || sequence == 20)) {
        return new VerificationBean(false);
    }
    if (dataDO == null) {
        throw IdentityException.error("Invalid confirmation code");
    }
    if (!dataDO.isValid()) {
        throw IdentityException.error("Expired code");
    } else {
        return new VerificationBean(true);
    }
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) RegistryRecoveryDataStore(org.wso2.carbon.identity.mgt.store.RegistryRecoveryDataStore) UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 12 with UserDTO

use of org.wso2.carbon.apimgt.rest.api.store.dto.UserDTO in project carbon-identity-framework by wso2.

the class UserIdentityManagementService method verifyChallengeQuestion.

/**
 * verify challenge questions
 *
 * @return verification results as been
 * @throws IdentityException if any error occurs
 */
public VerificationBean verifyChallengeQuestion(String userName, String confirmation, UserChallengesDTO[] userChallengesDTOs) throws IdentityMgtServiceException {
    VerificationBean bean = new VerificationBean();
    bean.setVerified(false);
    RecoveryProcessor recoveryProcessor = IdentityMgtServiceComponent.getRecoveryProcessor();
    if (userChallengesDTOs == null || userChallengesDTOs.length < 1) {
        log.error("no challenges provided by user for verifications.");
        bean.setError("no challenges provided by user for verifications.");
        return bean;
    }
    UserDTO userDTO = null;
    try {
        userDTO = Utils.processUserId(userName);
    } catch (IdentityException e) {
        throw new IdentityMgtServiceException("Invalid user name.", e);
    }
    if (recoveryProcessor.verifyConfirmationKey(confirmation).isVerified()) {
        log.warn("Invalid user is trying to verify user challenges.");
        bean.setError("Invalid user is trying to verify user challenges.");
        return bean;
    }
    ChallengeQuestionProcessor processor = recoveryProcessor.getQuestionProcessor();
    boolean verification = processor.verifyChallengeQuestion(userDTO.getUserId(), userDTO.getTenantId(), userChallengesDTOs);
    if (verification) {
        String code = UUID.randomUUID().toString();
        try {
            recoveryProcessor.createConfirmationCode(userDTO, code);
        } catch (IdentityException e) {
            log.error("Error while creating confirmation code.", e);
        }
        bean = new VerificationBean(userName, code);
    }
    return bean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) ChallengeQuestionProcessor(org.wso2.carbon.identity.mgt.ChallengeQuestionProcessor) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 13 with UserDTO

use of org.wso2.carbon.apimgt.rest.api.store.dto.UserDTO in project carbon-identity-framework by wso2.

the class UserIdentityManagementService method processPasswordRecovery.

/**
 * process password recovery for given user
 *
 * @return recovery process success or not
 * @throws IdentityException if fails
 */
public boolean processPasswordRecovery(String userId, String confirmationCode, String notificationType) throws IdentityMgtServiceException {
    UserDTO userDTO = null;
    try {
        userDTO = Utils.processUserId(userId);
    } catch (IdentityException e) {
        throw new IdentityMgtServiceException("invalid user name", e);
    }
    RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
    VerificationBean bean = processor.verifyConfirmationKey(confirmationCode);
    if (!bean.isVerified()) {
        log.warn("Invalid user is trying to recover the password : " + userId);
        return false;
    }
    UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
    dto.setNotification(IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY);
    dto.setNotificationType(notificationType);
    NotificationDataDTO dataDTO = null;
    try {
        dataDTO = processor.recoverWithNotification(dto);
    } catch (IdentityException e) {
        throw new IdentityMgtServiceException("Error while password recovery.", e);
    }
    return dataDTO.isNotificationSent();
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 14 with UserDTO

use of org.wso2.carbon.apimgt.rest.api.store.dto.UserDTO in project carbon-identity-framework by wso2.

the class UserInformationRecoveryService method resendSignUpConfiramtionCode.

/**
 * This method is used to resend selef sign up confiration code when user is not recieved email properly
 *
 * @param userName
 * @param code
 * @param profileName
 * @param tenantDomain
 * @return
 * @throws IdentityMgtServiceException
 */
public VerificationBean resendSignUpConfiramtionCode(String userName, String code, String profileName, String tenantDomain) throws IdentityMgtServiceException {
    VerificationBean vBean = new VerificationBean();
    RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
    if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
        String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
            String msg = "Trying to resend self sign up code  in unauthorized tenant space";
            log.error(msg);
            throw new IdentityMgtServiceException(msg);
        }
        if (tenantDomain == null || tenantDomain.isEmpty()) {
            tenantDomain = loggedInTenant;
        }
    }
    int tenantId;
    try {
        tenantId = Utils.getTenantId(tenantDomain);
    } catch (IdentityException e) {
        vBean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error while resending confirmation code", e);
        return vBean;
    }
    try {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            carbonContext.setTenantId(tenantId);
            carbonContext.setTenantDomain(tenantDomain);
        }
        try {
            vBean = processor.verifyConfirmationCode(1, userName, code);
            if (!vBean.isVerified()) {
                vBean.setError(VerificationBean.ERROR_CODE_INVALID_CODE);
                return vBean;
            }
        } catch (IdentityException e) {
            vBean = handleError("Error while validating confirmation code for user : " + userName, e);
            return vBean;
        }
        try {
            String listenerClassName = IdentityMgtConfig.getInstance().getProperty(IdentityMgtConstants.PropertyConfig.IDENTITY_MGT_LISTENER_CLASS);
            if (StringUtils.isBlank(listenerClassName)) {
                listenerClassName = IdentityMgtEventListener.class.getName();
            }
            IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty(UserOperationEventListener.class.getName(), listenerClassName);
            boolean isListenerEnable = true;
            if (identityEventListenerConfig != null) {
                if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
                    isListenerEnable = Boolean.parseBoolean(identityEventListenerConfig.getEnable());
                }
            }
            IdentityMgtConfig config = IdentityMgtConfig.getInstance();
            if (isListenerEnable && config.isAuthPolicyAccountLockOnCreation()) {
                UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
                userDTO.setTenantId(tenantId);
                UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
                dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
                dto.setNotificationType("EMAIL");
                vBean = processor.updateConfirmationCode(1, userName, tenantId);
                dto.setConfirmationCode(vBean.getKey());
                NotificationDataDTO notificationDto = processor.notifyWithEmail(dto);
                vBean.setVerified(notificationDto.isNotificationSent());
                // Send email data only if not internally managed.
                if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
                    vBean.setNotificationData(notificationDto);
                }
            } else {
                vBean.setVerified(true);
            }
        } catch (IdentityException e) {
            vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e, userName);
            return vBean;
        }
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    return vBean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO) IdentityException(org.wso2.carbon.identity.base.IdentityException) IdentityMgtEventListener(org.wso2.carbon.identity.mgt.IdentityMgtEventListener) IdentityEventListenerConfig(org.wso2.carbon.identity.core.model.IdentityEventListenerConfig) IdentityMgtConfig(org.wso2.carbon.identity.mgt.IdentityMgtConfig)

Example 15 with UserDTO

use of org.wso2.carbon.apimgt.rest.api.store.dto.UserDTO in project carbon-identity-framework by wso2.

the class UserInformationRecoveryService method getUserChallengeQuestionIds.

public ChallengeQuestionIdsDTO getUserChallengeQuestionIds(String username, String confirmation) throws IdentityMgtServiceException {
    UserDTO userDTO = null;
    ChallengeQuestionIdsDTO idsDTO = new ChallengeQuestionIdsDTO();
    if (log.isDebugEnabled()) {
        log.debug("User challenge questions id request received with username: " + username);
    }
    try {
        userDTO = Utils.processUserId(username);
    } catch (IdentityException e) {
        idsDTO = handleChallengeIdError(VerificationBean.ERROR_CODE_INVALID_USER + " Error validating user : " + username, e);
        return idsDTO;
    }
    try {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            carbonContext.setTenantId(userDTO.getTenantId());
            carbonContext.setTenantDomain(userDTO.getTenantDomain());
        }
        RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
        VerificationBean bean = null;
        try {
            bean = processor.verifyConfirmationCode(1, userDTO.getUserId(), confirmation);
            if (bean.isVerified()) {
                bean = processor.updateConfirmationCode(20, userDTO.getUserId(), userDTO.getTenantId());
            } else {
                bean.setVerified(false);
            }
        } catch (IdentityException e1) {
            idsDTO = UserIdentityManagementUtil.getCustomErrorMessagesForChallengeQuestionIds(e1, username);
            if (idsDTO == null) {
                idsDTO = handleChallengeIdError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error when validating " + "code", e1);
            }
            return idsDTO;
        }
        if (bean.isVerified()) {
            try {
                idsDTO = processor.getQuestionProcessor().getUserChallengeQuestionIds(userDTO.getUserId(), userDTO.getTenantId());
                idsDTO.setKey(bean.getKey());
                if (log.isDebugEnabled()) {
                    log.debug("User challenge question response successful for user: " + username);
                }
            } catch (Exception e) {
                idsDTO = handleChallengeIdError(VerificationBean.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND + " Error when getting user challenge questions for user : " + username, e);
                return idsDTO;
            }
        } else {
            String msg = "Verification failed for user. Error : " + bean.getError();
            log.error(msg);
            idsDTO.setError(VerificationBean.ERROR_CODE_UNEXPECTED + " " + msg);
            idsDTO.setKey("");
        }
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    return idsDTO;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) ChallengeQuestionIdsDTO(org.wso2.carbon.identity.mgt.dto.ChallengeQuestionIdsDTO) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) IdentityException(org.wso2.carbon.identity.base.IdentityException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Aggregations

IdentityException (org.wso2.carbon.identity.base.IdentityException)23 UserDTO (org.wso2.carbon.identity.mgt.dto.UserDTO)22 VerificationBean (org.wso2.carbon.identity.mgt.beans.VerificationBean)19 RecoveryProcessor (org.wso2.carbon.identity.mgt.RecoveryProcessor)17 UserStoreException (org.wso2.carbon.user.api.UserStoreException)17 IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)14 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)12 Test (org.testng.annotations.Test)10 UserDTO (org.wso2.carbon.identity.user.rename.core.dto.UserDTO)10 UserRecoveryDTO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)9 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)9 RealmService (org.wso2.carbon.user.core.service.RealmService)9 TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)8 UserDTO (org.wso2.carbon.identity.test.integration.service.stub.UserDTO)7 UserDTO (org.wso2.carbon.identity.user.endpoint.dto.UserDTO)6 NotificationDataDTO (org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)5 UserChallengesDTO (org.wso2.carbon.identity.mgt.dto.UserChallengesDTO)4 User (org.wso2.carbon.apimgt.core.models.User)3 User (org.wso2.carbon.identity.application.common.model.User)3 ChallengeQuestionProcessor (org.wso2.carbon.identity.mgt.ChallengeQuestionProcessor)3