use of org.wso2.carbon.captcha.mgt.beans.xsd.CaptchaInfoBean in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method verifyConfirmationCode.
/**
* This method is used to verify the confirmation code sent to user is
* correct and validates. Before calling this method it needs to supply a
* Captcha and should call getCaptcha().
*
* @param username - username of whom the password needs to be recovered.
* @param code - confirmation code sent to user by notification.
* @param captcha - generated captcha with answer for this communication.
* @return - VerificationBean with new code to be used in updatePassword().
* @throws IdentityMgtServiceException
*/
public VerificationBean verifyConfirmationCode(String username, String code, CaptchaInfoBean captcha) throws IdentityMgtServiceException {
UserDTO userDTO;
VerificationBean bean = new VerificationBean();
if (log.isDebugEnabled()) {
log.debug("User confirmation code verification request received with username :" + username);
}
if (IdentityMgtConfig.getInstance().isCaptchaVerificationInternallyManaged()) {
try {
CaptchaUtil.processCaptchaInfoBean(captcha);
} catch (Exception e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Error while validating captcha for user : " + username, e);
return bean;
}
}
try {
userDTO = Utils.processUserId(username);
} catch (IdentityException e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " invalid user : " + username, e);
return bean;
}
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(userDTO.getTenantId());
carbonContext.setTenantDomain(userDTO.getTenantDomain());
}
try {
bean = processor.verifyConfirmationCode(2, userDTO.getUserId(), code);
if (bean.isVerified()) {
bean = processor.updateConfirmationCode(3, userDTO.getUserId(), userDTO.getTenantId());
if (log.isDebugEnabled()) {
log.debug("User confirmation code verification successful for user: " + username);
}
} else {
bean.setVerified(false);
bean.setKey("");
log.error(bean.getError());
}
} catch (IdentityException e) {
bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e, username);
if (bean.getError() == null) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Error verifying confirmation code for " + "user : " + username, e);
}
return bean;
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return bean;
}
use of org.wso2.carbon.captcha.mgt.beans.xsd.CaptchaInfoBean in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method verifyUser.
public VerificationBean verifyUser(String username, CaptchaInfoBean captcha) throws IdentityMgtServiceException {
UserDTO userDTO;
VerificationBean bean;
if (log.isDebugEnabled()) {
log.debug("User verification request received with username : " + username);
}
if (IdentityMgtConfig.getInstance().isCaptchaVerificationInternallyManaged()) {
try {
CaptchaUtil.processCaptchaInfoBean(captcha);
} catch (Exception e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_CAPTCHA + " Error while validating captcha", e);
return bean;
}
}
try {
userDTO = Utils.processUserId(username);
} catch (IdentityException e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " invalid user : " + username, e);
return bean;
}
try {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(userDTO.getTenantId());
carbonContext.setTenantDomain(userDTO.getTenantDomain());
}
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
bean = processor.verifyUserForRecovery(1, userDTO);
if (bean.getError() != null) {
if (bean.getError().contains(VerificationBean.ERROR_CODE_INVALID_USER)) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " User does not exist : " + username, null);
} else if (bean.getError().contains(VerificationBean.ERROR_CODE_DISABLED_ACCOUNT)) {
bean = handleError(VerificationBean.ERROR_CODE_DISABLED_ACCOUNT + " Account is disabled for user " + username + ". Can not allow to recover.", null);
} else {
bean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error verifying user : " + username, null);
}
}
return bean;
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
}
use of org.wso2.carbon.captcha.mgt.beans.xsd.CaptchaInfoBean in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method confirmUserSelfRegistration.
/**
* This method used to confirm the self registered user account and unlock it.
*
* @param username
* @param code
* @param captcha
* @param tenantDomain
* @return
* @throws IdentityMgtServiceException
*/
public VerificationBean confirmUserSelfRegistration(String username, String code, CaptchaInfoBean captcha, String tenantDomain) throws IdentityMgtServiceException {
VerificationBean bean = new VerificationBean();
if (log.isDebugEnabled()) {
log.debug("User registration verification request received with username :" + username);
}
if (IdentityMgtConfig.getInstance().isCaptchaVerificationInternallyManaged()) {
try {
CaptchaUtil.processCaptchaInfoBean(captcha);
} catch (Exception e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_CAPTCHA + " Error while validating captcha for user : " + username, e);
return bean;
}
}
if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
String msg = "Trying to confirm users in unauthorized tenant space";
log.error(msg);
return handleError(VerificationBean.ERROR_CODE_INVALID_TENANT + " " + msg, null);
}
if (tenantDomain == null || tenantDomain.isEmpty()) {
tenantDomain = loggedInTenant;
}
}
UserDTO userDTO = null;
try {
userDTO = Utils.processUserId(username + "@" + tenantDomain);
} catch (IdentityException e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " Error verifying user account for user : " + username, e);
return bean;
}
try {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(userDTO.getTenantId());
carbonContext.setTenantDomain(userDTO.getTenantDomain());
}
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
org.wso2.carbon.user.core.UserStoreManager userStoreManager = null;
RealmService realmService = IdentityMgtServiceComponent.getRealmService();
int tenantId;
try {
tenantId = Utils.getTenantId(tenantDomain);
if (realmService.getTenantUserRealm(tenantId) != null) {
userStoreManager = (org.wso2.carbon.user.core.UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
if (username != null && username.contains(UserCoreConstants.DOMAIN_SEPARATOR)) {
userStoreManager = userStoreManager.getSecondaryUserStoreManager(Utils.getUserStoreDomainName(username));
}
}
} catch (Exception e) {
bean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + "Error retrieving the user store manager" + " for the tenant : " + tenantDomain, e);
return bean;
}
try {
bean = processor.verifyConfirmationCode(1, username, code);
if (bean.isVerified()) {
UserIdentityManagementUtil.unlockUserAccount(username, userStoreManager);
bean.setVerified(true);
} else {
bean.setVerified(false);
bean.setKey("");
log.error("User verification failed against the given confirmation code");
}
} catch (IdentityException e) {
bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e, username);
if (bean.getError() == null) {
bean = handleError("Error while validating confirmation code for user : " + username, e);
}
return bean;
}
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return bean;
}
use of org.wso2.carbon.captcha.mgt.beans.xsd.CaptchaInfoBean in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method verifyAccount.
/**
* Verifies the user against the provided claims and captcha information.
*
* @param claims
* @param captcha
* @param tenantDomain
* @return
* @throws IdentityMgtServiceException
*/
public VerificationBean verifyAccount(UserIdentityClaimDTO[] claims, CaptchaInfoBean captcha, String tenantDomain) throws IdentityMgtServiceException {
VerificationBean vBean = new VerificationBean();
if (IdentityMgtConfig.getInstance().isCaptchaVerificationInternallyManaged()) {
try {
CaptchaUtil.processCaptchaInfoBean(captcha);
} catch (Exception e) {
vBean = handleError(VerificationBean.ERROR_CODE_INVALID_CAPTCHA + " Error processing captcha", e);
return vBean;
}
}
if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
String msg = "Trying to verify account unauthorized tenant space";
log.error(msg);
throw new IdentityMgtServiceException(msg);
}
if (tenantDomain == null || tenantDomain.isEmpty()) {
tenantDomain = loggedInTenant;
}
}
try {
int tenantId = Utils.getTenantId(tenantDomain);
String userName = UserIdentityManagementUtil.getUsernameByClaims(claims, tenantId);
if (userName != null) {
UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
userDTO.setTenantId(tenantId);
UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY);
dto.setNotificationType("EMAIL");
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
NotificationDataDTO notificationDto = processor.notifyWithEmail(dto);
vBean.setVerified(notificationDto.isNotificationSent());
// Send email data only if not internally managed.
if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
vBean.setNotificationData(notificationDto);
}
} else {
vBean.setError("User not found");
vBean.setVerified(false);
}
} catch (Exception e) {
vBean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " Error verifying user account", e);
return vBean;
}
return vBean;
}
Aggregations