Search in sources :

Example 1 with NotificationChannels

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.

the class UserSelfRegistrationHandler method isNotificationChannelVerified.

/**
 * Checks whether the notification channel is already verified for the user.
 *
 * @param username            Username
 * @param tenantDomain        Tenant domain
 * @param notificationChannel Notification channel
 * @param eventProperties     Properties related to the event
 * @return True if the channel is already verified.
 */
private boolean isNotificationChannelVerified(String username, String tenantDomain, String notificationChannel, Map<String, Object> eventProperties) throws IdentityRecoveryClientException {
    boolean isEnableAccountLockForVerifiedPreferredChannelEnabled = Boolean.parseBoolean(IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ACCOUNT_LOCK_FOR_VERIFIED_PREFERRED_CHANNEL));
    if (!isEnableAccountLockForVerifiedPreferredChannelEnabled) {
        if (log.isDebugEnabled()) {
            String message = String.format("SkipAccountLockOnVerifiedPreferredChannel is enabled for user : %s in domain : %s. " + "Checking whether the user is already verified", username, tenantDomain);
            log.debug(message);
        }
        // Get the notification channel which matches the given channel type.
        NotificationChannels channel = getNotificationChannel(username, notificationChannel);
        // Get the matching claim uri for the channel.
        String verifiedClaimUri = channel.getVerifiedClaimUrl();
        // Get the verified status for given channel.
        boolean notificationChannelVerified = Boolean.parseBoolean((String) eventProperties.get(verifiedClaimUri));
        if (notificationChannelVerified) {
            if (log.isDebugEnabled()) {
                String message = String.format("Preferred Notification channel : %1$s is verified for the user : %2$s " + "in domain : %3$s. Therefore, no notifications will be sent.", notificationChannel, username, tenantDomain);
                log.debug(message);
            }
        }
        return notificationChannelVerified;
    }
    return false;
}
Also used : NotificationChannels(org.wso2.carbon.identity.governance.service.notification.NotificationChannels)

Example 2 with NotificationChannels

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.

the class UserAccountRecoveryManager method getExternalNotificationChannelList.

/**
 * Get the notification channel list when the notification channel is external.
 *
 * @return External notification channel information.
 */
private List<NotificationChannel> getExternalNotificationChannelList() {
    NotificationChannel channelDataModel = new NotificationChannel();
    channelDataModel.setType(NotificationChannels.EXTERNAL_CHANNEL.getChannelType());
    List<NotificationChannel> notificationChannels = new ArrayList<>();
    notificationChannels.add(channelDataModel);
    return notificationChannels;
}
Also used : NotificationChannel(org.wso2.carbon.identity.recovery.model.NotificationChannel) ArrayList(java.util.ArrayList)

Example 3 with NotificationChannels

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.

the class UserAccountRecoveryManager method createRequiredChannelClaimsList.

/**
 * Create required claim list from the attributes in the Notification channel list. The required claims will be
 * used to get user's attributes.
 *
 * @return Required claims list.
 */
private String[] createRequiredChannelClaimsList() {
    List<String> requiredClaims = new ArrayList<>();
    for (NotificationChannels channel : notificationChannels) {
        requiredClaims.add(channel.getClaimUri());
        requiredClaims.add(channel.getVerifiedClaimUrl());
    }
    requiredClaims.add(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM);
    // Get the list of roles that the user has since the channel selection criteria changes with the availability
    // of INTERNAL/selfsignup role.
    requiredClaims.add(IdentityRecoveryConstants.USER_ROLES_CLAIM);
    return requiredClaims.toArray(new String[0]);
}
Also used : NotificationChannels(org.wso2.carbon.identity.governance.service.notification.NotificationChannels) ArrayList(java.util.ArrayList)

Example 4 with NotificationChannels

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.

the class UserAccountRecoveryManager method retrieveUserRecoveryInformation.

/**
 * Initiate the recovery flow for the user with matching claims.
 *
 * @param claims           User claims
 * @param tenantDomain     Tenant domain
 * @param recoveryScenario Recovery scenario
 * @param properties       Meta properties
 * @return RecoveryChannelInfoDTO object.
 */
public RecoveryChannelInfoDTO retrieveUserRecoveryInformation(Map<String, String> claims, String tenantDomain, RecoveryScenarios recoveryScenario, Map<String, String> properties) throws IdentityRecoveryException {
    // Retrieve the user who matches the given set of claims.
    String username = getUsernameByClaims(claims, tenantDomain);
    if (StringUtils.isNotEmpty(username)) {
        User user = Utils.buildUser(username, tenantDomain);
        // If the account is locked or disabled, do not let the user to recover the account.
        checkAccountLockedStatus(user);
        List<NotificationChannel> notificationChannels;
        // Get the notification management mechanism.
        boolean isNotificationsInternallyManaged = Utils.isNotificationsInternallyManaged(tenantDomain, properties);
        /* If the notification is internally managed, then notification channels available for the user needs to
            be retrieved. If external notifications are enabled, external channel list should be returned.*/
        if (isNotificationsInternallyManaged) {
            notificationChannels = getInternalNotificationChannelList(username, tenantDomain, recoveryScenario);
        } else {
            notificationChannels = getExternalNotificationChannelList();
        }
        // Validate whether the user account is eligible for account recovery.
        checkUserValidityForAccountRecovery(user, recoveryScenario, notificationChannels, properties);
        // This flow will be initiated only if the user has any verified channels.
        NotificationChannelDTO[] notificationChannelDTOS = getNotificationChannelsResponseDTOList(tenantDomain, notificationChannels);
        UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
        // Get the existing RESEND_CONFIRMATION_CODE details if there is any.
        UserRecoveryData recoveryDataDO = userRecoveryDataStore.loadWithoutCodeExpiryValidation(user, recoveryScenario, RecoverySteps.RESEND_CONFIRMATION_CODE);
        String recoveryCode = UUIDGenerator.generateUUID();
        String notificationChannelList = getNotificationChannelListForRecovery(notificationChannels);
        /* Check whether the existing confirmation code can be used based on the email confirmation code tolerance
               with the extracted RESEND_CONFIRMATION_CODE details. */
        if (Utils.reIssueExistingConfirmationCode(recoveryDataDO, NotificationChannels.EMAIL_CHANNEL.getChannelType())) {
            /* Update the existing RESEND_CONFIRMATION_CODE details with new code details without changing the
                   time created of the RESEND_CONFIRMATION_CODE. */
            userRecoveryDataStore.invalidateWithoutChangeTimeCreated(recoveryDataDO.getSecret(), recoveryCode, RecoverySteps.SEND_RECOVERY_INFORMATION, notificationChannelList);
        } else {
            addRecoveryDataObject(username, tenantDomain, recoveryCode, recoveryScenario, notificationChannelList);
        }
        return buildUserRecoveryInformationResponseDTO(username, recoveryCode, notificationChannelDTOS);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("No valid user found for the given claims");
        }
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_USER_FOUND, null);
    }
}
Also used : NotificationChannel(org.wso2.carbon.identity.recovery.model.NotificationChannel) User(org.wso2.carbon.identity.application.common.model.User) NotificationChannelDTO(org.wso2.carbon.identity.recovery.dto.NotificationChannelDTO) UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData) UserRecoveryDataStore(org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)

Example 5 with NotificationChannels

use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.

the class UserSelfRegistrationManager method getChannelVerifiedClaim.

/**
 * Get the verified channel claim associated with the externally verified channel.
 *
 * @param username             Username of the user
 * @param verifiedChannelType  Verified channel type
 * @param verifiedChannelClaim Verified channel claim
 * @return Verified claim associated with the externally verified channel
 */
private String getChannelVerifiedClaim(String username, String verifiedChannelType, String verifiedChannelClaim) throws IdentityRecoveryException {
    if (StringUtils.isNotEmpty(verifiedChannelType) && StringUtils.isNotEmpty(verifiedChannelClaim)) {
        // Get the notification channel which matches the given channel type
        NotificationChannels channel = getNotificationChannel(username, verifiedChannelType);
        String channelClaim = channel.getClaimUri();
        // Check whether the channels claims are matching.
        if (channelClaim.equals(verifiedChannelClaim)) {
            return channel.getVerifiedClaimUrl();
        } else {
            if (log.isDebugEnabled()) {
                String error = String.format("Channel claim: %s in the request does not match the channel claim " + "bound to channelType : %s", verifiedChannelType, verifiedChannelType);
                log.debug(error);
            }
            throw new IdentityRecoveryException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNSUPPORTED_VERIFICATION_CHANNEL.getMessage(), IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNSUPPORTED_VERIFICATION_CHANNEL.getCode());
        }
    } else {
        if (log.isDebugEnabled()) {
            log.debug("Externally verified channels are not specified");
        }
        return null;
    }
}
Also used : NotificationChannels(org.wso2.carbon.identity.governance.service.notification.NotificationChannels) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException)

Aggregations

NotificationChannels (org.wso2.carbon.identity.governance.service.notification.NotificationChannels)6 NotificationChannel (org.wso2.carbon.identity.recovery.model.NotificationChannel)5 ArrayList (java.util.ArrayList)4 NotificationChannelDTO (org.wso2.carbon.identity.recovery.dto.NotificationChannelDTO)2 User (org.wso2.carbon.identity.application.common.model.User)1 IdentityRecoveryException (org.wso2.carbon.identity.recovery.IdentityRecoveryException)1 UserRecoveryData (org.wso2.carbon.identity.recovery.model.UserRecoveryData)1 UserRecoveryDataStore (org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)1