use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.
the class UserSelfRegistrationHandler method isNotificationChannelVerified.
/**
* Checks whether the notification channel is already verified for the user.
*
* @param username Username
* @param tenantDomain Tenant domain
* @param notificationChannel Notification channel
* @param eventProperties Properties related to the event
* @return True if the channel is already verified.
*/
private boolean isNotificationChannelVerified(String username, String tenantDomain, String notificationChannel, Map<String, Object> eventProperties) throws IdentityRecoveryClientException {
boolean isEnableAccountLockForVerifiedPreferredChannelEnabled = Boolean.parseBoolean(IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ACCOUNT_LOCK_FOR_VERIFIED_PREFERRED_CHANNEL));
if (!isEnableAccountLockForVerifiedPreferredChannelEnabled) {
if (log.isDebugEnabled()) {
String message = String.format("SkipAccountLockOnVerifiedPreferredChannel is enabled for user : %s in domain : %s. " + "Checking whether the user is already verified", username, tenantDomain);
log.debug(message);
}
// Get the notification channel which matches the given channel type.
NotificationChannels channel = getNotificationChannel(username, notificationChannel);
// Get the matching claim uri for the channel.
String verifiedClaimUri = channel.getVerifiedClaimUrl();
// Get the verified status for given channel.
boolean notificationChannelVerified = Boolean.parseBoolean((String) eventProperties.get(verifiedClaimUri));
if (notificationChannelVerified) {
if (log.isDebugEnabled()) {
String message = String.format("Preferred Notification channel : %1$s is verified for the user : %2$s " + "in domain : %3$s. Therefore, no notifications will be sent.", notificationChannel, username, tenantDomain);
log.debug(message);
}
}
return notificationChannelVerified;
}
return false;
}
use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.
the class UserAccountRecoveryManager method getExternalNotificationChannelList.
/**
* Get the notification channel list when the notification channel is external.
*
* @return External notification channel information.
*/
private List<NotificationChannel> getExternalNotificationChannelList() {
NotificationChannel channelDataModel = new NotificationChannel();
channelDataModel.setType(NotificationChannels.EXTERNAL_CHANNEL.getChannelType());
List<NotificationChannel> notificationChannels = new ArrayList<>();
notificationChannels.add(channelDataModel);
return notificationChannels;
}
use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.
the class UserAccountRecoveryManager method createRequiredChannelClaimsList.
/**
* Create required claim list from the attributes in the Notification channel list. The required claims will be
* used to get user's attributes.
*
* @return Required claims list.
*/
private String[] createRequiredChannelClaimsList() {
List<String> requiredClaims = new ArrayList<>();
for (NotificationChannels channel : notificationChannels) {
requiredClaims.add(channel.getClaimUri());
requiredClaims.add(channel.getVerifiedClaimUrl());
}
requiredClaims.add(IdentityRecoveryConstants.PREFERRED_CHANNEL_CLAIM);
// Get the list of roles that the user has since the channel selection criteria changes with the availability
// of INTERNAL/selfsignup role.
requiredClaims.add(IdentityRecoveryConstants.USER_ROLES_CLAIM);
return requiredClaims.toArray(new String[0]);
}
use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.
the class UserAccountRecoveryManager method retrieveUserRecoveryInformation.
/**
* Initiate the recovery flow for the user with matching claims.
*
* @param claims User claims
* @param tenantDomain Tenant domain
* @param recoveryScenario Recovery scenario
* @param properties Meta properties
* @return RecoveryChannelInfoDTO object.
*/
public RecoveryChannelInfoDTO retrieveUserRecoveryInformation(Map<String, String> claims, String tenantDomain, RecoveryScenarios recoveryScenario, Map<String, String> properties) throws IdentityRecoveryException {
// Retrieve the user who matches the given set of claims.
String username = getUsernameByClaims(claims, tenantDomain);
if (StringUtils.isNotEmpty(username)) {
User user = Utils.buildUser(username, tenantDomain);
// If the account is locked or disabled, do not let the user to recover the account.
checkAccountLockedStatus(user);
List<NotificationChannel> notificationChannels;
// Get the notification management mechanism.
boolean isNotificationsInternallyManaged = Utils.isNotificationsInternallyManaged(tenantDomain, properties);
/* If the notification is internally managed, then notification channels available for the user needs to
be retrieved. If external notifications are enabled, external channel list should be returned.*/
if (isNotificationsInternallyManaged) {
notificationChannels = getInternalNotificationChannelList(username, tenantDomain, recoveryScenario);
} else {
notificationChannels = getExternalNotificationChannelList();
}
// Validate whether the user account is eligible for account recovery.
checkUserValidityForAccountRecovery(user, recoveryScenario, notificationChannels, properties);
// This flow will be initiated only if the user has any verified channels.
NotificationChannelDTO[] notificationChannelDTOS = getNotificationChannelsResponseDTOList(tenantDomain, notificationChannels);
UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
// Get the existing RESEND_CONFIRMATION_CODE details if there is any.
UserRecoveryData recoveryDataDO = userRecoveryDataStore.loadWithoutCodeExpiryValidation(user, recoveryScenario, RecoverySteps.RESEND_CONFIRMATION_CODE);
String recoveryCode = UUIDGenerator.generateUUID();
String notificationChannelList = getNotificationChannelListForRecovery(notificationChannels);
/* Check whether the existing confirmation code can be used based on the email confirmation code tolerance
with the extracted RESEND_CONFIRMATION_CODE details. */
if (Utils.reIssueExistingConfirmationCode(recoveryDataDO, NotificationChannels.EMAIL_CHANNEL.getChannelType())) {
/* Update the existing RESEND_CONFIRMATION_CODE details with new code details without changing the
time created of the RESEND_CONFIRMATION_CODE. */
userRecoveryDataStore.invalidateWithoutChangeTimeCreated(recoveryDataDO.getSecret(), recoveryCode, RecoverySteps.SEND_RECOVERY_INFORMATION, notificationChannelList);
} else {
addRecoveryDataObject(username, tenantDomain, recoveryCode, recoveryScenario, notificationChannelList);
}
return buildUserRecoveryInformationResponseDTO(username, recoveryCode, notificationChannelDTOS);
} else {
if (log.isDebugEnabled()) {
log.debug("No valid user found for the given claims");
}
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_USER_FOUND, null);
}
}
use of org.wso2.carbon.identity.governance.service.notification.NotificationChannels in project identity-governance by wso2-extensions.
the class UserSelfRegistrationManager method getChannelVerifiedClaim.
/**
* Get the verified channel claim associated with the externally verified channel.
*
* @param username Username of the user
* @param verifiedChannelType Verified channel type
* @param verifiedChannelClaim Verified channel claim
* @return Verified claim associated with the externally verified channel
*/
private String getChannelVerifiedClaim(String username, String verifiedChannelType, String verifiedChannelClaim) throws IdentityRecoveryException {
if (StringUtils.isNotEmpty(verifiedChannelType) && StringUtils.isNotEmpty(verifiedChannelClaim)) {
// Get the notification channel which matches the given channel type
NotificationChannels channel = getNotificationChannel(username, verifiedChannelType);
String channelClaim = channel.getClaimUri();
// Check whether the channels claims are matching.
if (channelClaim.equals(verifiedChannelClaim)) {
return channel.getVerifiedClaimUrl();
} else {
if (log.isDebugEnabled()) {
String error = String.format("Channel claim: %s in the request does not match the channel claim " + "bound to channelType : %s", verifiedChannelType, verifiedChannelType);
log.debug(error);
}
throw new IdentityRecoveryException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNSUPPORTED_VERIFICATION_CHANNEL.getMessage(), IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNSUPPORTED_VERIFICATION_CHANNEL.getCode());
}
} else {
if (log.isDebugEnabled()) {
log.debug("Externally verified channels are not specified");
}
return null;
}
}
Aggregations