Search in sources :

Example 1 with UserIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserIdentityDataStore in project carbon-identity-framework by wso2.

the class UserIdentityManagementUtil method updateUserIdentityClaims.

/**
 * Updates users recovery data such as the phone number, email etc
 *
 * @param userStoreManager
 * @param userIdentityRecoveryData
 * @throws IdentityException
 */
public static void updateUserIdentityClaims(String userName, UserStoreManager userStoreManager, UserIdentityClaimDTO[] userIdentityRecoveryData) throws IdentityException {
    UserIdentityDataStore store = IdentityMgtConfig.getInstance().getIdentityDataStore();
    UserIdentityClaimsDO userIdentityDO = store.load(userName, userStoreManager);
    if (userIdentityDO != null) {
        userIdentityDO.updateUserIdentityRecoveryData(userIdentityRecoveryData);
        store.store(userIdentityDO, userStoreManager);
    } else {
        throw IdentityException.error("No user account found for user " + userName);
    }
}
Also used : UserIdentityDataStore(org.wso2.carbon.identity.mgt.store.UserIdentityDataStore) UserIdentityClaimsDO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO)

Example 2 with UserIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserIdentityDataStore in project carbon-identity-framework by wso2.

the class IdentityMgtEventListener method doPreUpdateCredential.

/**
 * This method is used to check pre conditions when changing the user
 * password.
 */
@Override
public boolean doPreUpdateCredential(String userName, Object newCredential, Object oldCredential, UserStoreManager userStoreManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    if (log.isDebugEnabled()) {
        log.debug("Pre update credential is called in IdentityMgtEventListener");
    }
    try {
        if (!IdentityUtil.threadLocalProperties.get().containsKey(DO_PRE_UPDATE_CREDENTIAL)) {
            IdentityUtil.threadLocalProperties.get().put(DO_PRE_UPDATE_CREDENTIAL, true);
            IdentityMgtConfig config = IdentityMgtConfig.getInstance();
            UserIdentityDataStore identityDataStore = IdentityMgtConfig.getInstance().getIdentityDataStore();
            UserIdentityClaimsDO identityDTO = identityDataStore.load(userName, userStoreManager);
            boolean isAccountDisabled = false;
            if (identityDTO != null) {
                isAccountDisabled = identityDTO.getIsAccountDisabled();
            } else {
                throw new UserStoreException("Cannot get the user account active status.");
            }
            if (isAccountDisabled) {
                IdentityErrorMsgContext customErrorMessageContext = new IdentityErrorMsgContext(IdentityCoreConstants.USER_ACCOUNT_DISABLED_ERROR_CODE);
                IdentityUtil.setIdentityErrorMsg(customErrorMessageContext);
                // account is already disabled and trying to update the credential without enabling it
                log.warn("Trying to update credential of a disabled user account. This is not permitted.");
                throw new UserStoreException("User account is disabled, can't update credential without enabling.");
            }
            try {
                // Enforcing the password policies.
                if (newCredential != null && (newCredential instanceof String && (newCredential.toString().trim().length() > 0))) {
                    policyRegistry.enforcePasswordPolicies(newCredential.toString(), userName);
                }
            } catch (PolicyViolationException pe) {
                throw new UserStoreException(pe.getMessage(), pe);
            }
        }
        return true;
    } finally {
        // Remove thread local variable
        IdentityUtil.threadLocalProperties.get().remove(DO_PRE_UPDATE_CREDENTIAL);
    }
}
Also used : UserIdentityDataStore(org.wso2.carbon.identity.mgt.store.UserIdentityDataStore) UserStoreException(org.wso2.carbon.user.core.UserStoreException) UserIdentityClaimsDO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO) PolicyViolationException(org.wso2.carbon.identity.mgt.policy.PolicyViolationException) IdentityErrorMsgContext(org.wso2.carbon.identity.core.model.IdentityErrorMsgContext)

Example 3 with UserIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserIdentityDataStore in project carbon-identity-framework by wso2.

the class IdentityMgtEventListener method doPreUpdateCredentialByAdmin.

/**
 * This method is used when the admin is updating the credentials with an
 * empty credential. A random password will be generated and will be mailed
 * to the user.
 */
@Override
public boolean doPreUpdateCredentialByAdmin(String userName, Object newCredential, UserStoreManager userStoreManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    if (log.isDebugEnabled()) {
        log.debug("Pre update credential by admin is called in IdentityMgtEventListener");
    }
    // Top level try and finally blocks are used to unset thread local variables
    try {
        if (!IdentityUtil.threadLocalProperties.get().containsKey(DO_PRE_UPDATE_CREDENTIAL_BY_ADMIN)) {
            IdentityUtil.threadLocalProperties.get().put(DO_PRE_UPDATE_CREDENTIAL_BY_ADMIN, true);
            IdentityMgtConfig config = IdentityMgtConfig.getInstance();
            UserIdentityDataStore identityDataStore = IdentityMgtConfig.getInstance().getIdentityDataStore();
            UserIdentityClaimsDO identityDTO = identityDataStore.load(userName, userStoreManager);
            boolean isAccountDisabled = false;
            if (identityDTO != null) {
                isAccountDisabled = identityDTO.getIsAccountDisabled();
            } else {
                throw new UserStoreException("Cannot get the user account active status.");
            }
            if (isAccountDisabled) {
                IdentityErrorMsgContext customErrorMessageContext = new IdentityErrorMsgContext(IdentityCoreConstants.USER_ACCOUNT_DISABLED_ERROR_CODE);
                IdentityUtil.setIdentityErrorMsg(customErrorMessageContext);
                // account is already disabled and trying to update the credential without enabling it
                log.warn("Trying to update credential of a disabled user account. This is not permitted.");
                throw new UserStoreException("User account is disabled, can't update credential without enabling.");
            }
            try {
                // Enforcing the password policies.
                if (newCredential != null && (newCredential instanceof StringBuffer && (newCredential.toString().trim().length() > 0))) {
                    policyRegistry.enforcePasswordPolicies(newCredential.toString(), userName);
                }
            } catch (PolicyViolationException pe) {
                throw new UserStoreException(pe.getMessage(), pe);
            }
            if (newCredential == null || (newCredential instanceof StringBuffer && ((StringBuffer) newCredential).toString().trim().length() < 1)) {
                if (!config.isEnableTemporaryPassword()) {
                    log.error("Empty passwords are not allowed");
                    return false;
                }
                if (log.isDebugEnabled()) {
                    log.debug("Credentials are null. Using a temporary password as credentials");
                }
                // temporary passwords will be used
                char[] temporaryPassword = UserIdentityManagementUtil.generateTemporaryPassword();
                // setting the password value
                ((StringBuffer) newCredential).replace(0, temporaryPassword.length, new String(temporaryPassword));
                UserIdentityMgtBean bean = new UserIdentityMgtBean();
                bean.setUserId(userName);
                bean.setConfirmationCode(newCredential.toString());
                bean.setRecoveryType(IdentityMgtConstants.Notification.TEMPORARY_PASSWORD);
                if (log.isDebugEnabled()) {
                    log.debug("Sending the temporary password to the user " + userName);
                }
                UserIdentityManagementUtil.notifyViaEmail(bean);
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("Updating credentials of user " + userName + " by admin with a non-empty password");
                }
            }
        }
        return true;
    } finally {
        // Remove thread local variable
        IdentityUtil.threadLocalProperties.get().remove(DO_PRE_UPDATE_CREDENTIAL_BY_ADMIN);
    }
}
Also used : UserIdentityMgtBean(org.wso2.carbon.identity.mgt.beans.UserIdentityMgtBean) UserIdentityDataStore(org.wso2.carbon.identity.mgt.store.UserIdentityDataStore) UserStoreException(org.wso2.carbon.user.core.UserStoreException) UserIdentityClaimsDO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO) PolicyViolationException(org.wso2.carbon.identity.mgt.policy.PolicyViolationException) IdentityErrorMsgContext(org.wso2.carbon.identity.core.model.IdentityErrorMsgContext)

Example 4 with UserIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserIdentityDataStore in project identity-governance by wso2-extensions.

the class IdentityStoreEventListenerTest method testDoPostGetUserClaimValues.

@Test(dataProvider = "getUserClaimHandler")
public void testDoPostGetUserClaimValues(String userName, Object pwd, String[] claimList, Map<String, String> claims, String prof) throws Exception {
    realmConfiguration = mock(RealmConfiguration.class);
    userIdentityDataStore = mock(UserIdentityDataStore.class);
    Field fieldIdentityStore = IdentityStoreEventListener.class.getDeclaredField("identityDataStore");
    fieldIdentityStore.setAccessible(true);
    fieldIdentityStore.set(identityStoreEventListener, userIdentityDataStore);
    Assert.assertTrue(identityStoreEventListener.doPostGetUserClaimValues(userName, claimList, prof, claims, userStoreManager));
}
Also used : RealmConfiguration(org.wso2.carbon.user.api.RealmConfiguration) Field(java.lang.reflect.Field) UserIdentityDataStore(org.wso2.carbon.identity.governance.store.UserIdentityDataStore) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 5 with UserIdentityDataStore

use of org.wso2.carbon.identity.governance.store.UserIdentityDataStore in project identity-governance by wso2-extensions.

the class IdentityStoreEventListenerTest method testDoPostDeleteUser.

@Test
public void testDoPostDeleteUser() throws Exception {
    userStoreManager = mock(UserStoreManager.class);
    realmConfiguration = mock(RealmConfiguration.class);
    userIdentityDataStore = mock(UserIdentityDataStore.class);
    String username = "user1";
    Field fieldIdentityStore = IdentityStoreEventListener.class.getDeclaredField("identityDataStore");
    fieldIdentityStore.setAccessible(true);
    fieldIdentityStore.set(identityStoreEventListener, userIdentityDataStore);
    doAnswer(new Answer() {

        @Override
        public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
            return null;
        }
    }).when(userIdentityDataStore).remove(username, userStoreManager);
    Assert.assertTrue(identityStoreEventListener.doPostDeleteUser(username, userStoreManager));
}
Also used : RealmConfiguration(org.wso2.carbon.user.api.RealmConfiguration) Field(java.lang.reflect.Field) Answer(org.mockito.stubbing.Answer) Mockito.doAnswer(org.mockito.Mockito.doAnswer) UserIdentityDataStore(org.wso2.carbon.identity.governance.store.UserIdentityDataStore) InvocationOnMock(org.mockito.invocation.InvocationOnMock) UserStoreManager(org.wso2.carbon.user.core.UserStoreManager) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Aggregations

UserIdentityClaimsDO (org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO)10 UserIdentityDataStore (org.wso2.carbon.identity.mgt.store.UserIdentityDataStore)10 Field (java.lang.reflect.Field)4 BeforeTest (org.testng.annotations.BeforeTest)4 Test (org.testng.annotations.Test)4 UserIdentityDataStore (org.wso2.carbon.identity.governance.store.UserIdentityDataStore)4 RealmConfiguration (org.wso2.carbon.user.api.RealmConfiguration)4 Mockito.doAnswer (org.mockito.Mockito.doAnswer)3 InvocationOnMock (org.mockito.invocation.InvocationOnMock)3 Answer (org.mockito.stubbing.Answer)3 UserStoreException (org.wso2.carbon.user.core.UserStoreException)3 UserStoreManager (org.wso2.carbon.user.core.UserStoreManager)3 IdentityErrorMsgContext (org.wso2.carbon.identity.core.model.IdentityErrorMsgContext)2 PolicyViolationException (org.wso2.carbon.identity.mgt.policy.PolicyViolationException)2 UserStoreException (org.wso2.carbon.user.api.UserStoreException)2 ArrayList (java.util.ArrayList)1 Entry (java.util.Map.Entry)1 IdentityException (org.wso2.carbon.identity.base.IdentityException)1 UserIdentityClaim (org.wso2.carbon.identity.governance.model.UserIdentityClaim)1 IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)1