Search in sources :

Example 1 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class UserIdentityManagementUtil method handleError.

private static VerificationBean handleError(String error, Exception e) {
    VerificationBean bean = new VerificationBean();
    bean.setVerified(false);
    if (error != null) {
        bean.setError(error);
        log.error(error, e);
    } else {
        bean.setError(e.getMessage());
        log.error(e);
    }
    return bean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean)

Example 2 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class UserInformationRecoveryService method getUserChallengeQuestion.

/**
 * To get the challenge question for the user.
 *
 * @param userName
 * @param confirmation
 * @param questionId   - Question id returned from the getUserChanllegneQuestionIds
 *                     method.
 * @return Populated question bean with the question details and the key.
 * @throws IdentityMgtServiceException
 */
public UserChallengesDTO getUserChallengeQuestion(String userName, String confirmation, String questionId) throws IdentityMgtServiceException {
    UserDTO userDTO = null;
    UserChallengesDTO userChallengesDTO = new UserChallengesDTO();
    if (log.isDebugEnabled()) {
        log.debug("User challenge question request received with username :" + userName);
    }
    try {
        userDTO = Utils.processUserId(userName);
    } catch (IdentityException e) {
        return handleChallengesError(VerificationBean.ERROR_CODE_INVALID_USER + " Error validating user : " + userName, null);
    }
    try {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            carbonContext.setTenantId(userDTO.getTenantId());
            carbonContext.setTenantDomain(userDTO.getTenantDomain());
        }
        RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
        VerificationBean bean;
        try {
            bean = processor.verifyConfirmationCode(20, userDTO.getUserId(), confirmation);
            if (bean.isVerified()) {
                bean = processor.updateConfirmationCode(40, userDTO.getUserId(), userDTO.getTenantId());
            } else if (processor.verifyConfirmationCode(30, userDTO.getUserId(), confirmation).isVerified()) {
                bean = processor.updateConfirmationCode(40, userDTO.getUserId(), userDTO.getTenantId());
            } else {
                bean.setVerified(false);
            }
        } catch (IdentityException e) {
            userChallengesDTO = UserIdentityManagementUtil.getCustomErrorMessagesForChallengQuestions(e, userName);
            if (userChallengesDTO == null) {
                userChallengesDTO = handleChallengesError(VerificationBean.ERROR_CODE_INVALID_CODE + " Invalid confirmation code for user : " + userName, e);
            }
            return userChallengesDTO;
        }
        if (bean.isVerified()) {
            userChallengesDTO = processor.getQuestionProcessor().getUserChallengeQuestion(userDTO.getUserId(), userDTO.getTenantId(), questionId);
            userChallengesDTO.setKey(bean.getKey());
            userChallengesDTO.setVerfied(true);
            if (log.isDebugEnabled()) {
                log.debug("User challenge question retrieved successfully");
            }
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Verification failed for user. Error : " + bean.getError());
            }
            userChallengesDTO.setError(VerificationBean.ERROR_CODE_INVALID_USER + " " + bean.getError());
        }
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    return userChallengesDTO;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 3 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class UserIdentityManagementService method updateCredential.

/**
 * proceed updating credentials of user
 *
 * @param captchaInfoBean bean class that contains captcha information
 * @return True, if successful in verifying and hence updating the credentials.
 */
public VerificationBean updateCredential(String userName, String confirmation, String password, CaptchaInfoBean captchaInfoBean) {
    RecoveryProcessor recoveryProcessor = IdentityMgtServiceComponent.getRecoveryProcessor();
    if (IdentityMgtConfig.getInstance().isCaptchaVerificationInternallyManaged()) {
        try {
            CaptchaUtil.processCaptchaInfoBean(captchaInfoBean);
        } catch (Exception e) {
            log.error("Error while processing captcha bean.", e);
            return new VerificationBean(VerificationBean.ERROR_CODE_INVALID_CAPTCHA);
        }
    }
    try {
        UserDTO userDTO = Utils.processUserId(userName);
        if (recoveryProcessor.verifyConfirmationKey(confirmation).isVerified()) {
            Utils.updatePassword(userDTO.getUserId(), userDTO.getTenantId(), password);
            log.info("Credential is updated for user : " + userDTO.getUserId() + " and tenant domain : " + userDTO.getTenantDomain());
            return new VerificationBean(true);
        } else {
            log.warn("Invalid user tried to update credential with user Id : " + userDTO.getUserId() + " and tenant domain : " + userDTO.getTenantDomain());
        }
    } catch (Exception e) {
        log.error("Error while updating credential for user : " + userName, e);
    }
    return new VerificationBean(VerificationBean.ERROR_CODE_UNEXPECTED);
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 4 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class RecoveryProcessor method verifyConfirmationCode.

/**
 * This method is used to verify the confirmation code supplied by user. This invalidates
 * the current code and generates a new code and send to user.
 *
 * @param sequence TODO
 * @param username TODO
 * @param code
 * @param userDto
 * @return
 * @throws IdentityException
 */
public VerificationBean verifyConfirmationCode(int sequence, String username, String code) throws IdentityException {
    UserRecoveryDataDO dataDO = null;
    String internalCode = getUserInternalCodeStr(sequence, username, code);
    try {
        dataDO = dataStore.load(internalCode);
        if (dataDO != null && sequence != 2 && sequence != 40) {
            if (dataStore instanceof RegistryRecoveryDataStore) {
                dataStore.invalidate(internalCode);
            } else {
                dataStore.invalidate(dataDO);
            }
        }
    } catch (IdentityException e) {
        throw IdentityException.error("Error loading recovery data for user : " + username, e);
    }
    if (dataDO == null && (sequence == 30 || sequence == 20)) {
        return new VerificationBean(false);
    }
    if (dataDO == null) {
        throw IdentityException.error("Invalid confirmation code");
    }
    if (!dataDO.isValid()) {
        throw IdentityException.error("Expired code");
    } else {
        return new VerificationBean(true);
    }
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) RegistryRecoveryDataStore(org.wso2.carbon.identity.mgt.store.RegistryRecoveryDataStore) UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 5 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class UserIdentityManagementService method verifyChallengeQuestion.

/**
 * verify challenge questions
 *
 * @return verification results as been
 * @throws IdentityException if any error occurs
 */
public VerificationBean verifyChallengeQuestion(String userName, String confirmation, UserChallengesDTO[] userChallengesDTOs) throws IdentityMgtServiceException {
    VerificationBean bean = new VerificationBean();
    bean.setVerified(false);
    RecoveryProcessor recoveryProcessor = IdentityMgtServiceComponent.getRecoveryProcessor();
    if (userChallengesDTOs == null || userChallengesDTOs.length < 1) {
        log.error("no challenges provided by user for verifications.");
        bean.setError("no challenges provided by user for verifications.");
        return bean;
    }
    UserDTO userDTO = null;
    try {
        userDTO = Utils.processUserId(userName);
    } catch (IdentityException e) {
        throw new IdentityMgtServiceException("Invalid user name.", e);
    }
    if (recoveryProcessor.verifyConfirmationKey(confirmation).isVerified()) {
        log.warn("Invalid user is trying to verify user challenges.");
        bean.setError("Invalid user is trying to verify user challenges.");
        return bean;
    }
    ChallengeQuestionProcessor processor = recoveryProcessor.getQuestionProcessor();
    boolean verification = processor.verifyChallengeQuestion(userDTO.getUserId(), userDTO.getTenantId(), userChallengesDTOs);
    if (verification) {
        String code = UUID.randomUUID().toString();
        try {
            recoveryProcessor.createConfirmationCode(userDTO, code);
        } catch (IdentityException e) {
            log.error("Error while creating confirmation code.", e);
        }
        bean = new VerificationBean(userName, code);
    }
    return bean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) ChallengeQuestionProcessor(org.wso2.carbon.identity.mgt.ChallengeQuestionProcessor) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Aggregations

VerificationBean (org.wso2.carbon.identity.mgt.beans.VerificationBean)23 IdentityException (org.wso2.carbon.identity.base.IdentityException)21 RecoveryProcessor (org.wso2.carbon.identity.mgt.RecoveryProcessor)17 UserDTO (org.wso2.carbon.identity.mgt.dto.UserDTO)17 Test (org.testng.annotations.Test)14 SetEnvironment (org.wso2.carbon.automation.engine.annotations.SetEnvironment)14 VerificationBean (org.wso2.carbon.identity.mgt.stub.beans.VerificationBean)14 ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)14 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)12 IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)11 UserStoreException (org.wso2.carbon.user.api.UserStoreException)10 UserIdentityClaimDTO (org.wso2.carbon.identity.mgt.stub.dto.UserIdentityClaimDTO)7 NotificationDataDTO (org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)5 UserRecoveryDTO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)5 UserChallengesDTO (org.wso2.carbon.identity.mgt.dto.UserChallengesDTO)4 UserRecoveryDataDO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO)4 ChallengeQuestionProcessor (org.wso2.carbon.identity.mgt.ChallengeQuestionProcessor)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 IdentityEventListenerConfig (org.wso2.carbon.identity.core.model.IdentityEventListenerConfig)2 IdentityMgtConfig (org.wso2.carbon.identity.mgt.IdentityMgtConfig)2