Search in sources :

Example 16 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class RecoveryProcessor method verifyConfirmationKey.

/**
 * Confirm that confirmation key has been sent to the same user.
 *
 * @param sequence        TODO
 * @param username        TODO
 * @param confirmationKey confirmation key from the user
 * @return verification result as a bean
 */
public VerificationBean verifyConfirmationKey(String confirmationKey) {
    UserRecoveryDataDO dataDO = null;
    try {
        dataDO = dataStore.load(confirmationKey);
        dataStore.invalidate(dataDO);
    } catch (IdentityException e) {
        log.error("Invalid User for confirmation code", e);
        return new VerificationBean(VerificationBean.ERROR_CODE_INVALID_USER);
    }
    if (dataDO == null) {
        return new VerificationBean(VerificationBean.ERROR_CODE_INVALID_CODE);
    }
    if (!dataDO.isValid()) {
        return new VerificationBean(VerificationBean.ERROR_CODE_EXPIRED_CODE);
    } else {
        // Verification successful.
        return new VerificationBean(true);
    }
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 17 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class RecoveryProcessor method updateConfirmationCode.

public VerificationBean updateConfirmationCode(int sequence, String username, int tenantId) throws IdentityException {
    String confirmationKey = generateUserCode(sequence, username);
    String secretKey = UUIDGenerator.generateUUID();
    UserRecoveryDataDO recoveryDataDO = new UserRecoveryDataDO(username, tenantId, confirmationKey, secretKey);
    if (sequence != 3 && sequence != 30) {
        dataStore.invalidate(username, tenantId);
    }
    dataStore.store(recoveryDataDO);
    String externalCode = null;
    try {
        externalCode = getUserExternalCodeStr(confirmationKey);
    } catch (Exception e) {
        throw IdentityException.error("Error occurred while getting external code for user : " + username, e);
    }
    return new VerificationBean(username, externalCode);
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO) UserStoreException(org.wso2.carbon.user.api.UserStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 18 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class RecoveryProcessor method verifyUserForRecovery.

/**
 * Verifies user id with underline user store
 *
 * @param sequence TODO
 * @param userDTO  bean class that contains user and tenant Information
 * @return true/false whether user is verified or not. If user is a tenant
 * user then always return false
 */
public VerificationBean verifyUserForRecovery(int sequence, UserDTO userDTO) {
    String userId = userDTO.getUserId();
    int tenantId = userDTO.getTenantId();
    boolean success = false;
    VerificationBean bean = null;
    try {
        UserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
        if (userStoreManager.isExistingUser(userId)) {
            if (IdentityMgtConfig.getInstance().isAuthPolicyAccountLockCheck()) {
                String accountLock = Utils.getClaimFromUserStoreManager(userId, tenantId, UserIdentityDataStore.ACCOUNT_LOCK);
                if (!Boolean.parseBoolean(accountLock)) {
                    success = true;
                } else {
                // account is Locked. Not allowing to recover.
                }
            } else if (IdentityMgtConfig.getInstance().isAuthPolicyAccountDisableCheck()) {
                String accountDisable = Utils.getClaimFromUserStoreManager(userId, tenantId, UserIdentityDataStore.ACCOUNT_DISABLED);
                if (!Boolean.parseBoolean(accountDisable)) {
                    success = true;
                } else {
                    // account is Disabled. Not allowing to recover.
                    if (log.isDebugEnabled()) {
                        log.debug("Account is disabled. Can not allow to recover.");
                    }
                    bean = new VerificationBean(VerificationBean.ERROR_CODE_DISABLED_ACCOUNT);
                }
            } else {
                success = true;
            }
        } else {
            log.error("User with user name : " + userId + " does not exists in tenant domain : " + userDTO.getTenantDomain());
            bean = new VerificationBean(VerificationBean.ERROR_CODE_INVALID_USER + " " + "User does not exists");
        }
        if (success) {
            String internalCode = generateUserCode(sequence, userId);
            String key = UUID.randomUUID().toString();
            UserRecoveryDataDO dataDO = new UserRecoveryDataDO(userId, tenantId, internalCode, key);
            if (sequence != 3) {
                dataStore.invalidate(userId, tenantId);
            }
            dataStore.store(dataDO);
            log.info("User verification successful for user : " + userId + " from tenant domain :" + userDTO.getTenantDomain());
            bean = new VerificationBean(userId, getUserExternalCodeStr(internalCode));
        }
    } catch (Exception e) {
        String errorMessage = "Error verifying user : " + userId;
        log.error(errorMessage, e);
        bean = new VerificationBean(VerificationBean.ERROR_CODE_UNEXPECTED + " " + errorMessage);
    }
    if (bean == null) {
        bean = new VerificationBean(VerificationBean.ERROR_CODE_UNEXPECTED);
    }
    return bean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) UserStoreException(org.wso2.carbon.user.api.UserStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 19 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class IdentityManagementClient method verifyChallengeQuestion.

public VerificationBean verifyChallengeQuestion(String userId, String userKey, String question, String answer) throws AxisFault {
    try {
        UserChallengesDTO dto = new UserChallengesDTO();
        dto.setQuestion(question);
        dto.setAnswer(answer);
        return stub.verifyChallengeQuestion(userId, userKey, new UserChallengesDTO[] { dto });
    } catch (Exception e) {
        handleException(e.getMessage(), e);
    }
    return null;
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.stub.dto.UserChallengesDTO)

Example 20 with VerificationBean

use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.

the class UserInformationRecoveryService method verifyConfirmationCode.

/**
 * This method is used to verify the confirmation code sent to user is
 * correct and validates. Before calling this method it needs to supply a
 * Captcha and should call getCaptcha().
 *
 * @param username - username of whom the password needs to be recovered.
 * @param code     - confirmation code sent to user by notification.
 * @param captcha  - generated captcha with answer for this communication.
 * @return - VerificationBean with new code to be used in updatePassword().
 * @throws IdentityMgtServiceException
 */
public VerificationBean verifyConfirmationCode(String username, String code, CaptchaInfoBean captcha) throws IdentityMgtServiceException {
    UserDTO userDTO;
    VerificationBean bean = new VerificationBean();
    if (log.isDebugEnabled()) {
        log.debug("User confirmation code verification request received with username :" + username);
    }
    if (IdentityMgtConfig.getInstance().isCaptchaVerificationInternallyManaged()) {
        try {
            CaptchaUtil.processCaptchaInfoBean(captcha);
        } catch (Exception e) {
            bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Error while validating captcha for user : " + username, e);
            return bean;
        }
    }
    try {
        userDTO = Utils.processUserId(username);
    } catch (IdentityException e) {
        bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " invalid user : " + username, e);
        return bean;
    }
    RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
    if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        carbonContext.setTenantId(userDTO.getTenantId());
        carbonContext.setTenantDomain(userDTO.getTenantDomain());
    }
    try {
        bean = processor.verifyConfirmationCode(2, userDTO.getUserId(), code);
        if (bean.isVerified()) {
            bean = processor.updateConfirmationCode(3, userDTO.getUserId(), userDTO.getTenantId());
            if (log.isDebugEnabled()) {
                log.debug("User confirmation code verification successful for user: " + username);
            }
        } else {
            bean.setVerified(false);
            bean.setKey("");
            log.error(bean.getError());
        }
    } catch (IdentityException e) {
        bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e, username);
        if (bean.getError() == null) {
            bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Error verifying confirmation code for " + "user : " + username, e);
        }
        return bean;
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    return bean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) IdentityException(org.wso2.carbon.identity.base.IdentityException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Aggregations

VerificationBean (org.wso2.carbon.identity.mgt.beans.VerificationBean)23 IdentityException (org.wso2.carbon.identity.base.IdentityException)21 RecoveryProcessor (org.wso2.carbon.identity.mgt.RecoveryProcessor)17 UserDTO (org.wso2.carbon.identity.mgt.dto.UserDTO)17 Test (org.testng.annotations.Test)14 SetEnvironment (org.wso2.carbon.automation.engine.annotations.SetEnvironment)14 VerificationBean (org.wso2.carbon.identity.mgt.stub.beans.VerificationBean)14 ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)14 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)12 IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)11 UserStoreException (org.wso2.carbon.user.api.UserStoreException)10 UserIdentityClaimDTO (org.wso2.carbon.identity.mgt.stub.dto.UserIdentityClaimDTO)7 NotificationDataDTO (org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)5 UserRecoveryDTO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)5 UserChallengesDTO (org.wso2.carbon.identity.mgt.dto.UserChallengesDTO)4 UserRecoveryDataDO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO)4 ChallengeQuestionProcessor (org.wso2.carbon.identity.mgt.ChallengeQuestionProcessor)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 IdentityEventListenerConfig (org.wso2.carbon.identity.core.model.IdentityEventListenerConfig)2 IdentityMgtConfig (org.wso2.carbon.identity.mgt.IdentityMgtConfig)2