use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.
the class RecoveryProcessor method verifyConfirmationKey.
/**
* Confirm that confirmation key has been sent to the same user.
*
* @param sequence TODO
* @param username TODO
* @param confirmationKey confirmation key from the user
* @return verification result as a bean
*/
public VerificationBean verifyConfirmationKey(String confirmationKey) {
UserRecoveryDataDO dataDO = null;
try {
dataDO = dataStore.load(confirmationKey);
dataStore.invalidate(dataDO);
} catch (IdentityException e) {
log.error("Invalid User for confirmation code", e);
return new VerificationBean(VerificationBean.ERROR_CODE_INVALID_USER);
}
if (dataDO == null) {
return new VerificationBean(VerificationBean.ERROR_CODE_INVALID_CODE);
}
if (!dataDO.isValid()) {
return new VerificationBean(VerificationBean.ERROR_CODE_EXPIRED_CODE);
} else {
// Verification successful.
return new VerificationBean(true);
}
}
use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.
the class RecoveryProcessor method updateConfirmationCode.
public VerificationBean updateConfirmationCode(int sequence, String username, int tenantId) throws IdentityException {
String confirmationKey = generateUserCode(sequence, username);
String secretKey = UUIDGenerator.generateUUID();
UserRecoveryDataDO recoveryDataDO = new UserRecoveryDataDO(username, tenantId, confirmationKey, secretKey);
if (sequence != 3 && sequence != 30) {
dataStore.invalidate(username, tenantId);
}
dataStore.store(recoveryDataDO);
String externalCode = null;
try {
externalCode = getUserExternalCodeStr(confirmationKey);
} catch (Exception e) {
throw IdentityException.error("Error occurred while getting external code for user : " + username, e);
}
return new VerificationBean(username, externalCode);
}
use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.
the class RecoveryProcessor method verifyUserForRecovery.
/**
* Verifies user id with underline user store
*
* @param sequence TODO
* @param userDTO bean class that contains user and tenant Information
* @return true/false whether user is verified or not. If user is a tenant
* user then always return false
*/
public VerificationBean verifyUserForRecovery(int sequence, UserDTO userDTO) {
String userId = userDTO.getUserId();
int tenantId = userDTO.getTenantId();
boolean success = false;
VerificationBean bean = null;
try {
UserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
if (userStoreManager.isExistingUser(userId)) {
if (IdentityMgtConfig.getInstance().isAuthPolicyAccountLockCheck()) {
String accountLock = Utils.getClaimFromUserStoreManager(userId, tenantId, UserIdentityDataStore.ACCOUNT_LOCK);
if (!Boolean.parseBoolean(accountLock)) {
success = true;
} else {
// account is Locked. Not allowing to recover.
}
} else if (IdentityMgtConfig.getInstance().isAuthPolicyAccountDisableCheck()) {
String accountDisable = Utils.getClaimFromUserStoreManager(userId, tenantId, UserIdentityDataStore.ACCOUNT_DISABLED);
if (!Boolean.parseBoolean(accountDisable)) {
success = true;
} else {
// account is Disabled. Not allowing to recover.
if (log.isDebugEnabled()) {
log.debug("Account is disabled. Can not allow to recover.");
}
bean = new VerificationBean(VerificationBean.ERROR_CODE_DISABLED_ACCOUNT);
}
} else {
success = true;
}
} else {
log.error("User with user name : " + userId + " does not exists in tenant domain : " + userDTO.getTenantDomain());
bean = new VerificationBean(VerificationBean.ERROR_CODE_INVALID_USER + " " + "User does not exists");
}
if (success) {
String internalCode = generateUserCode(sequence, userId);
String key = UUID.randomUUID().toString();
UserRecoveryDataDO dataDO = new UserRecoveryDataDO(userId, tenantId, internalCode, key);
if (sequence != 3) {
dataStore.invalidate(userId, tenantId);
}
dataStore.store(dataDO);
log.info("User verification successful for user : " + userId + " from tenant domain :" + userDTO.getTenantDomain());
bean = new VerificationBean(userId, getUserExternalCodeStr(internalCode));
}
} catch (Exception e) {
String errorMessage = "Error verifying user : " + userId;
log.error(errorMessage, e);
bean = new VerificationBean(VerificationBean.ERROR_CODE_UNEXPECTED + " " + errorMessage);
}
if (bean == null) {
bean = new VerificationBean(VerificationBean.ERROR_CODE_UNEXPECTED);
}
return bean;
}
use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.
the class IdentityManagementClient method verifyChallengeQuestion.
public VerificationBean verifyChallengeQuestion(String userId, String userKey, String question, String answer) throws AxisFault {
try {
UserChallengesDTO dto = new UserChallengesDTO();
dto.setQuestion(question);
dto.setAnswer(answer);
return stub.verifyChallengeQuestion(userId, userKey, new UserChallengesDTO[] { dto });
} catch (Exception e) {
handleException(e.getMessage(), e);
}
return null;
}
use of org.wso2.carbon.identity.mgt.beans.VerificationBean in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method verifyConfirmationCode.
/**
* This method is used to verify the confirmation code sent to user is
* correct and validates. Before calling this method it needs to supply a
* Captcha and should call getCaptcha().
*
* @param username - username of whom the password needs to be recovered.
* @param code - confirmation code sent to user by notification.
* @param captcha - generated captcha with answer for this communication.
* @return - VerificationBean with new code to be used in updatePassword().
* @throws IdentityMgtServiceException
*/
public VerificationBean verifyConfirmationCode(String username, String code, CaptchaInfoBean captcha) throws IdentityMgtServiceException {
UserDTO userDTO;
VerificationBean bean = new VerificationBean();
if (log.isDebugEnabled()) {
log.debug("User confirmation code verification request received with username :" + username);
}
if (IdentityMgtConfig.getInstance().isCaptchaVerificationInternallyManaged()) {
try {
CaptchaUtil.processCaptchaInfoBean(captcha);
} catch (Exception e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Error while validating captcha for user : " + username, e);
return bean;
}
}
try {
userDTO = Utils.processUserId(username);
} catch (IdentityException e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " invalid user : " + username, e);
return bean;
}
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(userDTO.getTenantId());
carbonContext.setTenantDomain(userDTO.getTenantDomain());
}
try {
bean = processor.verifyConfirmationCode(2, userDTO.getUserId(), code);
if (bean.isVerified()) {
bean = processor.updateConfirmationCode(3, userDTO.getUserId(), userDTO.getTenantId());
if (log.isDebugEnabled()) {
log.debug("User confirmation code verification successful for user: " + username);
}
} else {
bean.setVerified(false);
bean.setKey("");
log.error(bean.getError());
}
} catch (IdentityException e) {
bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e, username);
if (bean.getError() == null) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Error verifying confirmation code for " + "user : " + username, e);
}
return bean;
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return bean;
}
Aggregations