Search in sources :

Example 6 with UserChallengesDTO

use of org.wso2.carbon.identity.mgt.dto.UserChallengesDTO in project carbon-identity-framework by wso2.

the class ChallengeQuestionProcessor method getChallengeQuestionsOfUser.

/**
 * // TODO manage oder
 *
 * @param userName
 * @param tenantId
 * @param adminService
 * @return
 */
public UserChallengesDTO[] getChallengeQuestionsOfUser(String userName, int tenantId, boolean adminService) {
    List<UserChallengesDTO> challengesDTOs = new ArrayList<UserChallengesDTO>();
    try {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving Challenge question from the user profile.");
        }
        List<String> challengesUris = getChallengeQuestionUris(userName, tenantId);
        for (int i = 0; i < challengesUris.size(); i++) {
            String challengesUri = challengesUris.get(i).trim();
            String challengeValue = Utils.getClaimFromUserStoreManager(userName, tenantId, challengesUri);
            String[] challengeValues = challengeValue.split(IdentityMgtConfig.getInstance().getChallengeQuestionSeparator());
            if (challengeValues != null && challengeValues.length == 2) {
                UserChallengesDTO dto = new UserChallengesDTO();
                dto.setId(challengesUri);
                dto.setQuestion(challengeValues[0].trim());
                if (adminService) {
                    dto.setAnswer(challengeValues[1].trim());
                }
                dto.setOrder(i);
                dto.setPrimary(false);
                challengesDTOs.add(dto);
            }
        }
    } catch (Exception e) {
        String msg = "No associated challenge question found for the user";
        if (log.isDebugEnabled()) {
            log.debug(msg, e);
        }
    }
    if (!challengesDTOs.isEmpty()) {
        return challengesDTOs.toArray(new UserChallengesDTO[challengesDTOs.size()]);
    } else {
        return new UserChallengesDTO[0];
    }
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) ArrayList(java.util.ArrayList) UserStoreException(org.wso2.carbon.user.core.UserStoreException) RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 7 with UserChallengesDTO

use of org.wso2.carbon.identity.mgt.dto.UserChallengesDTO in project carbon-identity-framework by wso2.

the class ChallengeQuestionProcessor method getUserChallengeQuestions.

/**
 * Retrieves challenge questions associated with the user.
 *
 * @param userName username of the user
 * @param tenantId tenant user belongs to
 * @return an array of UserChallengesDTO instances which holds the challenge questions
 * @throws IdentityException
 */
public UserChallengesDTO[] getUserChallengeQuestions(String userName, int tenantId) throws IdentityException {
    List<UserChallengesDTO> userChallengesDTOList = new ArrayList<>();
    try {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving Challenge questions from the user profile.");
        }
        List<String> challengeQuestionUris = getChallengeQuestionUris(userName, tenantId);
        String[] challengeQuestionUriArray = new String[challengeQuestionUris.size()];
        Map<String, String> challengeQuestionClaimValues = Utils.getClaimsFromUserStoreManager(userName, tenantId, challengeQuestionUris.toArray(challengeQuestionUriArray));
        for (Map.Entry<String, String> challengeQuestionClaimValue : challengeQuestionClaimValues.entrySet()) {
            String[] challengeQuestionItems = challengeQuestionClaimValue.getValue().split(IdentityMgtConfig.getInstance().getChallengeQuestionSeparator());
            UserChallengesDTO dto = new UserChallengesDTO();
            dto.setId(challengeQuestionClaimValue.getKey());
            dto.setQuestion(challengeQuestionItems[0]);
            userChallengesDTOList.add(dto);
        }
    } catch (Exception e) {
        throw IdentityException.error("No associated challenge questions found for the user.", e);
    }
    UserChallengesDTO[] userChallengesDTOs = new UserChallengesDTO[userChallengesDTOList.size()];
    return userChallengesDTOList.toArray(userChallengesDTOs);
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) ArrayList(java.util.ArrayList) HashMap(java.util.HashMap) Map(java.util.Map) UserStoreException(org.wso2.carbon.user.core.UserStoreException) RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 8 with UserChallengesDTO

use of org.wso2.carbon.identity.mgt.dto.UserChallengesDTO in project carbon-identity-framework by wso2.

the class ChallengeQuestionProcessor method setChallengesOfUser.

/**
 * @param userName
 * @param tenantId
 * @param challengesDTOs
 * @throws IdentityException
 */
public void setChallengesOfUser(String userName, int tenantId, UserChallengesDTO[] challengesDTOs) throws IdentityException {
    try {
        if (log.isDebugEnabled()) {
            log.debug("Challenge Question from the user profile.");
        }
        List<String> challengesUris = new ArrayList<String>();
        String challengesUrisValue = "";
        String separator = IdentityMgtConfig.getInstance().getChallengeQuestionSeparator();
        Map<String, String> oldClaims = new HashMap<String, String>();
        Map<String, String> newClaims = new HashMap<String, String>();
        String[] requestclaims = new String[challengesDTOs.length];
        int x = 0;
        for (UserChallengesDTO claimDto : challengesDTOs) {
            requestclaims[x++] = claimDto.getId();
        }
        // Getting user store manager here to reduce the calls for claim retrieval.
        // TODO need to put into a new method in a new release version. Used to avoid API changes in patch.
        org.wso2.carbon.user.core.UserStoreManager userStoreManager = null;
        RealmService realmService = IdentityMgtServiceComponent.getRealmService();
        try {
            if (realmService.getTenantUserRealm(tenantId) != null) {
                userStoreManager = (org.wso2.carbon.user.core.UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
            }
        } catch (Exception e) {
            String msg = "Error retrieving the user store manager for the tenant";
            log.error(msg, e);
            throw IdentityException.error(msg, e);
        }
        if (userStoreManager != null) {
            oldClaims = userStoreManager.getUserClaimValues(userName, requestclaims, null);
        }
        if (!ArrayUtils.isEmpty(challengesDTOs)) {
            for (UserChallengesDTO dto : challengesDTOs) {
                if (dto.getId() != null && dto.getQuestion() != null && dto.getAnswer() != null) {
                    String oldClaimValue = oldClaims.get(dto.getId());
                    if ((oldClaimValue != null) && oldClaimValue.contains(separator)) {
                        String oldAnswer = oldClaimValue.split(separator)[1];
                        if (!oldAnswer.trim().equals(dto.getAnswer().trim())) {
                            String claimValue = dto.getQuestion().trim() + separator + Utils.doHash(dto.getAnswer().trim().toLowerCase());
                            if (!oldClaimValue.equals(claimValue)) {
                                newClaims.put(dto.getId().trim(), claimValue);
                            }
                        }
                    } else {
                        String claimValue = dto.getQuestion().trim() + separator + Utils.doHash(dto.getAnswer().trim().toLowerCase());
                        newClaims.put(dto.getId().trim(), claimValue);
                    }
                    challengesUris.add(dto.getId().trim());
                }
            }
            for (String challengesUri : challengesUris) {
                if ("".equals(challengesUrisValue)) {
                    challengesUrisValue = challengesUri;
                } else {
                    challengesUrisValue = challengesUrisValue + IdentityMgtConfig.getInstance().getChallengeQuestionSeparator() + challengesUri;
                }
            }
            newClaims.put("http://wso2.org/claims/challengeQuestionUris", challengesUrisValue);
            // Single call to save all challenge questions.
            userStoreManager.setUserClaimValues(userName, newClaims, UserCoreConstants.DEFAULT_PROFILE);
        }
    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        String msg = "No associated challenge question found for the user";
        throw IdentityException.error(msg, e);
    }
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) UserStoreException(org.wso2.carbon.user.core.UserStoreException) RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException) IdentityException(org.wso2.carbon.identity.base.IdentityException) RealmService(org.wso2.carbon.user.core.service.RealmService)

Example 9 with UserChallengesDTO

use of org.wso2.carbon.identity.mgt.dto.UserChallengesDTO in project carbon-identity-framework by wso2.

the class ChallengeQuestionProcessor method verifyPrimaryChallengeQuestion.

/**
 * @param userName
 * @param tenantId
 * @param userChallengesDTOs
 * @return
 * @throws UserStoreException
 */
public boolean verifyPrimaryChallengeQuestion(String userName, int tenantId, UserChallengesDTO[] userChallengesDTOs) {
    boolean verification = false;
    try {
        if (log.isDebugEnabled()) {
            log.debug("Challenge Question from the user profile for user " + userName);
        }
        String claimValue = Utils.getClaimFromUserStoreManager(userName, tenantId, "http://wso2.org/claims/primaryChallengeQuestion");
        if (claimValue == null) {
            log.debug("No associated challenge question found for the user " + userName);
            return false;
        }
        String[] challenges = claimValue.split(IdentityMgtConfig.getInstance().getChallengeQuestionSeparator());
        Map<String, String> challengeMap = new HashMap<String, String>();
        for (int i = 0; i < challenges.length; i = i + 2) {
            challengeMap.put(challenges[i], challenges[i + 1]);
        }
        for (UserChallengesDTO userChallengesDTO : userChallengesDTOs) {
            for (Map.Entry<String, String> entry : challengeMap.entrySet()) {
                String challengeQuestion = entry.getKey();
                if (challengeQuestion.equals(userChallengesDTO.getQuestion().trim())) {
                    String challengeAnswer = entry.getValue();
                    if (challengeAnswer.equals(Utils.doHash(userChallengesDTO.getAnswer().trim().toLowerCase()))) {
                        verification = true;
                    } else {
                        return false;
                    }
                }
            }
        }
    } catch (Exception e) {
        log.debug("No associated challenge question found for the user " + userName, e);
    }
    return verification;
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) UserStoreException(org.wso2.carbon.user.core.UserStoreException) RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 10 with UserChallengesDTO

use of org.wso2.carbon.identity.mgt.dto.UserChallengesDTO in project carbon-identity-framework by wso2.

the class ChallengeQuestionProcessor method getUserChallengeQuestion.

public UserChallengesDTO getUserChallengeQuestion(String userName, int tenantId, String challengesUri) throws IdentityMgtServiceException {
    UserChallengesDTO dto = null;
    try {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving Challenge question from the user profile.");
        }
        String challengeValue = Utils.getClaimFromUserStoreManager(userName, tenantId, challengesUri);
        if (challengeValue != null) {
            String[] challengeValues = challengeValue.split(IdentityMgtConfig.getInstance().getChallengeQuestionSeparator());
            if (challengeValues != null && challengeValues.length == 2) {
                dto = new UserChallengesDTO();
                dto.setId(challengesUri);
                dto.setQuestion(challengeValues[0].trim());
            }
        } else {
            dto = new UserChallengesDTO();
            dto.setError("Challenge questions have not been answered by the user: " + userName);
        }
    } catch (Exception e) {
        String errorMsg = "Error while getting the challenge questions for the user: " + userName;
        if (log.isDebugEnabled()) {
            log.debug(errorMsg, e);
        }
        dto = new UserChallengesDTO();
        dto.setError(errorMsg);
        throw new IdentityMgtServiceException(errorMsg, e);
    }
    return dto;
}
Also used : UserChallengesDTO(org.wso2.carbon.identity.mgt.dto.UserChallengesDTO) UserStoreException(org.wso2.carbon.user.core.UserStoreException) RegistryException(org.wso2.carbon.registry.core.exceptions.RegistryException) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Aggregations

UserChallengesDTO (org.wso2.carbon.identity.mgt.dto.UserChallengesDTO)17 IdentityException (org.wso2.carbon.identity.base.IdentityException)16 RegistryException (org.wso2.carbon.registry.core.exceptions.RegistryException)8 UserStoreException (org.wso2.carbon.user.core.UserStoreException)8 ArrayList (java.util.ArrayList)6 ChallengeQuestionProcessor (org.wso2.carbon.identity.mgt.ChallengeQuestionProcessor)6 IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)6 RecoveryProcessor (org.wso2.carbon.identity.mgt.RecoveryProcessor)6 VerificationBean (org.wso2.carbon.identity.mgt.beans.VerificationBean)6 UserDTO (org.wso2.carbon.identity.mgt.dto.UserDTO)6 HashMap (java.util.HashMap)4 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)4 Map (java.util.Map)3 UserChallengesDTO (org.wso2.carbon.identity.mgt.stub.dto.UserChallengesDTO)3 Test (org.testng.annotations.Test)2 SetEnvironment (org.wso2.carbon.automation.engine.annotations.SetEnvironment)2 ChallengeQuestionDTO (org.wso2.carbon.identity.mgt.dto.ChallengeQuestionDTO)2 AuthorizationManager (org.wso2.carbon.user.api.AuthorizationManager)2 UserStoreException (org.wso2.carbon.user.api.UserStoreException)2 ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)2