Search in sources :

Example 6 with UserIdentityClaimDTO

use of org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO in project product-is by wso2.

the class UserInformationRecoveryServiceTestCase method testRegisterUser.

@SetEnvironment(executionEnvironments = { ExecutionEnvironment.ALL })
@Test(groups = "wso2.is", description = "Check user registration", dependsOnMethods = "testVerifyUserAccount")
public void testRegisterUser() throws Exception {
    UserIdentityClaimDTO[] claims = new UserIdentityClaimDTO[2];
    UserIdentityClaimDTO claimEmail = new UserIdentityClaimDTO();
    claimEmail.setClaimUri("http://wso2.org/claims/emailaddress");
    claimEmail.setClaimValue("user2@wso2.com");
    UserIdentityClaimDTO claimLastName = new UserIdentityClaimDTO();
    claimLastName.setClaimUri("http://wso2.org/claims/givenname");
    claimLastName.setClaimValue("user2");
    claims[0] = claimEmail;
    claims[1] = claimLastName;
    VerificationBean bean = infoRecoveryClient.registerUser("user2", "passWord1@", claims, "default", null);
    Assert.assertNotNull(bean, "Registering user account has failed with null return");
    confKey = bean.getKey();
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.stub.beans.VerificationBean) UserIdentityClaimDTO(org.wso2.carbon.identity.mgt.stub.dto.UserIdentityClaimDTO) SetEnvironment(org.wso2.carbon.automation.engine.annotations.SetEnvironment) Test(org.testng.annotations.Test) ISIntegrationTest(org.wso2.identity.integration.common.utils.ISIntegrationTest)

Example 7 with UserIdentityClaimDTO

use of org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO in project product-is by wso2.

the class UserInformationRecoveryServiceTestCase method testRegisterUserWithEmptyUserName.

@SetEnvironment(executionEnvironments = { ExecutionEnvironment.ALL })
@Test(groups = "wso2.is", description = "Check user registration validation with empty password", dependsOnMethods = "testRegisterUser")
public void testRegisterUserWithEmptyUserName() throws Exception {
    UserIdentityClaimDTO[] claims = new UserIdentityClaimDTO[2];
    UserIdentityClaimDTO claimEmail = new UserIdentityClaimDTO();
    claimEmail.setClaimUri("http://wso2.org/claims/emailaddress");
    claimEmail.setClaimValue("user2@wso2.com");
    UserIdentityClaimDTO claimLastName = new UserIdentityClaimDTO();
    claimLastName.setClaimUri("http://wso2.org/claims/givenname");
    claimLastName.setClaimValue("user2");
    claims[0] = claimEmail;
    claims[1] = claimLastName;
    VerificationBean bean = infoRecoveryClient.registerUser(null, "passWord1@", claims, "default", null);
    Assert.assertNotNull(bean.getError(), "The expected error message is null with null return");
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.stub.beans.VerificationBean) UserIdentityClaimDTO(org.wso2.carbon.identity.mgt.stub.dto.UserIdentityClaimDTO) SetEnvironment(org.wso2.carbon.automation.engine.annotations.SetEnvironment) Test(org.testng.annotations.Test) ISIntegrationTest(org.wso2.identity.integration.common.utils.ISIntegrationTest)

Example 8 with UserIdentityClaimDTO

use of org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO in project carbon-identity-framework by wso2.

the class UserIdentityManagementService method authenticateWithTemporaryCredentials.

/**
 * Authenticates the user with the temporary credentials and returns user
 * identity recovery data such as primary email address, telephone number
 * and all other identity claims of the user including the identity property
 * "isUserMustChangePassword". These claims are useful when the user is
 * recovering the identity using a temporary credential may be after
 * forgetting their password or after the identity being stolen. Then they
 * can update the values for these identity claims to keep their identity
 * safe.
 * TODO : Captcha must be considered
 *
 * @param userName
 * @param tempCredential
 * @return
 * @throws IdentityMgtServiceException
 */
public UserIdentityClaimDTO[] authenticateWithTemporaryCredentials(String userName, String tempCredential) throws IdentityMgtServiceException {
    try {
        int tenantId = Utils.getTenantId(MultitenantUtils.getTenantDomain(userName));
        boolean isValid = UserIdentityManagementUtil.isValidIdentityMetadata(userName, tenantId, UserRecoveryDataDO.METADATA_TEMPORARY_CREDENTIAL, tempCredential);
        if (!isValid) {
            log.warn("WARNING: Invalidated temporary credential provided by " + userName);
            throw new IdentityMgtServiceException("Invalid temporary credential provided");
        }
        UserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
        userStoreManager.authenticate(userName, tempCredential);
        // this credential should not be used again
        UserIdentityManagementUtil.invalidateUserIdentityMetadata(userName, tenantId, UserRecoveryDataDO.METADATA_TEMPORARY_CREDENTIAL, tempCredential);
        return UserIdentityManagementUtil.getAllUserIdentityClaims(userName);
    } catch (UserStoreException e) {
        log.error("Error while authenticating", e);
        throw new IdentityMgtServiceException("Error while authenticating the user");
    } catch (IdentityException e) {
        log.error("Error while authenticating", e);
        throw new IdentityMgtServiceException("Error while authenticating the user");
    }
}
Also used : IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 9 with UserIdentityClaimDTO

use of org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO in project carbon-identity-framework by wso2.

the class UserIdentityManagementService method confirmUserRegistration.

/**
 * Validates the confirmation code and then unlock the user account
 *
 * @param userName
 * @param confirmationCode
 * @return
 * @throws IdentityMgtServiceException
 */
// TODO : expiration of confirmation code (1 time, 24hrs). Use only UserName
public UserIdentityClaimDTO[] confirmUserRegistration(String userName, String confirmationCode) throws IdentityMgtServiceException {
    try {
        int tenantId = Utils.getTenantId(MultitenantUtils.getTenantDomain(userName));
        // throws an exception if invalid
        boolean isValid = UserIdentityManagementUtil.isValidIdentityMetadata(userName, tenantId, UserRecoveryDataDO.METADATA_CONFIRMATION_CODE, confirmationCode);
        if (!isValid) {
            log.warn("WARNING: Invalid confirmation code provided by " + userName);
            throw new IdentityMgtServiceException("Invalid confirmation code provided");
        }
        UserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
        // update the user identity claim
        UserIdentityManagementUtil.unlockUserAccount(userName, userStoreManager);
        // invalidate the confirmation code
        UserIdentityManagementUtil.invalidateUserIdentityMetadata(userName, tenantId, UserRecoveryDataDO.METADATA_CONFIRMATION_CODE, confirmationCode);
        return UserIdentityManagementUtil.getAllUserIdentityClaims(userName);
    } catch (UserStoreException e) {
        log.error("Error while confirming the account", e);
        throw new IdentityMgtServiceException("Error while confirming the account");
    } catch (IdentityException e) {
        log.error("Error while confirming the account", e);
        throw new IdentityMgtServiceException("Error while confirming the account");
    }
}
Also used : IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Example 10 with UserIdentityClaimDTO

use of org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO in project carbon-identity-framework by wso2.

the class UserIdentityManagementService method recoverUserIdentityWithSecurityQuestions.

/**
 * Checks the security questions and their answerers against the user's
 * stored questions and answerers. If not all security questions of the user
 * are answered, an exception will be thrown. After all security questions
 * are answered properly, then the system will generate a random password,
 * and reset the user password with it and then will be returned the
 * resulting DTO containing the temporary password.
 * TODO : Re-think
 *
 * @param userName
 * @param secQuesAnsweres
 * @return
 * @throws IdentityMgtServiceException
 */
public void recoverUserIdentityWithSecurityQuestions(String userName, UserIdentityClaimDTO[] secQuesAnsweres) throws IdentityMgtServiceException {
    try {
        int tenantId = Utils.getTenantId(MultitenantUtils.getTenantDomain(userName));
        UserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
        UserIdentityClaimDTO[] storedSecQuesAnswers = UserIdentityManagementUtil.getUserSecurityQuestions(userName, userStoreManager);
        // have not answered all questions of the user
        if (secQuesAnsweres.length < storedSecQuesAnswers.length) {
            throw new IdentityMgtServiceException("All questions must be answered");
        }
        // NOW check the answer for every question
        // 
        int numberOfAnsweredQuestions = 0;
        // for every stored security question
        for (UserIdentityClaimDTO storedSecQues : storedSecQuesAnswers) {
            // for every answered security question
            for (UserIdentityClaimDTO answredSecQues : secQuesAnsweres) {
                // when the questions are equal, check for the answer
                if (answredSecQues.getClaimUri().trim().equals(storedSecQues.getClaimUri().trim())) {
                    // if answerers are not equal, throw an exception
                    if (!answredSecQues.getClaimValue().trim().equals(storedSecQues.getClaimValue().trim())) {
                        throw new IdentityMgtServiceException("Invalid answeres. Identity recovery failed");
                    }
                    numberOfAnsweredQuestions++;
                }
            }
        }
        // not all USER's security questions has been answered
        if (numberOfAnsweredQuestions < storedSecQuesAnswers.length) {
            throw new IdentityMgtServiceException("All questions must be answered");
        }
        // now okay to recover
        // reset the password with a random value
        char[] tempPassword = UserIdentityManagementUtil.generateTemporaryPassword();
        userStoreManager.updateCredentialByAdmin(userName, tempPassword);
        // store the temp password as a Metadata
        UserRecoveryDataDO metadataDO = new UserRecoveryDataDO();
        metadataDO.setUserName(userName).setTenantId(tenantId).setCode(new String(tempPassword));
        UserIdentityManagementUtil.storeUserIdentityMetadata(metadataDO);
        // sending an email to the user
        UserIdentityMgtBean bean = new UserIdentityMgtBean();
        String email = userStoreManager.getUserClaimValue(userName, IdentityMgtConfig.getInstance().getAccountRecoveryClaim(), null);
        log.debug("Sending email to " + email);
        bean.setUserId(userName).setUserTemporaryPassword(new String(tempPassword)).setEmail(email);
        UserIdentityManagementUtil.notifyViaEmail(bean);
    } catch (UserStoreException e) {
        log.error("Error while recovering user identity", e);
        throw new IdentityMgtServiceException("Error while recovering user identity");
    } catch (IdentityException e) {
        log.error("Error while recovering user identity", e);
        throw new IdentityMgtServiceException("Error while recovering user identity");
    }
}
Also used : IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO) UserIdentityMgtBean(org.wso2.carbon.identity.mgt.beans.UserIdentityMgtBean) UserStoreException(org.wso2.carbon.user.api.UserStoreException) UserStoreManager(org.wso2.carbon.user.api.UserStoreManager) UserIdentityClaimDTO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Aggregations

IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)9 Test (org.testng.annotations.Test)7 SetEnvironment (org.wso2.carbon.automation.engine.annotations.SetEnvironment)7 VerificationBean (org.wso2.carbon.identity.mgt.stub.beans.VerificationBean)7 UserIdentityClaimDTO (org.wso2.carbon.identity.mgt.stub.dto.UserIdentityClaimDTO)7 UserStoreException (org.wso2.carbon.user.api.UserStoreException)7 ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)7 IdentityException (org.wso2.carbon.identity.base.IdentityException)6 UserIdentityClaimDTO (org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO)6 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)5 UserIdentityClaimsDO (org.wso2.carbon.identity.mgt.dto.UserIdentityClaimsDO)4 UserIdentityDataStore (org.wso2.carbon.identity.mgt.store.UserIdentityDataStore)4 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 RecoveryProcessor (org.wso2.carbon.identity.mgt.RecoveryProcessor)2 VerificationBean (org.wso2.carbon.identity.mgt.beans.VerificationBean)2 NotificationDataDTO (org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)2 UserDTO (org.wso2.carbon.identity.mgt.dto.UserDTO)2 UserRecoveryDTO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)2 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)1