Example 6 with UserRecoveryDTO
use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method resendSignUpConfiramtionCode.
/**
* This method is used to resend selef sign up confiration code when user is not recieved email properly
*
* @param userName
* @param code
* @param profileName
* @param tenantDomain
* @return
* @throws IdentityMgtServiceException
*/
public VerificationBean resendSignUpConfiramtionCode(String userName, String code, String profileName, String tenantDomain) throws IdentityMgtServiceException {
VerificationBean vBean = new VerificationBean();
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
String msg = "Trying to resend self sign up code in unauthorized tenant space";
log.error(msg);
throw new IdentityMgtServiceException(msg);
}
if (tenantDomain == null || tenantDomain.isEmpty()) {
tenantDomain = loggedInTenant;
}
}
int tenantId;
try {
tenantId = Utils.getTenantId(tenantDomain);
} catch (IdentityException e) {
vBean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error while resending confirmation code", e);
return vBean;
}
try {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(tenantId);
carbonContext.setTenantDomain(tenantDomain);
}
try {
vBean = processor.verifyConfirmationCode(1, userName, code);
if (!vBean.isVerified()) {
vBean.setError(VerificationBean.ERROR_CODE_INVALID_CODE);
return vBean;
}
} catch (IdentityException e) {
vBean = handleError("Error while validating confirmation code for user : " + userName, e);
return vBean;
}
try {
String listenerClassName = IdentityMgtConfig.getInstance().getProperty(IdentityMgtConstants.PropertyConfig.IDENTITY_MGT_LISTENER_CLASS);
if (StringUtils.isBlank(listenerClassName)) {
listenerClassName = IdentityMgtEventListener.class.getName();
}
IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty(UserOperationEventListener.class.getName(), listenerClassName);
boolean isListenerEnable = true;
if (identityEventListenerConfig != null) {
if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
isListenerEnable = Boolean.parseBoolean(identityEventListenerConfig.getEnable());
}
}
IdentityMgtConfig config = IdentityMgtConfig.getInstance();
if (isListenerEnable && config.isAuthPolicyAccountLockOnCreation()) {
UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
userDTO.setTenantId(tenantId);
UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
dto.setNotificationType("EMAIL");
vBean = processor.updateConfirmationCode(1, userName, tenantId);
dto.setConfirmationCode(vBean.getKey());
NotificationDataDTO notificationDto = processor.notifyWithEmail(dto);
vBean.setVerified(notificationDto.isNotificationSent());
// Send email data only if not internally managed.
if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
vBean.setNotificationData(notificationDto);
}
} else {
vBean.setVerified(true);
}
} catch (IdentityException e) {
vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e, userName);
return vBean;
}
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return vBean;
}
Also used :
VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean)
IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException)
UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener)
UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO)
NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)
RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
IdentityMgtEventListener(org.wso2.carbon.identity.mgt.IdentityMgtEventListener)
IdentityEventListenerConfig(org.wso2.carbon.identity.core.model.IdentityEventListenerConfig)
IdentityMgtConfig(org.wso2.carbon.identity.mgt.IdentityMgtConfig)
Example 7 with UserRecoveryDTO
use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.
the class RecoveryProcessor method notifyWithEmail.
/*
* TODO - Important. Refactor this method and use recoveryWithNotification instead.
*/
public NotificationDataDTO notifyWithEmail(UserRecoveryDTO notificationBean) throws IdentityException {
String notificationAddress;
String confirmationKey = null;
NotificationSendingModule module = null;
String userId = notificationBean.getUserId();
String domainName = notificationBean.getTenantDomain();
int tenantId = notificationBean.getTenantId();
confirmationKey = notificationBean.getConfirmationCode();
String userStore = IdentityUtil.extractDomainFromName(userId);
String userName = UserCoreUtil.removeDomainFromName(userId);
NotificationDataDTO notificationData = new NotificationDataDTO();
if (MessageContext.getCurrentMessageContext() != null && MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS) != null) {
Map<String, String> transportHeaderMap = (Map) MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS);
if (MapUtils.isNotEmpty(transportHeaderMap)) {
TransportHeader[] transportHeadersArray = new TransportHeader[transportHeaderMap.size()];
int i = 0;
for (Map.Entry<String, String> entry : transportHeaderMap.entrySet()) {
TransportHeader transportHeader = new TransportHeader();
transportHeader.setHeaderName(entry.getKey());
transportHeader.setHeaderValue(entry.getValue());
transportHeadersArray[i] = transportHeader;
++i;
}
notificationData.setTransportHeaders(transportHeadersArray);
}
}
String type = notificationBean.getNotificationType();
if (type != null) {
module = modules.get(type);
}
if (module == null) {
module = defaultModule;
}
NotificationData emailNotificationData = new NotificationData();
String emailTemplate = null;
notificationAddress = module.getNotificationAddress(userId, tenantId);
if ((notificationAddress == null) || (notificationAddress.trim().length() < 0)) {
log.warn("Notification address is not defined for user " + userId);
}
String firstName = Utils.getClaimFromUserStoreManager(userId, tenantId, "http://wso2.org/claims/givenname");
emailNotificationData.setTagData(FIRST_NAME, firstName);
emailNotificationData.setTagData(USER_STORE_DOMAIN, userStore);
emailNotificationData.setTagData(USER_NAME, userName);
emailNotificationData.setTagData(TENANT_DOMAIN, domainName);
emailNotificationData.setSendTo(notificationAddress);
Config config = null;
ConfigBuilder configBuilder = ConfigBuilder.getInstance();
try {
config = configBuilder.loadConfiguration(ConfigType.EMAIL, StorageType.REGISTRY, tenantId);
} catch (Exception e1) {
throw IdentityException.error("Error occurred while loading email templates for user : " + userId, e1);
}
if (notificationBean.getNotification() != null) {
emailTemplate = config.getProperty(notificationBean.getNotification().trim());
String notification = notificationBean.getNotification().trim();
notificationData.setNotification(notification);
if (IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY.equals(notification)) {
notificationData.setNotificationCode(confirmationKey);
emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY);
} else if (IdentityMgtConstants.Notification.ACCOUNT_CONFORM.equals(notification)) {
notificationData.setNotificationCode(confirmationKey);
emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
} else if (IdentityMgtConstants.Notification.TEMPORARY_PASSWORD.equals(notification)) {
// TODO
String temporaryPassword = notificationBean.getTemporaryPassword();
notificationData.setNotificationCode(temporaryPassword);
emailNotificationData.setTagData(TEMPORARY_PASSWORD, temporaryPassword);
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.TEMPORARY_PASSWORD);
} else if (IdentityMgtConstants.Notification.ACCOUNT_UNLOCK.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_UNLOCK);
notificationData.setNotificationCode(userId);
} else if (IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY);
notificationData.setNotificationCode(userId);
} else if (IdentityMgtConstants.Notification.ASK_PASSWORD.equals(notification)) {
notificationData.setNotificationCode(confirmationKey);
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ASK_PASSWORD);
emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
} else if (IdentityMgtConstants.Notification.ACCOUNT_ENABLE.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ENABLE);
notificationData.setNotificationCode(userId);
} else if (IdentityMgtConstants.Notification.ACCOUNT_DISABLE.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_DISABLE);
notificationData.setNotificationCode(userId);
}
}
Notification emailNotification = null;
try {
emailNotification = NotificationBuilder.createNotification("EMAIL", emailTemplate, emailNotificationData);
} catch (Exception e) {
throw IdentityException.error("Error occurred while creating notification from email template : " + emailTemplate, e);
}
notificationData.setNotificationAddress(notificationAddress);
notificationData.setUserId(userId);
notificationData.setDomainName(domainName);
notificationData.setNotificationType(notificationBean.getNotificationType());
if (IdentityMgtConfig.getInstance().isNotificationInternallyManaged()) {
module.setNotificationData(notificationData);
module.setNotification(emailNotification);
notificationSender.sendNotification(module);
notificationData.setNotificationSent(true);
} else {
notificationData.setNotificationSent(false);
notificationData.setNotificationCode(confirmationKey);
}
return notificationData;
}
Also used :
Config(org.wso2.carbon.identity.mgt.config.Config)
NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
Notification(org.wso2.carbon.identity.mgt.mail.Notification)
TransportHeader(org.wso2.carbon.identity.mgt.mail.TransportHeader)
ConfigBuilder(org.wso2.carbon.identity.mgt.config.ConfigBuilder)
HashMap(java.util.HashMap)
Map(java.util.Map)
NotificationData(org.wso2.carbon.identity.mgt.mail.NotificationData)
Example 8 with UserRecoveryDTO
use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.
the class RecoveryProcessor method recoverWithNotification.
/**
* Processing recovery
*
* @param recoveryDTO class that contains user and tenant Information
* @return true if the reset request is processed successfully.
* @throws IdentityException if fails
*/
public NotificationDataDTO recoverWithNotification(UserRecoveryDTO recoveryDTO) throws IdentityException {
String notificationAddress;
String secretKey = null;
String confirmationKey = null;
NotificationSendingModule module = null;
boolean persistData = true;
String userId = recoveryDTO.getUserId();
String domainName = recoveryDTO.getTenantDomain();
int tenantId = recoveryDTO.getTenantId();
String userStore = IdentityUtil.extractDomainFromName(userId);
String userName = UserCoreUtil.removeDomainFromName(userId);
TenantManager tenantManager = IdentityMgtServiceComponent.getRealmService().getTenantManager();
try {
Tenant tenant = tenantManager.getTenant(tenantId);
if (tenant != null) {
domainName = tenant.getDomain();
}
} catch (UserStoreException e) {
if (log.isDebugEnabled()) {
log.debug("No Tenant domain for tenant id " + tenantId, e);
}
}
NotificationDataDTO notificationData = new NotificationDataDTO();
if (MessageContext.getCurrentMessageContext() != null && MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS) != null) {
Map<String, String> transportHeaderMap = (Map) MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS);
if (MapUtils.isNotEmpty(transportHeaderMap)) {
TransportHeader[] transportHeadersArray = new TransportHeader[transportHeaderMap.size()];
int i = 0;
for (Map.Entry<String, String> entry : transportHeaderMap.entrySet()) {
TransportHeader transportHeader = new TransportHeader();
transportHeader.setHeaderName(entry.getKey());
transportHeader.setHeaderValue(entry.getValue());
transportHeadersArray[i] = transportHeader;
++i;
}
notificationData.setTransportHeaders(transportHeadersArray);
}
}
String internalCode = null;
String type = recoveryDTO.getNotificationType();
if (type != null) {
module = modules.get(type);
}
if (module == null) {
module = defaultModule;
}
NotificationData emailNotificationData = new NotificationData();
String emailTemplate = null;
notificationAddress = Utils.getEmailAddressForUser(userId, tenantId);
String firstName = Utils.getClaimFromUserStoreManager(userId, tenantId, "http://wso2.org/claims/givenname");
emailNotificationData.setTagData(FIRST_NAME, firstName);
emailNotificationData.setTagData(USER_STORE_DOMAIN, userStore);
emailNotificationData.setTagData(USER_NAME, userName);
emailNotificationData.setTagData(TENANT_DOMAIN, domainName);
if ((notificationAddress == null) || (notificationAddress.trim().length() < 0)) {
throw IdentityException.error("Notification sending failure. Notification address is not defined for user : " + userId);
}
emailNotificationData.setSendTo(notificationAddress);
if (log.isDebugEnabled()) {
log.debug("Building notification with data - First name: " + firstName + " User name: " + userId + " Send To: " + notificationAddress);
}
Config config = null;
ConfigBuilder configBuilder = ConfigBuilder.getInstance();
try {
config = configBuilder.loadConfiguration(ConfigType.EMAIL, StorageType.REGISTRY, tenantId);
} catch (Exception e1) {
throw IdentityException.error("Error while loading email templates for user : " + userId, e1);
}
if (recoveryDTO.getNotification() != null) {
emailTemplate = config.getProperty(recoveryDTO.getNotification().trim());
String notification = recoveryDTO.getNotification().trim();
notificationData.setNotification(notification);
if (IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY.equals(notification) || IdentityMgtConstants.Notification.RESEND_NOTIFICATION.equals(notification)) {
internalCode = generateUserCode(2, userId);
try {
confirmationKey = getUserExternalCodeStr(internalCode);
} catch (Exception e) {
throw IdentityException.error("Error while getting user's external code string.", e);
}
secretKey = UUIDGenerator.generateUUID();
emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
emailTemplate = config.getProperty(notification);
} else if (IdentityMgtConstants.Notification.ACCOUNT_CONFORM.equals(notification)) {
confirmationKey = UUIDGenerator.generateUUID();
secretKey = UUIDGenerator.generateUUID();
emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
} else if (IdentityMgtConstants.Notification.TEMPORARY_PASSWORD.equals(notification)) {
// TODO
String temporaryPassword = recoveryDTO.getTemporaryPassword();
if (temporaryPassword == null || temporaryPassword.trim().length() < 1) {
char[] chars = IdentityMgtConfig.getInstance().getPasswordGenerator().generatePassword();
temporaryPassword = new String(chars);
}
Utils.updatePassword(userId, tenantId, temporaryPassword);
emailNotificationData.setTagData(TEMPORARY_PASSWORD, temporaryPassword);
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.TEMPORARY_PASSWORD);
persistData = false;
} else if (IdentityMgtConstants.Notification.ACCOUNT_UNLOCK.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_UNLOCK);
persistData = false;
} else if (IdentityMgtConstants.Notification.ACCOUNT_ENABLE.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ENABLE);
persistData = false;
} else if (IdentityMgtConstants.Notification.ACCOUNT_DISABLE.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_DISABLE);
persistData = false;
} else if (IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY.equals(notification)) {
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY);
persistData = false;
} else if (IdentityMgtConstants.Notification.ASK_PASSWORD.equals(notification)) {
if (firstName == null || firstName.isEmpty()) {
emailNotificationData.setTagData(FIRST_NAME, userId);
}
internalCode = generateUserCode(2, userId);
try {
confirmationKey = getUserExternalCodeStr(internalCode);
} catch (Exception e) {
throw IdentityException.error("Error while with recovering with password.", e);
}
secretKey = UUIDGenerator.generateUUID();
emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ASK_PASSWORD);
}
if (log.isDebugEnabled()) {
log.debug("Notification type: " + notification);
}
}
Notification emailNotification = null;
try {
emailNotification = NotificationBuilder.createNotification("EMAIL", emailTemplate, emailNotificationData);
} catch (Exception e) {
throw IdentityException.error("Error when creating notification for user : " + userId, e);
}
notificationData.setNotificationAddress(notificationAddress);
notificationData.setUserId(userId);
notificationData.setDomainName(domainName);
notificationData.setNotificationType(recoveryDTO.getNotificationType());
if (persistData) {
UserRecoveryDataDO recoveryDataDO = new UserRecoveryDataDO(userId, tenantId, internalCode, secretKey);
dataStore.invalidate(userId, tenantId);
dataStore.store(recoveryDataDO);
}
if (IdentityMgtConfig.getInstance().isNotificationInternallyManaged()) {
module.setNotificationData(notificationData);
module.setNotification(emailNotification);
notificationSender.sendNotification(module);
notificationData.setNotificationSent(true);
} else {
notificationData.setNotificationSent(false);
notificationData.setNotificationCode(confirmationKey);
}
return notificationData;
}
Also used :
Config(org.wso2.carbon.identity.mgt.config.Config)
NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
Notification(org.wso2.carbon.identity.mgt.mail.Notification)
TransportHeader(org.wso2.carbon.identity.mgt.mail.TransportHeader)
Tenant(org.wso2.carbon.user.api.Tenant)
UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
ConfigBuilder(org.wso2.carbon.identity.mgt.config.ConfigBuilder)
TenantManager(org.wso2.carbon.user.core.tenant.TenantManager)
HashMap(java.util.HashMap)
Map(java.util.Map)
NotificationData(org.wso2.carbon.identity.mgt.mail.NotificationData)
Example 9 with UserRecoveryDTO
use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method registerUser.
/**
* This method is used to register an user in the system. The account will be locked if the
* Authentication.Policy.Account.Lock.On.Creation is set to true. Else user will be able to
* login after registration.
*
* @param userName
* @param password
* @param claims
* @param profileName
* @param tenantDomain
* @return
* @throws IdentityMgtServiceException
*/
public VerificationBean registerUser(String userName, String password, UserIdentityClaimDTO[] claims, String profileName, String tenantDomain) throws IdentityMgtServiceException {
VerificationBean vBean = new VerificationBean();
org.wso2.carbon.user.core.UserStoreManager userStoreManager = null;
Permission permission = null;
if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
String msg = "Trying to create users in unauthorized tenant space";
log.error(msg);
throw new IdentityMgtServiceException(msg);
}
if (tenantDomain == null || tenantDomain.isEmpty()) {
tenantDomain = loggedInTenant;
}
}
RealmService realmService = IdentityMgtServiceComponent.getRealmService();
int tenantId;
try {
tenantId = Utils.getTenantId(tenantDomain);
if (realmService.getTenantUserRealm(tenantId) != null) {
userStoreManager = (org.wso2.carbon.user.core.UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
}
} catch (Exception e) {
vBean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error retrieving the user store manager for the tenant", e);
return vBean;
}
try {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(tenantId);
carbonContext.setTenantDomain(tenantDomain);
}
if (userStoreManager == null) {
vBean = new VerificationBean();
vBean.setVerified(false);
vBean.setError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error retrieving the user store manager for the tenant");
return vBean;
}
Map<String, String> claimsMap = new HashMap<String, String>();
for (UserIdentityClaimDTO userIdentityClaimDTO : claims) {
claimsMap.put(userIdentityClaimDTO.getClaimUri(), userIdentityClaimDTO.getClaimValue());
}
userStoreManager.addUser(userName, password, null, claimsMap, profileName);
String identityRoleName = UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + IdentityConstants.IDENTITY_DEFAULT_ROLE;
if (!userStoreManager.isExistingRole(identityRoleName, false)) {
permission = new Permission("/permission/admin/login", UserMgtConstants.EXECUTE_ACTION);
userStoreManager.addRole(identityRoleName, new String[] { userName }, new Permission[] { permission }, false);
} else {
userStoreManager.updateUserListOfRole(identityRoleName, new String[] {}, new String[] { userName });
}
String listenerClassName = IdentityMgtConfig.getInstance().getProperty(IdentityMgtConstants.PropertyConfig.IDENTITY_MGT_LISTENER_CLASS);
if (StringUtils.isBlank(listenerClassName)) {
listenerClassName = IdentityMgtEventListener.class.getName();
}
IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty(UserOperationEventListener.class.getName(), listenerClassName);
boolean isListenerEnable = true;
if (identityEventListenerConfig != null) {
if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
isListenerEnable = Boolean.parseBoolean(identityEventListenerConfig.getEnable());
}
}
IdentityMgtConfig config = IdentityMgtConfig.getInstance();
if (isListenerEnable && config.isAuthPolicyAccountLockOnCreation()) {
UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
userDTO.setTenantId(tenantId);
UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
dto.setNotificationType("EMAIL");
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
vBean = processor.updateConfirmationCode(1, userName, tenantId);
dto.setConfirmationCode(vBean.getKey());
NotificationDataDTO notificationDto = processor.notifyWithEmail(dto);
vBean.setVerified(notificationDto.isNotificationSent());
// Send email data only if not internally managed.
if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
vBean.setNotificationData(notificationDto);
}
} else {
vBean.setVerified(true);
}
} catch (UserStoreException | IdentityException e) {
vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e, userName);
// Rollback if user exists
try {
if (!e.getMessage().contains(IdentityCoreConstants.EXISTING_USER) && userStoreManager.isExistingUser(userName)) {
userStoreManager.deleteUser(userName);
}
} catch (UserStoreException e1) {
vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e1, userName);
}
return vBean;
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return vBean;
}
Also used :
VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean)
IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException)
UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener)
HashMap(java.util.HashMap)
UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO)
NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)
UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
IdentityMgtEventListener(org.wso2.carbon.identity.mgt.IdentityMgtEventListener)
Permission(org.wso2.carbon.user.core.Permission)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IdentityEventListenerConfig(org.wso2.carbon.identity.core.model.IdentityEventListenerConfig)
RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
RealmService(org.wso2.carbon.user.core.service.RealmService)
UserIdentityClaimDTO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO)
IdentityMgtConfig(org.wso2.carbon.identity.mgt.IdentityMgtConfig)
Example 10 with UserRecoveryDTO
use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method sendNotification.
private VerificationBean sendNotification(String username, String key, String notificationType, String notification) {
UserDTO userDTO = null;
VerificationBean bean = null;
if (log.isDebugEnabled()) {
log.debug("User recovery notification sending request received with username : " + username + " notification" + " type :" + notificationType);
}
try {
userDTO = Utils.processUserId(username);
} catch (IdentityException e) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " invalid user : " + username, e);
return bean;
}
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
try {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(userDTO.getTenantId());
carbonContext.setTenantDomain(userDTO.getTenantDomain());
}
bean = processor.verifyConfirmationCode(1, userDTO.getUserId(), key);
if (!bean.isVerified()) {
log.error("Invalid user is trying to recover the password with username : " + username);
bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " Invalid user is trying to recover the password with username : " + username, null);
return bean;
}
} catch (IdentityException e1) {
bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e1, username);
if (bean.getError() == null) {
bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Invalid confirmation code for user : " + username, e1);
}
return bean;
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
dto.setNotification(notification);
dto.setNotificationType(notificationType);
NotificationDataDTO dataDTO = null;
try {
if (log.isDebugEnabled()) {
log.debug("Initiating the notification sending process");
}
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(userDTO.getTenantId());
carbonContext.setTenantDomain(userDTO.getTenantDomain());
}
dataDTO = processor.recoverWithNotification(dto);
// Send email data only if not internally managed.
if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
bean.setNotificationData(dataDTO);
}
} catch (IdentityException e) {
bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e, username);
if (bean.getError() == null) {
bean = handleError(VerificationBean.ERROR_CODE_RECOVERY_NOTIFICATION_FAILURE + ": " + VerificationBean.ERROR_CODE_UNEXPECTED + " Error when sending recovery message for " + "user: " + username, e);
}
return bean;
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return bean;
}
Also used :
VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean)
UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO)
NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)
RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
Aggregations
IdentityException (org.wso2.carbon.identity.base.IdentityException)12
UserRecoveryDTO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)10
UserDTO (org.wso2.carbon.identity.mgt.dto.UserDTO)9
NotificationDataDTO (org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)8
IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)7
UserStoreException (org.wso2.carbon.user.api.UserStoreException)7
RecoveryProcessor (org.wso2.carbon.identity.mgt.RecoveryProcessor)5
VerificationBean (org.wso2.carbon.identity.mgt.beans.VerificationBean)5
HashMap (java.util.HashMap)3
PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)3
UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)3
AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
Map (java.util.Map)2
IdentityEventListenerConfig (org.wso2.carbon.identity.core.model.IdentityEventListenerConfig)2
IdentityMgtConfig (org.wso2.carbon.identity.mgt.IdentityMgtConfig)2
IdentityMgtEventListener (org.wso2.carbon.identity.mgt.IdentityMgtEventListener)2
Config (org.wso2.carbon.identity.mgt.config.Config)2
ConfigBuilder (org.wso2.carbon.identity.mgt.config.ConfigBuilder)2
UserRecoveryDataDO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO)2
