Search in sources :

Example 6 with UserRecoveryDTO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.

the class UserInformationRecoveryService method resendSignUpConfiramtionCode.

/**
 * This method is used to resend selef sign up confiration code when user is not recieved email properly
 *
 * @param userName
 * @param code
 * @param profileName
 * @param tenantDomain
 * @return
 * @throws IdentityMgtServiceException
 */
public VerificationBean resendSignUpConfiramtionCode(String userName, String code, String profileName, String tenantDomain) throws IdentityMgtServiceException {
    VerificationBean vBean = new VerificationBean();
    RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
    if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
        String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
            String msg = "Trying to resend self sign up code  in unauthorized tenant space";
            log.error(msg);
            throw new IdentityMgtServiceException(msg);
        }
        if (tenantDomain == null || tenantDomain.isEmpty()) {
            tenantDomain = loggedInTenant;
        }
    }
    int tenantId;
    try {
        tenantId = Utils.getTenantId(tenantDomain);
    } catch (IdentityException e) {
        vBean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error while resending confirmation code", e);
        return vBean;
    }
    try {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            carbonContext.setTenantId(tenantId);
            carbonContext.setTenantDomain(tenantDomain);
        }
        try {
            vBean = processor.verifyConfirmationCode(1, userName, code);
            if (!vBean.isVerified()) {
                vBean.setError(VerificationBean.ERROR_CODE_INVALID_CODE);
                return vBean;
            }
        } catch (IdentityException e) {
            vBean = handleError("Error while validating confirmation code for user : " + userName, e);
            return vBean;
        }
        try {
            String listenerClassName = IdentityMgtConfig.getInstance().getProperty(IdentityMgtConstants.PropertyConfig.IDENTITY_MGT_LISTENER_CLASS);
            if (StringUtils.isBlank(listenerClassName)) {
                listenerClassName = IdentityMgtEventListener.class.getName();
            }
            IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty(UserOperationEventListener.class.getName(), listenerClassName);
            boolean isListenerEnable = true;
            if (identityEventListenerConfig != null) {
                if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
                    isListenerEnable = Boolean.parseBoolean(identityEventListenerConfig.getEnable());
                }
            }
            IdentityMgtConfig config = IdentityMgtConfig.getInstance();
            if (isListenerEnable && config.isAuthPolicyAccountLockOnCreation()) {
                UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
                userDTO.setTenantId(tenantId);
                UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
                dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
                dto.setNotificationType("EMAIL");
                vBean = processor.updateConfirmationCode(1, userName, tenantId);
                dto.setConfirmationCode(vBean.getKey());
                NotificationDataDTO notificationDto = processor.notifyWithEmail(dto);
                vBean.setVerified(notificationDto.isNotificationSent());
                // Send email data only if not internally managed.
                if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
                    vBean.setNotificationData(notificationDto);
                }
            } else {
                vBean.setVerified(true);
            }
        } catch (IdentityException e) {
            vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e, userName);
            return vBean;
        }
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    return vBean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO) IdentityException(org.wso2.carbon.identity.base.IdentityException) IdentityMgtEventListener(org.wso2.carbon.identity.mgt.IdentityMgtEventListener) IdentityEventListenerConfig(org.wso2.carbon.identity.core.model.IdentityEventListenerConfig) IdentityMgtConfig(org.wso2.carbon.identity.mgt.IdentityMgtConfig)

Example 7 with UserRecoveryDTO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.

the class RecoveryProcessor method notifyWithEmail.

/*
     * TODO - Important. Refactor this method and use recoveryWithNotification instead.
     */
public NotificationDataDTO notifyWithEmail(UserRecoveryDTO notificationBean) throws IdentityException {
    String notificationAddress;
    String confirmationKey = null;
    NotificationSendingModule module = null;
    String userId = notificationBean.getUserId();
    String domainName = notificationBean.getTenantDomain();
    int tenantId = notificationBean.getTenantId();
    confirmationKey = notificationBean.getConfirmationCode();
    String userStore = IdentityUtil.extractDomainFromName(userId);
    String userName = UserCoreUtil.removeDomainFromName(userId);
    NotificationDataDTO notificationData = new NotificationDataDTO();
    if (MessageContext.getCurrentMessageContext() != null && MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS) != null) {
        Map<String, String> transportHeaderMap = (Map) MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS);
        if (MapUtils.isNotEmpty(transportHeaderMap)) {
            TransportHeader[] transportHeadersArray = new TransportHeader[transportHeaderMap.size()];
            int i = 0;
            for (Map.Entry<String, String> entry : transportHeaderMap.entrySet()) {
                TransportHeader transportHeader = new TransportHeader();
                transportHeader.setHeaderName(entry.getKey());
                transportHeader.setHeaderValue(entry.getValue());
                transportHeadersArray[i] = transportHeader;
                ++i;
            }
            notificationData.setTransportHeaders(transportHeadersArray);
        }
    }
    String type = notificationBean.getNotificationType();
    if (type != null) {
        module = modules.get(type);
    }
    if (module == null) {
        module = defaultModule;
    }
    NotificationData emailNotificationData = new NotificationData();
    String emailTemplate = null;
    notificationAddress = module.getNotificationAddress(userId, tenantId);
    if ((notificationAddress == null) || (notificationAddress.trim().length() < 0)) {
        log.warn("Notification address is not defined for user " + userId);
    }
    String firstName = Utils.getClaimFromUserStoreManager(userId, tenantId, "http://wso2.org/claims/givenname");
    emailNotificationData.setTagData(FIRST_NAME, firstName);
    emailNotificationData.setTagData(USER_STORE_DOMAIN, userStore);
    emailNotificationData.setTagData(USER_NAME, userName);
    emailNotificationData.setTagData(TENANT_DOMAIN, domainName);
    emailNotificationData.setSendTo(notificationAddress);
    Config config = null;
    ConfigBuilder configBuilder = ConfigBuilder.getInstance();
    try {
        config = configBuilder.loadConfiguration(ConfigType.EMAIL, StorageType.REGISTRY, tenantId);
    } catch (Exception e1) {
        throw IdentityException.error("Error occurred while loading email templates for user : " + userId, e1);
    }
    if (notificationBean.getNotification() != null) {
        emailTemplate = config.getProperty(notificationBean.getNotification().trim());
        String notification = notificationBean.getNotification().trim();
        notificationData.setNotification(notification);
        if (IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY.equals(notification)) {
            notificationData.setNotificationCode(confirmationKey);
            emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY);
        } else if (IdentityMgtConstants.Notification.ACCOUNT_CONFORM.equals(notification)) {
            notificationData.setNotificationCode(confirmationKey);
            emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
        } else if (IdentityMgtConstants.Notification.TEMPORARY_PASSWORD.equals(notification)) {
            // TODO
            String temporaryPassword = notificationBean.getTemporaryPassword();
            notificationData.setNotificationCode(temporaryPassword);
            emailNotificationData.setTagData(TEMPORARY_PASSWORD, temporaryPassword);
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.TEMPORARY_PASSWORD);
        } else if (IdentityMgtConstants.Notification.ACCOUNT_UNLOCK.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_UNLOCK);
            notificationData.setNotificationCode(userId);
        } else if (IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY);
            notificationData.setNotificationCode(userId);
        } else if (IdentityMgtConstants.Notification.ASK_PASSWORD.equals(notification)) {
            notificationData.setNotificationCode(confirmationKey);
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ASK_PASSWORD);
            emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
        } else if (IdentityMgtConstants.Notification.ACCOUNT_ENABLE.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ENABLE);
            notificationData.setNotificationCode(userId);
        } else if (IdentityMgtConstants.Notification.ACCOUNT_DISABLE.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_DISABLE);
            notificationData.setNotificationCode(userId);
        }
    }
    Notification emailNotification = null;
    try {
        emailNotification = NotificationBuilder.createNotification("EMAIL", emailTemplate, emailNotificationData);
    } catch (Exception e) {
        throw IdentityException.error("Error occurred while creating notification from email template : " + emailTemplate, e);
    }
    notificationData.setNotificationAddress(notificationAddress);
    notificationData.setUserId(userId);
    notificationData.setDomainName(domainName);
    notificationData.setNotificationType(notificationBean.getNotificationType());
    if (IdentityMgtConfig.getInstance().isNotificationInternallyManaged()) {
        module.setNotificationData(notificationData);
        module.setNotification(emailNotification);
        notificationSender.sendNotification(module);
        notificationData.setNotificationSent(true);
    } else {
        notificationData.setNotificationSent(false);
        notificationData.setNotificationCode(confirmationKey);
    }
    return notificationData;
}
Also used : Config(org.wso2.carbon.identity.mgt.config.Config) NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO) UserStoreException(org.wso2.carbon.user.api.UserStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IdentityException(org.wso2.carbon.identity.base.IdentityException) Notification(org.wso2.carbon.identity.mgt.mail.Notification) TransportHeader(org.wso2.carbon.identity.mgt.mail.TransportHeader) ConfigBuilder(org.wso2.carbon.identity.mgt.config.ConfigBuilder) HashMap(java.util.HashMap) Map(java.util.Map) NotificationData(org.wso2.carbon.identity.mgt.mail.NotificationData)

Example 8 with UserRecoveryDTO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.

the class RecoveryProcessor method recoverWithNotification.

/**
 * Processing recovery
 *
 * @param recoveryDTO class that contains user and tenant Information
 * @return true if the reset request is processed successfully.
 * @throws IdentityException if fails
 */
public NotificationDataDTO recoverWithNotification(UserRecoveryDTO recoveryDTO) throws IdentityException {
    String notificationAddress;
    String secretKey = null;
    String confirmationKey = null;
    NotificationSendingModule module = null;
    boolean persistData = true;
    String userId = recoveryDTO.getUserId();
    String domainName = recoveryDTO.getTenantDomain();
    int tenantId = recoveryDTO.getTenantId();
    String userStore = IdentityUtil.extractDomainFromName(userId);
    String userName = UserCoreUtil.removeDomainFromName(userId);
    TenantManager tenantManager = IdentityMgtServiceComponent.getRealmService().getTenantManager();
    try {
        Tenant tenant = tenantManager.getTenant(tenantId);
        if (tenant != null) {
            domainName = tenant.getDomain();
        }
    } catch (UserStoreException e) {
        if (log.isDebugEnabled()) {
            log.debug("No Tenant domain for tenant id " + tenantId, e);
        }
    }
    NotificationDataDTO notificationData = new NotificationDataDTO();
    if (MessageContext.getCurrentMessageContext() != null && MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS) != null) {
        Map<String, String> transportHeaderMap = (Map) MessageContext.getCurrentMessageContext().getProperty(MessageContext.TRANSPORT_HEADERS);
        if (MapUtils.isNotEmpty(transportHeaderMap)) {
            TransportHeader[] transportHeadersArray = new TransportHeader[transportHeaderMap.size()];
            int i = 0;
            for (Map.Entry<String, String> entry : transportHeaderMap.entrySet()) {
                TransportHeader transportHeader = new TransportHeader();
                transportHeader.setHeaderName(entry.getKey());
                transportHeader.setHeaderValue(entry.getValue());
                transportHeadersArray[i] = transportHeader;
                ++i;
            }
            notificationData.setTransportHeaders(transportHeadersArray);
        }
    }
    String internalCode = null;
    String type = recoveryDTO.getNotificationType();
    if (type != null) {
        module = modules.get(type);
    }
    if (module == null) {
        module = defaultModule;
    }
    NotificationData emailNotificationData = new NotificationData();
    String emailTemplate = null;
    notificationAddress = Utils.getEmailAddressForUser(userId, tenantId);
    String firstName = Utils.getClaimFromUserStoreManager(userId, tenantId, "http://wso2.org/claims/givenname");
    emailNotificationData.setTagData(FIRST_NAME, firstName);
    emailNotificationData.setTagData(USER_STORE_DOMAIN, userStore);
    emailNotificationData.setTagData(USER_NAME, userName);
    emailNotificationData.setTagData(TENANT_DOMAIN, domainName);
    if ((notificationAddress == null) || (notificationAddress.trim().length() < 0)) {
        throw IdentityException.error("Notification sending failure. Notification address is not defined for user : " + userId);
    }
    emailNotificationData.setSendTo(notificationAddress);
    if (log.isDebugEnabled()) {
        log.debug("Building notification with data - First name: " + firstName + " User name: " + userId + " Send To: " + notificationAddress);
    }
    Config config = null;
    ConfigBuilder configBuilder = ConfigBuilder.getInstance();
    try {
        config = configBuilder.loadConfiguration(ConfigType.EMAIL, StorageType.REGISTRY, tenantId);
    } catch (Exception e1) {
        throw IdentityException.error("Error while loading email templates for user : " + userId, e1);
    }
    if (recoveryDTO.getNotification() != null) {
        emailTemplate = config.getProperty(recoveryDTO.getNotification().trim());
        String notification = recoveryDTO.getNotification().trim();
        notificationData.setNotification(notification);
        if (IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY.equals(notification) || IdentityMgtConstants.Notification.RESEND_NOTIFICATION.equals(notification)) {
            internalCode = generateUserCode(2, userId);
            try {
                confirmationKey = getUserExternalCodeStr(internalCode);
            } catch (Exception e) {
                throw IdentityException.error("Error while getting user's external code string.", e);
            }
            secretKey = UUIDGenerator.generateUUID();
            emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
            emailTemplate = config.getProperty(notification);
        } else if (IdentityMgtConstants.Notification.ACCOUNT_CONFORM.equals(notification)) {
            confirmationKey = UUIDGenerator.generateUUID();
            secretKey = UUIDGenerator.generateUUID();
            emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
        } else if (IdentityMgtConstants.Notification.TEMPORARY_PASSWORD.equals(notification)) {
            // TODO
            String temporaryPassword = recoveryDTO.getTemporaryPassword();
            if (temporaryPassword == null || temporaryPassword.trim().length() < 1) {
                char[] chars = IdentityMgtConfig.getInstance().getPasswordGenerator().generatePassword();
                temporaryPassword = new String(chars);
            }
            Utils.updatePassword(userId, tenantId, temporaryPassword);
            emailNotificationData.setTagData(TEMPORARY_PASSWORD, temporaryPassword);
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.TEMPORARY_PASSWORD);
            persistData = false;
        } else if (IdentityMgtConstants.Notification.ACCOUNT_UNLOCK.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_UNLOCK);
            persistData = false;
        } else if (IdentityMgtConstants.Notification.ACCOUNT_ENABLE.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ENABLE);
            persistData = false;
        } else if (IdentityMgtConstants.Notification.ACCOUNT_DISABLE.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_DISABLE);
            persistData = false;
        } else if (IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY.equals(notification)) {
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ACCOUNT_ID_RECOVERY);
            persistData = false;
        } else if (IdentityMgtConstants.Notification.ASK_PASSWORD.equals(notification)) {
            if (firstName == null || firstName.isEmpty()) {
                emailNotificationData.setTagData(FIRST_NAME, userId);
            }
            internalCode = generateUserCode(2, userId);
            try {
                confirmationKey = getUserExternalCodeStr(internalCode);
            } catch (Exception e) {
                throw IdentityException.error("Error while with recovering with password.", e);
            }
            secretKey = UUIDGenerator.generateUUID();
            emailNotificationData.setTagData(CONFIRMATION_CODE, confirmationKey);
            emailTemplate = config.getProperty(IdentityMgtConstants.Notification.ASK_PASSWORD);
        }
        if (log.isDebugEnabled()) {
            log.debug("Notification type: " + notification);
        }
    }
    Notification emailNotification = null;
    try {
        emailNotification = NotificationBuilder.createNotification("EMAIL", emailTemplate, emailNotificationData);
    } catch (Exception e) {
        throw IdentityException.error("Error when creating notification for user : " + userId, e);
    }
    notificationData.setNotificationAddress(notificationAddress);
    notificationData.setUserId(userId);
    notificationData.setDomainName(domainName);
    notificationData.setNotificationType(recoveryDTO.getNotificationType());
    if (persistData) {
        UserRecoveryDataDO recoveryDataDO = new UserRecoveryDataDO(userId, tenantId, internalCode, secretKey);
        dataStore.invalidate(userId, tenantId);
        dataStore.store(recoveryDataDO);
    }
    if (IdentityMgtConfig.getInstance().isNotificationInternallyManaged()) {
        module.setNotificationData(notificationData);
        module.setNotification(emailNotification);
        notificationSender.sendNotification(module);
        notificationData.setNotificationSent(true);
    } else {
        notificationData.setNotificationSent(false);
        notificationData.setNotificationCode(confirmationKey);
    }
    return notificationData;
}
Also used : Config(org.wso2.carbon.identity.mgt.config.Config) NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO) UserStoreException(org.wso2.carbon.user.api.UserStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IdentityException(org.wso2.carbon.identity.base.IdentityException) Notification(org.wso2.carbon.identity.mgt.mail.Notification) TransportHeader(org.wso2.carbon.identity.mgt.mail.TransportHeader) Tenant(org.wso2.carbon.user.api.Tenant) UserRecoveryDataDO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO) UserStoreException(org.wso2.carbon.user.api.UserStoreException) ConfigBuilder(org.wso2.carbon.identity.mgt.config.ConfigBuilder) TenantManager(org.wso2.carbon.user.core.tenant.TenantManager) HashMap(java.util.HashMap) Map(java.util.Map) NotificationData(org.wso2.carbon.identity.mgt.mail.NotificationData)

Example 9 with UserRecoveryDTO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.

the class UserInformationRecoveryService method registerUser.

/**
 * This method is used to register an user in the system. The account will be locked if the
 * Authentication.Policy.Account.Lock.On.Creation is set to true. Else user will be able to
 * login after registration.
 *
 * @param userName
 * @param password
 * @param claims
 * @param profileName
 * @param tenantDomain
 * @return
 * @throws IdentityMgtServiceException
 */
public VerificationBean registerUser(String userName, String password, UserIdentityClaimDTO[] claims, String profileName, String tenantDomain) throws IdentityMgtServiceException {
    VerificationBean vBean = new VerificationBean();
    org.wso2.carbon.user.core.UserStoreManager userStoreManager = null;
    Permission permission = null;
    if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
        String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
            String msg = "Trying to create users in unauthorized tenant space";
            log.error(msg);
            throw new IdentityMgtServiceException(msg);
        }
        if (tenantDomain == null || tenantDomain.isEmpty()) {
            tenantDomain = loggedInTenant;
        }
    }
    RealmService realmService = IdentityMgtServiceComponent.getRealmService();
    int tenantId;
    try {
        tenantId = Utils.getTenantId(tenantDomain);
        if (realmService.getTenantUserRealm(tenantId) != null) {
            userStoreManager = (org.wso2.carbon.user.core.UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
        }
    } catch (Exception e) {
        vBean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error retrieving the user store manager for the tenant", e);
        return vBean;
    }
    try {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            carbonContext.setTenantId(tenantId);
            carbonContext.setTenantDomain(tenantDomain);
        }
        if (userStoreManager == null) {
            vBean = new VerificationBean();
            vBean.setVerified(false);
            vBean.setError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error retrieving the user store manager for the tenant");
            return vBean;
        }
        Map<String, String> claimsMap = new HashMap<String, String>();
        for (UserIdentityClaimDTO userIdentityClaimDTO : claims) {
            claimsMap.put(userIdentityClaimDTO.getClaimUri(), userIdentityClaimDTO.getClaimValue());
        }
        userStoreManager.addUser(userName, password, null, claimsMap, profileName);
        String identityRoleName = UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + IdentityConstants.IDENTITY_DEFAULT_ROLE;
        if (!userStoreManager.isExistingRole(identityRoleName, false)) {
            permission = new Permission("/permission/admin/login", UserMgtConstants.EXECUTE_ACTION);
            userStoreManager.addRole(identityRoleName, new String[] { userName }, new Permission[] { permission }, false);
        } else {
            userStoreManager.updateUserListOfRole(identityRoleName, new String[] {}, new String[] { userName });
        }
        String listenerClassName = IdentityMgtConfig.getInstance().getProperty(IdentityMgtConstants.PropertyConfig.IDENTITY_MGT_LISTENER_CLASS);
        if (StringUtils.isBlank(listenerClassName)) {
            listenerClassName = IdentityMgtEventListener.class.getName();
        }
        IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty(UserOperationEventListener.class.getName(), listenerClassName);
        boolean isListenerEnable = true;
        if (identityEventListenerConfig != null) {
            if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
                isListenerEnable = Boolean.parseBoolean(identityEventListenerConfig.getEnable());
            }
        }
        IdentityMgtConfig config = IdentityMgtConfig.getInstance();
        if (isListenerEnable && config.isAuthPolicyAccountLockOnCreation()) {
            UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
            userDTO.setTenantId(tenantId);
            UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
            dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
            dto.setNotificationType("EMAIL");
            RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
            vBean = processor.updateConfirmationCode(1, userName, tenantId);
            dto.setConfirmationCode(vBean.getKey());
            NotificationDataDTO notificationDto = processor.notifyWithEmail(dto);
            vBean.setVerified(notificationDto.isNotificationSent());
            // Send email data only if not internally managed.
            if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
                vBean.setNotificationData(notificationDto);
            }
        } else {
            vBean.setVerified(true);
        }
    } catch (UserStoreException | IdentityException e) {
        vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e, userName);
        // Rollback if user exists
        try {
            if (!e.getMessage().contains(IdentityCoreConstants.EXISTING_USER) && userStoreManager.isExistingUser(userName)) {
                userStoreManager.deleteUser(userName);
            }
        } catch (UserStoreException e1) {
            vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e1, userName);
        }
        return vBean;
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    return vBean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) UserOperationEventListener(org.wso2.carbon.user.core.listener.UserOperationEventListener) HashMap(java.util.HashMap) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO) UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO) IdentityException(org.wso2.carbon.identity.base.IdentityException) IdentityMgtEventListener(org.wso2.carbon.identity.mgt.IdentityMgtEventListener) Permission(org.wso2.carbon.user.core.Permission) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IdentityEventListenerConfig(org.wso2.carbon.identity.core.model.IdentityEventListenerConfig) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IdentityMgtServiceException(org.wso2.carbon.identity.mgt.IdentityMgtServiceException) IdentityException(org.wso2.carbon.identity.base.IdentityException) RealmService(org.wso2.carbon.user.core.service.RealmService) UserIdentityClaimDTO(org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO) IdentityMgtConfig(org.wso2.carbon.identity.mgt.IdentityMgtConfig)

Example 10 with UserRecoveryDTO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO in project carbon-identity-framework by wso2.

the class UserInformationRecoveryService method sendNotification.

private VerificationBean sendNotification(String username, String key, String notificationType, String notification) {
    UserDTO userDTO = null;
    VerificationBean bean = null;
    if (log.isDebugEnabled()) {
        log.debug("User recovery notification sending request received with username : " + username + " notification" + " type :" + notificationType);
    }
    try {
        userDTO = Utils.processUserId(username);
    } catch (IdentityException e) {
        bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " invalid user : " + username, e);
        return bean;
    }
    RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
    try {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            carbonContext.setTenantId(userDTO.getTenantId());
            carbonContext.setTenantDomain(userDTO.getTenantDomain());
        }
        bean = processor.verifyConfirmationCode(1, userDTO.getUserId(), key);
        if (!bean.isVerified()) {
            log.error("Invalid user is trying to recover the password with username : " + username);
            bean = handleError(VerificationBean.ERROR_CODE_INVALID_USER + " Invalid user is trying to recover the password with username : " + username, null);
            return bean;
        }
    } catch (IdentityException e1) {
        bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e1, username);
        if (bean.getError() == null) {
            bean = handleError(VerificationBean.ERROR_CODE_INVALID_CODE + " Invalid confirmation code for user : " + username, e1);
        }
        return bean;
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
    dto.setNotification(notification);
    dto.setNotificationType(notificationType);
    NotificationDataDTO dataDTO = null;
    try {
        if (log.isDebugEnabled()) {
            log.debug("Initiating the notification sending process");
        }
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            carbonContext.setTenantId(userDTO.getTenantId());
            carbonContext.setTenantDomain(userDTO.getTenantDomain());
        }
        dataDTO = processor.recoverWithNotification(dto);
        // Send email data only if not internally managed.
        if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
            bean.setNotificationData(dataDTO);
        }
    } catch (IdentityException e) {
        bean = UserIdentityManagementUtil.getCustomErrorMessagesToVerifyCode(e, username);
        if (bean.getError() == null) {
            bean = handleError(VerificationBean.ERROR_CODE_RECOVERY_NOTIFICATION_FAILURE + ": " + VerificationBean.ERROR_CODE_UNEXPECTED + " Error when sending recovery message for " + "user: " + username, e);
        }
        return bean;
    } finally {
        if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }
    return bean;
}
Also used : VerificationBean(org.wso2.carbon.identity.mgt.beans.VerificationBean) UserDTO(org.wso2.carbon.identity.mgt.dto.UserDTO) NotificationDataDTO(org.wso2.carbon.identity.mgt.dto.NotificationDataDTO) RecoveryProcessor(org.wso2.carbon.identity.mgt.RecoveryProcessor) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) UserRecoveryDTO(org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO) IdentityException(org.wso2.carbon.identity.base.IdentityException)

Aggregations

IdentityException (org.wso2.carbon.identity.base.IdentityException)12 UserRecoveryDTO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO)10 UserDTO (org.wso2.carbon.identity.mgt.dto.UserDTO)9 NotificationDataDTO (org.wso2.carbon.identity.mgt.dto.NotificationDataDTO)8 IdentityMgtServiceException (org.wso2.carbon.identity.mgt.IdentityMgtServiceException)7 UserStoreException (org.wso2.carbon.user.api.UserStoreException)7 RecoveryProcessor (org.wso2.carbon.identity.mgt.RecoveryProcessor)5 VerificationBean (org.wso2.carbon.identity.mgt.beans.VerificationBean)5 HashMap (java.util.HashMap)3 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)3 UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)3 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 Map (java.util.Map)2 IdentityEventListenerConfig (org.wso2.carbon.identity.core.model.IdentityEventListenerConfig)2 IdentityMgtConfig (org.wso2.carbon.identity.mgt.IdentityMgtConfig)2 IdentityMgtEventListener (org.wso2.carbon.identity.mgt.IdentityMgtEventListener)2 Config (org.wso2.carbon.identity.mgt.config.Config)2 ConfigBuilder (org.wso2.carbon.identity.mgt.config.ConfigBuilder)2 UserRecoveryDataDO (org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO)2