Examples with UserRecoveryDataDO org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO used on opensource projects

Example 6 with UserRecoveryDataDO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO in project carbon-identity-framework by wso2.

the class JDBCUserRecoveryDataStore method load.

/**
 * This method should return only one result. An exception will be thrown if
 * duplicate entries found.
 * This can be used to check if the given metada exist in the database or to
 * check the validity.
 *
 * @return
 * @throws IdentityException
 */
/**
 * @param userName
 * @param tenantId
 * @return
 * @throws IdentityException
 */
@Override
@Deprecated
public UserRecoveryDataDO[] load(String userName, int tenantId) throws IdentityException {
    Connection connection = IdentityDatabaseUtil.getDBConnection(false);
    PreparedStatement prepStmt = null;
    ResultSet results = null;
    try {
        prepStmt = connection.prepareStatement(SQLQuery.LOAD_USER_METADATA);
        prepStmt.setString(1, userName.toLowerCase());
        prepStmt.setInt(2, IdentityTenantUtil.getTenantIdOfUser(userName));
        results = prepStmt.executeQuery();
        List<UserRecoveryDataDO> metada = new ArrayList<UserRecoveryDataDO>();
        while (results.next()) {
            metada.add(new UserRecoveryDataDO(results.getString(1), results.getInt(2), results.getString(3), results.getString(4)));
        }
        UserRecoveryDataDO[] resultMetadata = new UserRecoveryDataDO[metada.size()];
        return metada.toArray(resultMetadata);
    } catch (SQLException e) {
        throw IdentityException.error("Error while reading user identity data", e);
    } finally {
        IdentityDatabaseUtil.closeResultSet(results);
        IdentityDatabaseUtil.closeStatement(prepStmt);
        IdentityDatabaseUtil.closeConnection(connection);
    }
}

Example 7 with UserRecoveryDataDO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO in project carbon-identity-framework by wso2.

the class RegistryRecoveryDataStore method load.

@Override
public UserRecoveryDataDO load(String code) throws IdentityException {
    Registry registry = null;
    UserRecoveryDataDO dataDO = new UserRecoveryDataDO();
    try {
        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
        String tenantDomain = IdentityTenantUtil.getTenantDomain(tenantId);
        IdentityTenantUtil.initializeRegistry(tenantId);
        registry = IdentityMgtServiceComponent.getRegistryService().getConfigSystemRegistry(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
        registry.beginTransaction();
        String secretKeyPath = IdentityMgtConstants.IDENTITY_MANAGEMENT_DATA + RegistryConstants.PATH_SEPARATOR + code.toLowerCase();
        if (registry.resourceExists(secretKeyPath)) {
            Resource resource = registry.get(secretKeyPath);
            Properties props = resource.getProperties();
            for (Object o : props.keySet()) {
                String key = (String) o;
                if (key.equals(USER_ID)) {
                    dataDO.setUserName(resource.getProperty(key));
                } else if (key.equals(SECRET_KEY)) {
                    dataDO.setSecret(resource.getProperty(key));
                } else if (key.equals(EXPIRE_TIME)) {
                    String time = resource.getProperty(key);
                    dataDO.setExpireTime(time);
                    if (System.currentTimeMillis() > Long.parseLong(time)) {
                        dataDO.setValid(false);
                        break;
                    } else {
                        dataDO.setValid(true);
                    }
                }
            }
        } else {
            return null;
        }
    } catch (RegistryException e) {
        log.error(e);
        throw IdentityException.error("Error while loading user recovery data for code : " + code);
    } finally {
        if (registry != null) {
            try {
                registry.commitTransaction();
            } catch (RegistryException e) {
                log.error("Error while processing registry transaction", e);
            }
        }
    }
    return dataDO;
}

Example 8 with UserRecoveryDataDO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO in project carbon-identity-framework by wso2.

the class IdentityMgtEventListener method doPostAddUser.

/**
 * This method locks the created accounts based on the account policies or
 * based on the account confirmation method being used. Two account
 * confirmation methods are used : Temporary Password and Verification Code.
 * In the case of temporary password is used the temporary password will be
 * emailed to the user. In the case of verification code, the code will be
 * emailed to the user. The security questions filter ad doPreAddUser will
 * be persisted in this method.
 */
@Override
public boolean doPostAddUser(String userName, Object credential, String[] roleList, Map<String, String> claims, String profile, UserStoreManager userStoreManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    // Top level try and finally blocks are used to unset thread local variables
    try {
        if (!IdentityUtil.threadLocalProperties.get().containsKey(DO_POST_ADD_USER)) {
            IdentityUtil.threadLocalProperties.get().put(DO_POST_ADD_USER, true);
            if (log.isDebugEnabled()) {
                log.debug("Post add user is called in IdentityMgtEventListener");
            }
            IdentityMgtConfig config = IdentityMgtConfig.getInstance();
            // reading the value from the thread local
            UserIdentityClaimsDO userIdentityClaimsDO = (UserIdentityClaimsDO) IdentityUtil.threadLocalProperties.get().get(USER_IDENTITY_DO);
            if (config.isEnableUserAccountVerification() && IdentityUtil.threadLocalProperties.get().containsKey(EMPTY_PASSWORD_USED)) {
                // empty password account creation
                String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
                if (!UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(domainName)) {
                    userName = domainName + UserCoreConstants.DOMAIN_SEPARATOR + userName;
                }
                // store identity data
                userIdentityClaimsDO.getUserDataMap().put(UserIdentityDataStore.ACCOUNT_LOCKED_REASON, "");
                userIdentityClaimsDO.setAccountLock(false);
                try {
                    module.store(userIdentityClaimsDO, userStoreManager);
                } catch (IdentityException e) {
                    // roleback user
                    userStoreManager.deleteUser(userName);
                    throw new UserStoreException("Error while saving user store for user : " + userName, e);
                }
                // store identity metadata
                UserRecoveryDataDO metadataDO = new UserRecoveryDataDO();
                metadataDO.setUserName(userName).setTenantId(userStoreManager.getTenantId()).setCode((String) credential);
                // set recovery data
                RecoveryProcessor processor = new RecoveryProcessor();
                UserRecoveryDTO recoveryDto = new UserRecoveryDTO(userName);
                recoveryDto.setNotification(IdentityMgtConstants.Notification.ASK_PASSWORD);
                recoveryDto.setNotificationType("EMAIL");
                recoveryDto.setTenantId(userStoreManager.getTenantId());
                NotificationDataDTO notificationDto = null;
                try {
                    notificationDto = processor.recoverWithNotification(recoveryDto);
                } catch (IdentityException e) {
                    // roleback user
                    userStoreManager.deleteUser(userName);
                    throw new UserStoreException("Error while sending notification for user : " + userName, e);
                }
                return notificationDto != null && notificationDto.isNotificationSent();
            }
            // No account recoveries are defined, no email will be sent.
            if (config.isAuthPolicyAccountLockOnCreation()) {
                // accounts are locked. Admin should unlock
                userIdentityClaimsDO.getUserDataMap().put(UserIdentityDataStore.ACCOUNT_LOCKED_REASON, IdentityMgtConstants.LockedReason.UNVERIFIED.toString());
                userIdentityClaimsDO.setAccountLock(true);
                try {
                    config.getIdentityDataStore().store(userIdentityClaimsDO, userStoreManager);
                } catch (IdentityException e) {
                    // roleback user
                    userStoreManager.deleteUser(userName);
                    throw new UserStoreException("Error while saving user store data for user : " + userName, e);
                }
            }
            // When claims available in user add request like http://wso2.org/claims/identity/accountLocked
            if (!config.isEnableUserAccountVerification() && !config.isAuthPolicyAccountLockOnCreation() && userIdentityClaimsDO != null) {
                try {
                    if (log.isDebugEnabled()) {
                        log.debug("Storing identity-mgt claims since they are available in the addUser request");
                    }
                    module.store(userIdentityClaimsDO, userStoreManager);
                } catch (IdentityException e) {
                    // roleback user
                    userStoreManager.deleteUser(userName);
                    throw new UserStoreException("Error while saving user store data for user : " + userName, e);
                }
            }
        }
        return true;
    } finally {
        // Remove thread local variable
        IdentityUtil.threadLocalProperties.get().remove(DO_POST_ADD_USER);
        IdentityUtil.threadLocalProperties.get().remove(EMPTY_PASSWORD_USED);
        IdentityUtil.threadLocalProperties.get().remove(USER_IDENTITY_DO);
    }
}

Example 9 with UserRecoveryDataDO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO in project carbon-identity-framework by wso2.

the class RecoveryProcessor method createConfirmationCode.

public void createConfirmationCode(UserDTO userDTO, String code) throws IdentityException {
    String key = UUID.randomUUID().toString();
    UserRecoveryDataDO dataDO = new UserRecoveryDataDO(userDTO.getUserId(), userDTO.getTenantId(), key, code);
    dataStore.invalidate(userDTO.getUserId(), userDTO.getTenantId());
    dataStore.store(dataDO);
}

Example 10 with UserRecoveryDataDO

use of org.wso2.carbon.identity.mgt.dto.UserRecoveryDataDO in project carbon-identity-framework by wso2.

the class RecoveryProcessor method verifyConfirmationCode.

/**
 * This method is used to verify the confirmation code supplied by user. This invalidates
 * the current code and generates a new code and send to user.
 *
 * @param sequence TODO
 * @param username TODO
 * @param code
 * @param userDto
 * @return
 * @throws IdentityException
 */
public VerificationBean verifyConfirmationCode(int sequence, String username, String code) throws IdentityException {
    UserRecoveryDataDO dataDO = null;
    String internalCode = getUserInternalCodeStr(sequence, username, code);
    try {
        dataDO = dataStore.load(internalCode);
        if (dataDO != null && sequence != 2 && sequence != 40) {
            if (dataStore instanceof RegistryRecoveryDataStore) {
                dataStore.invalidate(internalCode);
            } else {
                dataStore.invalidate(dataDO);
            }
        }
    } catch (IdentityException e) {
        throw IdentityException.error("Error loading recovery data for user : " + username, e);
    }
    if (dataDO == null && (sequence == 30 || sequence == 20)) {
        return new VerificationBean(false);
    }
    if (dataDO == null) {
        throw IdentityException.error("Invalid confirmation code");
    }
    if (!dataDO.isValid()) {
        throw IdentityException.error("Expired code");
    } else {
        return new VerificationBean(true);
    }
}