use of org.wso2.carbon.identity.mgt.store.RegistryRecoveryDataStore in project carbon-identity-framework by wso2.
the class RecoveryProcessor method verifyConfirmationCode.
/**
* This method is used to verify the confirmation code supplied by user. This invalidates
* the current code and generates a new code and send to user.
*
* @param sequence TODO
* @param username TODO
* @param code
* @param userDto
* @return
* @throws IdentityException
*/
public VerificationBean verifyConfirmationCode(int sequence, String username, String code) throws IdentityException {
UserRecoveryDataDO dataDO = null;
String internalCode = getUserInternalCodeStr(sequence, username, code);
try {
dataDO = dataStore.load(internalCode);
if (dataDO != null && sequence != 2 && sequence != 40) {
if (dataStore instanceof RegistryRecoveryDataStore) {
dataStore.invalidate(internalCode);
} else {
dataStore.invalidate(dataDO);
}
}
} catch (IdentityException e) {
throw IdentityException.error("Error loading recovery data for user : " + username, e);
}
if (dataDO == null && (sequence == 30 || sequence == 20)) {
return new VerificationBean(false);
}
if (dataDO == null) {
throw IdentityException.error("Invalid confirmation code");
}
if (!dataDO.isValid()) {
throw IdentityException.error("Expired code");
} else {
return new VerificationBean(true);
}
}
Aggregations