use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project carbon-identity-framework by wso2.
the class UserIdentityManagementUtil method updateUserIdentityClaims.
/**
* Updates users recovery data such as the phone number, email etc
*
* @param userStoreManager
* @param userIdentityRecoveryData
* @throws IdentityException
*/
public static void updateUserIdentityClaims(String userName, UserStoreManager userStoreManager, UserIdentityClaimDTO[] userIdentityRecoveryData) throws IdentityException {
UserIdentityDataStore store = IdentityMgtConfig.getInstance().getIdentityDataStore();
UserIdentityClaimsDO userIdentityDO = store.load(userName, userStoreManager);
if (userIdentityDO != null) {
userIdentityDO.updateUserIdentityRecoveryData(userIdentityRecoveryData);
store.store(userIdentityDO, userStoreManager);
} else {
throw IdentityException.error("No user account found for user " + userName);
}
}
use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project carbon-identity-framework by wso2.
the class IdentityMgtEventListener method doPreUpdateCredential.
/**
* This method is used to check pre conditions when changing the user
* password.
*/
@Override
public boolean doPreUpdateCredential(String userName, Object newCredential, Object oldCredential, UserStoreManager userStoreManager) throws UserStoreException {
if (!isEnable()) {
return true;
}
if (log.isDebugEnabled()) {
log.debug("Pre update credential is called in IdentityMgtEventListener");
}
try {
if (!IdentityUtil.threadLocalProperties.get().containsKey(DO_PRE_UPDATE_CREDENTIAL)) {
IdentityUtil.threadLocalProperties.get().put(DO_PRE_UPDATE_CREDENTIAL, true);
IdentityMgtConfig config = IdentityMgtConfig.getInstance();
UserIdentityDataStore identityDataStore = IdentityMgtConfig.getInstance().getIdentityDataStore();
UserIdentityClaimsDO identityDTO = identityDataStore.load(userName, userStoreManager);
boolean isAccountDisabled = false;
if (identityDTO != null) {
isAccountDisabled = identityDTO.getIsAccountDisabled();
} else {
throw new UserStoreException("Cannot get the user account active status.");
}
if (isAccountDisabled) {
IdentityErrorMsgContext customErrorMessageContext = new IdentityErrorMsgContext(IdentityCoreConstants.USER_ACCOUNT_DISABLED_ERROR_CODE);
IdentityUtil.setIdentityErrorMsg(customErrorMessageContext);
// account is already disabled and trying to update the credential without enabling it
log.warn("Trying to update credential of a disabled user account. This is not permitted.");
throw new UserStoreException("User account is disabled, can't update credential without enabling.");
}
try {
// Enforcing the password policies.
if (newCredential != null && (newCredential instanceof String && (newCredential.toString().trim().length() > 0))) {
policyRegistry.enforcePasswordPolicies(newCredential.toString(), userName);
}
} catch (PolicyViolationException pe) {
throw new UserStoreException(pe.getMessage(), pe);
}
}
return true;
} finally {
// Remove thread local variable
IdentityUtil.threadLocalProperties.get().remove(DO_PRE_UPDATE_CREDENTIAL);
}
}
use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project carbon-identity-framework by wso2.
the class IdentityMgtEventListener method doPreUpdateCredentialByAdmin.
/**
* This method is used when the admin is updating the credentials with an
* empty credential. A random password will be generated and will be mailed
* to the user.
*/
@Override
public boolean doPreUpdateCredentialByAdmin(String userName, Object newCredential, UserStoreManager userStoreManager) throws UserStoreException {
if (!isEnable()) {
return true;
}
if (log.isDebugEnabled()) {
log.debug("Pre update credential by admin is called in IdentityMgtEventListener");
}
// Top level try and finally blocks are used to unset thread local variables
try {
if (!IdentityUtil.threadLocalProperties.get().containsKey(DO_PRE_UPDATE_CREDENTIAL_BY_ADMIN)) {
IdentityUtil.threadLocalProperties.get().put(DO_PRE_UPDATE_CREDENTIAL_BY_ADMIN, true);
IdentityMgtConfig config = IdentityMgtConfig.getInstance();
UserIdentityDataStore identityDataStore = IdentityMgtConfig.getInstance().getIdentityDataStore();
UserIdentityClaimsDO identityDTO = identityDataStore.load(userName, userStoreManager);
boolean isAccountDisabled = false;
if (identityDTO != null) {
isAccountDisabled = identityDTO.getIsAccountDisabled();
} else {
throw new UserStoreException("Cannot get the user account active status.");
}
if (isAccountDisabled) {
IdentityErrorMsgContext customErrorMessageContext = new IdentityErrorMsgContext(IdentityCoreConstants.USER_ACCOUNT_DISABLED_ERROR_CODE);
IdentityUtil.setIdentityErrorMsg(customErrorMessageContext);
// account is already disabled and trying to update the credential without enabling it
log.warn("Trying to update credential of a disabled user account. This is not permitted.");
throw new UserStoreException("User account is disabled, can't update credential without enabling.");
}
try {
// Enforcing the password policies.
if (newCredential != null && (newCredential instanceof StringBuffer && (newCredential.toString().trim().length() > 0))) {
policyRegistry.enforcePasswordPolicies(newCredential.toString(), userName);
}
} catch (PolicyViolationException pe) {
throw new UserStoreException(pe.getMessage(), pe);
}
if (newCredential == null || (newCredential instanceof StringBuffer && ((StringBuffer) newCredential).toString().trim().length() < 1)) {
if (!config.isEnableTemporaryPassword()) {
log.error("Empty passwords are not allowed");
return false;
}
if (log.isDebugEnabled()) {
log.debug("Credentials are null. Using a temporary password as credentials");
}
// temporary passwords will be used
char[] temporaryPassword = UserIdentityManagementUtil.generateTemporaryPassword();
// setting the password value
((StringBuffer) newCredential).replace(0, temporaryPassword.length, new String(temporaryPassword));
UserIdentityMgtBean bean = new UserIdentityMgtBean();
bean.setUserId(userName);
bean.setConfirmationCode(newCredential.toString());
bean.setRecoveryType(IdentityMgtConstants.Notification.TEMPORARY_PASSWORD);
if (log.isDebugEnabled()) {
log.debug("Sending the temporary password to the user " + userName);
}
UserIdentityManagementUtil.notifyViaEmail(bean);
} else {
if (log.isDebugEnabled()) {
log.debug("Updating credentials of user " + userName + " by admin with a non-empty password");
}
}
}
return true;
} finally {
// Remove thread local variable
IdentityUtil.threadLocalProperties.get().remove(DO_PRE_UPDATE_CREDENTIAL_BY_ADMIN);
}
}
use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project identity-governance by wso2-extensions.
the class IdentityStoreEventListenerTest method testDoPostGetUserClaimValues.
@Test(dataProvider = "getUserClaimHandler")
public void testDoPostGetUserClaimValues(String userName, Object pwd, String[] claimList, Map<String, String> claims, String prof) throws Exception {
realmConfiguration = mock(RealmConfiguration.class);
userIdentityDataStore = mock(UserIdentityDataStore.class);
Field fieldIdentityStore = IdentityStoreEventListener.class.getDeclaredField("identityDataStore");
fieldIdentityStore.setAccessible(true);
fieldIdentityStore.set(identityStoreEventListener, userIdentityDataStore);
Assert.assertTrue(identityStoreEventListener.doPostGetUserClaimValues(userName, claimList, prof, claims, userStoreManager));
}
use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project identity-governance by wso2-extensions.
the class IdentityStoreEventListenerTest method testDoPostDeleteUser.
@Test
public void testDoPostDeleteUser() throws Exception {
userStoreManager = mock(UserStoreManager.class);
realmConfiguration = mock(RealmConfiguration.class);
userIdentityDataStore = mock(UserIdentityDataStore.class);
String username = "user1";
Field fieldIdentityStore = IdentityStoreEventListener.class.getDeclaredField("identityDataStore");
fieldIdentityStore.setAccessible(true);
fieldIdentityStore.set(identityStoreEventListener, userIdentityDataStore);
doAnswer(new Answer() {
@Override
public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
return null;
}
}).when(userIdentityDataStore).remove(username, userStoreManager);
Assert.assertTrue(identityStoreEventListener.doPostDeleteUser(username, userStoreManager));
}
Aggregations