Examples with IdentityRecoveryClientException org.wso2.carbon.identity.recovery.IdentityRecoveryClientException used on opensource projects

Example 11 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class UserSelfRegistrationHandler method isNotificationChannelVerified.

/**
 * Checks whether the notification channel is already verified for the user.
 *
 * @param username            Username
 * @param tenantDomain        Tenant domain
 * @param notificationChannel Notification channel
 * @param eventProperties     Properties related to the event
 * @return True if the channel is already verified.
 */
private boolean isNotificationChannelVerified(String username, String tenantDomain, String notificationChannel, Map<String, Object> eventProperties) throws IdentityRecoveryClientException {
    boolean isEnableAccountLockForVerifiedPreferredChannelEnabled = Boolean.parseBoolean(IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ACCOUNT_LOCK_FOR_VERIFIED_PREFERRED_CHANNEL));
    if (!isEnableAccountLockForVerifiedPreferredChannelEnabled) {
        if (log.isDebugEnabled()) {
            String message = String.format("SkipAccountLockOnVerifiedPreferredChannel is enabled for user : %s in domain : %s. " + "Checking whether the user is already verified", username, tenantDomain);
            log.debug(message);
        }
        // Get the notification channel which matches the given channel type.
        NotificationChannels channel = getNotificationChannel(username, notificationChannel);
        // Get the matching claim uri for the channel.
        String verifiedClaimUri = channel.getVerifiedClaimUrl();
        // Get the verified status for given channel.
        boolean notificationChannelVerified = Boolean.parseBoolean((String) eventProperties.get(verifiedClaimUri));
        if (notificationChannelVerified) {
            if (log.isDebugEnabled()) {
                String message = String.format("Preferred Notification channel : %1$s is verified for the user : %2$s " + "in domain : %3$s. Therefore, no notifications will be sent.", notificationChannel, username, tenantDomain);
                log.debug(message);
            }
        }
        return notificationChannelVerified;
    }
    return false;
}

Example 12 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class ChallengeAnswerValidationHandler method validateChallengeAnswerUniqueness.

/**
 * Validate the uniqueness of a given answer.
 *
 * @param newChallengeAnswers      Newly added challenge question answers.
 * @param existingChallengeAnswers Existing challenge question answers.
 * @throws IdentityRecoveryServerException Error while hashing the newly added answers.
 * @throws IdentityRecoveryClientException Error while validating the answer uniqueness.
 */
private void validateChallengeAnswerUniqueness(List<UserChallengeAnswer> newChallengeAnswers, List<UserChallengeAnswer> existingChallengeAnswers) throws IdentityRecoveryServerException, IdentityRecoveryClientException {
    Set<String> uniqueChallengeAnswerHashSet = new HashSet<>();
    for (UserChallengeAnswer existingChallengeAnswer : existingChallengeAnswers) {
        uniqueChallengeAnswerHashSet.add(existingChallengeAnswer.getAnswer().trim());
    }
    String hashedNewChallengeAnswer;
    for (UserChallengeAnswer userChallengeAnswer : newChallengeAnswers) {
        String challengeQuestion = userChallengeAnswer.getQuestion().getQuestion();
        try {
            hashedNewChallengeAnswer = Utils.doHash(userChallengeAnswer.getAnswer().trim().toLowerCase());
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_HASHING_ALGO, null);
        }
        if (!uniqueChallengeAnswerHashSet.add(hashedNewChallengeAnswer)) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("The challenge question answer is not unique. The given answer for " + "the challenge question '%s' has been used more than once.", challengeQuestion));
            }
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NOT_UNIQUE_ANSWER, challengeQuestion);
        }
    }
}

Example 13 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class ChallengeAnswerValidationHandler method handleEvent.

@Override
public void handleEvent(Event event) throws IdentityEventException {
    String eventName = event.getEventName();
    Map<String, Object> eventProperties = event.getEventProperties();
    UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get(IdentityEventConstants.EventProperty.USER_STORE_MANAGER);
    User user = (User) eventProperties.get(IdentityEventConstants.EventProperty.USER);
    UserChallengeAnswer[] userChallengeAnswers = (UserChallengeAnswer[]) eventProperties.get(IdentityEventConstants.EventProperty.USER_CHALLENGE_ANSWERS);
    Map<String, String> existingQuestionAndAnswers = (Map<String, String>) eventProperties.get(IdentityEventConstants.EventProperty.USER_OLD_CHALLENGE_ANSWERS);
    user.setUserStoreDomain(userStoreManager.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME));
    if (IdentityEventConstants.Event.PRE_SET_CHALLENGE_QUESTION_ANSWERS.equals(eventName)) {
        try {
            validateChallengeAnswers(user, userChallengeAnswers, existingQuestionAndAnswers);
        } catch (IdentityRecoveryClientException e) {
            throw new IdentityEventClientException(e.getErrorCode(), e.getMessage(), e);
        } catch (IdentityRecoveryServerException e) {
            throw new IdentityEventServerException(e.getErrorCode(), e.getMessage(), e);
        }
    }
}

Example 14 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class ConfigStoreFunctionalityLockPropertyHandler method getConfigStoreProperties.

public Map<String, String> getConfigStoreProperties(String tenantDomain, String functionalityIdentifier) throws IdentityRecoveryClientException {
    Map<String, String> properties;
    try {
        FrameworkUtils.startTenantFlow(tenantDomain);
        try {
            if (isFunctionalityLockResourceTypeExists()) {
                Resource resource = IdentityRecoveryServiceDataHolder.getInstance().getConfigurationManager().getResource(IdentityRecoveryConstants.FUNCTIONALITY_LOCK_RESOURCE_TYPE, functionalityIdentifier);
                properties = new ResourceToProperties().apply(resource);
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("User Functionality properties are not configured. Resorting to default values.");
                }
                return getDefaultConfigurationPropertiesMap();
            }
        } catch (ConfigurationManagementException e) {
            StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_FETCH_RESOURCE_FROM_CONFIG_STORE.getMessage());
            if (isDetailedErrorMessagesEnabled) {
                message.append("\nresource type: ").append(IdentityRecoveryConstants.FUNCTIONALITY_LOCK_RESOURCE_TYPE);
                message.append("\nresource: ").append(functionalityIdentifier);
            }
            throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_FETCH_RESOURCE_FROM_CONFIG_STORE.getCode(), message.toString());
        }
    } finally {
        FrameworkUtils.endTenantFlow();
    }
    return properties;
}

Example 15 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class ChallengeQuestionManager method checkChallengeQuestionExists.

/**
 * Check whether an answered challenge question actually exists in the tenant registry
 *
 * @param userChallengeAnswers
 * @param tenantDomain
 * @throws IdentityRecoveryClientException
 */
private void checkChallengeQuestionExists(UserChallengeAnswer[] userChallengeAnswers, String tenantDomain) throws IdentityRecoveryException {
    for (UserChallengeAnswer challengeAnswer : userChallengeAnswers) {
        ChallengeQuestion challengeQuestion = challengeAnswer.getQuestion();
        // if challenge question details are missing in the challenge answer we can't proceed further
        if (challengeQuestion == null) {
            throw Utils.handleClientException(ERROR_CODE_CHALLENG_ANSWER_MISSING, null);
        }
        if (StringUtils.isBlank(challengeQuestion.getQuestion())) {
            throw Utils.handleClientException(ERROR_CODE_INVALID_CHALLENGE_QUESTION_VALUE, null);
        }
        String locale = validateLocale(challengeQuestion.getLocale());
        List<ChallengeQuestion> challengeQuestions = getAllChallengeQuestions(tenantDomain, locale);
        boolean isQuestionAvailable = false;
        for (ChallengeQuestion availableQuestion : challengeQuestions) {
            if (StringUtils.equals(availableQuestion.getQuestionSetId(), challengeQuestion.getQuestionSetId().trim()) && StringUtils.equals(availableQuestion.getQuestion().trim(), challengeQuestion.getQuestion().trim())) {
                isQuestionAvailable = true;
            }
        }
        if (!isQuestionAvailable) {
            String error = "Error persisting user challenge answers for user. " + "Challenge question answered is not registered with %s domain.";
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND, String.format(error, tenantDomain));
        }
    }
}