Examples with IdentityRecoveryClientException org.wso2.carbon.identity.recovery.IdentityRecoveryClientException used on opensource projects

Example 21 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class ChallengeQuestionManagementAdminService method getChallengeQuestionsForUser.

/**
 * Get all challenge questions applicable for a user based on his locale. If we can't find any question in his
 * locale we return challenge questions from the default en_US locale.
 *
 * @param user
 * @return
 * @throws IdentityRecoveryServerException
 */
public ChallengeQuestion[] getChallengeQuestionsForUser(User user) throws IdentityRecoveryException {
    if (user == null) {
        log.error("User object provided is null.");
        throw new IdentityRecoveryClientException("User object provided is null.");
    }
    String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    List<ChallengeQuestion> challengeQuestionList;
    try {
        challengeQuestionList = questionManager.getAllChallengeQuestionsForUser(tenantDomain, user);
        return challengeQuestionList.toArray(new ChallengeQuestion[challengeQuestionList.size()]);
    } catch (IdentityRecoveryException e) {
        String errorMgs = "Error loading challenge questions for user : %s@%s.";
        log.error(String.format(errorMgs, user.getUserName(), tenantDomain), e);
        throw new IdentityRecoveryException(String.format(errorMgs, user.getUserName(), tenantDomain), e);
    }
}

Example 22 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class ChallengeQuestionManagementAdminService method getUserChallengeAnswers.

/**
 * Get Challenge question answers along with their encrypted answers of a user
 *
 * @param user
 * @return
 * @throws IdentityRecoveryException
 */
public UserChallengeAnswer[] getUserChallengeAnswers(User user) throws IdentityRecoveryException {
    if (user == null) {
        log.error("User object provided is null.");
        throw new IdentityRecoveryClientException("User object provided is null.");
    }
    String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(user.getUserName());
    String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    String loggedInName = CarbonContext.getThreadLocalCarbonContext().getUsername();
    // TODO externalize authorization
    if (tenantAwareUserName != null && !isValidUser(user.getUserStoreDomain(), tenantAwareUserName, loggedInName)) {
        boolean isAuthorized = isUserAuthorized(loggedInName, tenantDomain);
        if (!isAuthorized) {
            throw new IdentityRecoveryClientException("Unauthorized access!! Possible violation of confidentiality. " + "User " + loggedInName + " trying to get challenge questions for user " + tenantAwareUserName);
        }
    } else if (tenantAwareUserName == null) {
        tenantAwareUserName = loggedInName;
    }
    try {
        return questionManager.getChallengeAnswersOfUser(user);
    } catch (IdentityRecoveryException e) {
        String msg = "Error retrieving user challenge answers for " + tenantAwareUserName;
        log.error(msg, e);
        throw new IdentityRecoveryException(msg, e);
    }
}

Example 23 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class Utils method getUserStoreManager.

private static org.wso2.carbon.user.core.UserStoreManager getUserStoreManager(User user) throws IdentityRecoveryClientException, IdentityRecoveryServerException {
    org.wso2.carbon.user.core.UserStoreManager userStoreManager;
    // Validate method inputs.
    if (user == null) {
        throw handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_USER, "Invalid User Data provided.");
    }
    int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
    try {
        RealmService realmService = IdentityRecoveryServiceDataHolder.getInstance().getRealmService();
        if (realmService == null || realmService.getTenantUserRealm(tenantId) == null) {
            throw handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_LOAD_REALM_SERVICE, user.getTenantDomain());
        }
        userStoreManager = (org.wso2.carbon.user.core.UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
    } catch (UserStoreException e) {
        throw handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_LOAD_REALM_SERVICE, user.getTenantDomain(), e);
    }
    if (userStoreManager == null) {
        throw handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_LOAD_USER_STORE_MANAGER, null);
    }
    return userStoreManager;
}

Example 24 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class Utils method checkPasswordPatternViolation.

/**
 * Check if the exception contains a password pattern violation message and act accordingly
 *
 * @param exception An UserStoreException
 * @throws IdentityRecoveryClientException If exception's message contains a password pattern violation message
 */
public static void checkPasswordPatternViolation(UserStoreException exception, User user) throws IdentityRecoveryClientException {
    if (StringUtils.isBlank(exception.getMessage())) {
        return;
    }
    RealmConfiguration realmConfig = getRealmConfiguration(user);
    String passwordErrorMessage = realmConfig.getUserStoreProperty(PROPERTY_PASSWORD_ERROR_MSG);
    String exceptionMessage = exception.getMessage();
    if (((StringUtils.indexOfAny(exceptionMessage, pwdPatternViolations) >= 0) && StringUtils.containsIgnoreCase(exceptionMessage, passwordErrorMessage)) || exceptionMessage.contains(UserCoreErrorConstants.ErrorMessages.ERROR_CODE_INVALID_PASSWORD.getCode())) {
        if (StringUtils.isNotEmpty(passwordErrorMessage)) {
            throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_POLICY_VIOLATION.getCode(), passwordErrorMessage, exception);
        } else {
            String errorMessage = String.format(UserCoreErrorConstants.ErrorMessages.ERROR_CODE_INVALID_PASSWORD.getMessage(), realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_JAVA_REG_EX));
            throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_POLICY_VIOLATION.getCode(), errorMessage, exception);
        }
    }
}

Example 25 with IdentityRecoveryClientException

use of org.wso2.carbon.identity.recovery.IdentityRecoveryClientException in project identity-governance by wso2-extensions.

the class UserSelfRegistrationManager method isPreferredChannelVerified.

/**
 * Checks whether the notification channel is already verified for the user.
 *
 * @param username            Username
 * @param notificationChannel Notification channel
 * @param claimsMap           Properties related to the event
 * @return True if the channel is already verified
 * @throws IdentityRecoveryClientException Error while getting the notification channel
 */
private boolean isPreferredChannelVerified(String username, String notificationChannel, Map<String, String> claimsMap) throws IdentityRecoveryClientException {
    boolean isEnableAccountLockForVerifiedPreferredChannelEnabled = Boolean.parseBoolean(IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ACCOUNT_LOCK_FOR_VERIFIED_PREFERRED_CHANNEL));
    if (!isEnableAccountLockForVerifiedPreferredChannelEnabled) {
        NotificationChannels channel = getNotificationChannel(username, notificationChannel);
        // Get the matching claim uri for the channel.
        String verifiedClaimUri = channel.getVerifiedClaimUrl();
        // Get the verified status for given channel.
        String verifiedStatus = claimsMap.get(verifiedClaimUri);
        return StringUtils.isNotEmpty(verifiedStatus) && Boolean.parseBoolean(verifiedStatus);
    }
    return false;
}