Example 1 with RecoverySteps
use of org.wso2.carbon.identity.recovery.RecoverySteps in project identity-governance by wso2-extensions.
the class UserAccountRecoveryManager method getUserRecoveryData.
/**
* Validate the code.
*
* @param code Code given for recovery
* @param step Recovery step
* @throws IdentityRecoveryException If an error occurred while validating the recoveryId.
*/
public UserRecoveryData getUserRecoveryData(String code, RecoverySteps step) throws IdentityRecoveryException {
UserRecoveryData recoveryData;
UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
try {
// Retrieve recovery data bound to the recoveryId.
recoveryData = userRecoveryDataStore.load(code);
} catch (IdentityRecoveryException e) {
// Map code expired error to new error codes for user account recovery.
if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CODE.getCode().equals(e.getErrorCode())) {
e.setErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_RECOVERY_CODE.getCode());
} else if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_EXPIRED_CODE.getCode().equals(e.getErrorCode())) {
e.setErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_EXPIRED_RECOVERY_CODE.getCode());
} else {
e.setErrorCode(Utils.prependOperationScenarioToErrorCode(e.getErrorCode(), IdentityRecoveryConstants.USER_ACCOUNT_RECOVERY));
}
throw e;
}
if (recoveryData == null) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_ACCOUNT_RECOVERY_DATA, code);
}
if (!step.equals(recoveryData.getRecoveryStep())) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_RECOVERY_CODE, code);
}
return recoveryData;
}
Also used :
UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData)
UserRecoveryDataStore(org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)
IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException)
Example 2 with RecoverySteps
use of org.wso2.carbon.identity.recovery.RecoverySteps in project identity-governance by wso2-extensions.
the class JDBCRecoveryDataStore method load.
@Override
public UserRecoveryData load(User user) throws IdentityRecoveryException {
handleRecoveryDataEventPublishing(PRE_GET_USER_RECOVERY_DATA, GET_USER_RECOVERY_DATA_SCENARIO_WITH_CODE_EXPIRY_VALIDATION, null, null, null, user, new UserRecoveryData(user, null, null, null));
PreparedStatement prepStmt = null;
ResultSet resultSet = null;
Connection connection = IdentityDatabaseUtil.getDBConnection(false);
String code = null;
UserRecoveryData userRecoveryData = null;
Boolean isOperationSuccess = false;
Enum description = ERROR_CODE_RECOVERY_DATA_NOT_FOUND_FOR_USER;
try {
String sql;
if (IdentityUtil.isUserStoreCaseSensitive(user.getUserStoreDomain(), IdentityTenantUtil.getTenantId(user.getTenantDomain()))) {
sql = IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER;
} else {
sql = IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER_CASE_INSENSITIVE;
}
prepStmt = connection.prepareStatement(sql);
prepStmt.setString(1, user.getUserName());
prepStmt.setString(2, user.getUserStoreDomain().toUpperCase());
prepStmt.setInt(3, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
resultSet = prepStmt.executeQuery();
if (resultSet.next()) {
Timestamp timeCreated = resultSet.getTimestamp("TIME_CREATED", Calendar.getInstance(TimeZone.getTimeZone(UTC)));
RecoveryScenarios scenario = RecoveryScenarios.valueOf(resultSet.getString("SCENARIO"));
RecoverySteps step = RecoverySteps.valueOf(resultSet.getString("STEP"));
code = resultSet.getString("CODE");
String remainingSets = resultSet.getString("REMAINING_SETS");
userRecoveryData = new UserRecoveryData(user, code, scenario, step);
if (isCodeExpired(user.getTenantDomain(), scenario, step, timeCreated.getTime(), remainingSets)) {
isOperationSuccess = false;
description = ERROR_CODE_EXPIRED_CODE;
throw Utils.handleClientException(ERROR_CODE_EXPIRED_CODE, code);
}
if (StringUtils.isNotBlank(remainingSets)) {
userRecoveryData.setRemainingSetIds(resultSet.getString("REMAINING_SETS"));
}
isOperationSuccess = true;
description = null;
return userRecoveryData;
}
} catch (SQLException e) {
isOperationSuccess = false;
description = ERROR_CODE_UNEXPECTED;
throw Utils.handleServerException(ERROR_CODE_UNEXPECTED, null, e);
} finally {
handleRecoveryDataEventPublishing(POST_GET_USER_RECOVERY_DATA, GET_USER_RECOVERY_DATA_SCENARIO_WITH_CODE_EXPIRY_VALIDATION, isOperationSuccess, description, code, user, userRecoveryData);
IdentityDatabaseUtil.closeAllConnections(connection, resultSet, prepStmt);
}
return null;
}
Also used :
RecoveryScenarios(org.wso2.carbon.identity.recovery.RecoveryScenarios)
RecoverySteps(org.wso2.carbon.identity.recovery.RecoverySteps)
UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData)
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
Timestamp(java.sql.Timestamp)
Example 3 with RecoverySteps
use of org.wso2.carbon.identity.recovery.RecoverySteps in project identity-governance by wso2-extensions.
the class JDBCRecoveryDataStore method loadWithoutCodeExpiryValidation.
@Override
public UserRecoveryData loadWithoutCodeExpiryValidation(User user, Enum recoveryScenario) throws IdentityRecoveryException {
handleRecoveryDataEventPublishing(PRE_GET_USER_RECOVERY_DATA, GET_USER_RECOVERY_DATA_SCENARIO_WITHOUT_CODE_EXPIRY_VALIDATION, null, null, null, user, new UserRecoveryData(user, null, recoveryScenario, null));
PreparedStatement prepStmt = null;
ResultSet resultSet = null;
Connection connection = IdentityDatabaseUtil.getDBConnection(false);
UserRecoveryData userRecoveryData = null;
String code = null;
Boolean isOperationSuccess = false;
Enum description = ERROR_CODE_RECOVERY_DATA_NOT_FOUND_FOR_USER;
try {
String sql;
if (IdentityUtil.isUserStoreCaseSensitive(user.getUserStoreDomain(), IdentityTenantUtil.getTenantId(user.getTenantDomain()))) {
sql = IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER_BY_SCENARIO;
} else {
sql = IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER_BY_SCENARIO_CASE_INSENSITIVE;
}
prepStmt = connection.prepareStatement(sql);
prepStmt.setString(1, user.getUserName());
prepStmt.setString(2, String.valueOf(recoveryScenario));
prepStmt.setString(3, user.getUserStoreDomain().toUpperCase());
prepStmt.setInt(4, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
resultSet = prepStmt.executeQuery();
if (resultSet.next()) {
RecoveryScenarios scenario = RecoveryScenarios.valueOf(resultSet.getString("SCENARIO"));
RecoverySteps step = RecoverySteps.valueOf(resultSet.getString("STEP"));
Timestamp timeCreated = resultSet.getTimestamp("TIME_CREATED", Calendar.getInstance(TimeZone.getTimeZone(UTC)));
code = resultSet.getString("CODE");
userRecoveryData = new UserRecoveryData(user, code, scenario, step, timeCreated);
if (StringUtils.isNotBlank(resultSet.getString("REMAINING_SETS"))) {
userRecoveryData.setRemainingSetIds(resultSet.getString("REMAINING_SETS"));
}
return userRecoveryData;
}
} catch (SQLException e) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, null, e);
} finally {
IdentityDatabaseUtil.closeAllConnections(connection, resultSet, prepStmt);
}
return null;
}
Also used :
RecoveryScenarios(org.wso2.carbon.identity.recovery.RecoveryScenarios)
RecoverySteps(org.wso2.carbon.identity.recovery.RecoverySteps)
UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData)
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
Timestamp(java.sql.Timestamp)
Example 4 with RecoverySteps
use of org.wso2.carbon.identity.recovery.RecoverySteps in project identity-governance by wso2-extensions.
the class JDBCRecoveryDataStore method loadWithoutCodeExpiryValidation.
@Override
public UserRecoveryData loadWithoutCodeExpiryValidation(User user) throws IdentityRecoveryException {
handleRecoveryDataEventPublishing(PRE_GET_USER_RECOVERY_DATA, GET_USER_RECOVERY_DATA_SCENARIO_WITHOUT_CODE_EXPIRY_VALIDATION, null, null, null, user, new UserRecoveryData(user, null, null, null));
PreparedStatement prepStmt = null;
ResultSet resultSet = null;
Connection connection = IdentityDatabaseUtil.getDBConnection(false);
UserRecoveryData userRecoveryData = null;
String code = null;
Boolean isOperationSuccess = false;
Enum description = ERROR_CODE_RECOVERY_DATA_NOT_FOUND_FOR_USER;
try {
String sql;
if (IdentityUtil.isUserStoreCaseSensitive(user.getUserStoreDomain(), IdentityTenantUtil.getTenantId(user.getTenantDomain()))) {
sql = IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER;
} else {
sql = IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER_CASE_INSENSITIVE;
}
prepStmt = connection.prepareStatement(sql);
prepStmt.setString(1, user.getUserName());
prepStmt.setString(2, user.getUserStoreDomain().toUpperCase());
prepStmt.setInt(3, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
resultSet = prepStmt.executeQuery();
if (resultSet.next()) {
RecoveryScenarios scenario = RecoveryScenarios.valueOf(resultSet.getString("SCENARIO"));
RecoverySteps step = RecoverySteps.valueOf(resultSet.getString("STEP"));
code = resultSet.getString("CODE");
Timestamp timeCreated = resultSet.getTimestamp("TIME_CREATED", Calendar.getInstance(TimeZone.getTimeZone(UTC)));
userRecoveryData = new UserRecoveryData(user, code, scenario, step, timeCreated);
if (StringUtils.isNotBlank(resultSet.getString("REMAINING_SETS"))) {
userRecoveryData.setRemainingSetIds(resultSet.getString("REMAINING_SETS"));
}
isOperationSuccess = true;
description = null;
return userRecoveryData;
}
} catch (SQLException e) {
isOperationSuccess = false;
description = ERROR_CODE_UNEXPECTED;
throw Utils.handleServerException(ERROR_CODE_UNEXPECTED, null, e);
} finally {
handleRecoveryDataEventPublishing(POST_GET_USER_RECOVERY_DATA, GET_USER_RECOVERY_DATA_SCENARIO_WITHOUT_CODE_EXPIRY_VALIDATION, isOperationSuccess, description, code, user, userRecoveryData);
IdentityDatabaseUtil.closeAllConnections(connection, resultSet, prepStmt);
}
return null;
}
Also used :
RecoveryScenarios(org.wso2.carbon.identity.recovery.RecoveryScenarios)
RecoverySteps(org.wso2.carbon.identity.recovery.RecoverySteps)
UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData)
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
Timestamp(java.sql.Timestamp)
Example 5 with RecoverySteps
use of org.wso2.carbon.identity.recovery.RecoverySteps in project identity-governance by wso2-extensions.
the class ResendConfirmationManager method resendConfirmation.
/**
* Resend confirmation information for the user bound to the resend code. The user will be notified via a channel
* recovered from the recovery data of the user.
*
* @param tenantDomain Tenant domain
* @param resendCode Previously issued confirmation code
* @param recoveryScenario Name of the recovery scenario
* {@link org.wso2.carbon.identity.recovery.RecoveryScenarios}
* @param recoveryStep Name of the recovery step {@link org.wso2.carbon.identity.recovery.RecoverySteps}
* @param notificationScenario Notification template name related to the recovery scenario (Eg: org.wso2.carbon
* .identity.recovery.IdentityRecoveryConstants
* .NOTIFICATION_TYPE_RESEND_PASSWORD_RESET
* @param properties Meta properties
* @return ResendConfirmationDTO {@link ResendConfirmationDTO} bean resend operation information
* @throws IdentityRecoveryException Error while sending confirmation info
*/
public ResendConfirmationDTO resendConfirmation(String tenantDomain, String resendCode, String recoveryScenario, String recoveryStep, String notificationScenario, Property[] properties) throws IdentityRecoveryException {
RecoverySteps step = RecoverySteps.getRecoveryStep(recoveryStep);
RecoveryScenarios scenario = RecoveryScenarios.getRecoveryScenario(recoveryScenario);
UserAccountRecoveryManager userAccountRecoveryManager = UserAccountRecoveryManager.getInstance();
// Get Recovery data.
UserRecoveryData userRecoveryData = userAccountRecoveryManager.getUserRecoveryData(resendCode, RecoverySteps.RESEND_CONFIRMATION_CODE);
User user = userRecoveryData.getUser();
// Validate the tenant domain and the recovery scenario in the request.
validateRequestAttributes(user, scenario, userRecoveryData.getRecoveryScenario(), tenantDomain, resendCode);
validateCallback(properties, user.getTenantDomain());
UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
String notificationChannel = validateNotificationChannel(userRecoveryData.getRemainingSetIds());
String confirmationCode;
UserRecoveryData confirmationCodeRecoveryData = userRecoveryDataStore.loadWithoutCodeExpiryValidation(user, scenario, step);
/* Checking whether the existing confirmation code can be used based on the email confirmation code tolerance
and the existing recovery details. */
if (Utils.reIssueExistingConfirmationCode(confirmationCodeRecoveryData, notificationChannel)) {
confirmationCode = confirmationCodeRecoveryData.getSecret();
} else {
userRecoveryDataStore.invalidate(user);
confirmationCode = Utils.generateSecretKey(notificationChannel, user.getTenantDomain(), recoveryScenario);
// Store new confirmation code.
addRecoveryDataObject(confirmationCode, notificationChannel, scenario, step, user);
}
ResendConfirmationDTO resendConfirmationDTO = new ResendConfirmationDTO();
// Notification needs to trigger if the notification channel is not equal to EXTERNAL.
if (!NotificationChannels.EXTERNAL_CHANNEL.getChannelType().equals(notificationChannel)) {
String eventName = Utils.resolveEventName(notificationChannel);
triggerNotification(user, notificationChannel, notificationScenario, confirmationCode, eventName, properties);
} else {
resendConfirmationDTO.setExternalConfirmationCode(confirmationCode);
}
resendCode = generateResendCode(notificationChannel, scenario, userRecoveryData);
resendConfirmationDTO.setNotificationChannel(notificationChannel);
resendConfirmationDTO.setResendCode(resendCode);
resendConfirmationDTO.setSuccessCode(IdentityRecoveryConstants.SuccessEvents.SUCCESS_STATUS_CODE_RESEND_CONFIRMATION_CODE.getCode());
resendConfirmationDTO.setSuccessMessage(IdentityRecoveryConstants.SuccessEvents.SUCCESS_STATUS_CODE_RESEND_CONFIRMATION_CODE.getMessage());
return resendConfirmationDTO;
}
Also used :
RecoverySteps(org.wso2.carbon.identity.recovery.RecoverySteps)
RecoveryScenarios(org.wso2.carbon.identity.recovery.RecoveryScenarios)
User(org.wso2.carbon.identity.application.common.model.User)
UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData)
ResendConfirmationDTO(org.wso2.carbon.identity.recovery.dto.ResendConfirmationDTO)
UserRecoveryDataStore(org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)
UserAccountRecoveryManager(org.wso2.carbon.identity.recovery.internal.service.impl.UserAccountRecoveryManager)
Aggregations
UserRecoveryData (org.wso2.carbon.identity.recovery.model.UserRecoveryData)6
RecoveryScenarios (org.wso2.carbon.identity.recovery.RecoveryScenarios)4
RecoverySteps (org.wso2.carbon.identity.recovery.RecoverySteps)4
Connection (java.sql.Connection)3
PreparedStatement (java.sql.PreparedStatement)3
ResultSet (java.sql.ResultSet)3
SQLException (java.sql.SQLException)3
Timestamp (java.sql.Timestamp)3
UserRecoveryDataStore (org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)3
IdentityRecoveryException (org.wso2.carbon.identity.recovery.IdentityRecoveryException)2
User (org.wso2.carbon.identity.application.common.model.User)1
ResendConfirmationDTO (org.wso2.carbon.identity.recovery.dto.ResendConfirmationDTO)1
UserAccountRecoveryManager (org.wso2.carbon.identity.recovery.internal.service.impl.UserAccountRecoveryManager)1
