Example 1 with ChallengeQuestionsResponse
use of org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse in project identity-governance by wso2-extensions.
the class RecoveryUtil method getInitiateQuestionResponseDTO.
public static InitiateAllQuestionResponseDTO getInitiateQuestionResponseDTO(ChallengeQuestionsResponse challengeQuestionsResponse) {
InitiateAllQuestionResponseDTO initiateAllQuestionResponseDTO = new InitiateAllQuestionResponseDTO();
List<QuestionDTO> questionDTOs = new ArrayList<>();
for (ChallengeQuestion challengeQuestion : challengeQuestionsResponse.getQuestion()) {
QuestionDTO questionDTO = new QuestionDTO();
questionDTO.setQuestion(challengeQuestion.getQuestion());
questionDTO.setQuestionSetId(challengeQuestion.getQuestionSetId());
questionDTOs.add(questionDTO);
}
initiateAllQuestionResponseDTO.setQuestions(questionDTOs);
initiateAllQuestionResponseDTO.setKey(challengeQuestionsResponse.getCode());
LinkDTO linkDTO = new LinkDTO();
linkDTO.setRel("validate-answer");
linkDTO.setUri("/api/identity/recovery/v0.9");
initiateAllQuestionResponseDTO.setLink(linkDTO);
return initiateAllQuestionResponseDTO;
}
Also used :
InitiateAllQuestionResponseDTO(org.wso2.carbon.identity.recovery.endpoint.dto.InitiateAllQuestionResponseDTO)
LinkDTO(org.wso2.carbon.identity.recovery.endpoint.dto.LinkDTO)
ArrayList(java.util.ArrayList)
QuestionDTO(org.wso2.carbon.identity.recovery.endpoint.dto.QuestionDTO)
ChallengeQuestion(org.wso2.carbon.identity.recovery.model.ChallengeQuestion)
Example 2 with ChallengeQuestionsResponse
use of org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse in project identity-governance by wso2-extensions.
the class SecurityQuestionsApiServiceImpl method securityQuestionsGet.
@Override
public Response securityQuestionsGet(String username, String realm, String tenantDomain) {
if (IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT) != null) {
tenantDomain = (String) IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT);
}
User user = new User();
user.setUserName(username);
if (StringUtils.isBlank(tenantDomain)) {
user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
} else {
user.setTenantDomain(tenantDomain);
}
int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
if (StringUtils.isBlank(realm)) {
String[] userList = RecoveryUtil.getUserList(tenantId, username);
if (ArrayUtils.isEmpty(userList)) {
String msg = "Unable to find an user with username: " + username + " in the system.";
LOG.error(msg);
} else if (userList.length == 1) {
user.setUserStoreDomain(IdentityUtil.extractDomainFromName(userList[0]));
} else {
String msg = "There are multiple users with username: " + username + " in the system, " + "please send the correct user-store domain along with the username.";
LOG.error(msg);
RecoveryUtil.handleBadRequest(msg, Constants.ERROR_CODE_MULTIPLE_USERS_MATCHING);
}
}
InitiateAllQuestionResponseDTO initiateAllQuestionResponseDTO = null;
SecurityQuestionPasswordRecoveryManager securityQuestionBasedPwdRecoveryManager = RecoveryUtil.getSecurityQuestionBasedPwdRecoveryManager();
try {
ChallengeQuestionsResponse challengeQuestionResponse = securityQuestionBasedPwdRecoveryManager.initiateUserChallengeQuestionAtOnce(user);
initiateAllQuestionResponseDTO = RecoveryUtil.getInitiateQuestionResponseDTO(challengeQuestionResponse);
} catch (IdentityRecoveryClientException e) {
if (LOG.isDebugEnabled()) {
LOG.debug("Client Error while initiating password recovery flow at once using security questions ", e);
}
if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND.getCode().equals(e.getErrorCode())) {
return Response.noContent().build();
}
RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
} catch (IdentityRecoveryException e) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
} catch (Throwable throwable) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
}
return Response.ok(initiateAllQuestionResponseDTO).build();
}
Also used :
User(org.wso2.carbon.identity.application.common.model.User)
InitiateAllQuestionResponseDTO(org.wso2.carbon.identity.recovery.endpoint.dto.InitiateAllQuestionResponseDTO)
ChallengeQuestionsResponse(org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse)
IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException)
SecurityQuestionPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager)
IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)
Example 3 with ChallengeQuestionsResponse
use of org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse in project identity-governance by wso2-extensions.
the class SecurityQuestionPasswordRecoveryManager method initiateUserChallengeQuestionAtOnce.
public ChallengeQuestionsResponse initiateUserChallengeQuestionAtOnce(User user) throws IdentityRecoveryException {
String challengeQuestionSeparator = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.QUESTION_CHALLENGE_SEPARATOR);
if (StringUtils.isEmpty(challengeQuestionSeparator)) {
challengeQuestionSeparator = IdentityRecoveryConstants.DEFAULT_CHALLENGE_QUESTION_SEPARATOR;
}
if (StringUtils.isBlank(user.getTenantDomain())) {
user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
log.info("initiateUserChallengeQuestionAtOnce :Tenant domain is not in the request. set to default for user : " + user.getUserName());
}
if (StringUtils.isBlank(user.getUserStoreDomain())) {
user.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
log.info("initiateUserChallengeQuestionAtOnce :User store domain is not in the request. set to default for user" + " : " + user.getUserName());
}
boolean isRecoveryEnable = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.QUESTION_BASED_PW_RECOVERY, user.getTenantDomain()));
if (!isRecoveryEnable) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_QUESTION_BASED_RECOVERY_NOT_ENABLE, null);
}
boolean isNotificationInternallyManaged = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.NOTIFICATION_INTERNALLY_MANAGE, user.getTenantDomain()));
UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
userRecoveryDataStore.invalidate(user);
verifyUserExists(user);
if (Utils.isAccountDisabled(user)) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLED_ACCOUNT, null);
} else if (Utils.isAccountLocked(user)) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_LOCKED_ACCOUNT, null);
}
boolean isNotificationSendWhenInitiatingPWRecovery = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.NOTIFICATION_SEND_RECOVERY_SECURITY_START, user.getTenantDomain()));
if (isNotificationInternallyManaged && isNotificationSendWhenInitiatingPWRecovery) {
try {
triggerNotification(user, IdentityRecoveryConstants.NOTIFICATION_TYPE_PASSWORD_RESET_INITIATE, null);
} catch (Exception e) {
log.warn("Error while sending password reset initiating notification to user :" + user.getUserName());
}
}
int minNoOfQuestionsToAnswer = Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.QUESTION_MIN_NO_ANSWER, user.getTenantDomain()));
ChallengeQuestionManager challengeQuestionManager = ChallengeQuestionManager.getInstance();
String[] ids = challengeQuestionManager.getUserChallengeQuestionIds(user);
if (ids == null || ids.length == 0) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND, user.getUserName());
}
if (ids.length > minNoOfQuestionsToAnswer) {
ids = getRandomQuestionIds(ids, minNoOfQuestionsToAnswer);
}
ChallengeQuestion[] questions = new ChallengeQuestion[ids.length];
StringBuilder allChallengeQuestions = new StringBuilder();
for (int i = 0; i < ids.length; i++) {
questions[i] = challengeQuestionManager.getUserChallengeQuestion(user, ids[i]);
if (i == 0) {
allChallengeQuestions.append(ids[0]);
} else {
allChallengeQuestions.append(challengeQuestionSeparator).append(ids[i]);
}
}
ChallengeQuestionsResponse challengeQuestionResponse = new ChallengeQuestionsResponse(questions);
String secretKey = UUIDGenerator.generateUUID();
UserRecoveryData recoveryData = new UserRecoveryData(user, secretKey, RecoveryScenarios.QUESTION_BASED_PWD_RECOVERY, RecoverySteps.VALIDATE_ALL_CHALLENGE_QUESTION);
recoveryData.setRemainingSetIds(allChallengeQuestions.toString());
challengeQuestionResponse.setCode(secretKey);
userRecoveryDataStore.store(recoveryData);
return challengeQuestionResponse;
}
Also used :
UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData)
ChallengeQuestionsResponse(org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse)
UserRecoveryDataStore(org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)
ChallengeQuestionManager(org.wso2.carbon.identity.recovery.ChallengeQuestionManager)
IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException)
UserFunctionalityManagementClientException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementClientException)
UserFunctionalityManagementServerException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementServerException)
IdentityException(org.wso2.carbon.identity.base.IdentityException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IdentityRecoveryServerException(org.wso2.carbon.identity.recovery.IdentityRecoveryServerException)
IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)
UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)
IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException)
ChallengeQuestion(org.wso2.carbon.identity.recovery.model.ChallengeQuestion)
Aggregations
IdentityRecoveryClientException (org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)2
IdentityRecoveryException (org.wso2.carbon.identity.recovery.IdentityRecoveryException)2
ChallengeQuestionsResponse (org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse)2
InitiateAllQuestionResponseDTO (org.wso2.carbon.identity.recovery.endpoint.dto.InitiateAllQuestionResponseDTO)2
ChallengeQuestion (org.wso2.carbon.identity.recovery.model.ChallengeQuestion)2
ArrayList (java.util.ArrayList)1
User (org.wso2.carbon.identity.application.common.model.User)1
IdentityException (org.wso2.carbon.identity.base.IdentityException)1
IdentityEventException (org.wso2.carbon.identity.event.IdentityEventException)1
ChallengeQuestionManager (org.wso2.carbon.identity.recovery.ChallengeQuestionManager)1
IdentityRecoveryServerException (org.wso2.carbon.identity.recovery.IdentityRecoveryServerException)1
LinkDTO (org.wso2.carbon.identity.recovery.endpoint.dto.LinkDTO)1
QuestionDTO (org.wso2.carbon.identity.recovery.endpoint.dto.QuestionDTO)1
UserRecoveryData (org.wso2.carbon.identity.recovery.model.UserRecoveryData)1
SecurityQuestionPasswordRecoveryManager (org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager)1
UserRecoveryDataStore (org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)1
UserFunctionalityManagementClientException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementClientException)1
UserFunctionalityManagementException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)1
UserFunctionalityManagementServerException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementServerException)1
UserStoreException (org.wso2.carbon.user.api.UserStoreException)1
