Example 1 with InitiateQuestionResponseDTO
use of org.wso2.carbon.identity.recovery.endpoint.dto.InitiateQuestionResponseDTO in project identity-governance by wso2-extensions.
the class SecurityQuestionApiServiceImpl method securityQuestionGet.
@Override
public Response securityQuestionGet(String username, String realm, String tenantDomain) {
if (IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT) != null) {
tenantDomain = (String) IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT);
}
User user = new User();
user.setUserName(username);
if (StringUtils.isNotBlank(realm)) {
user.setUserStoreDomain(realm);
} else {
user.setUserStoreDomain(UserStoreConfigConstants.PRIMARY);
}
if (StringUtils.isBlank(tenantDomain)) {
user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
} else {
user.setTenantDomain(tenantDomain);
}
int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
if (StringUtils.isBlank(realm)) {
String[] userList = RecoveryUtil.getUserList(tenantId, username);
if (ArrayUtils.isEmpty(userList)) {
String msg = "Unable to find an user with username: " + username + " in the system.";
LOG.error(msg);
} else if (userList.length == 1) {
user.setUserStoreDomain(IdentityUtil.extractDomainFromName(userList[0]));
} else {
String msg = "There are multiple users with username: " + username + " in the system, " + "please send the correct user-store domain along with the username.";
LOG.error(msg);
RecoveryUtil.handleBadRequest(msg, Constants.ERROR_CODE_MULTIPLE_USERS_MATCHING);
}
}
InitiateQuestionResponseDTO initiateQuestionResponseDTO = null;
SecurityQuestionPasswordRecoveryManager securityQuestionBasedPwdRecoveryManager = RecoveryUtil.getSecurityQuestionBasedPwdRecoveryManager();
try {
ChallengeQuestionResponse challengeQuestionResponse = securityQuestionBasedPwdRecoveryManager.initiateUserChallengeQuestion(user);
initiateQuestionResponseDTO = RecoveryUtil.getInitiateQuestionResponseDTO(challengeQuestionResponse);
} catch (IdentityRecoveryClientException e) {
if (LOG.isDebugEnabled()) {
LOG.debug("Client Error while initiating password recovery flow using security questions ", e);
}
if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND.getCode().equals(e.getErrorCode())) {
return Response.noContent().build();
}
RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
} catch (IdentityRecoveryException e) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
} catch (Throwable throwable) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
}
return Response.accepted(initiateQuestionResponseDTO).build();
}
Also used :
User(org.wso2.carbon.identity.application.common.model.User)
ChallengeQuestionResponse(org.wso2.carbon.identity.recovery.bean.ChallengeQuestionResponse)
IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException)
InitiateQuestionResponseDTO(org.wso2.carbon.identity.recovery.endpoint.dto.InitiateQuestionResponseDTO)
SecurityQuestionPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager)
IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)
Example 2 with InitiateQuestionResponseDTO
use of org.wso2.carbon.identity.recovery.endpoint.dto.InitiateQuestionResponseDTO in project identity-governance by wso2-extensions.
the class RecoveryUtil method getInitiateQuestionResponseDTO.
public static InitiateQuestionResponseDTO getInitiateQuestionResponseDTO(ChallengeQuestionResponse challengeQuestionResponse) {
InitiateQuestionResponseDTO initiateQuestionResponseDTO = new InitiateQuestionResponseDTO();
QuestionDTO questionDTO = new QuestionDTO();
if (challengeQuestionResponse.getQuestion() != null) {
questionDTO.setQuestion(challengeQuestionResponse.getQuestion().getQuestion());
questionDTO.setQuestionSetId(challengeQuestionResponse.getQuestion().getQuestionSetId());
initiateQuestionResponseDTO.setQuestion(questionDTO);
}
initiateQuestionResponseDTO.setKey(challengeQuestionResponse.getCode());
LinkDTO linkDTO = new LinkDTO();
if (IdentityRecoveryConstants.RECOVERY_STATUS_COMPLETE.equals(challengeQuestionResponse.getStatus())) {
linkDTO.setRel("set-password");
linkDTO.setUri("/api/identity/recovery/v0.9");
} else {
linkDTO.setRel("validate-answer");
linkDTO.setUri("/api/identity/recovery/v0.9");
}
initiateQuestionResponseDTO.setLink(linkDTO);
return initiateQuestionResponseDTO;
}
Also used :
LinkDTO(org.wso2.carbon.identity.recovery.endpoint.dto.LinkDTO)
QuestionDTO(org.wso2.carbon.identity.recovery.endpoint.dto.QuestionDTO)
InitiateQuestionResponseDTO(org.wso2.carbon.identity.recovery.endpoint.dto.InitiateQuestionResponseDTO)
Aggregations
InitiateQuestionResponseDTO (org.wso2.carbon.identity.recovery.endpoint.dto.InitiateQuestionResponseDTO)2
User (org.wso2.carbon.identity.application.common.model.User)1
IdentityRecoveryClientException (org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)1
IdentityRecoveryException (org.wso2.carbon.identity.recovery.IdentityRecoveryException)1
ChallengeQuestionResponse (org.wso2.carbon.identity.recovery.bean.ChallengeQuestionResponse)1
LinkDTO (org.wso2.carbon.identity.recovery.endpoint.dto.LinkDTO)1
QuestionDTO (org.wso2.carbon.identity.recovery.endpoint.dto.QuestionDTO)1
SecurityQuestionPasswordRecoveryManager (org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager)1
