Examples with AdminForcedPasswordResetHandler org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler used on opensource projects

Search in sources :

Example 1 with AdminForcedPasswordResetHandler

use of org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler in project identity-governance by wso2-extensions.

the class IdentityRecoveryServiceComponent method activate.

@Activate
protected void activate(ComponentContext context) {
    try {
        BundleContext bundleContext = context.getBundleContext();
        bundleContext.registerService(NotificationPasswordRecoveryManager.class.getName(), NotificationPasswordRecoveryManager.getInstance(), null);
        bundleContext.registerService(SecurityQuestionPasswordRecoveryManager.class.getName(), SecurityQuestionPasswordRecoveryManager.getInstance(), null);
        bundleContext.registerService(NotificationUsernameRecoveryManager.class.getName(), NotificationUsernameRecoveryManager.getInstance(), null);
        bundleContext.registerService(UserSelfRegistrationManager.class.getName(), UserSelfRegistrationManager.getInstance(), null);
        bundleContext.registerService(ChallengeQuestionManager.class.getName(), ChallengeQuestionManager.getInstance(), null);
        bundleContext.registerService(ResendConfirmationManager.class.getName(), ResendConfirmationManager.getInstance(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new AccountConfirmationValidationHandler(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new UserSelfRegistrationHandler(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new LiteUserRegistrationHandler(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new UserEmailVerificationHandler(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new MobileNumberVerificationHandler(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new AdminForcedPasswordResetHandler(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new TenantRegistrationVerificationHandler(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new IdentityUserMetadataMgtHandler(), null);
        bundleContext.registerService(IdentityConnectorConfig.class.getName(), new RecoveryConfigImpl(), null);
        bundleContext.registerService(IdentityConnectorConfig.class.getName(), new SelfRegistrationConfigImpl(), null);
        bundleContext.registerService(IdentityConnectorConfig.class.getName(), new LiteRegistrationConfigImpl(), null);
        bundleContext.registerService(IdentityConnectorConfig.class.getName(), new UserEmailVerificationConfigImpl(), null);
        bundleContext.registerService(IdentityConnectorConfig.class.getName(), new UserClaimUpdateConfigImpl(), null);
        bundleContext.registerService(IdentityConnectorConfig.class.getName(), new AdminForcedPasswordResetConfigImpl(), null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new CodeInvalidationHandler(), null);
        UsernameRecoveryManager usernameRecoveryManager = new UsernameRecoveryManagerImpl();
        bundleContext.registerService(UsernameRecoveryManager.class.getName(), usernameRecoveryManager, null);
        PasswordRecoveryManager passwordRecoveryManager = new PasswordRecoveryManagerImpl();
        bundleContext.registerService(PasswordRecoveryManager.class.getName(), passwordRecoveryManager, null);
        // Registering missing challenge question handler as a post authn handler
        PostAuthenticationHandler postAuthnMissingChallengeQuestions = PostAuthnMissingChallengeQuestionsHandler.getInstance();
        bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthnMissingChallengeQuestions, null);
        bundleContext.registerService(AbstractEventHandler.class.getName(), new ChallengeAnswerValidationHandler(), null);
    } catch (Exception e) {
        log.error("Error while activating identity governance component.", e);
    }
    // register the tenant management listener
    TenantMgtListener tenantMgtListener = new TenantManagementListener();
    context.getBundleContext().registerService(TenantMgtListener.class.getName(), tenantMgtListener, null);
    // register default challenge questions
    try {
        if (log.isDebugEnabled()) {
            log.debug("Loading default challenge questions for super tenant.");
        }
        loadDefaultChallengeQuestions();
    // new ChallengeQuestionManager().getAllChallengeQuestions("carbon.super", "lk_LK");
    } catch (IdentityRecoveryException e) {
        log.error("Error persisting challenge question for super tenant.", e);
    }
}
Also used : NotificationPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager) TenantManagementListener(org.wso2.carbon.identity.recovery.listener.TenantManagementListener) UsernameRecoveryManagerImpl(org.wso2.carbon.identity.recovery.internal.service.impl.username.UsernameRecoveryManagerImpl) UserSelfRegistrationManager(org.wso2.carbon.identity.recovery.signup.UserSelfRegistrationManager) IdentityUserMetadataMgtHandler(org.wso2.carbon.identity.recovery.handler.IdentityUserMetadataMgtHandler) NotificationUsernameRecoveryManager(org.wso2.carbon.identity.recovery.username.NotificationUsernameRecoveryManager) ResendConfirmationManager(org.wso2.carbon.identity.recovery.confirmation.ResendConfirmationManager) SecurityQuestionPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager) LiteRegistrationConfigImpl(org.wso2.carbon.identity.recovery.connector.LiteRegistrationConfigImpl) TenantMgtListener(org.wso2.carbon.stratos.common.listeners.TenantMgtListener) AdminForcedPasswordResetHandler(org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler) IdentityConnectorConfig(org.wso2.carbon.identity.governance.common.IdentityConnectorConfig) ChallengeAnswerValidationHandler(org.wso2.carbon.identity.recovery.handler.ChallengeAnswerValidationHandler) AccountConfirmationValidationHandler(org.wso2.carbon.identity.recovery.handler.AccountConfirmationValidationHandler) NotificationUsernameRecoveryManager(org.wso2.carbon.identity.recovery.username.NotificationUsernameRecoveryManager) UsernameRecoveryManager(org.wso2.carbon.identity.recovery.services.username.UsernameRecoveryManager) TenantRegistrationVerificationHandler(org.wso2.carbon.identity.recovery.handler.TenantRegistrationVerificationHandler) RecoveryConfigImpl(org.wso2.carbon.identity.recovery.connector.RecoveryConfigImpl) CodeInvalidationHandler(org.wso2.carbon.identity.recovery.handler.CodeInvalidationHandler) UserEmailVerificationHandler(org.wso2.carbon.identity.recovery.handler.UserEmailVerificationHandler) MobileNumberVerificationHandler(org.wso2.carbon.identity.recovery.handler.MobileNumberVerificationHandler) UserEmailVerificationConfigImpl(org.wso2.carbon.identity.recovery.connector.UserEmailVerificationConfigImpl) UserSelfRegistrationHandler(org.wso2.carbon.identity.recovery.handler.UserSelfRegistrationHandler) ChallengeQuestionManager(org.wso2.carbon.identity.recovery.ChallengeQuestionManager) PasswordRecoveryManager(org.wso2.carbon.identity.recovery.services.password.PasswordRecoveryManager) SecurityQuestionPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager) NotificationPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager) PasswordRecoveryManagerImpl(org.wso2.carbon.identity.recovery.internal.service.impl.password.PasswordRecoveryManagerImpl) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) UserClaimUpdateConfigImpl(org.wso2.carbon.identity.recovery.connector.UserClaimUpdateConfigImpl) AbstractEventHandler(org.wso2.carbon.identity.event.handler.AbstractEventHandler) AdminForcedPasswordResetConfigImpl(org.wso2.carbon.identity.recovery.connector.AdminForcedPasswordResetConfigImpl) LiteUserRegistrationHandler(org.wso2.carbon.identity.recovery.handler.LiteUserRegistrationHandler) SelfRegistrationConfigImpl(org.wso2.carbon.identity.recovery.connector.SelfRegistrationConfigImpl) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) BundleContext(org.osgi.framework.BundleContext) PostAuthenticationHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthenticationHandler) Activate(org.osgi.service.component.annotations.Activate)

Example 2 with AdminForcedPasswordResetHandler

use of org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler in project identity-governance by wso2-extensions.

the class AdminForcedPasswordResetHandler method handleUpdateCredentialsByAdmin.

private void handleUpdateCredentialsByAdmin(Map<String, Object> eventProperties, UserStoreManager userStoreManager) throws IdentityEventException {
    User user = getUser(eventProperties, userStoreManager);
    if (log.isDebugEnabled()) {
        log.debug("PostUpdateCredentialsByAdmin - AdminForcedPasswordResetHandler for user : " + user.toString());
    }
    UserRecoveryData userRecoveryData = getRecoveryData(user);
    if (userRecoveryData != null) {
        invalidateRecoveryData(user);
        if (log.isDebugEnabled()) {
            log.debug("PostUpdateCredentialsByAdmin - invalidate Recovery Data for user : " + user.toString());
        }
    }
}
Also used : User(org.wso2.carbon.identity.application.common.model.User) UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData)

Example 3 with AdminForcedPasswordResetHandler

use of org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler in project identity-governance by wso2-extensions.

the class AdminForcedPasswordResetHandler method handleClaimUpdate.

protected void handleClaimUpdate(Map<String, Object> eventProperties, UserStoreManager userStoreManager) throws IdentityEventException {
    User user = getUser(eventProperties, userStoreManager);
    if (log.isDebugEnabled()) {
        log.debug("PreAuthenticate - AdminForcedPasswordResetHandler for : " + user.toString());
    }
    Map<String, String> claims = (Map<String, String>) eventProperties.get(IdentityEventConstants.EventProperty.USER_CLAIMS);
    boolean adminPasswordResetOffline = Boolean.parseBoolean(Utils.getConnectorConfig(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ADMIN_PASSWORD_RESET_OFFLINE, user.getTenantDomain()));
    boolean adminPasswordResetOTP = Boolean.parseBoolean(Utils.getConnectorConfig(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ADMIN_PASSWORD_RESET_WITH_OTP, user.getTenantDomain()));
    boolean adminPasswordResetRecoveryLink = Boolean.parseBoolean(Utils.getConnectorConfig(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ADMIN_PASSWORD_RESET_WITH_RECOVERY_LINK, user.getTenantDomain()));
    boolean isAdminPasswordReset = adminPasswordResetOffline | adminPasswordResetOTP | adminPasswordResetRecoveryLink;
    if (isAdminPasswordReset && Boolean.valueOf(claims.get(IdentityRecoveryConstants.ADMIN_FORCED_PASSWORD_RESET_CLAIM))) {
        if (log.isDebugEnabled()) {
            log.debug(IdentityRecoveryConstants.ADMIN_FORCED_PASSWORD_RESET_CLAIM + " update request.");
        }
        Utils.publishRecoveryEvent(eventProperties, IdentityEventConstants.Event.PRE_FORCE_PASSWORD_RESET_BY_ADMIN, null);
        // Remove claim to prevent persisting this temporary claim
        claims.remove(IdentityRecoveryConstants.ADMIN_FORCED_PASSWORD_RESET_CLAIM);
        String OTP = generateOTPValue();
        String notificationType = "";
        Enum recoveryScenario = RecoveryScenarios.ADMIN_FORCED_PASSWORD_RESET_VIA_OTP;
        if (adminPasswordResetOffline) {
            if (claims.containsKey(IdentityRecoveryConstants.OTP_PASSWORD_CLAIM)) {
                claims.remove(IdentityRecoveryConstants.OTP_PASSWORD_CLAIM);
            }
            setUserClaim(IdentityRecoveryConstants.OTP_PASSWORD_CLAIM, OTP, userStoreManager, user);
        }
        if (adminPasswordResetOTP) {
            notificationType = IdentityRecoveryConstants.NOTIFICATION_TYPE_ADMIN_FORCED_PASSWORD_RESET_WITH_OTP;
        }
        if (adminPasswordResetRecoveryLink) {
            OTP = UUIDGenerator.generateUUID();
            recoveryScenario = RecoveryScenarios.ADMIN_FORCED_PASSWORD_RESET_VIA_EMAIL_LINK;
            notificationType = IdentityRecoveryConstants.NOTIFICATION_TYPE_ADMIN_FORCED_PASSWORD_RESET;
        }
        claims.remove(IdentityRecoveryConstants.ACCOUNT_LOCKED_CLAIM);
        setRecoveryData(user, recoveryScenario, RecoverySteps.UPDATE_PASSWORD, OTP);
        lockAccountOnAdminPasswordReset(user, claims);
        if (adminPasswordResetOTP | adminPasswordResetRecoveryLink) {
            try {
                triggerNotification(user, notificationType, OTP, Utils.getArbitraryProperties(), new UserRecoveryData(user, OTP, recoveryScenario, RecoverySteps.UPDATE_PASSWORD));
                Utils.publishRecoveryEvent(eventProperties, IdentityEventConstants.Event.POST_FORCE_PASSWORD_RESET_BY_ADMIN, OTP);
            } catch (IdentityRecoveryException e) {
                throw new IdentityEventException("Error while sending  notification ", e);
            }
        }
    }
}
Also used : User(org.wso2.carbon.identity.application.common.model.User) UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData) IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) HashMap(java.util.HashMap) Map(java.util.Map)

Example 4 with AdminForcedPasswordResetHandler

use of org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler in project identity-governance by wso2-extensions.

the class AdminForcedPasswordResetHandler method handleAuthenticate.

protected void handleAuthenticate(Map<String, Object> eventProperties, UserStoreManager userStoreManager) throws IdentityEventException {
    User user = getUser(eventProperties, userStoreManager);
    if (log.isDebugEnabled()) {
        log.debug("PreAuthenticate - AdminForcedPasswordResetHandler for user : " + user.toString());
    }
    UserRecoveryData userRecoveryData = getRecoveryData(user);
    if (userRecoveryData != null) {
        Enum recoveryScenario = userRecoveryData.getRecoveryScenario();
        if (log.isDebugEnabled()) {
            log.debug("Handling recovery scenario : " + recoveryScenario.toString() + " for user : " + user.toString());
        }
        String errorCode = null;
        String errorMsg = "User : " + user.toString();
        boolean isForcedPasswordReset = false;
        if (RecoveryScenarios.ADMIN_FORCED_PASSWORD_RESET_VIA_EMAIL_LINK.equals(recoveryScenario)) {
            errorCode = IdentityCoreConstants.ADMIN_FORCED_USER_PASSWORD_RESET_VIA_EMAIL_LINK_ERROR_CODE;
            errorMsg = errorMsg + " needs to reset the password using the given link in email";
            isForcedPasswordReset = true;
        } else if (RecoveryScenarios.ADMIN_FORCED_PASSWORD_RESET_VIA_OTP.equals(recoveryScenario)) {
            String credential = (String) eventProperties.get(IdentityEventConstants.EventProperty.CREDENTIAL);
            isForcedPasswordReset = true;
            if (userRecoveryData.getSecret().equals(credential)) {
                errorCode = IdentityCoreConstants.ADMIN_FORCED_USER_PASSWORD_RESET_VIA_OTP_ERROR_CODE;
                errorMsg = errorMsg + " has given correct OTP";
            } else {
                errorCode = IdentityCoreConstants.ADMIN_FORCED_USER_PASSWORD_RESET_VIA_OTP_MISMATCHED_ERROR_CODE;
                errorMsg = errorMsg + " has given in-correct OTP";
            }
        }
        if (isForcedPasswordReset) {
            if (log.isDebugEnabled()) {
                log.debug(errorMsg);
            }
            IdentityErrorMsgContext customErrorMessageContext = new IdentityErrorMsgContext(errorCode);
            IdentityUtil.setIdentityErrorMsg(customErrorMessageContext);
            throw new IdentityEventException(errorMsg);
        }
    }
}
Also used : User(org.wso2.carbon.identity.application.common.model.User) UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData) IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException) IdentityErrorMsgContext(org.wso2.carbon.identity.core.model.IdentityErrorMsgContext)

Aggregations

User (org.wso2.carbon.identity.application.common.model.User)3 UserRecoveryData (org.wso2.carbon.identity.recovery.model.UserRecoveryData)3 IdentityEventException (org.wso2.carbon.identity.event.IdentityEventException)2 IdentityRecoveryException (org.wso2.carbon.identity.recovery.IdentityRecoveryException)2 HashMap (java.util.HashMap)1 Map (java.util.Map)1 BundleContext (org.osgi.framework.BundleContext)1 Activate (org.osgi.service.component.annotations.Activate)1 PostAuthenticationHandler (org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthenticationHandler)1 IdentityErrorMsgContext (org.wso2.carbon.identity.core.model.IdentityErrorMsgContext)1 AbstractEventHandler (org.wso2.carbon.identity.event.handler.AbstractEventHandler)1 IdentityConnectorConfig (org.wso2.carbon.identity.governance.common.IdentityConnectorConfig)1 ChallengeQuestionManager (org.wso2.carbon.identity.recovery.ChallengeQuestionManager)1 ResendConfirmationManager (org.wso2.carbon.identity.recovery.confirmation.ResendConfirmationManager)1 AdminForcedPasswordResetConfigImpl (org.wso2.carbon.identity.recovery.connector.AdminForcedPasswordResetConfigImpl)1 LiteRegistrationConfigImpl (org.wso2.carbon.identity.recovery.connector.LiteRegistrationConfigImpl)1 RecoveryConfigImpl (org.wso2.carbon.identity.recovery.connector.RecoveryConfigImpl)1 SelfRegistrationConfigImpl (org.wso2.carbon.identity.recovery.connector.SelfRegistrationConfigImpl)1 UserClaimUpdateConfigImpl (org.wso2.carbon.identity.recovery.connector.UserClaimUpdateConfigImpl)1 UserEmailVerificationConfigImpl (org.wso2.carbon.identity.recovery.connector.UserEmailVerificationConfigImpl)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial