use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class ChallengeAnswerValidationHandler method filterChallengeAnswers.
/**
* Filter previously stored and newly added answers of the challenge questions.
*
* @param userChallengeAnswers List of UserChallengeAnswer objects.
* @param existingQuestionAndAnswers Map of existing challenge question and answers.
* @return Map of existing and new challenge answers.
*/
private Map<String, List<UserChallengeAnswer>> filterChallengeAnswers(UserChallengeAnswer[] userChallengeAnswers, Map<String, String> existingQuestionAndAnswers) {
Map<String, List<UserChallengeAnswer>> challengeAnswers = new HashMap<>();
List<UserChallengeAnswer> existingChallengeAnswers = new ArrayList<>();
List<UserChallengeAnswer> newChallengeAnswers = new ArrayList<>();
String separator = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.QUESTION_CHALLENGE_SEPARATOR);
for (UserChallengeAnswer userChallengeAnswer : userChallengeAnswers) {
ChallengeQuestion challengeQuestion = userChallengeAnswer.getQuestion();
if (StringUtils.isNotBlank(challengeQuestion.getQuestionSetId()) && StringUtils.isNotBlank(challengeQuestion.getQuestion()) && StringUtils.isNotBlank(userChallengeAnswer.getAnswer())) {
String oldValue = existingQuestionAndAnswers.get(challengeQuestion.getQuestionSetId().trim());
if (StringUtils.isNotBlank(oldValue) && oldValue.contains(separator)) {
String oldAnswer = oldValue.split(separator)[1];
if (oldAnswer.trim().equals(userChallengeAnswer.getAnswer().trim())) {
existingChallengeAnswers.add(userChallengeAnswer);
} else {
newChallengeAnswers.add(userChallengeAnswer);
}
} else {
newChallengeAnswers.add(userChallengeAnswer);
}
}
}
challengeAnswers.put(IdentityRecoveryConstants.USER_OLD_CHALLENGE_ANSWERS, existingChallengeAnswers);
challengeAnswers.put(IdentityRecoveryConstants.USER_NEW_CHALLENGE_ANSWERS, newChallengeAnswers);
return challengeAnswers;
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class ChallengeQuestionManager method checkChallengeQuestionExists.
/**
* Check whether an answered challenge question actually exists in the tenant registry
*
* @param userChallengeAnswers
* @param tenantDomain
* @throws IdentityRecoveryClientException
*/
private void checkChallengeQuestionExists(UserChallengeAnswer[] userChallengeAnswers, String tenantDomain) throws IdentityRecoveryException {
for (UserChallengeAnswer challengeAnswer : userChallengeAnswers) {
ChallengeQuestion challengeQuestion = challengeAnswer.getQuestion();
// if challenge question details are missing in the challenge answer we can't proceed further
if (challengeQuestion == null) {
throw Utils.handleClientException(ERROR_CODE_CHALLENG_ANSWER_MISSING, null);
}
if (StringUtils.isBlank(challengeQuestion.getQuestion())) {
throw Utils.handleClientException(ERROR_CODE_INVALID_CHALLENGE_QUESTION_VALUE, null);
}
String locale = validateLocale(challengeQuestion.getLocale());
List<ChallengeQuestion> challengeQuestions = getAllChallengeQuestions(tenantDomain, locale);
boolean isQuestionAvailable = false;
for (ChallengeQuestion availableQuestion : challengeQuestions) {
if (StringUtils.equals(availableQuestion.getQuestionSetId(), challengeQuestion.getQuestionSetId().trim()) && StringUtils.equals(availableQuestion.getQuestion().trim(), challengeQuestion.getQuestion().trim())) {
isQuestionAvailable = true;
}
}
if (!isQuestionAvailable) {
String error = "Error persisting user challenge answers for user. " + "Challenge question answered is not registered with %s domain.";
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND, String.format(error, tenantDomain));
}
}
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class ChallengeQuestionManager method createRegistryResource.
/**
* Create registry resource from a challenge question model object.
*
* @param question
* @return
* @throws RegistryException
*/
private Resource createRegistryResource(ChallengeQuestion question) throws RegistryException, UnsupportedEncodingException {
byte[] questionText = question.getQuestion().getBytes("UTF-8");
String questionSetId = question.getQuestionSetId();
String questionId = question.getQuestionId();
String locale = question.getLocale();
Resource resource = new ResourceImpl();
resource.setContent(questionText);
resource.addProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_SET_ID, questionSetId);
resource.addProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_ID, questionId);
// added locale
resource.addProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_LOCALE, locale);
resource.setMediaType(RegistryConstants.TAG_MEDIA_TYPE);
return resource;
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class ChallengeQuestionManager method getChallengeAnswersOfUser.
/**
* Get challenge questions answered by a user.
*
* @param user
* @return
*/
public UserChallengeAnswer[] getChallengeAnswersOfUser(User user) throws IdentityRecoveryException {
validateUser(user);
List<UserChallengeAnswer> userChallengeAnswers = new ArrayList<>();
if (log.isDebugEnabled()) {
log.debug("Retrieving Challenge question from the user profile.");
}
List<String> challengesUris = getChallengeQuestionUris(user);
for (String challengesUri1 : challengesUris) {
String challengesUri = challengesUri1.trim();
String challengeValue;
try {
challengeValue = Utils.getClaimFromUserStoreManager(user, challengesUri);
} catch (UserStoreException e) {
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_GETTING_CHALLENGE_QUESTIONS, user.getUserName(), e);
}
String challengeQuestionSeparator = getChallengeSeparator();
String[] challengeValues = challengeValue.split(challengeQuestionSeparator);
if (challengeValues != null && challengeValues.length == 2) {
ChallengeQuestion userChallengeQuestion = new ChallengeQuestion(challengesUri, challengeValues[0].trim());
UserChallengeAnswer userChallengeAnswer = new UserChallengeAnswer(userChallengeQuestion, challengeValues[1].trim());
userChallengeAnswers.add(userChallengeAnswer);
}
}
if (!userChallengeAnswers.isEmpty()) {
return userChallengeAnswers.toArray(new UserChallengeAnswer[userChallengeAnswers.size()]);
} else {
return new UserChallengeAnswer[0];
}
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class SecurityInformationProvider method getRetainedUserInformation.
@Override
public UserInformationDTO getRetainedUserInformation(String username, String userStoreDomain, int tenantId) throws UserExportException {
String challengeQuestionClaimValue = null;
UserStoreManager userStoreManager;
try {
userStoreManager = getUserStoreManager(tenantId, userStoreDomain);
Claim[] userClaims = userStoreManager.getUserClaimValues(username, null);
for (Claim claim : userClaims) {
if (CHALLENGE_QUESTION_URIS_CLAIM.equals(claim.getClaimUri())) {
challengeQuestionClaimValue = userStoreManager.getUserClaimValue(username, CHALLENGE_QUESTION_URIS_CLAIM, null);
}
}
} catch (UserStoreException e) {
throw new UserExportException("Error while retrieving the user information.", e);
}
if (challengeQuestionClaimValue != null) {
List<String> challengeQuestionUris = getChallengeQuestionUris(challengeQuestionClaimValue);
SecurityInformationDTO securityInformationDTO = new SecurityInformationDTO();
if (challengeQuestionUris.size() > 0) {
Map<String, String> challengeQuestions;
try {
challengeQuestions = userStoreManager.getUserClaimValues(username, challengeQuestionUris.toArray(new String[challengeQuestionUris.size()]), null);
} catch (UserStoreException e) {
throw new UserExportException("Error while retrieving the user information.", e);
}
String challengeQuestionSeparator = challengeQuestionSeparator();
for (Map.Entry<String, String> challengeQuestion : challengeQuestions.entrySet()) {
String[] challengeQuestionsParts = challengeQuestion.getValue().split(challengeQuestionSeparator);
securityInformationDTO.addChallengeQuestion(challengeQuestionsParts[0]);
}
}
return new UserInformationDTO(securityInformationDTO);
} else {
if (log.isDebugEnabled()) {
log.debug("Challenge question claim is not available in the tenant: " + tenantId);
}
}
return new UserInformationDTO();
}
Aggregations