use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class RecoveryUtil method getInitiateQuestionResponseDTO.
public static InitiateAllQuestionResponseDTO getInitiateQuestionResponseDTO(ChallengeQuestionsResponse challengeQuestionsResponse) {
InitiateAllQuestionResponseDTO initiateAllQuestionResponseDTO = new InitiateAllQuestionResponseDTO();
List<QuestionDTO> questionDTOs = new ArrayList<>();
for (ChallengeQuestion challengeQuestion : challengeQuestionsResponse.getQuestion()) {
QuestionDTO questionDTO = new QuestionDTO();
questionDTO.setQuestion(challengeQuestion.getQuestion());
questionDTO.setQuestionSetId(challengeQuestion.getQuestionSetId());
questionDTOs.add(questionDTO);
}
initiateAllQuestionResponseDTO.setQuestions(questionDTOs);
initiateAllQuestionResponseDTO.setKey(challengeQuestionsResponse.getCode());
LinkDTO linkDTO = new LinkDTO();
linkDTO.setRel("validate-answer");
linkDTO.setUri("/api/identity/recovery/v0.9");
initiateAllQuestionResponseDTO.setLink(linkDTO);
return initiateAllQuestionResponseDTO;
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class SecurityQuestionPasswordRecoveryManager method initiateUserChallengeQuestionAtOnce.
public ChallengeQuestionsResponse initiateUserChallengeQuestionAtOnce(User user) throws IdentityRecoveryException {
String challengeQuestionSeparator = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.QUESTION_CHALLENGE_SEPARATOR);
if (StringUtils.isEmpty(challengeQuestionSeparator)) {
challengeQuestionSeparator = IdentityRecoveryConstants.DEFAULT_CHALLENGE_QUESTION_SEPARATOR;
}
if (StringUtils.isBlank(user.getTenantDomain())) {
user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
log.info("initiateUserChallengeQuestionAtOnce :Tenant domain is not in the request. set to default for user : " + user.getUserName());
}
if (StringUtils.isBlank(user.getUserStoreDomain())) {
user.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
log.info("initiateUserChallengeQuestionAtOnce :User store domain is not in the request. set to default for user" + " : " + user.getUserName());
}
boolean isRecoveryEnable = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.QUESTION_BASED_PW_RECOVERY, user.getTenantDomain()));
if (!isRecoveryEnable) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_QUESTION_BASED_RECOVERY_NOT_ENABLE, null);
}
boolean isNotificationInternallyManaged = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.NOTIFICATION_INTERNALLY_MANAGE, user.getTenantDomain()));
UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
userRecoveryDataStore.invalidate(user);
verifyUserExists(user);
if (Utils.isAccountDisabled(user)) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLED_ACCOUNT, null);
} else if (Utils.isAccountLocked(user)) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_LOCKED_ACCOUNT, null);
}
boolean isNotificationSendWhenInitiatingPWRecovery = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.NOTIFICATION_SEND_RECOVERY_SECURITY_START, user.getTenantDomain()));
if (isNotificationInternallyManaged && isNotificationSendWhenInitiatingPWRecovery) {
try {
triggerNotification(user, IdentityRecoveryConstants.NOTIFICATION_TYPE_PASSWORD_RESET_INITIATE, null);
} catch (Exception e) {
log.warn("Error while sending password reset initiating notification to user :" + user.getUserName());
}
}
int minNoOfQuestionsToAnswer = Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.QUESTION_MIN_NO_ANSWER, user.getTenantDomain()));
ChallengeQuestionManager challengeQuestionManager = ChallengeQuestionManager.getInstance();
String[] ids = challengeQuestionManager.getUserChallengeQuestionIds(user);
if (ids == null || ids.length == 0) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND, user.getUserName());
}
if (ids.length > minNoOfQuestionsToAnswer) {
ids = getRandomQuestionIds(ids, minNoOfQuestionsToAnswer);
}
ChallengeQuestion[] questions = new ChallengeQuestion[ids.length];
StringBuilder allChallengeQuestions = new StringBuilder();
for (int i = 0; i < ids.length; i++) {
questions[i] = challengeQuestionManager.getUserChallengeQuestion(user, ids[i]);
if (i == 0) {
allChallengeQuestions.append(ids[0]);
} else {
allChallengeQuestions.append(challengeQuestionSeparator).append(ids[i]);
}
}
ChallengeQuestionsResponse challengeQuestionResponse = new ChallengeQuestionsResponse(questions);
String secretKey = UUIDGenerator.generateUUID();
UserRecoveryData recoveryData = new UserRecoveryData(user, secretKey, RecoveryScenarios.QUESTION_BASED_PWD_RECOVERY, RecoverySteps.VALIDATE_ALL_CHALLENGE_QUESTION);
recoveryData.setRemainingSetIds(allChallengeQuestions.toString());
challengeQuestionResponse.setCode(secretKey);
userRecoveryDataStore.store(recoveryData);
return challengeQuestionResponse;
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.
the class PostAuthnMissingChallengeQuestionsHandler method getChallengeSetUris.
/**
* Return a list of challenge questions set URIs for a given user.
*
* @param user Authenticated User.
* @return List of Challenge question sets URI.
*/
private List<String> getChallengeSetUris(AuthenticatedUser user) {
List<ChallengeQuestion> challengeQuestions = getChallengeQuestions(user);
HashSet<String> questionSetNames = new HashSet<>();
if (CollectionUtils.isEmpty(challengeQuestions)) {
return new ArrayList<>();
}
for (ChallengeQuestion question : challengeQuestions) {
if (StringUtils.isNotBlank(question.getQuestionSetId())) {
questionSetNames.add(question.getQuestionSetId());
}
}
List<String> challengeSetUriList = new ArrayList<>(questionSetNames);
Collections.sort(challengeSetUriList);
return challengeSetUriList;
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project product-is by wso2.
the class ChallengeQuestionManagementAdminServiceTestCase method addChallengeQuestionByLocale.
@Test(groups = "wso2.is", description = "Getting challenge questions of a user", priority = 3, sequential = true)
public void addChallengeQuestionByLocale() throws Exception {
challengeQuestionsAdminClient = new ChallengeQuestionMgtAdminClient(backendURL, BOB_USERNAME, BOB_PASSWORD);
ChallengeQuestion[] challengeQuestions = challengeQuestionsAdminClient.getChallengeQuestionsForLocale(SUPER_TENANT, BOB_LOCALE);
int countBefore = challengeQuestions == null ? 0 : challengeQuestions.length;
ChallengeQuestion challengeQuestion = new ChallengeQuestion();
challengeQuestion.setQuestionSetId("newSet1");
challengeQuestion.setQuestionId("q2");
challengeQuestion.setQuestion("Challenge Question in xx_YY ????");
challengeQuestion.setLocale(BOB_LOCALE);
challengeQuestionsAdminClient.setChallengeQuestions(new ChallengeQuestion[] { challengeQuestion }, SUPER_TENANT);
int countAfter = challengeQuestionsAdminClient.getChallengeQuestionsForLocale(SUPER_TENANT, BOB_LOCALE).length;
assertTrue(countBefore + 1 == countAfter, "Adding a new challenge question for locale " + BOB_LOCALE + " failed in " + SUPER_TENANT);
}
use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-api-server by wso2.
the class ServerChallengeService method patchChallengeSet.
/**
* Update a specific challenge questions of an existing set
*
* @param challengeSetId
* @param challengeQuestionPatchDTO
* @return
*/
public boolean patchChallengeSet(String challengeSetId, ChallengeQuestionPatchDTO challengeQuestionPatchDTO) {
if (!isChallengeSetExists(challengeSetId, ContextLoader.getTenantDomainFromContext())) {
throw handleError(Response.Status.NOT_FOUND, ChallengeConstant.ErrorMessage.ERROR_CHALLENGE_SET_NOT_EXISTS);
}
if (Constants.OPERATION_ADD.equalsIgnoreCase(challengeQuestionPatchDTO.getOperation())) {
List<ChallengeQuestionDTO> challenges = new ArrayList<>();
ChallengeQuestionDTO challengeQuestion = challengeQuestionPatchDTO.getChallengeQuestion();
challenges.add(challengeQuestion);
List<ChallengeQuestion> questions = buildChallengeQuestions(challenges, challengeSetId);
ChallengeQuestion[] toPatch = questions.toArray(new ChallengeQuestion[0]);
try {
getChallengeQuestionManager().addChallengeQuestions(toPatch, ContextLoader.getTenantDomainFromContext());
} catch (IdentityRecoveryException e) {
throw handleIdentityRecoveryException(e, ChallengeConstant.ErrorMessage.ERROR_CODE_ERROR_ADDING_CHALLENGE_QUESTION_TO_A_SET);
}
} else {
throw handleError(Response.Status.NOT_IMPLEMENTED, ChallengeConstant.ErrorMessage.ERROR_CODE_ERROR_OPERATION_NOT_SUPPORTED);
}
return true;
}
Aggregations