Search in sources :

Example 36 with ChallengeQuestion

use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.

the class RecoveryUtil method getInitiateQuestionResponseDTO.

public static InitiateAllQuestionResponseDTO getInitiateQuestionResponseDTO(ChallengeQuestionsResponse challengeQuestionsResponse) {
    InitiateAllQuestionResponseDTO initiateAllQuestionResponseDTO = new InitiateAllQuestionResponseDTO();
    List<QuestionDTO> questionDTOs = new ArrayList<>();
    for (ChallengeQuestion challengeQuestion : challengeQuestionsResponse.getQuestion()) {
        QuestionDTO questionDTO = new QuestionDTO();
        questionDTO.setQuestion(challengeQuestion.getQuestion());
        questionDTO.setQuestionSetId(challengeQuestion.getQuestionSetId());
        questionDTOs.add(questionDTO);
    }
    initiateAllQuestionResponseDTO.setQuestions(questionDTOs);
    initiateAllQuestionResponseDTO.setKey(challengeQuestionsResponse.getCode());
    LinkDTO linkDTO = new LinkDTO();
    linkDTO.setRel("validate-answer");
    linkDTO.setUri("/api/identity/recovery/v0.9");
    initiateAllQuestionResponseDTO.setLink(linkDTO);
    return initiateAllQuestionResponseDTO;
}
Also used : InitiateAllQuestionResponseDTO(org.wso2.carbon.identity.recovery.endpoint.dto.InitiateAllQuestionResponseDTO) LinkDTO(org.wso2.carbon.identity.recovery.endpoint.dto.LinkDTO) ArrayList(java.util.ArrayList) QuestionDTO(org.wso2.carbon.identity.recovery.endpoint.dto.QuestionDTO) ChallengeQuestion(org.wso2.carbon.identity.recovery.model.ChallengeQuestion)

Example 37 with ChallengeQuestion

use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.

the class SecurityQuestionPasswordRecoveryManager method initiateUserChallengeQuestionAtOnce.

public ChallengeQuestionsResponse initiateUserChallengeQuestionAtOnce(User user) throws IdentityRecoveryException {
    String challengeQuestionSeparator = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.QUESTION_CHALLENGE_SEPARATOR);
    if (StringUtils.isEmpty(challengeQuestionSeparator)) {
        challengeQuestionSeparator = IdentityRecoveryConstants.DEFAULT_CHALLENGE_QUESTION_SEPARATOR;
    }
    if (StringUtils.isBlank(user.getTenantDomain())) {
        user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
        log.info("initiateUserChallengeQuestionAtOnce :Tenant domain is not in the request. set to default for user : " + user.getUserName());
    }
    if (StringUtils.isBlank(user.getUserStoreDomain())) {
        user.setUserStoreDomain(IdentityUtil.getPrimaryDomainName());
        log.info("initiateUserChallengeQuestionAtOnce :User store domain is not in the request. set to default for user" + " : " + user.getUserName());
    }
    boolean isRecoveryEnable = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.QUESTION_BASED_PW_RECOVERY, user.getTenantDomain()));
    if (!isRecoveryEnable) {
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_QUESTION_BASED_RECOVERY_NOT_ENABLE, null);
    }
    boolean isNotificationInternallyManaged = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.NOTIFICATION_INTERNALLY_MANAGE, user.getTenantDomain()));
    UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
    userRecoveryDataStore.invalidate(user);
    verifyUserExists(user);
    if (Utils.isAccountDisabled(user)) {
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLED_ACCOUNT, null);
    } else if (Utils.isAccountLocked(user)) {
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_LOCKED_ACCOUNT, null);
    }
    boolean isNotificationSendWhenInitiatingPWRecovery = Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.NOTIFICATION_SEND_RECOVERY_SECURITY_START, user.getTenantDomain()));
    if (isNotificationInternallyManaged && isNotificationSendWhenInitiatingPWRecovery) {
        try {
            triggerNotification(user, IdentityRecoveryConstants.NOTIFICATION_TYPE_PASSWORD_RESET_INITIATE, null);
        } catch (Exception e) {
            log.warn("Error while sending password reset initiating notification to user :" + user.getUserName());
        }
    }
    int minNoOfQuestionsToAnswer = Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.QUESTION_MIN_NO_ANSWER, user.getTenantDomain()));
    ChallengeQuestionManager challengeQuestionManager = ChallengeQuestionManager.getInstance();
    String[] ids = challengeQuestionManager.getUserChallengeQuestionIds(user);
    if (ids == null || ids.length == 0) {
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND, user.getUserName());
    }
    if (ids.length > minNoOfQuestionsToAnswer) {
        ids = getRandomQuestionIds(ids, minNoOfQuestionsToAnswer);
    }
    ChallengeQuestion[] questions = new ChallengeQuestion[ids.length];
    StringBuilder allChallengeQuestions = new StringBuilder();
    for (int i = 0; i < ids.length; i++) {
        questions[i] = challengeQuestionManager.getUserChallengeQuestion(user, ids[i]);
        if (i == 0) {
            allChallengeQuestions.append(ids[0]);
        } else {
            allChallengeQuestions.append(challengeQuestionSeparator).append(ids[i]);
        }
    }
    ChallengeQuestionsResponse challengeQuestionResponse = new ChallengeQuestionsResponse(questions);
    String secretKey = UUIDGenerator.generateUUID();
    UserRecoveryData recoveryData = new UserRecoveryData(user, secretKey, RecoveryScenarios.QUESTION_BASED_PWD_RECOVERY, RecoverySteps.VALIDATE_ALL_CHALLENGE_QUESTION);
    recoveryData.setRemainingSetIds(allChallengeQuestions.toString());
    challengeQuestionResponse.setCode(secretKey);
    userRecoveryDataStore.store(recoveryData);
    return challengeQuestionResponse;
}
Also used : UserRecoveryData(org.wso2.carbon.identity.recovery.model.UserRecoveryData) ChallengeQuestionsResponse(org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse) UserRecoveryDataStore(org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore) ChallengeQuestionManager(org.wso2.carbon.identity.recovery.ChallengeQuestionManager) IdentityEventException(org.wso2.carbon.identity.event.IdentityEventException) UserFunctionalityManagementClientException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementClientException) UserFunctionalityManagementServerException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementServerException) IdentityException(org.wso2.carbon.identity.base.IdentityException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IdentityRecoveryServerException(org.wso2.carbon.identity.recovery.IdentityRecoveryServerException) IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException) UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) ChallengeQuestion(org.wso2.carbon.identity.recovery.model.ChallengeQuestion)

Example 38 with ChallengeQuestion

use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-governance by wso2-extensions.

the class PostAuthnMissingChallengeQuestionsHandler method getChallengeSetUris.

/**
 * Return a list of challenge questions set URIs for a given user.
 *
 * @param user Authenticated User.
 * @return List of Challenge question sets URI.
 */
private List<String> getChallengeSetUris(AuthenticatedUser user) {
    List<ChallengeQuestion> challengeQuestions = getChallengeQuestions(user);
    HashSet<String> questionSetNames = new HashSet<>();
    if (CollectionUtils.isEmpty(challengeQuestions)) {
        return new ArrayList<>();
    }
    for (ChallengeQuestion question : challengeQuestions) {
        if (StringUtils.isNotBlank(question.getQuestionSetId())) {
            questionSetNames.add(question.getQuestionSetId());
        }
    }
    List<String> challengeSetUriList = new ArrayList<>(questionSetNames);
    Collections.sort(challengeSetUriList);
    return challengeSetUriList;
}
Also used : ArrayList(java.util.ArrayList) ChallengeQuestion(org.wso2.carbon.identity.recovery.model.ChallengeQuestion) HashSet(java.util.HashSet)

Example 39 with ChallengeQuestion

use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project product-is by wso2.

the class ChallengeQuestionManagementAdminServiceTestCase method addChallengeQuestionByLocale.

@Test(groups = "wso2.is", description = "Getting challenge questions of a user", priority = 3, sequential = true)
public void addChallengeQuestionByLocale() throws Exception {
    challengeQuestionsAdminClient = new ChallengeQuestionMgtAdminClient(backendURL, BOB_USERNAME, BOB_PASSWORD);
    ChallengeQuestion[] challengeQuestions = challengeQuestionsAdminClient.getChallengeQuestionsForLocale(SUPER_TENANT, BOB_LOCALE);
    int countBefore = challengeQuestions == null ? 0 : challengeQuestions.length;
    ChallengeQuestion challengeQuestion = new ChallengeQuestion();
    challengeQuestion.setQuestionSetId("newSet1");
    challengeQuestion.setQuestionId("q2");
    challengeQuestion.setQuestion("Challenge Question in xx_YY ????");
    challengeQuestion.setLocale(BOB_LOCALE);
    challengeQuestionsAdminClient.setChallengeQuestions(new ChallengeQuestion[] { challengeQuestion }, SUPER_TENANT);
    int countAfter = challengeQuestionsAdminClient.getChallengeQuestionsForLocale(SUPER_TENANT, BOB_LOCALE).length;
    assertTrue(countBefore + 1 == countAfter, "Adding a new challenge question for locale " + BOB_LOCALE + " failed in " + SUPER_TENANT);
}
Also used : ChallengeQuestionMgtAdminClient(org.wso2.identity.integration.common.clients.challenge.questions.mgt.ChallengeQuestionMgtAdminClient) ChallengeQuestion(org.wso2.carbon.identity.recovery.stub.model.ChallengeQuestion) ISIntegrationTest(org.wso2.identity.integration.common.utils.ISIntegrationTest) Test(org.testng.annotations.Test)

Example 40 with ChallengeQuestion

use of org.wso2.carbon.identity.recovery.model.ChallengeQuestion in project identity-api-server by wso2.

the class ServerChallengeService method patchChallengeSet.

/**
 * Update a specific challenge questions of an existing set
 *
 * @param challengeSetId
 * @param challengeQuestionPatchDTO
 * @return
 */
public boolean patchChallengeSet(String challengeSetId, ChallengeQuestionPatchDTO challengeQuestionPatchDTO) {
    if (!isChallengeSetExists(challengeSetId, ContextLoader.getTenantDomainFromContext())) {
        throw handleError(Response.Status.NOT_FOUND, ChallengeConstant.ErrorMessage.ERROR_CHALLENGE_SET_NOT_EXISTS);
    }
    if (Constants.OPERATION_ADD.equalsIgnoreCase(challengeQuestionPatchDTO.getOperation())) {
        List<ChallengeQuestionDTO> challenges = new ArrayList<>();
        ChallengeQuestionDTO challengeQuestion = challengeQuestionPatchDTO.getChallengeQuestion();
        challenges.add(challengeQuestion);
        List<ChallengeQuestion> questions = buildChallengeQuestions(challenges, challengeSetId);
        ChallengeQuestion[] toPatch = questions.toArray(new ChallengeQuestion[0]);
        try {
            getChallengeQuestionManager().addChallengeQuestions(toPatch, ContextLoader.getTenantDomainFromContext());
        } catch (IdentityRecoveryException e) {
            throw handleIdentityRecoveryException(e, ChallengeConstant.ErrorMessage.ERROR_CODE_ERROR_ADDING_CHALLENGE_QUESTION_TO_A_SET);
        }
    } else {
        throw handleError(Response.Status.NOT_IMPLEMENTED, ChallengeConstant.ErrorMessage.ERROR_CODE_ERROR_OPERATION_NOT_SUPPORTED);
    }
    return true;
}
Also used : ArrayList(java.util.ArrayList) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) ChallengeQuestionDTO(org.wso2.carbon.identity.rest.api.server.challenge.v1.dto.ChallengeQuestionDTO) ChallengeQuestion(org.wso2.carbon.identity.recovery.model.ChallengeQuestion)

Aggregations

ChallengeQuestion (org.wso2.carbon.identity.recovery.model.ChallengeQuestion)26 ArrayList (java.util.ArrayList)14 Test (org.testng.annotations.Test)8 IdentityRecoveryException (org.wso2.carbon.identity.recovery.IdentityRecoveryException)8 UserChallengeAnswer (org.wso2.carbon.identity.recovery.model.UserChallengeAnswer)7 ChallengeQuestion (org.wso2.carbon.identity.recovery.stub.model.ChallengeQuestion)6 UserStoreException (org.wso2.carbon.user.api.UserStoreException)6 HashMap (java.util.HashMap)5 HashSet (java.util.HashSet)5 IdentityRecoveryClientException (org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)5 IdentityException (org.wso2.carbon.identity.base.IdentityException)3 ChallengeQuestionManager (org.wso2.carbon.identity.recovery.ChallengeQuestionManager)3 ChallengeQuestionResponse (org.wso2.carbon.identity.recovery.bean.ChallengeQuestionResponse)3 UserRecoveryData (org.wso2.carbon.identity.recovery.model.UserRecoveryData)3 UserRecoveryDataStore (org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore)3 ChallengeQuestionDTO (org.wso2.carbon.identity.rest.api.server.challenge.v1.dto.ChallengeQuestionDTO)3 ISIntegrationTest (org.wso2.identity.integration.common.utils.ISIntegrationTest)3 Gson (com.google.gson.Gson)2 GsonBuilder (com.google.gson.GsonBuilder)2 Map (java.util.Map)2