Examples with NotificationChannel org.wso2.carbon.identity.recovery.model.NotificationChannel used on opensource projects

Example 1 with NotificationChannel

use of org.wso2.carbon.identity.recovery.model.NotificationChannel in project identity-governance by wso2-extensions.

the class LiteApiServiceImpl method buildSuccessfulAPIResponse.

/**
 * Build response for a successful user self registration.
 *
 * @param notificationResponseBean NotificationResponseBean {@link NotificationResponseBean}
 * @return Response
 */
private Response buildSuccessfulAPIResponse(NotificationResponseBean notificationResponseBean) {
    // Check whether detailed api responses are enabled.
    if (isDetailedResponseBodyEnabled()) {
        String notificationChannel = notificationResponseBean.getNotificationChannel();
        if (NotificationChannels.EXTERNAL_CHANNEL.getChannelType().equals(notificationChannel)) {
            // Handle response when the notifications are externally managed.
            SuccessfulUserCreationExternalResponseDTO successfulUserCreationDTO = buildSuccessResponseForExternalChannel(notificationResponseBean);
            return Response.status(Response.Status.CREATED).entity(successfulUserCreationDTO).build();
        }
        SuccessfulUserCreationDTO successfulUserCreationDTO = buildSuccessResponseForInternalChannels(notificationResponseBean);
        return Response.status(Response.Status.CREATED).entity(successfulUserCreationDTO).build();
    } else {
        if (notificationResponseBean != null) {
            String notificationChannel = notificationResponseBean.getNotificationChannel();
            /*If the notifications are required in the form of legacy response, and notifications are externally
                 managed, the recoveryId should be in the response as text*/
            if (NotificationChannels.EXTERNAL_CHANNEL.getChannelType().equals(notificationChannel)) {
                return Response.status(Response.Status.CREATED).entity(notificationResponseBean.getRecoveryId()).build();
            }
        }
        return Response.status(Response.Status.CREATED).build();
    }
}

Example 2 with NotificationChannel

use of org.wso2.carbon.identity.recovery.model.NotificationChannel in project identity-governance by wso2-extensions.

the class UserSelfRegistrationHandler method isNotificationChannelVerified.

/**
 * Checks whether the notification channel is already verified for the user.
 *
 * @param username            Username
 * @param tenantDomain        Tenant domain
 * @param notificationChannel Notification channel
 * @param eventProperties     Properties related to the event
 * @return True if the channel is already verified.
 */
private boolean isNotificationChannelVerified(String username, String tenantDomain, String notificationChannel, Map<String, Object> eventProperties) throws IdentityRecoveryClientException {
    boolean isEnableAccountLockForVerifiedPreferredChannelEnabled = Boolean.parseBoolean(IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.ENABLE_ACCOUNT_LOCK_FOR_VERIFIED_PREFERRED_CHANNEL));
    if (!isEnableAccountLockForVerifiedPreferredChannelEnabled) {
        if (log.isDebugEnabled()) {
            String message = String.format("SkipAccountLockOnVerifiedPreferredChannel is enabled for user : %s in domain : %s. " + "Checking whether the user is already verified", username, tenantDomain);
            log.debug(message);
        }
        // Get the notification channel which matches the given channel type.
        NotificationChannels channel = getNotificationChannel(username, notificationChannel);
        // Get the matching claim uri for the channel.
        String verifiedClaimUri = channel.getVerifiedClaimUrl();
        // Get the verified status for given channel.
        boolean notificationChannelVerified = Boolean.parseBoolean((String) eventProperties.get(verifiedClaimUri));
        if (notificationChannelVerified) {
            if (log.isDebugEnabled()) {
                String message = String.format("Preferred Notification channel : %1$s is verified for the user : %2$s " + "in domain : %3$s. Therefore, no notifications will be sent.", notificationChannel, username, tenantDomain);
                log.debug(message);
            }
        }
        return notificationChannelVerified;
    }
    return false;
}

Example 3 with NotificationChannel

use of org.wso2.carbon.identity.recovery.model.NotificationChannel in project identity-governance by wso2-extensions.

the class UserAccountRecoveryManager method getExternalNotificationChannelList.

/**
 * Get the notification channel list when the notification channel is external.
 *
 * @return External notification channel information.
 */
private List<NotificationChannel> getExternalNotificationChannelList() {
    NotificationChannel channelDataModel = new NotificationChannel();
    channelDataModel.setType(NotificationChannels.EXTERNAL_CHANNEL.getChannelType());
    List<NotificationChannel> notificationChannels = new ArrayList<>();
    notificationChannels.add(channelDataModel);
    return notificationChannels;
}

Example 4 with NotificationChannel

use of org.wso2.carbon.identity.recovery.model.NotificationChannel in project identity-governance by wso2-extensions.

the class UserAccountRecoveryManager method retrieveUserRecoveryInformation.

/**
 * Initiate the recovery flow for the user with matching claims.
 *
 * @param claims           User claims
 * @param tenantDomain     Tenant domain
 * @param recoveryScenario Recovery scenario
 * @param properties       Meta properties
 * @return RecoveryChannelInfoDTO object.
 */
public RecoveryChannelInfoDTO retrieveUserRecoveryInformation(Map<String, String> claims, String tenantDomain, RecoveryScenarios recoveryScenario, Map<String, String> properties) throws IdentityRecoveryException {
    // Retrieve the user who matches the given set of claims.
    String username = getUsernameByClaims(claims, tenantDomain);
    if (StringUtils.isNotEmpty(username)) {
        User user = Utils.buildUser(username, tenantDomain);
        // If the account is locked or disabled, do not let the user to recover the account.
        checkAccountLockedStatus(user);
        List<NotificationChannel> notificationChannels;
        // Get the notification management mechanism.
        boolean isNotificationsInternallyManaged = Utils.isNotificationsInternallyManaged(tenantDomain, properties);
        /* If the notification is internally managed, then notification channels available for the user needs to
            be retrieved. If external notifications are enabled, external channel list should be returned.*/
        if (isNotificationsInternallyManaged) {
            notificationChannels = getInternalNotificationChannelList(username, tenantDomain, recoveryScenario);
        } else {
            notificationChannels = getExternalNotificationChannelList();
        }
        // Validate whether the user account is eligible for account recovery.
        checkUserValidityForAccountRecovery(user, recoveryScenario, notificationChannels, properties);
        // This flow will be initiated only if the user has any verified channels.
        NotificationChannelDTO[] notificationChannelDTOS = getNotificationChannelsResponseDTOList(tenantDomain, notificationChannels);
        UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
        // Get the existing RESEND_CONFIRMATION_CODE details if there is any.
        UserRecoveryData recoveryDataDO = userRecoveryDataStore.loadWithoutCodeExpiryValidation(user, recoveryScenario, RecoverySteps.RESEND_CONFIRMATION_CODE);
        String recoveryCode = UUIDGenerator.generateUUID();
        String notificationChannelList = getNotificationChannelListForRecovery(notificationChannels);
        /* Check whether the existing confirmation code can be used based on the email confirmation code tolerance
               with the extracted RESEND_CONFIRMATION_CODE details. */
        if (Utils.reIssueExistingConfirmationCode(recoveryDataDO, NotificationChannels.EMAIL_CHANNEL.getChannelType())) {
            /* Update the existing RESEND_CONFIRMATION_CODE details with new code details without changing the
                   time created of the RESEND_CONFIRMATION_CODE. */
            userRecoveryDataStore.invalidateWithoutChangeTimeCreated(recoveryDataDO.getSecret(), recoveryCode, RecoverySteps.SEND_RECOVERY_INFORMATION, notificationChannelList);
        } else {
            addRecoveryDataObject(username, tenantDomain, recoveryCode, recoveryScenario, notificationChannelList);
        }
        return buildUserRecoveryInformationResponseDTO(username, recoveryCode, notificationChannelDTOS);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("No valid user found for the given claims");
        }
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_USER_FOUND, null);
    }
}

Example 5 with NotificationChannel

use of org.wso2.carbon.identity.recovery.model.NotificationChannel in project identity-governance by wso2-extensions.

the class UserAccountRecoveryManager method checkUserValidityForAccountRecovery.

/**
 * Check whether the user account is eligible for account recovery.
 *
 * @param user                         The user.
 * @param recoveryScenario             Account recovery scenario.
 * @param recoveryNotificationChannels Notification channel.
 * @param metaProperties               Meta details.
 * @throws IdentityRecoveryException If account doesn't satisfy the conditions to recover.
 */
private void checkUserValidityForAccountRecovery(User user, RecoveryScenarios recoveryScenario, List<NotificationChannel> recoveryNotificationChannels, Map<String, String> metaProperties) throws IdentityRecoveryException {
    HashMap<String, Object> properties = new HashMap<>();
    properties.put(IdentityEventConstants.EventProperty.USER, user);
    properties.put(IdentityEventConstants.EventProperty.USER_STORE_MANAGER, getUserStoreManager(user));
    properties.put(IdentityEventConstants.EventProperty.RECOVERY_SCENARIO, recoveryScenario);
    properties.put(IdentityEventConstants.EventProperty.NOTIFICATION_CHANNEL, recoveryNotificationChannels);
    if (MapUtils.isNotEmpty(metaProperties)) {
        for (Map.Entry<String, String> metaProperty : metaProperties.entrySet()) {
            if (StringUtils.isNotBlank(metaProperty.getValue()) && StringUtils.isNotBlank(metaProperty.getKey())) {
                properties.put(metaProperty.getKey(), metaProperty.getValue());
            }
        }
    }
    Event identityMgtEvent = new Event(IdentityEventConstants.Event.PRE_ACCOUNT_RECOVERY, properties);
    try {
        IdentityRecoveryServiceDataHolder.getInstance().getIdentityEventService().handleEvent(identityMgtEvent);
    } catch (IdentityEventException e) {
        if (log.isDebugEnabled()) {
            log.debug("Error occurred while validating user account " + user.getUserName() + " for account recovery.");
        }
        String errorMessage = e.getMessage();
        String errorCode = IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_USER_ACCOUNT_RECOVERY_VALIDATION_FAILED.getCode();
        if (USERNAME_RECOVERY.equals(recoveryScenario)) {
            errorCode = IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_USERNAME_RECOVERY_VALIDATION_FAILED.getCode();
        } else if (NOTIFICATION_BASED_PW_RECOVERY.equals(recoveryScenario) || QUESTION_BASED_PWD_RECOVERY.equals(recoveryScenario)) {
            errorCode = IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_PASSWORD_RECOVERY_VALIDATION_FAILED.getCode();
        }
        throw Utils.handleClientException(errorCode, errorMessage, user.getUserName());
    }
}