use of org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager in project identity-governance by wso2-extensions.
the class SetPasswordApiServiceImpl method setPasswordPost.
@Override
public Response setPasswordPost(ResetPasswordRequestDTO resetPasswordRequest) {
NotificationPasswordRecoveryManager notificationPasswordRecoveryManager = RecoveryUtil.getNotificationBasedPwdRecoveryManager();
User user = null;
try {
user = notificationPasswordRecoveryManager.updateUserPassword(resetPasswordRequest.getKey(), resetPasswordRequest.getPassword(), RecoveryUtil.getProperties(resetPasswordRequest.getProperties()));
} catch (IdentityRecoveryClientException e) {
if (LOG.isDebugEnabled()) {
LOG.debug("Client Error while resetting password ", e);
}
if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_HISTORY_VIOLATE.getCode().equals(e.getErrorCode())) {
RetryErrorDTO errorDTO = new RetryErrorDTO();
errorDTO.setCode(e.getErrorCode());
errorDTO.setMessage(e.getMessage());
errorDTO.setDescription(e.getMessage());
errorDTO.setKey(resetPasswordRequest.getKey());
return Response.status(Response.Status.PRECONDITION_FAILED).entity(errorDTO).build();
}
RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
} catch (IdentityRecoveryException e) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
} catch (Throwable throwable) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
}
return Response.ok(RecoveryUtil.getUserDTO(user)).build();
}
use of org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager in project identity-governance by wso2-extensions.
the class RecoverPasswordApiServiceImplTest method testRecoverPasswordPost.
@Test
public void testRecoverPasswordPost() throws IdentityRecoveryException {
mockedIdentityTenantUtil.when(() -> IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
mockedRecoveryUtil.when(RecoveryUtil::getNotificationBasedPwdRecoveryManager).thenReturn(notificationPasswordRecoveryManager);
ResolvedUserResult resolvedUserResult = new ResolvedUserResult(ResolvedUserResult.UserResolvedStatus.FAIL);
Mockito.when(notificationPasswordRecoveryManager.sendRecoveryNotification(isNull(), anyString(), anyBoolean(), isNull())).thenReturn(notificationResponseBean);
mockedFrameworkUtils.when(() -> FrameworkUtils.processMultiAttributeLoginIdentification(anyString(), anyString())).thenReturn(resolvedUserResult);
assertEquals(recoverPasswordApiService.recoverPasswordPost(buildRecoveryInitiatingRequestDTO(), "", true).getStatus(), 202);
}
use of org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager in project identity-governance by wso2-extensions.
the class RecoverPasswordApiServiceImpl method recoverPasswordPost.
@Override
public Response recoverPasswordPost(RecoveryInitiatingRequestDTO recoveryInitiatingRequest, String type, Boolean notify) {
String tenantDomainFromContext = (String) IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT);
if (StringUtils.isNotBlank(tenantDomainFromContext)) {
recoveryInitiatingRequest.getUser().setTenantDomain(tenantDomainFromContext);
} else {
recoveryInitiatingRequest.getUser().setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
}
UserDTO user = recoveryInitiatingRequest.getUser();
int tenantIdFromContext = IdentityTenantUtil.getTenantId(user.getTenantDomain());
ResolvedUserResult resolvedUserResult = FrameworkUtils.processMultiAttributeLoginIdentification(user.getUsername(), user.getTenantDomain());
if (resolvedUserResult != null && ResolvedUserResult.UserResolvedStatus.SUCCESS.equals(resolvedUserResult.getResolvedStatus())) {
user.setUsername(resolvedUserResult.getUser().getUsername());
UserDTO userDTO = recoveryInitiatingRequest.getUser();
userDTO.setUsername(user.getUsername());
recoveryInitiatingRequest.setUser(userDTO);
}
NotificationPasswordRecoveryManager notificationPasswordRecoveryManager = RecoveryUtil.getNotificationBasedPwdRecoveryManager();
NotificationResponseBean notificationResponseBean = null;
try {
notificationResponseBean = notificationPasswordRecoveryManager.sendRecoveryNotification(RecoveryUtil.getUser(recoveryInitiatingRequest.getUser()), type, notify, RecoveryUtil.getProperties(recoveryInitiatingRequest.getProperties()));
} catch (IdentityRecoveryClientException e) {
if (LOG.isDebugEnabled()) {
LOG.debug("Client Error while sending recovery notification ", e);
}
RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
} catch (IdentityRecoveryException e) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
} catch (Throwable throwable) {
if (throwable != null && StringUtils.equals(Constants.ERROR_MESSAGE_EMAIL_NOT_FOUND, throwable.getMessage())) {
LOG.error(throwable.getMessage(), throwable);
RecoveryUtil.handleBadRequest(throwable.getMessage(), Constants.ERROR_CODE_EMAIL_NOT_FOUND);
}
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
}
if (StringUtils.isBlank(notificationResponseBean.getKey())) {
return Response.accepted().build();
}
return Response.accepted(notificationResponseBean.getKey()).build();
}
use of org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager in project identity-governance by wso2-extensions.
the class ValidateCodeApiServiceImpl method validateCodePost.
@Override
public Response validateCodePost(CodeValidationRequestDTO codeValidationRequestDTO) {
User user = null;
try {
NotificationPasswordRecoveryManager notificationPasswordRecoveryManager = RecoveryUtil.getNotificationBasedPwdRecoveryManager();
user = notificationPasswordRecoveryManager.getValidatedUser(codeValidationRequestDTO.getCode(), codeValidationRequestDTO.getStep());
} catch (IdentityRecoveryClientException e) {
if (LOG.isDebugEnabled()) {
LOG.debug("Client Error while validating the confirmation code ", e);
}
RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
} catch (IdentityRecoveryException e) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
} catch (Throwable throwable) {
RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
}
return Response.accepted(RecoveryUtil.getUserDTO(user)).build();
}
use of org.wso2.carbon.identity.recovery.password.NotificationPasswordRecoveryManager in project identity-governance by wso2-extensions.
the class PasswordRecoveryManagerImpl method reset.
/**
* Reset the password for password recovery, if the password reset code is valid.
*
* @param resetCode Password reset code
* @param password New password
* @param properties Properties
* @return SuccessfulPasswordResetDTO {@link SuccessfulPasswordResetDTO} object which contain the information
* for a successful password update
* @throws IdentityRecoveryException Error while resetting the password
*/
@Override
public SuccessfulPasswordResetDTO reset(String resetCode, char[] password, Map<String, String> properties) throws IdentityRecoveryException {
// Validate the password.
if (ArrayUtils.isEmpty(password)) {
throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_PASSWORD_IN_REQUEST.getCode(), IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_PASSWORD_IN_REQUEST.getMessage(), null);
}
String newPassword = String.valueOf(password);
NotificationPasswordRecoveryManager notificationPasswordRecoveryManager = NotificationPasswordRecoveryManager.getInstance();
Property[] metaProperties = buildPropertyList(null, properties);
try {
notificationPasswordRecoveryManager.updatePassword(resetCode, newPassword, metaProperties);
} catch (IdentityRecoveryServerException e) {
String errorCode = Utils.prependOperationScenarioToErrorCode(e.getErrorCode(), IdentityRecoveryConstants.PASSWORD_RECOVERY_SCENARIO);
throw Utils.handleServerException(errorCode, e.getMessage(), null);
} catch (IdentityRecoveryClientException e) {
throw mapClientExceptionWithImprovedErrorCodes(e);
} catch (IdentityEventException e) {
if (log.isDebugEnabled()) {
log.debug("PasswordRecoveryManagerImpl: Error while resetting password ", e);
}
throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED_ERROR_PASSWORD_RESET.getCode(), IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED_ERROR_PASSWORD_RESET.getMessage(), null);
}
return buildSuccessfulPasswordUpdateDTO();
}
Aggregations