Search in sources :

Example 1 with SecurityQuestionPasswordRecoveryManager

use of org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager in project identity-governance by wso2-extensions.

the class SecurityQuestionApiServiceImpl method securityQuestionGet.

@Override
public Response securityQuestionGet(String username, String realm, String tenantDomain) {
    if (IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT) != null) {
        tenantDomain = (String) IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT);
    }
    User user = new User();
    user.setUserName(username);
    if (StringUtils.isNotBlank(realm)) {
        user.setUserStoreDomain(realm);
    } else {
        user.setUserStoreDomain(UserStoreConfigConstants.PRIMARY);
    }
    if (StringUtils.isBlank(tenantDomain)) {
        user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    } else {
        user.setTenantDomain(tenantDomain);
    }
    int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
    if (StringUtils.isBlank(realm)) {
        String[] userList = RecoveryUtil.getUserList(tenantId, username);
        if (ArrayUtils.isEmpty(userList)) {
            String msg = "Unable to find an user with username: " + username + " in the system.";
            LOG.error(msg);
        } else if (userList.length == 1) {
            user.setUserStoreDomain(IdentityUtil.extractDomainFromName(userList[0]));
        } else {
            String msg = "There are multiple users with username: " + username + " in the system, " + "please send the correct user-store domain along with the username.";
            LOG.error(msg);
            RecoveryUtil.handleBadRequest(msg, Constants.ERROR_CODE_MULTIPLE_USERS_MATCHING);
        }
    }
    InitiateQuestionResponseDTO initiateQuestionResponseDTO = null;
    SecurityQuestionPasswordRecoveryManager securityQuestionBasedPwdRecoveryManager = RecoveryUtil.getSecurityQuestionBasedPwdRecoveryManager();
    try {
        ChallengeQuestionResponse challengeQuestionResponse = securityQuestionBasedPwdRecoveryManager.initiateUserChallengeQuestion(user);
        initiateQuestionResponseDTO = RecoveryUtil.getInitiateQuestionResponseDTO(challengeQuestionResponse);
    } catch (IdentityRecoveryClientException e) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Client Error while initiating password recovery flow using security questions ", e);
        }
        if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND.getCode().equals(e.getErrorCode())) {
            return Response.noContent().build();
        }
        RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
    } catch (IdentityRecoveryException e) {
        RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
    } catch (Throwable throwable) {
        RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
    }
    return Response.accepted(initiateQuestionResponseDTO).build();
}
Also used : User(org.wso2.carbon.identity.application.common.model.User) ChallengeQuestionResponse(org.wso2.carbon.identity.recovery.bean.ChallengeQuestionResponse) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) InitiateQuestionResponseDTO(org.wso2.carbon.identity.recovery.endpoint.dto.InitiateQuestionResponseDTO) SecurityQuestionPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager) IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)

Example 2 with SecurityQuestionPasswordRecoveryManager

use of org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager in project identity-governance by wso2-extensions.

the class ValidateAnswerApiServiceImpl method validateAnswerPost.

@Override
public Response validateAnswerPost(AnswerVerificationRequestDTO answerVerificationRequest) {
    SecurityQuestionPasswordRecoveryManager securityQuestionBasedPwdRecoveryManager = RecoveryUtil.getSecurityQuestionBasedPwdRecoveryManager();
    ChallengeQuestionResponse challengeQuestion = null;
    try {
        challengeQuestion = securityQuestionBasedPwdRecoveryManager.validateUserChallengeQuestions(RecoveryUtil.getUserChallengeAnswers(answerVerificationRequest.getAnswers()), answerVerificationRequest.getKey(), RecoveryUtil.getProperties(answerVerificationRequest.getProperties()));
    } catch (IdentityRecoveryClientException e) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Client Error while verifying challenge answers in recovery flow", e);
        }
        if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_ANSWER_FOR_SECURITY_QUESTION.getCode().equals(e.getErrorCode())) {
            RetryErrorDTO errorDTO = new RetryErrorDTO();
            errorDTO.setCode(e.getErrorCode());
            errorDTO.setMessage(e.getMessage());
            errorDTO.setDescription(e.getMessage());
            errorDTO.setKey(answerVerificationRequest.getKey());
            return Response.status(Response.Status.PRECONDITION_FAILED).entity(errorDTO).build();
        }
        RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
    } catch (IdentityRecoveryException e) {
        RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
    } catch (Throwable throwable) {
        RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
    }
    return Response.ok(RecoveryUtil.getInitiateQuestionResponseDTO(challengeQuestion)).build();
}
Also used : RetryErrorDTO(org.wso2.carbon.identity.recovery.endpoint.dto.RetryErrorDTO) ChallengeQuestionResponse(org.wso2.carbon.identity.recovery.bean.ChallengeQuestionResponse) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) SecurityQuestionPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager) IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)

Example 3 with SecurityQuestionPasswordRecoveryManager

use of org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager in project identity-governance by wso2-extensions.

the class ValidateAnswerApiServiceImplTest method testIdentityRecoveryExceptionforValidateAnswerPost.

@Test
public void testIdentityRecoveryExceptionforValidateAnswerPost() throws IdentityRecoveryException {
    mockedRecoveryUtil.when(RecoveryUtil::getSecurityQuestionBasedPwdRecoveryManager).thenReturn(securityQuestionPasswordRecoveryManager);
    Mockito.when(securityQuestionPasswordRecoveryManager.validateUserChallengeQuestions(any(UserChallengeAnswer[].class), anyString(), any(Property[].class))).thenThrow(new IdentityRecoveryException(""));
    assertEquals(validateAnswerApiService.validateAnswerPost(buildAnswerVerificationRequestDTO()).getStatus(), 200);
}
Also used : IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) Test(org.testng.annotations.Test)

Example 4 with SecurityQuestionPasswordRecoveryManager

use of org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager in project identity-governance by wso2-extensions.

the class SecurityQuestionsApiServiceImpl method securityQuestionsGet.

@Override
public Response securityQuestionsGet(String username, String realm, String tenantDomain) {
    if (IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT) != null) {
        tenantDomain = (String) IdentityUtil.threadLocalProperties.get().get(Constants.TENANT_NAME_FROM_CONTEXT);
    }
    User user = new User();
    user.setUserName(username);
    if (StringUtils.isBlank(tenantDomain)) {
        user.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    } else {
        user.setTenantDomain(tenantDomain);
    }
    int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
    if (StringUtils.isBlank(realm)) {
        String[] userList = RecoveryUtil.getUserList(tenantId, username);
        if (ArrayUtils.isEmpty(userList)) {
            String msg = "Unable to find an user with username: " + username + " in the system.";
            LOG.error(msg);
        } else if (userList.length == 1) {
            user.setUserStoreDomain(IdentityUtil.extractDomainFromName(userList[0]));
        } else {
            String msg = "There are multiple users with username: " + username + " in the system, " + "please send the correct user-store domain along with the username.";
            LOG.error(msg);
            RecoveryUtil.handleBadRequest(msg, Constants.ERROR_CODE_MULTIPLE_USERS_MATCHING);
        }
    }
    InitiateAllQuestionResponseDTO initiateAllQuestionResponseDTO = null;
    SecurityQuestionPasswordRecoveryManager securityQuestionBasedPwdRecoveryManager = RecoveryUtil.getSecurityQuestionBasedPwdRecoveryManager();
    try {
        ChallengeQuestionsResponse challengeQuestionResponse = securityQuestionBasedPwdRecoveryManager.initiateUserChallengeQuestionAtOnce(user);
        initiateAllQuestionResponseDTO = RecoveryUtil.getInitiateQuestionResponseDTO(challengeQuestionResponse);
    } catch (IdentityRecoveryClientException e) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Client Error while initiating password recovery flow at once using security questions ", e);
        }
        if (IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND.getCode().equals(e.getErrorCode())) {
            return Response.noContent().build();
        }
        RecoveryUtil.handleBadRequest(e.getMessage(), e.getErrorCode());
    } catch (IdentityRecoveryException e) {
        RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, e.getErrorCode(), LOG, e);
    } catch (Throwable throwable) {
        RecoveryUtil.handleInternalServerError(Constants.SERVER_ERROR, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED.getCode(), LOG, throwable);
    }
    return Response.ok(initiateAllQuestionResponseDTO).build();
}
Also used : User(org.wso2.carbon.identity.application.common.model.User) InitiateAllQuestionResponseDTO(org.wso2.carbon.identity.recovery.endpoint.dto.InitiateAllQuestionResponseDTO) ChallengeQuestionsResponse(org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse) IdentityRecoveryException(org.wso2.carbon.identity.recovery.IdentityRecoveryException) SecurityQuestionPasswordRecoveryManager(org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager) IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)

Example 5 with SecurityQuestionPasswordRecoveryManager

use of org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager in project identity-governance by wso2-extensions.

the class ValidateAnswerApiServiceImplTest method testIdentityRecoveryClientExceptionforValidateAnswerPost.

@Test
public void testIdentityRecoveryClientExceptionforValidateAnswerPost() throws IdentityRecoveryException {
    mockedRecoveryUtil.when(RecoveryUtil::getSecurityQuestionBasedPwdRecoveryManager).thenReturn(securityQuestionPasswordRecoveryManager);
    Mockito.when(securityQuestionPasswordRecoveryManager.validateUserChallengeQuestions(any(UserChallengeAnswer[].class), anyString(), any(Property[].class))).thenThrow(new IdentityRecoveryClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_ANSWER_FOR_SECURITY_QUESTION.toString(), ""));
    assertEquals(validateAnswerApiService.validateAnswerPost(buildAnswerVerificationRequestDTO()).getStatus(), 200);
}
Also used : IdentityRecoveryClientException(org.wso2.carbon.identity.recovery.IdentityRecoveryClientException) Test(org.testng.annotations.Test)

Aggregations

IdentityRecoveryClientException (org.wso2.carbon.identity.recovery.IdentityRecoveryClientException)5 IdentityRecoveryException (org.wso2.carbon.identity.recovery.IdentityRecoveryException)4 Test (org.testng.annotations.Test)3 SecurityQuestionPasswordRecoveryManager (org.wso2.carbon.identity.recovery.password.SecurityQuestionPasswordRecoveryManager)3 User (org.wso2.carbon.identity.application.common.model.User)2 ChallengeQuestionResponse (org.wso2.carbon.identity.recovery.bean.ChallengeQuestionResponse)2 ChallengeQuestionsResponse (org.wso2.carbon.identity.recovery.bean.ChallengeQuestionsResponse)1 InitiateAllQuestionResponseDTO (org.wso2.carbon.identity.recovery.endpoint.dto.InitiateAllQuestionResponseDTO)1 InitiateQuestionResponseDTO (org.wso2.carbon.identity.recovery.endpoint.dto.InitiateQuestionResponseDTO)1 RetryErrorDTO (org.wso2.carbon.identity.recovery.endpoint.dto.RetryErrorDTO)1