Examples with UserRecoveryDataStore org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore used on opensource projects

Example 36 with UserRecoveryDataStore

use of org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore in project identity-governance by wso2-extensions.

the class MobileNumberVerificationHandler method initNotificationForMobileNumberVerificationOnUpdate.

/**
 * Store verification details in the recovery data store and initiate notification.
 *
 * @param user  User.
 * @param verificationPendingMobileNumber Updated mobile number that is pending verification.
 * @throws IdentityEventException
 */
private void initNotificationForMobileNumberVerificationOnUpdate(User user, String verificationPendingMobileNumber) throws IdentityEventException {
    UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
    try {
        userRecoveryDataStore.invalidate(user, RecoveryScenarios.MOBILE_VERIFICATION_ON_UPDATE, RecoverySteps.VERIFY_MOBILE_NUMBER);
        String secretKey = Utils.generateSecretKey(NotificationChannels.SMS_CHANNEL.getChannelType(), user.getTenantDomain(), String.valueOf(RecoveryScenarios.MOBILE_VERIFICATION_ON_UPDATE));
        UserRecoveryData recoveryDataDO = new UserRecoveryData(user, secretKey, RecoveryScenarios.MOBILE_VERIFICATION_ON_UPDATE, RecoverySteps.VERIFY_MOBILE_NUMBER);
        /* Mobile number is persisted in remaining set ids to maintain context information about the mobile number
            associated with the verification code generated. */
        recoveryDataDO.setRemainingSetIds(verificationPendingMobileNumber);
        userRecoveryDataStore.store(recoveryDataDO);
        triggerNotification(user, secretKey, Utils.getArbitraryProperties(), verificationPendingMobileNumber);
    } catch (IdentityRecoveryException e) {
        throw new IdentityEventException("Error while sending notification to user: " + user.toFullQualifiedUsername() + " for mobile verification on update.", e);
    }
}

Example 37 with UserRecoveryDataStore

use of org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore in project identity-governance by wso2-extensions.

the class UserEmailVerificationHandler method setRecoveryData.

protected void setRecoveryData(User user, Enum recoveryScenario, Enum recoveryStep, String secretKey) throws IdentityEventException {
    UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
    try {
        userRecoveryDataStore.invalidate(user);
        UserRecoveryData recoveryDataDO = new UserRecoveryData(user, secretKey, recoveryScenario, recoveryStep);
        userRecoveryDataStore.store(recoveryDataDO);
    } catch (IdentityRecoveryException e) {
        throw new IdentityEventException("Error while setting recovery data for user ", e);
    }
}

Example 38 with UserRecoveryDataStore

use of org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore in project identity-governance by wso2-extensions.

the class UserEmailVerificationHandler method initNotificationForEmailVerificationOnUpdate.

private void initNotificationForEmailVerificationOnUpdate(User user, String secretKey, String verificationPendingEmailAddress) throws IdentityEventException {
    UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
    try {
        userRecoveryDataStore.invalidate(user, RecoveryScenarios.EMAIL_VERIFICATION_ON_UPDATE, RecoverySteps.VERIFY_EMAIL);
        UserRecoveryData recoveryDataDO = new UserRecoveryData(user, secretKey, RecoveryScenarios.EMAIL_VERIFICATION_ON_UPDATE, RecoverySteps.VERIFY_EMAIL);
        /* Email address persisted in remaining set ids to maintain context information about the email address
            associated with the verification code generated. */
        recoveryDataDO.setRemainingSetIds(verificationPendingEmailAddress);
        userRecoveryDataStore.store(recoveryDataDO);
        triggerNotification(user, IdentityRecoveryConstants.NOTIFICATION_TYPE_VERIFY_EMAIL_ON_UPDATE, secretKey, Utils.getArbitraryProperties(), verificationPendingEmailAddress, recoveryDataDO);
    } catch (IdentityRecoveryException e) {
        throw new IdentityEventException("Error while sending notification for user: " + user.toFullQualifiedUsername(), e);
    }
}

Example 39 with UserRecoveryDataStore

use of org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore in project identity-governance by wso2-extensions.

the class AccountConfirmationValidationHandler method getRecoveryData.

private UserRecoveryData getRecoveryData(User user) throws IdentityEventException {
    UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
    UserRecoveryData recoveryData;
    try {
        recoveryData = userRecoveryDataStore.loadWithoutCodeExpiryValidation(user);
    } catch (IdentityRecoveryException e) {
        throw new IdentityEventException("Error while loading recovery data for user ", e);
    }
    return recoveryData;
}

Example 40 with UserRecoveryDataStore

use of org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore in project identity-api-server by wso2.

the class ServerTenantManagementService method validateInputAgainstCode.

/**
 * Validate details attached to the code sent in email verification with the sent in details.
 * @param tenant tenant
 * @throws TenantManagementClientException error in validating code
 */
private void validateInputAgainstCode(ChannelVerifiedTenantModel tenant) throws TenantManagementClientException {
    String code = tenant.getCode();
    if (StringUtils.isBlank(code)) {
        throw new TenantManagementClientException(ERROR_CODE_MISSING_REQUIRED_PARAMETER.getCode(), String.format(ERROR_CODE_MISSING_REQUIRED_PARAMETER.getMessage(), CODE));
    }
    UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
    // If the code is validated, the load method will return data. Otherwise method will throw exceptions.
    try {
        UserRecoveryData recoveryData = userRecoveryDataStore.load(code);
        if (recoveryData != null && recoveryData.getUser() != null && tenant.getOwners() != null && tenant.getOwners().get(0) != null && tenant.getOwners().get(0).getEmail() != null && tenant.getOwners().get(0).getEmail().equalsIgnoreCase(recoveryData.getUser().getUserName())) {
            userRecoveryDataStore.invalidate(code);
            return;
        } else {
            // the confirmed email using the code and submitted emails are different.
            userRecoveryDataStore.invalidate(code);
            log.warn("The confirmed email using the code and submitted emails are different.");
            throw new TenantManagementClientException(ERROR_CODE_INVALID_EMAIL.getCode(), String.format(ERROR_CODE_INVALID_EMAIL.getMessage(), CODE));
        }
    } catch (IdentityRecoveryException e) {
        throw handleException(Response.Status.UNAUTHORIZED, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_VALIDATING_TENANT_CODE, null);
    }
}