use of org.wso2.carbon.identity.user.endpoint.dto.UserDTO in project carbon-identity-framework by wso2.
the class RecoveryProcessor method verifyConfirmationCode.
/**
* This method is used to verify the confirmation code supplied by user. This invalidates
* the current code and generates a new code and send to user.
*
* @param sequence TODO
* @param username TODO
* @param code
* @param userDto
* @return
* @throws IdentityException
*/
public VerificationBean verifyConfirmationCode(int sequence, String username, String code) throws IdentityException {
UserRecoveryDataDO dataDO = null;
String internalCode = getUserInternalCodeStr(sequence, username, code);
try {
dataDO = dataStore.load(internalCode);
if (dataDO != null && sequence != 2 && sequence != 40) {
if (dataStore instanceof RegistryRecoveryDataStore) {
dataStore.invalidate(internalCode);
} else {
dataStore.invalidate(dataDO);
}
}
} catch (IdentityException e) {
throw IdentityException.error("Error loading recovery data for user : " + username, e);
}
if (dataDO == null && (sequence == 30 || sequence == 20)) {
return new VerificationBean(false);
}
if (dataDO == null) {
throw IdentityException.error("Invalid confirmation code");
}
if (!dataDO.isValid()) {
throw IdentityException.error("Expired code");
} else {
return new VerificationBean(true);
}
}
use of org.wso2.carbon.identity.user.endpoint.dto.UserDTO in project carbon-identity-framework by wso2.
the class UserIdentityManagementService method verifyChallengeQuestion.
/**
* verify challenge questions
*
* @return verification results as been
* @throws IdentityException if any error occurs
*/
public VerificationBean verifyChallengeQuestion(String userName, String confirmation, UserChallengesDTO[] userChallengesDTOs) throws IdentityMgtServiceException {
VerificationBean bean = new VerificationBean();
bean.setVerified(false);
RecoveryProcessor recoveryProcessor = IdentityMgtServiceComponent.getRecoveryProcessor();
if (userChallengesDTOs == null || userChallengesDTOs.length < 1) {
log.error("no challenges provided by user for verifications.");
bean.setError("no challenges provided by user for verifications.");
return bean;
}
UserDTO userDTO = null;
try {
userDTO = Utils.processUserId(userName);
} catch (IdentityException e) {
throw new IdentityMgtServiceException("Invalid user name.", e);
}
if (recoveryProcessor.verifyConfirmationKey(confirmation).isVerified()) {
log.warn("Invalid user is trying to verify user challenges.");
bean.setError("Invalid user is trying to verify user challenges.");
return bean;
}
ChallengeQuestionProcessor processor = recoveryProcessor.getQuestionProcessor();
boolean verification = processor.verifyChallengeQuestion(userDTO.getUserId(), userDTO.getTenantId(), userChallengesDTOs);
if (verification) {
String code = UUID.randomUUID().toString();
try {
recoveryProcessor.createConfirmationCode(userDTO, code);
} catch (IdentityException e) {
log.error("Error while creating confirmation code.", e);
}
bean = new VerificationBean(userName, code);
}
return bean;
}
use of org.wso2.carbon.identity.user.endpoint.dto.UserDTO in project carbon-identity-framework by wso2.
the class UserIdentityManagementService method processPasswordRecovery.
/**
* process password recovery for given user
*
* @return recovery process success or not
* @throws IdentityException if fails
*/
public boolean processPasswordRecovery(String userId, String confirmationCode, String notificationType) throws IdentityMgtServiceException {
UserDTO userDTO = null;
try {
userDTO = Utils.processUserId(userId);
} catch (IdentityException e) {
throw new IdentityMgtServiceException("invalid user name", e);
}
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
VerificationBean bean = processor.verifyConfirmationKey(confirmationCode);
if (!bean.isVerified()) {
log.warn("Invalid user is trying to recover the password : " + userId);
return false;
}
UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
dto.setNotification(IdentityMgtConstants.Notification.PASSWORD_RESET_RECOVERY);
dto.setNotificationType(notificationType);
NotificationDataDTO dataDTO = null;
try {
dataDTO = processor.recoverWithNotification(dto);
} catch (IdentityException e) {
throw new IdentityMgtServiceException("Error while password recovery.", e);
}
return dataDTO.isNotificationSent();
}
use of org.wso2.carbon.identity.user.endpoint.dto.UserDTO in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method resendSignUpConfiramtionCode.
/**
* This method is used to resend selef sign up confiration code when user is not recieved email properly
*
* @param userName
* @param code
* @param profileName
* @param tenantDomain
* @return
* @throws IdentityMgtServiceException
*/
public VerificationBean resendSignUpConfiramtionCode(String userName, String code, String profileName, String tenantDomain) throws IdentityMgtServiceException {
VerificationBean vBean = new VerificationBean();
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
if (!IdentityMgtConfig.getInstance().isSaasEnabled()) {
String loggedInTenant = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (tenantDomain != null && !tenantDomain.isEmpty() && !loggedInTenant.equals(tenantDomain)) {
String msg = "Trying to resend self sign up code in unauthorized tenant space";
log.error(msg);
throw new IdentityMgtServiceException(msg);
}
if (tenantDomain == null || tenantDomain.isEmpty()) {
tenantDomain = loggedInTenant;
}
}
int tenantId;
try {
tenantId = Utils.getTenantId(tenantDomain);
} catch (IdentityException e) {
vBean = handleError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error while resending confirmation code", e);
return vBean;
}
try {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(tenantId);
carbonContext.setTenantDomain(tenantDomain);
}
try {
vBean = processor.verifyConfirmationCode(1, userName, code);
if (!vBean.isVerified()) {
vBean.setError(VerificationBean.ERROR_CODE_INVALID_CODE);
return vBean;
}
} catch (IdentityException e) {
vBean = handleError("Error while validating confirmation code for user : " + userName, e);
return vBean;
}
try {
String listenerClassName = IdentityMgtConfig.getInstance().getProperty(IdentityMgtConstants.PropertyConfig.IDENTITY_MGT_LISTENER_CLASS);
if (StringUtils.isBlank(listenerClassName)) {
listenerClassName = IdentityMgtEventListener.class.getName();
}
IdentityEventListenerConfig identityEventListenerConfig = IdentityUtil.readEventListenerProperty(UserOperationEventListener.class.getName(), listenerClassName);
boolean isListenerEnable = true;
if (identityEventListenerConfig != null) {
if (StringUtils.isNotBlank(identityEventListenerConfig.getEnable())) {
isListenerEnable = Boolean.parseBoolean(identityEventListenerConfig.getEnable());
}
}
IdentityMgtConfig config = IdentityMgtConfig.getInstance();
if (isListenerEnable && config.isAuthPolicyAccountLockOnCreation()) {
UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
userDTO.setTenantId(tenantId);
UserRecoveryDTO dto = new UserRecoveryDTO(userDTO);
dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_CONFORM);
dto.setNotificationType("EMAIL");
vBean = processor.updateConfirmationCode(1, userName, tenantId);
dto.setConfirmationCode(vBean.getKey());
NotificationDataDTO notificationDto = processor.notifyWithEmail(dto);
vBean.setVerified(notificationDto.isNotificationSent());
// Send email data only if not internally managed.
if (!(IdentityMgtConfig.getInstance().isNotificationInternallyManaged())) {
vBean.setNotificationData(notificationDto);
}
} else {
vBean.setVerified(true);
}
} catch (IdentityException e) {
vBean = UserIdentityManagementUtil.getCustomErrorMessagesWhenRegistering(e, userName);
return vBean;
}
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return vBean;
}
use of org.wso2.carbon.identity.user.endpoint.dto.UserDTO in project carbon-identity-framework by wso2.
the class UserInformationRecoveryService method getUserChallengeQuestionIds.
public ChallengeQuestionIdsDTO getUserChallengeQuestionIds(String username, String confirmation) throws IdentityMgtServiceException {
UserDTO userDTO = null;
ChallengeQuestionIdsDTO idsDTO = new ChallengeQuestionIdsDTO();
if (log.isDebugEnabled()) {
log.debug("User challenge questions id request received with username: " + username);
}
try {
userDTO = Utils.processUserId(username);
} catch (IdentityException e) {
idsDTO = handleChallengeIdError(VerificationBean.ERROR_CODE_INVALID_USER + " Error validating user : " + username, e);
return idsDTO;
}
try {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantId(userDTO.getTenantId());
carbonContext.setTenantDomain(userDTO.getTenantDomain());
}
RecoveryProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor();
VerificationBean bean = null;
try {
bean = processor.verifyConfirmationCode(1, userDTO.getUserId(), confirmation);
if (bean.isVerified()) {
bean = processor.updateConfirmationCode(20, userDTO.getUserId(), userDTO.getTenantId());
} else {
bean.setVerified(false);
}
} catch (IdentityException e1) {
idsDTO = UserIdentityManagementUtil.getCustomErrorMessagesForChallengeQuestionIds(e1, username);
if (idsDTO == null) {
idsDTO = handleChallengeIdError(VerificationBean.ERROR_CODE_UNEXPECTED + " Error when validating " + "code", e1);
}
return idsDTO;
}
if (bean.isVerified()) {
try {
idsDTO = processor.getQuestionProcessor().getUserChallengeQuestionIds(userDTO.getUserId(), userDTO.getTenantId());
idsDTO.setKey(bean.getKey());
if (log.isDebugEnabled()) {
log.debug("User challenge question response successful for user: " + username);
}
} catch (Exception e) {
idsDTO = handleChallengeIdError(VerificationBean.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND + " Error when getting user challenge questions for user : " + username, e);
return idsDTO;
}
} else {
String msg = "Verification failed for user. Error : " + bean.getError();
log.error(msg);
idsDTO.setError(VerificationBean.ERROR_CODE_UNEXPECTED + " " + msg);
idsDTO.setKey("");
}
} finally {
if (IdentityMgtConfig.getInstance().isSaasEnabled()) {
PrivilegedCarbonContext.endTenantFlow();
}
}
return idsDTO;
}
Aggregations