Search in sources :

Example 1 with UserFunctionalityManager

use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project carbon-identity-framework by wso2.

the class UserFunctionalityManagerServiceComponent method activate.

/**
 * Register User Functionality Manager as an OSGi service.
 *
 * @param componentContext OSGi service component context.
 */
@Activate
protected void activate(ComponentContext componentContext) {
    try {
        BundleContext bundleContext = componentContext.getBundleContext();
        UserFunctionalityManager userFunctionalityManager = new UserFunctionalityManagerImpl();
        userFunctionalityMgtService = bundleContext.registerService(UserFunctionalityManager.class, userFunctionalityManager, null);
        if (log.isDebugEnabled()) {
            log.debug("User Functionality Manager bundle is activated.");
        }
    } catch (Exception e) {
        log.error("Error while activating UserFunctionalityManagerServiceComponent.", e);
    }
}
Also used : UserFunctionalityManagerImpl(org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManagerImpl) UserFunctionalityManager(org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager) BundleContext(org.osgi.framework.BundleContext) Activate(org.osgi.service.component.annotations.Activate)

Example 2 with UserFunctionalityManager

use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.

the class SecurityQuestionPasswordRecoveryManager method handleAnswerVerificationFailInFunctionalityLockMode.

private void handleAnswerVerificationFailInFunctionalityLockMode(User user) throws IdentityRecoveryException {
    if (Utils.isAccountLocked(user)) {
        return;
    }
    int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
    String userId = Utils.getUserId(user.getUserName(), tenantId);
    Map<String, String> configStoreProperties = ConfigStoreFunctionalityLockPropertyHandler.getInstance().getConfigStoreProperties(user.getTenantDomain(), IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier());
    validateUserFunctionalityProperties(configStoreProperties);
    int maxAttempts = Integer.parseInt(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_MAX_ATTEMPTS_PROPERTY));
    long unlockTimePropertyValue = Integer.parseInt(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_TIME_PROPERTY));
    double unlockTimeRatio = Double.parseDouble(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_LOGIN_FAIL_TIMEOUT_RATIO_PROPERTY));
    int currentAttempts = 0;
    int failedLoginLockoutCountValue = 0;
    UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
    Map<String, String> functionalityLockProperties;
    try {
        functionalityLockProperties = userFunctionalityManager.getProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier());
    } catch (UserFunctionalityManagementException e) {
        throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
    }
    if (functionalityLockProperties.isEmpty()) {
        functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY, String.valueOf(failedLoginLockoutCountValue));
        functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, String.valueOf(currentAttempts));
        functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_MAX_ATTEMPTS_PROPERTY, String.valueOf(maxAttempts));
        try {
            userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), functionalityLockProperties);
        } catch (UserFunctionalityManagementException e) {
            throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_ADD_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
        }
    } else {
        if (NumberUtils.isNumber(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY))) {
            failedLoginLockoutCountValue = Integer.parseInt(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY));
        }
        if (NumberUtils.isNumber(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY))) {
            currentAttempts = Integer.parseInt(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY));
        }
    }
    Map<String, String> updatedFunctionalityLockProperties = new HashMap<>();
    if ((currentAttempts + 1) >= maxAttempts) {
        // Calculate the incremental unlock-time-interval in milli seconds.
        unlockTimePropertyValue = (long) (unlockTimePropertyValue * 1000 * 60 * Math.pow(unlockTimeRatio, failedLoginLockoutCountValue));
        try {
            updatedFunctionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, "0");
            updatedFunctionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY, String.valueOf(failedLoginLockoutCountValue + 1));
            userFunctionalityManager.lock(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), unlockTimePropertyValue, IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockCode(), IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockReason());
            userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), updatedFunctionalityLockProperties);
        } catch (UserFunctionalityManagementServerException e) {
            throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_LOCK_FUNCTIONALITY_FOR_USER, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
        } catch (UserFunctionalityManagementException e) {
            e.printStackTrace();
        }
        StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_SECURITY_QUESTION_BASED_PWR_LOCKED.getMessage());
        if (isDetailedErrorMessagesEnabled) {
            message.append(": ").append(IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockReason());
        }
        throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_SECURITY_QUESTION_BASED_PWR_LOCKED.getCode(), message.toString());
    } else {
        try {
            Map<String, String> propertiesToUpdate = new HashMap<>();
            propertiesToUpdate.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, String.valueOf(currentAttempts + 1));
            userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), propertiesToUpdate);
        } catch (UserFunctionalityManagementException e) {
            throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_UPDATE_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
        }
    }
}
Also used : UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException) HashMap(java.util.HashMap) UserFunctionalityManager(org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager) UserFunctionalityManagementServerException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementServerException)

Example 3 with UserFunctionalityManager

use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.

the class SecurityQuestionPasswordRecoveryManager method getFunctionalityStatusOfUser.

/**
 * Get the lock status of a functionality given the tenant domain, user name and the functionality identifier.
 *
 * @param user                    User.
 * @param functionalityIdentifier Identifier of the the functionality.
 * @return The status of the functionality, {@link FunctionalityLockStatus}.
 */
private FunctionalityLockStatus getFunctionalityStatusOfUser(User user, String functionalityIdentifier) throws IdentityRecoveryServerException {
    int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
    String userId = Utils.getUserId(user.getUserName(), tenantId);
    UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
    try {
        return userFunctionalityManager.getLockStatus(userId, tenantId, functionalityIdentifier);
    } catch (UserFunctionalityManagementException e) {
        String mappedErrorCode = Utils.prependOperationScenarioToErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getCode(), IdentityRecoveryConstants.PASSWORD_RECOVERY_SCENARIO);
        StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getMessage());
        if (isDetailedErrorMessagesEnabled) {
            message.append(String.format("functionalityIdentifier: %s for %s.", IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), user.getUserName()));
        }
        String errorMessage = "Error occurred while getting functionality status of user.";
        if (e instanceof UserFunctionalityManagementClientException) {
            if (log.isDebugEnabled()) {
                log.debug(errorMessage, e);
            }
        } else {
            log.error(errorMessage, e);
        }
        throw Utils.handleServerException(mappedErrorCode, message.toString(), null);
    }
}
Also used : UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException) UserFunctionalityManagementClientException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementClientException) UserFunctionalityManager(org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager)

Example 4 with UserFunctionalityManager

use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.

the class UserAccountRecoveryManager method getFunctionalityStatusOfUser.

/**
 * Get the lock status of a functionality given the tenant domain, user name and the functionality identifier.
 *
 * @param tenantDomain            Tenant domain of the user.
 * @param userName                Username of the user.
 * @param functionalityIdentifier Identifier of the the functionality.
 * @return The status of the functionality, {@link FunctionalityLockStatus}.
 */
private FunctionalityLockStatus getFunctionalityStatusOfUser(String userName, String tenantDomain, String functionalityIdentifier) throws IdentityRecoveryServerException {
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    String userId = Utils.getUserId(userName, tenantId);
    UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
    try {
        return userFunctionalityManager.getLockStatus(userId, tenantId, functionalityIdentifier);
    } catch (UserFunctionalityManagementException e) {
        String mappedErrorCode = Utils.prependOperationScenarioToErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getCode(), IdentityRecoveryConstants.PASSWORD_RECOVERY_SCENARIO);
        String message = IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getMessage();
        throw Utils.handleServerException(mappedErrorCode, message, null);
    }
}
Also used : UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException) UserFunctionalityManager(org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager)

Example 5 with UserFunctionalityManager

use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.

the class PasswordRecoveryManagerImpl method getFunctionalityStatusOfUser.

/**
 * Get the lock status of a functionality given the tenant domain, user name and the functionality type.
 *
 * @param tenantDomain            Tenant domain of the user.
 * @param userName                Username of the user.
 * @param functionalityIdentifier Identifier of the the functionality.
 * @return The status of the functionality, {@link FunctionalityLockStatus}.
 */
private FunctionalityLockStatus getFunctionalityStatusOfUser(String tenantDomain, String userName, String functionalityIdentifier) throws IdentityRecoveryServerException {
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    String userId = Utils.getUserId(userName, tenantId);
    UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
    try {
        return userFunctionalityManager.getLockStatus(userId, tenantId, functionalityIdentifier);
    } catch (UserFunctionalityManagementException e) {
        String mappedErrorCode = Utils.prependOperationScenarioToErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getCode(), IdentityRecoveryConstants.PASSWORD_RECOVERY_SCENARIO);
        StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getMessage());
        if (isDetailedErrorMessagesEnabled) {
            message.append(String.format("functionality: %s for %s.", IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), userName));
        }
        throw Utils.handleServerException(mappedErrorCode, message.toString(), null);
    }
}
Also used : UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException) UserFunctionalityManager(org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager)

Aggregations

UserFunctionalityManager (org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager)6 UserFunctionalityManagementException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)5 HashMap (java.util.HashMap)2 BundleContext (org.osgi.framework.BundleContext)1 Activate (org.osgi.service.component.annotations.Activate)1 Property (org.wso2.carbon.identity.application.common.model.Property)1 UserFunctionalityManagerImpl (org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManagerImpl)1 UserFunctionalityManagementClientException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementClientException)1 UserFunctionalityManagementServerException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementServerException)1