use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project carbon-identity-framework by wso2.
the class UserFunctionalityManagerServiceComponent method activate.
/**
* Register User Functionality Manager as an OSGi service.
*
* @param componentContext OSGi service component context.
*/
@Activate
protected void activate(ComponentContext componentContext) {
try {
BundleContext bundleContext = componentContext.getBundleContext();
UserFunctionalityManager userFunctionalityManager = new UserFunctionalityManagerImpl();
userFunctionalityMgtService = bundleContext.registerService(UserFunctionalityManager.class, userFunctionalityManager, null);
if (log.isDebugEnabled()) {
log.debug("User Functionality Manager bundle is activated.");
}
} catch (Exception e) {
log.error("Error while activating UserFunctionalityManagerServiceComponent.", e);
}
}
use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.
the class SecurityQuestionPasswordRecoveryManager method handleAnswerVerificationFailInFunctionalityLockMode.
private void handleAnswerVerificationFailInFunctionalityLockMode(User user) throws IdentityRecoveryException {
if (Utils.isAccountLocked(user)) {
return;
}
int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
String userId = Utils.getUserId(user.getUserName(), tenantId);
Map<String, String> configStoreProperties = ConfigStoreFunctionalityLockPropertyHandler.getInstance().getConfigStoreProperties(user.getTenantDomain(), IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier());
validateUserFunctionalityProperties(configStoreProperties);
int maxAttempts = Integer.parseInt(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_MAX_ATTEMPTS_PROPERTY));
long unlockTimePropertyValue = Integer.parseInt(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_TIME_PROPERTY));
double unlockTimeRatio = Double.parseDouble(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_LOGIN_FAIL_TIMEOUT_RATIO_PROPERTY));
int currentAttempts = 0;
int failedLoginLockoutCountValue = 0;
UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
Map<String, String> functionalityLockProperties;
try {
functionalityLockProperties = userFunctionalityManager.getProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier());
} catch (UserFunctionalityManagementException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
}
if (functionalityLockProperties.isEmpty()) {
functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY, String.valueOf(failedLoginLockoutCountValue));
functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, String.valueOf(currentAttempts));
functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_MAX_ATTEMPTS_PROPERTY, String.valueOf(maxAttempts));
try {
userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), functionalityLockProperties);
} catch (UserFunctionalityManagementException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_ADD_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
}
} else {
if (NumberUtils.isNumber(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY))) {
failedLoginLockoutCountValue = Integer.parseInt(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY));
}
if (NumberUtils.isNumber(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY))) {
currentAttempts = Integer.parseInt(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY));
}
}
Map<String, String> updatedFunctionalityLockProperties = new HashMap<>();
if ((currentAttempts + 1) >= maxAttempts) {
// Calculate the incremental unlock-time-interval in milli seconds.
unlockTimePropertyValue = (long) (unlockTimePropertyValue * 1000 * 60 * Math.pow(unlockTimeRatio, failedLoginLockoutCountValue));
try {
updatedFunctionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, "0");
updatedFunctionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY, String.valueOf(failedLoginLockoutCountValue + 1));
userFunctionalityManager.lock(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), unlockTimePropertyValue, IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockCode(), IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockReason());
userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), updatedFunctionalityLockProperties);
} catch (UserFunctionalityManagementServerException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_LOCK_FUNCTIONALITY_FOR_USER, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
} catch (UserFunctionalityManagementException e) {
e.printStackTrace();
}
StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_SECURITY_QUESTION_BASED_PWR_LOCKED.getMessage());
if (isDetailedErrorMessagesEnabled) {
message.append(": ").append(IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockReason());
}
throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_SECURITY_QUESTION_BASED_PWR_LOCKED.getCode(), message.toString());
} else {
try {
Map<String, String> propertiesToUpdate = new HashMap<>();
propertiesToUpdate.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, String.valueOf(currentAttempts + 1));
userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), propertiesToUpdate);
} catch (UserFunctionalityManagementException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_UPDATE_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
}
}
}
use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.
the class SecurityQuestionPasswordRecoveryManager method getFunctionalityStatusOfUser.
/**
* Get the lock status of a functionality given the tenant domain, user name and the functionality identifier.
*
* @param user User.
* @param functionalityIdentifier Identifier of the the functionality.
* @return The status of the functionality, {@link FunctionalityLockStatus}.
*/
private FunctionalityLockStatus getFunctionalityStatusOfUser(User user, String functionalityIdentifier) throws IdentityRecoveryServerException {
int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
String userId = Utils.getUserId(user.getUserName(), tenantId);
UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
try {
return userFunctionalityManager.getLockStatus(userId, tenantId, functionalityIdentifier);
} catch (UserFunctionalityManagementException e) {
String mappedErrorCode = Utils.prependOperationScenarioToErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getCode(), IdentityRecoveryConstants.PASSWORD_RECOVERY_SCENARIO);
StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getMessage());
if (isDetailedErrorMessagesEnabled) {
message.append(String.format("functionalityIdentifier: %s for %s.", IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), user.getUserName()));
}
String errorMessage = "Error occurred while getting functionality status of user.";
if (e instanceof UserFunctionalityManagementClientException) {
if (log.isDebugEnabled()) {
log.debug(errorMessage, e);
}
} else {
log.error(errorMessage, e);
}
throw Utils.handleServerException(mappedErrorCode, message.toString(), null);
}
}
use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.
the class UserAccountRecoveryManager method getFunctionalityStatusOfUser.
/**
* Get the lock status of a functionality given the tenant domain, user name and the functionality identifier.
*
* @param tenantDomain Tenant domain of the user.
* @param userName Username of the user.
* @param functionalityIdentifier Identifier of the the functionality.
* @return The status of the functionality, {@link FunctionalityLockStatus}.
*/
private FunctionalityLockStatus getFunctionalityStatusOfUser(String userName, String tenantDomain, String functionalityIdentifier) throws IdentityRecoveryServerException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
String userId = Utils.getUserId(userName, tenantId);
UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
try {
return userFunctionalityManager.getLockStatus(userId, tenantId, functionalityIdentifier);
} catch (UserFunctionalityManagementException e) {
String mappedErrorCode = Utils.prependOperationScenarioToErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getCode(), IdentityRecoveryConstants.PASSWORD_RECOVERY_SCENARIO);
String message = IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getMessage();
throw Utils.handleServerException(mappedErrorCode, message, null);
}
}
use of org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager in project identity-governance by wso2-extensions.
the class PasswordRecoveryManagerImpl method getFunctionalityStatusOfUser.
/**
* Get the lock status of a functionality given the tenant domain, user name and the functionality type.
*
* @param tenantDomain Tenant domain of the user.
* @param userName Username of the user.
* @param functionalityIdentifier Identifier of the the functionality.
* @return The status of the functionality, {@link FunctionalityLockStatus}.
*/
private FunctionalityLockStatus getFunctionalityStatusOfUser(String tenantDomain, String userName, String functionalityIdentifier) throws IdentityRecoveryServerException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
String userId = Utils.getUserId(userName, tenantId);
UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
try {
return userFunctionalityManager.getLockStatus(userId, tenantId, functionalityIdentifier);
} catch (UserFunctionalityManagementException e) {
String mappedErrorCode = Utils.prependOperationScenarioToErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getCode(), IdentityRecoveryConstants.PASSWORD_RECOVERY_SCENARIO);
StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_LOCK_STATUS_FOR_FUNCTIONALITY.getMessage());
if (isDetailedErrorMessagesEnabled) {
message.append(String.format("functionality: %s for %s.", IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), userName));
}
throw Utils.handleServerException(mappedErrorCode, message.toString(), null);
}
}
Aggregations