Example 6 with UserFunctionalityManagementException
use of org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException in project carbon-identity-framework by wso2.
the class UserFunctionalityManagerImplTest method testIsFunctionalityLockedForUser.
@Test(dataProvider = "IsFunctionalityLockedData")
public void testIsFunctionalityLockedForUser(String functionalityIdentifier, String userId, int tenantId, boolean expected) {
DataSource dataSource = mock(DataSource.class);
TestUtils.mockDataSource(dataSource);
try {
try (Connection connection = TestUtils.getConnection()) {
Connection spyConnection = TestUtils.spyConnection(connection);
when(dataSource.getConnection()).thenReturn(spyConnection);
try {
mockIsUserStoreManager(userId);
assertEquals(userFunctionalityManager.getLockStatus(userId, tenantId, functionalityIdentifier).getLockStatus(), expected);
} catch (UserFunctionalityManagementException | UserStoreException e) {
log.error(String.format("Error while selecting functionality: %s", functionalityIdentifier), e);
}
}
} catch (SQLException e) {
log.error("SQL Exception", e);
}
}
Also used :
UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
DataSource(javax.sql.DataSource)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Example 7 with UserFunctionalityManagementException
use of org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException in project carbon-identity-framework by wso2.
the class UserFunctionalityManagerImplTest method testSetFunctionalityLockProperties.
@Test(dataProvider = "TestSetFunctionalityLockPropertiesData")
public void testSetFunctionalityLockProperties(String userId, int tenantId, String functionalityIdentifier, Map<String, String> properties, Map<String, String> propertiesToUpdate, Map<String, String> expectedProperties) {
DataSource dataSource = mock(DataSource.class);
TestUtils.mockDataSource(dataSource);
try (Connection connection = TestUtils.getConnection()) {
Connection spyConnection = TestUtils.spyConnection(connection);
when(dataSource.getConnection()).thenReturn(spyConnection);
mockIsUserStoreManager(userId);
userFunctionalityPropertyDAO.addProperties(userId, tenantId, functionalityIdentifier, properties);
userFunctionalityManager.setProperties(userId, tenantId, functionalityIdentifier, propertiesToUpdate);
Map<String, String> functionalityLockProperties = userFunctionalityPropertyDAO.getAllProperties(userId, tenantId, functionalityIdentifier);
assertEquals(functionalityLockProperties, expectedProperties);
} catch (SQLException | UserFunctionalityManagementException | UserStoreException e) {
// Mock behaviour. Hence ignored.
}
}
Also used :
UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
DataSource(javax.sql.DataSource)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Example 8 with UserFunctionalityManagementException
use of org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException in project carbon-identity-framework by wso2.
the class UserFunctionalityManagerImplTest method testGetFunctionalityLockProperties.
@Test(dataProvider = "TestGetFunctionalityLockPropertiesData")
public void testGetFunctionalityLockProperties(String userId, int tenantId, String functionalityIdentifier, Map<String, String> properties) {
DataSource dataSource = mock(DataSource.class);
TestUtils.mockDataSource(dataSource);
try {
try (Connection connection = TestUtils.getConnection()) {
Connection spyConnection = TestUtils.spyConnection(connection);
when(dataSource.getConnection()).thenReturn(spyConnection);
try {
mockIsUserStoreManager(userId);
userFunctionalityPropertyDAO.addProperties(userId, tenantId, functionalityIdentifier, properties);
assertEquals(userFunctionalityManager.getProperties(userId, tenantId, functionalityIdentifier), properties);
} catch (UserFunctionalityManagementException e) {
log.error(String.format("Error while selecting functionality: %s", functionalityIdentifier), e);
} catch (UserStoreException e) {
log.error("Error while checking userid in userstore", e);
}
}
} catch (SQLException e) {
log.error("SQL Exception", e);
}
}
Also used :
UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
DataSource(javax.sql.DataSource)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Example 9 with UserFunctionalityManagementException
use of org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException in project carbon-identity-framework by wso2.
the class UserFunctionalityManagerImpl method lock.
/**
* {@inheritDoc}
*/
@Override
public void lock(String userId, int tenantId, String functionalityIdentifier, long timeToLock, String functionalityLockReasonCode, String functionalityLockReason) throws UserFunctionalityManagementException {
if (!isPerUserFunctionalityLockingEnabled()) {
throw new UnsupportedOperationException("Per-user functionality locking is not enabled.");
}
if (StringUtils.isEmpty(userId) || !isUserIdExists(userId, tenantId)) {
if (log.isDebugEnabled()) {
log.debug("Cannot retrieve user from userId: " + userId);
}
throw buildUserNotFoundError();
}
long unlockTime = Long.MAX_VALUE;
if (timeToLock >= 0) {
unlockTime = System.currentTimeMillis() + timeToLock;
}
FunctionalityLockStatus functionalityLockStatus = userFunctionalityManagerDAO.getFunctionalityLockStatus(userId, tenantId, functionalityIdentifier);
if (functionalityLockStatus != null) {
boolean isFunctionalityLockedForUser = functionalityLockStatus.getLockStatus();
long oldUnlockTime = functionalityLockStatus.getUnlockTime();
if (!isFunctionalityLockedForUser) {
FunctionalityLockStatus newFunctionalityLockStatus = new FunctionalityLockStatus(true, unlockTime, functionalityLockReasonCode, functionalityLockReason);
userFunctionalityManagerDAO.updateLockStatusForUser(userId, tenantId, functionalityIdentifier, newFunctionalityLockStatus);
} else if (oldUnlockTime < unlockTime) {
functionalityLockStatus.setLockReasonCode(functionalityLockReasonCode);
functionalityLockStatus.setLockReason(functionalityLockReason);
functionalityLockStatus.setUnlockTime(unlockTime);
userFunctionalityManagerDAO.updateLockStatusForUser(userId, tenantId, functionalityIdentifier, functionalityLockStatus);
}
} else {
FunctionalityLockStatus newFunctionalityLockStatus = new FunctionalityLockStatus(true, unlockTime, functionalityLockReasonCode, functionalityLockReason);
userFunctionalityManagerDAO.addFunctionalityLock(userId, tenantId, functionalityIdentifier, newFunctionalityLockStatus);
}
}
Also used :
FunctionalityLockStatus(org.wso2.carbon.identity.user.functionality.mgt.model.FunctionalityLockStatus)
Example 10 with UserFunctionalityManagementException
use of org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException in project identity-governance by wso2-extensions.
the class SecurityQuestionPasswordRecoveryManager method handleAnswerVerificationFailInFunctionalityLockMode.
private void handleAnswerVerificationFailInFunctionalityLockMode(User user) throws IdentityRecoveryException {
if (Utils.isAccountLocked(user)) {
return;
}
int tenantId = IdentityTenantUtil.getTenantId(user.getTenantDomain());
String userId = Utils.getUserId(user.getUserName(), tenantId);
Map<String, String> configStoreProperties = ConfigStoreFunctionalityLockPropertyHandler.getInstance().getConfigStoreProperties(user.getTenantDomain(), IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier());
validateUserFunctionalityProperties(configStoreProperties);
int maxAttempts = Integer.parseInt(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_MAX_ATTEMPTS_PROPERTY));
long unlockTimePropertyValue = Integer.parseInt(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_TIME_PROPERTY));
double unlockTimeRatio = Double.parseDouble(configStoreProperties.get(IdentityRecoveryConstants.FUNCTION_LOGIN_FAIL_TIMEOUT_RATIO_PROPERTY));
int currentAttempts = 0;
int failedLoginLockoutCountValue = 0;
UserFunctionalityManager userFunctionalityManager = IdentityRecoveryServiceDataHolder.getInstance().getUserFunctionalityManagerService();
Map<String, String> functionalityLockProperties;
try {
functionalityLockProperties = userFunctionalityManager.getProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier());
} catch (UserFunctionalityManagementException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_GET_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
}
if (functionalityLockProperties.isEmpty()) {
functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY, String.valueOf(failedLoginLockoutCountValue));
functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, String.valueOf(currentAttempts));
functionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_MAX_ATTEMPTS_PROPERTY, String.valueOf(maxAttempts));
try {
userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), functionalityLockProperties);
} catch (UserFunctionalityManagementException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_ADD_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
}
} else {
if (NumberUtils.isNumber(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY))) {
failedLoginLockoutCountValue = Integer.parseInt(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY));
}
if (NumberUtils.isNumber(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY))) {
currentAttempts = Integer.parseInt(functionalityLockProperties.get(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY));
}
}
Map<String, String> updatedFunctionalityLockProperties = new HashMap<>();
if ((currentAttempts + 1) >= maxAttempts) {
// Calculate the incremental unlock-time-interval in milli seconds.
unlockTimePropertyValue = (long) (unlockTimePropertyValue * 1000 * 60 * Math.pow(unlockTimeRatio, failedLoginLockoutCountValue));
try {
updatedFunctionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, "0");
updatedFunctionalityLockProperties.put(IdentityRecoveryConstants.FUNCTION_LOCKOUT_COUNT_PROPERTY, String.valueOf(failedLoginLockoutCountValue + 1));
userFunctionalityManager.lock(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), unlockTimePropertyValue, IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockCode(), IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockReason());
userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), updatedFunctionalityLockProperties);
} catch (UserFunctionalityManagementServerException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_LOCK_FUNCTIONALITY_FOR_USER, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
} catch (UserFunctionalityManagementException e) {
e.printStackTrace();
}
StringBuilder message = new StringBuilder(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_SECURITY_QUESTION_BASED_PWR_LOCKED.getMessage());
if (isDetailedErrorMessagesEnabled) {
message.append(": ").append(IdentityRecoveryConstants.RecoveryLockReasons.PWD_RECOVERY_MAX_ATTEMPTS_EXCEEDED.getFunctionalityLockReason());
}
throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_SECURITY_QUESTION_BASED_PWR_LOCKED.getCode(), message.toString());
} else {
try {
Map<String, String> propertiesToUpdate = new HashMap<>();
propertiesToUpdate.put(IdentityRecoveryConstants.FUNCTION_FAILED_ATTEMPTS_PROPERTY, String.valueOf(currentAttempts + 1));
userFunctionalityManager.setProperties(userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), propertiesToUpdate);
} catch (UserFunctionalityManagementException e) {
throw Utils.handleFunctionalityLockMgtServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_FAILED_TO_UPDATE_PROPERTIES_FOR_FUNCTIONALITY, userId, tenantId, IdentityRecoveryConstants.FunctionalityTypes.FUNCTIONALITY_SECURITY_QUESTION_PW_RECOVERY.getFunctionalityIdentifier(), isDetailedErrorMessagesEnabled);
}
}
}
Also used :
UserFunctionalityManagementException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)
HashMap(java.util.HashMap)
UserFunctionalityManager(org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager)
UserFunctionalityManagementServerException(org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementServerException)
Aggregations
UserFunctionalityManagementException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementException)12
Connection (java.sql.Connection)7
SQLException (java.sql.SQLException)7
DataSource (javax.sql.DataSource)7
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)7
Test (org.testng.annotations.Test)7
UserStoreException (org.wso2.carbon.user.api.UserStoreException)7
UserFunctionalityManager (org.wso2.carbon.identity.user.functionality.mgt.UserFunctionalityManager)5
HashMap (java.util.HashMap)2
FunctionalityLockStatus (org.wso2.carbon.identity.user.functionality.mgt.model.FunctionalityLockStatus)2
Matchers.anyString (org.mockito.Matchers.anyString)1
Property (org.wso2.carbon.identity.application.common.model.Property)1
UserFunctionalityManagementClientException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementClientException)1
UserFunctionalityManagementServerException (org.wso2.carbon.identity.user.functionality.mgt.exception.UserFunctionalityManagementServerException)1
TestUtils.getConnection (org.wso2.carbon.identity.user.functionality.mgt.util.TestUtils.getConnection)1
TestUtils.mockDataSource (org.wso2.carbon.identity.user.functionality.mgt.util.TestUtils.mockDataSource)1
TestUtils.spyConnection (org.wso2.carbon.identity.user.functionality.mgt.util.TestUtils.spyConnection)1
