Examples with UserRealm org.wso2.carbon.user.api.UserRealm used on opensource projects

Example 1 with UserRealm

use of org.wso2.carbon.user.api.UserRealm in project core-util by WSO2Telco.

the class BasicAuthenticator method isAuthenticatedUser.

public boolean isAuthenticatedUser(String userName, String password) {
    PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
    RealmService realmService = (RealmService) carbonContext.getOSGiService(RealmService.class, null);
    RegistryService registryService = (RegistryService) carbonContext.getOSGiService(RegistryService.class, null);
    String tenantDomain = MultitenantUtils.getTenantDomain(userName);
    try {
        UserRealm userRealm = null;
        userRealm = AnonymousSessionUtil.getRealmByTenantDomain(registryService, realmService, tenantDomain);
        if (userRealm == null) {
            log.error("invalid domain or unactivated tenant login");
            return false;
        }
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(userName);
        if (userRealm.getUserStoreManager().authenticate(tenantAwareUsername, password)) {
            return true;
        } else {
            log.error("authentication failed. please check your username/password");
            return false;
        }
    } catch (CarbonException | UserStoreException e) {
        log.error("authentication failed for user : " + userName, e);
        return false;
    }
}

Example 2 with UserRealm

use of org.wso2.carbon.user.api.UserRealm in project carbon-business-process by wso2.

the class TaskOperationsImpl method getUserListForRole.

private TUser[] getUserListForRole(String roleName, int tenantId, String actualOwnerUserName) throws RegistryException, UserStoreException {
    TUser[] userList = new TUser[0];
    RegistryService registryService = HumanTaskServiceComponent.getRegistryService();
    if (registryService != null && registryService.getUserRealm(tenantId) != null) {
        UserRealm userRealm = registryService.getUserRealm(tenantId);
        String[] assignableUserNameList = userRealm.getUserStoreManager().getUserListOfRole(roleName);
        if (assignableUserNameList != null) {
            userList = new TUser[assignableUserNameList.length];
            for (int i = 0; i < assignableUserNameList.length; i++) {
                TUser user = new TUser();
                user.setTUser(assignableUserNameList[i]);
                if (StringUtils.isEmpty(actualOwnerUserName)) {
                    userList[i] = user;
                } else if (StringUtils.isNotEmpty(actualOwnerUserName) && !actualOwnerUserName.equals(assignableUserNameList[i])) {
                    userList[i] = user;
                }
            }
        }
    } else {
        log.warn("Cannot load User Realm for Tenant Id: " + tenantId);
    }
    return userList;
}

Example 3 with UserRealm

use of org.wso2.carbon.user.api.UserRealm in project carbon-business-process by wso2.

the class UserSubstitutionService method getRequestedAssignee.

/**
 * Validate and get the assignee for a substitute request
 * @param user
 * @return actual assignee of the substitute request
 * @throws UserStoreException
 */
private String getRequestedAssignee(final String user) throws UserStoreException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    UserRealm userRealm = BPMNOSGIService.getUserRealm();
    String assignee = getTenantAwareUser(user);
    // validate the assignee
    if (assignee != null && !assignee.trim().isEmpty() && !assignee.equals(loggedInUser)) {
        // setting another users
        boolean isAuthorized = isUserAuthorizedForSubstitute(loggedInUser);
        if (!isAuthorized) {
            throw new BPMNForbiddenException("Action requires BPMN substitution permission");
        }
        if (!userRealm.getUserStoreManager().isExistingUser(assignee)) {
            throw new ActivitiIllegalArgumentException("Non existing user for argument assignee : " + assignee);
        }
    } else {
        // assignee is the logged in user
        assignee = loggedInUser;
    }
    return assignee;
}

Example 4 with UserRealm

use of org.wso2.carbon.user.api.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method proceedWithOTP.

/**
 * Proceed with One Time Password.
 *
 * @param response     the HttpServletResponse
 * @param context      the AuthenticationContext
 * @param errorPage    the errorPage
 * @param mobileNumber the mobile number
 * @param queryParams  the queryParams
 * @param username     the Username
 * @throws AuthenticationFailedException
 */
private void proceedWithOTP(HttpServletResponse response, AuthenticationContext context, String errorPage, String mobileNumber, String queryParams, String username) throws AuthenticationFailedException {
    String screenValue;
    Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
    boolean isEnableResendCode = SMSOTPUtils.isEnableResendCode(context, getName());
    String loginPage = getLoginPage(context);
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
    try {
        // One time password is generated and stored in the context.
        OneTimePassword token = new OneTimePassword();
        String secret = OneTimePassword.getRandomNumber(SMSOTPConstants.SECRET_KEY_LENGTH);
        String otpToken = token.generateToken(secret, String.valueOf(SMSOTPConstants.NUMBER_BASE), SMSOTPConstants.NUMBER_DIGIT);
        context.setProperty(SMSOTPConstants.OTP_TOKEN, otpToken);
        if (log.isDebugEnabled()) {
            log.debug("Generated OTP successfully and set to the context.");
        }
        // Get the values of the sms provider related api parameters.
        String smsUrl = authenticatorProperties.get(SMSOTPConstants.SMS_URL);
        String httpMethod = authenticatorProperties.get(SMSOTPConstants.HTTP_METHOD);
        String headerString = authenticatorProperties.get(SMSOTPConstants.HEADERS);
        String payload = authenticatorProperties.get(SMSOTPConstants.PAYLOAD);
        String httpResponse = authenticatorProperties.get(SMSOTPConstants.HTTP_RESPONSE);
        if (!sendRESTCall(context, smsUrl, httpMethod, headerString, payload, httpResponse, mobileNumber, otpToken)) {
            String retryParam;
            context.setProperty(SMSOTPConstants.STATUS_CODE, SMSOTPConstants.UNABLE_SEND_CODE);
            if (context.getProperty(SMSOTPConstants.ERROR_CODE) != null) {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + context.getProperty(SMSOTPConstants.ERROR_CODE).toString();
            } else {
                retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + SMSOTPConstants.UNABLE_SEND_CODE_VALUE;
            }
            String redirectUrl = getURL(errorPage, queryParams);
            response.sendRedirect(redirectUrl + SMSOTPConstants.RESEND_CODE + isEnableResendCode + retryParam);
        } else {
            String url = getURL(loginPage, queryParams);
            boolean isUserExists = FederatedAuthenticatorUtil.isUserExistInUserStore(username);
            if (isUserExists) {
                screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
                if (screenValue != null) {
                    url = url + SMSOTPConstants.SCREEN_VALUE + screenValue;
                }
            }
            response.sendRedirect(url);
        }
    } catch (IOException e) {
        throw new AuthenticationFailedException("Error while sending the HTTP request. ", e);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the user from user store. ", e);
    }
}

Example 5 with UserRealm

use of org.wso2.carbon.user.api.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method getScreenValue.

/**
 * Get the screen value for configured screen attribute.
 *
 * @param context the AuthenticationContext
 * @return screenValue
 * @throws AuthenticationFailedException
 */
private String getScreenValue(AuthenticationContext context) throws AuthenticationFailedException {
    String screenValue;
    String username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
    try {
        screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Failed to get the screen attribute for the user " + tenantAwareUsername + " from user store. ", e);
    }
    return screenValue;
}