Search in sources :

Example 11 with UserStoreClientException

use of org.wso2.carbon.user.api.UserStoreClientException in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMUserManager method filterUsernames.

/**
 * Method to get users when a filter domain is known.
 *
 * @param condition  Condition of the single attribute filter
 * @param offset     Start index value
 * @param limit      Count value
 * @param sortBy     SortBy
 * @param sortOrder  Sort order
 * @param domainName Domain to perform the search
 * @return User names of the filtered users
 * @throws CharonException Error while filtering
 */
private Set<org.wso2.carbon.user.core.common.User> filterUsernames(Condition condition, int offset, int limit, String sortBy, String sortOrder, String domainName) throws CharonException, BadRequestException {
    if (log.isDebugEnabled()) {
        log.debug(String.format("Filtering users in domain : %s with limit: %d and offset: %d.", domainName, limit, offset));
    }
    try {
        Set<org.wso2.carbon.user.core.common.User> users;
        if (removeDuplicateUsersInUsersResponseEnabled) {
            users = new TreeSet<>(Comparator.comparing(org.wso2.carbon.user.core.common.User::getFullQualifiedUsername));
            users.addAll(carbonUM.getUserListWithID(condition, domainName, UserCoreConstants.DEFAULT_PROFILE, limit, offset, sortBy, sortOrder));
        } else {
            List<org.wso2.carbon.user.core.common.User> usersList = carbonUM.getUserListWithID(condition, domainName, UserCoreConstants.DEFAULT_PROFILE, limit, offset, sortBy, sortOrder);
            users = new LinkedHashSet<>(usersList);
        }
        return users;
    } catch (UserStoreClientException e) {
        String errorMessage = String.format("Error while retrieving users for the domain: %s with limit: %d and " + "offset: %d. %s", domainName, limit, offset, e.getMessage());
        if (log.isDebugEnabled()) {
            log.debug(errorMessage, e);
        }
        throw new BadRequestException(errorMessage, ResponseCodeConstants.INVALID_VALUE);
    } catch (UserStoreException e) {
        // Sometimes client exceptions are wrapped in the super class.
        // Therefore checking for possible client exception.
        Throwable ex = ExceptionUtils.getRootCause(e);
        if (ex instanceof UserStoreClientException) {
            String errorMessage = String.format("Error in obtaining role names from user store. %s", ex.getMessage());
            if (log.isDebugEnabled()) {
                log.debug(errorMessage, ex);
            }
            throw new BadRequestException(errorMessage, ResponseCodeConstants.INVALID_VALUE);
        }
        String errorMessage = String.format("Error while retrieving users for the domain: %s with limit: %d and offset: %d.", domainName, limit, offset);
        throw resolveError(e, errorMessage);
    }
}
Also used : User(org.wso2.charon3.core.objects.User) UserStoreClientException(org.wso2.carbon.user.core.UserStoreClientException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SCIMUserStoreException(org.wso2.carbon.identity.scim2.common.extenstion.SCIMUserStoreException) BadRequestException(org.wso2.charon3.core.exceptions.BadRequestException)

Example 12 with UserStoreClientException

use of org.wso2.carbon.user.api.UserStoreClientException in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method processAuthenticationResponse.

/**
 * Process the response of the SMSOTP end-point.
 *
 * @param request  the HttpServletRequest
 * @param response the HttpServletResponse
 * @param context  the AuthenticationContext
 * @throws AuthenticationFailedException
 */
@Override
protected void processAuthenticationResponse(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException {
    AuthenticatedUser authenticatedUser = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
    boolean isLocalUser = SMSOTPUtils.isLocalUser(context);
    if (authenticatedUser != null && isLocalUser && SMSOTPUtils.isAccountLocked(authenticatedUser)) {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Authentication failed since authenticated user: %s,  account is locked.", authenticatedUser));
        }
        context.setProperty(SMSOTPConstants.ACCOUNT_LOCKED, true);
        throw new AuthenticationFailedException("User account is locked.");
    }
    String userToken = request.getParameter(SMSOTPConstants.CODE);
    String contextToken = (String) context.getProperty(SMSOTPConstants.OTP_TOKEN);
    if (StringUtils.isEmpty(request.getParameter(SMSOTPConstants.CODE))) {
        throw new InvalidCredentialsException("Code cannot not be null");
    }
    if (Boolean.parseBoolean(request.getParameter(SMSOTPConstants.RESEND))) {
        if (log.isDebugEnabled()) {
            log.debug("Retrying to resend the OTP");
        }
        throw new InvalidCredentialsException("Retrying to resend the OTP");
    }
    if (context.getProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE) != null) {
        context.setProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE, "false");
    }
    boolean succeededAttempt = false;
    if (userToken.equals(contextToken)) {
        context.removeProperty(SMSOTPConstants.CODE_MISMATCH);
        processValidUserToken(context, authenticatedUser);
        succeededAttempt = true;
    } else if (isLocalUser && "true".equals(SMSOTPUtils.getBackupCode(context))) {
        succeededAttempt = checkWithBackUpCodes(context, userToken, authenticatedUser);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("Given otp code is a mismatch.");
        }
        context.setProperty(SMSOTPConstants.CODE_MISMATCH, true);
    }
    if (succeededAttempt && isLocalUser) {
        String username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
        String mobileNumber;
        try {
            mobileNumber = SMSOTPUtils.getMobileNumberForUsername(username);
        } catch (SMSOTPException e) {
            throw new AuthenticationFailedException("Failed to get the parameters from authentication xml file " + "for user:  " + username + " for tenant: " + context.getTenantDomain(), e);
        }
        if (StringUtils.isBlank(mobileNumber)) {
            String tenantDomain = MultitenantUtils.getTenantDomain(username);
            Object verifiedMobileObject = context.getProperty(SMSOTPConstants.REQUESTED_USER_MOBILE);
            if (verifiedMobileObject != null) {
                try {
                    updateMobileNumberForUsername(context, request, username, tenantDomain);
                } catch (SMSOTPException e) {
                    throw new AuthenticationFailedException("Failed accessing the userstore for user: " + username, e.getCause());
                } catch (UserStoreClientException e) {
                    context.setProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE, "true");
                    throw new AuthenticationFailedException("Mobile claim update failed for user :" + username, e);
                } catch (UserStoreException e) {
                    Throwable ex = e.getCause();
                    if (ex instanceof UserStoreClientException) {
                        context.setProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE, "true");
                        context.setProperty(SMSOTPConstants.PROFILE_UPDATE_FAILURE_REASON, ex.getMessage());
                    }
                    throw new AuthenticationFailedException("Mobile claim update failed for user " + username, e);
                }
            }
        }
    }
    if (!succeededAttempt) {
        handleSmsOtpVerificationFail(context);
        context.setProperty(SMSOTPConstants.CODE_MISMATCH, true);
        throw new AuthenticationFailedException("Invalid code. Verification failed.");
    }
    // It reached here means the authentication was successful.
    resetSmsOtpFailedAttempts(context);
}
Also used : AuthenticationFailedException(org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException) InvalidCredentialsException(org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException) UserStoreClientException(org.wso2.carbon.user.core.UserStoreClientException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) SMSOTPException(org.wso2.carbon.identity.authenticator.smsotp.exception.SMSOTPException) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)

Example 13 with UserStoreClientException

use of org.wso2.carbon.user.api.UserStoreClientException in project carbon-identity-framework by wso2.

the class DatabaseBasedUserStoreDAOImpl method deleteUserStore.

public void deleteUserStore(String domain) throws IdentityUserStoreMgtException {
    int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    try {
        // Run pre user-store name update listeners
        triggerListnersOnUserStorePreDelete(domain);
        AbstractUserStoreManager userStoreManager = (AbstractUserStoreManager) CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
        if (userStoreManager == null) {
            throw new IdentityUserStoreMgtException("Unable to find a user store from the " + "ThreadLocalCarbonContext.");
        }
        userStoreManager.deletePersistedDomain(domain);
        deleteUserStore(domain, tenantId);
        removeRealmFromSecondaryUserStoreManager(domain);
    } catch (UserStoreClientException e) {
        throw buildIdentityUserStoreClientException("Userstore " + domain + " cannot be deleted.", e);
    } catch (UserStoreException e) {
        throw new IdentityUserStoreMgtException("Error while triggering the userstore pre delete listeners.");
    }
}
Also used : IdentityUserStoreMgtException(org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreMgtException) SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException(org.wso2.carbon.identity.user.store.configuration.utils.SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException) UserStoreClientException(org.wso2.carbon.user.api.UserStoreClientException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager)

Example 14 with UserStoreClientException

use of org.wso2.carbon.user.api.UserStoreClientException in project carbon-identity-framework by wso2.

the class FileBasedUserStoreDAOImpl method doUpdateUserStoreDomainName.

@Override
protected void doUpdateUserStoreDomainName(String previousDomainName, UserStorePersistanceDTO userStorePersistanceDTO) throws IdentityUserStoreMgtException {
    Path userStoreConfigFile;
    Path previousUserStoreConfigFile;
    String domainName = userStorePersistanceDTO.getUserStoreDTO().getDomainId();
    String fileName = domainName.replace(".", "_");
    String previousFileName = previousDomainName.replace(".", "_");
    validateFileName(domainName, fileName);
    validateFileName(previousDomainName, previousFileName);
    int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    if (tenantId == MultitenantConstants.SUPER_TENANT_ID) {
        createUserStoreDirectory(null, fileName, false);
        userStoreConfigFile = Paths.get(DEPLOYMENT_DIRECTORY, fileName + FILE_EXTENSION_XML);
        previousUserStoreConfigFile = Paths.get(DEPLOYMENT_DIRECTORY, previousFileName + FILE_EXTENSION_XML);
    } else {
        String tenantFilePath = CarbonUtils.getCarbonTenantsDirPath();
        createUserStoreDirectory(tenantFilePath, fileName, true);
        userStoreConfigFile = Paths.get(tenantFilePath, String.valueOf(tenantId), USERSTORES, fileName + FILE_EXTENSION_XML);
        previousUserStoreConfigFile = Paths.get(tenantFilePath, String.valueOf(tenantId), USERSTORES, previousFileName + FILE_EXTENSION_XML);
    }
    if (!Files.exists(previousUserStoreConfigFile)) {
        String errorMessage = "Cannot update user store domain name. Previous domain name " + previousDomainName + " does not exists.";
        throw new IdentityUserStoreClientException(UserStoreConfigurationConstant.ErrorMessage.ERROR_CODE_XML_FILE_NOT_FOUND.getCode(), errorMessage);
    }
    if (Files.exists(userStoreConfigFile)) {
        String errorMessage = "Cannot update user store domain name. An user store already exists with new domain" + " " + domainName + ".";
        throw new IdentityUserStoreClientException(UserStoreConfigurationConstant.ErrorMessage.ERROR_CODE_XML_FILE_ALREADY_EXISTS.getCode(), errorMessage);
    }
    try {
        // Run pre user-store name update listeners
        triggerListnersOnUserStorePreUpdate(previousDomainName, domainName);
        // Update persisted domain name
        updatePersistedDomainName(previousDomainName, domainName, tenantId);
        // Run post userstore name update listeners.
        triggerListenersOnUserStorePostUpdate(previousDomainName, domainName);
    } catch (UserStoreClientException e) {
        throw buildIdentityUserStoreClientException("Userstore " + domainName + " cannot be updated.", e);
    } catch (UserStoreException e) {
        String errorMessage = "Error while updating user store domain : " + domainName;
        log.error(errorMessage, e);
        throw new IdentityUserStoreMgtException(errorMessage);
    }
    try {
        Files.delete(previousUserStoreConfigFile);
        writeToUserStoreConfigurationFile(userStoreConfigFile, userStorePersistanceDTO.getUserStoreDTO(), true, false, previousDomainName);
    } catch (IOException e) {
        log.info("Error when deleting previous configuration files " + previousUserStoreConfigFile);
    }
}
Also used : Path(java.nio.file.Path) IdentityUserStoreMgtException(org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreMgtException) IdentityUserStoreClientException(org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreClientException) SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException(org.wso2.carbon.identity.user.store.configuration.utils.SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException) UserStoreClientException(org.wso2.carbon.user.api.UserStoreClientException) IdentityUserStoreClientException(org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreClientException) SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException(org.wso2.carbon.identity.user.store.configuration.utils.SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IOException(java.io.IOException)

Example 15 with UserStoreClientException

use of org.wso2.carbon.user.api.UserStoreClientException in project carbon-identity-framework by wso2.

the class UserStoreConfigServiceImpl method addUserStore.

@Override
public void addUserStore(UserStoreDTO userStoreDTO) throws IdentityUserStoreMgtException {
    loadTenant();
    try {
        triggerListenersOnUserStorePreAdd(userStoreDTO);
        if (SecondaryUserStoreConfigurationUtil.isUserStoreRepositorySeparationEnabled() && StringUtils.isNotBlank(userStoreDTO.getRepositoryClass())) {
            AbstractUserStoreDAOFactory userStoreDAOFactory = UserStoreConfigListenersHolder.getInstance().getUserStoreDAOFactories().get(userStoreDTO.getRepositoryClass());
            userStoreDAOFactory.getInstance().addUserStore(userStoreDTO);
        } else {
            if (StringUtils.isNotBlank(userStoreDTO.getRepositoryClass())) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Repository separation of user-stores has been disabled. Adding user-store " + userStoreDTO.getDomainId() + " with file-based configuration.");
                }
            }
            validateConnectionUrl(userStoreDTO);
            SecondaryUserStoreConfigurationUtil.getFileBasedUserStoreDAOFactory().addUserStore(userStoreDTO);
        }
    } catch (UserStoreClientException e) {
        throw buildIdentityUserStoreClientException("Userstore " + userStoreDTO.getDomainId() + " cannot be added.", e);
    } catch (UserStoreException e) {
        String errorMessage = e.getMessage();
        throw new IdentityUserStoreMgtException(errorMessage, e);
    }
}
Also used : AbstractUserStoreDAOFactory(org.wso2.carbon.identity.user.store.configuration.dao.AbstractUserStoreDAOFactory) IdentityUserStoreMgtException(org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreMgtException) SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException(org.wso2.carbon.identity.user.store.configuration.utils.SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException) IdentityUserStoreClientException(org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreClientException) UserStoreClientException(org.wso2.carbon.user.api.UserStoreClientException) UserStoreException(org.wso2.carbon.user.api.UserStoreException)

Aggregations

UserStoreException (org.wso2.carbon.user.api.UserStoreException)15 UserStoreClientException (org.wso2.carbon.user.core.UserStoreClientException)11 IdentityUserStoreMgtException (org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreMgtException)8 SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException (org.wso2.carbon.identity.user.store.configuration.utils.SecondaryUserStoreConfigurationUtil.buildIdentityUserStoreClientException)8 UserStoreClientException (org.wso2.carbon.user.api.UserStoreClientException)8 IdentityUserStoreClientException (org.wso2.carbon.identity.user.store.configuration.utils.IdentityUserStoreClientException)6 BadRequestException (org.wso2.charon3.core.exceptions.BadRequestException)6 CharonException (org.wso2.charon3.core.exceptions.CharonException)5 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)4 SCIMUserStoreException (org.wso2.carbon.identity.scim2.common.extenstion.SCIMUserStoreException)4 User (org.wso2.charon3.core.objects.User)4 ArrayList (java.util.ArrayList)3 Map (java.util.Map)3 AuthenticationFailedException (org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException)3 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)3 AbstractUserStoreDAOFactory (org.wso2.carbon.identity.user.store.configuration.dao.AbstractUserStoreDAOFactory)3 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)3 Path (java.nio.file.Path)2 StepConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig)2 FrameworkException (org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException)2