use of org.wso2.carbon.user.core.UserRealm in project core-util by WSO2Telco.
the class BasicAuthenticator method isAuthenticatedUser.
public boolean isAuthenticatedUser(String userName, String password) {
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
RealmService realmService = (RealmService) carbonContext.getOSGiService(RealmService.class, null);
RegistryService registryService = (RegistryService) carbonContext.getOSGiService(RegistryService.class, null);
String tenantDomain = MultitenantUtils.getTenantDomain(userName);
try {
UserRealm userRealm = null;
userRealm = AnonymousSessionUtil.getRealmByTenantDomain(registryService, realmService, tenantDomain);
if (userRealm == null) {
log.error("invalid domain or unactivated tenant login");
return false;
}
String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(userName);
if (userRealm.getUserStoreManager().authenticate(tenantAwareUsername, password)) {
return true;
} else {
log.error("authentication failed. please check your username/password");
return false;
}
} catch (CarbonException | UserStoreException e) {
log.error("authentication failed for user : " + userName, e);
return false;
}
}
use of org.wso2.carbon.user.core.UserRealm in project carbon-business-process by wso2.
the class TaskOperationsImpl method getUserListForRole.
private TUser[] getUserListForRole(String roleName, int tenantId, String actualOwnerUserName) throws RegistryException, UserStoreException {
TUser[] userList = new TUser[0];
RegistryService registryService = HumanTaskServiceComponent.getRegistryService();
if (registryService != null && registryService.getUserRealm(tenantId) != null) {
UserRealm userRealm = registryService.getUserRealm(tenantId);
String[] assignableUserNameList = userRealm.getUserStoreManager().getUserListOfRole(roleName);
if (assignableUserNameList != null) {
userList = new TUser[assignableUserNameList.length];
for (int i = 0; i < assignableUserNameList.length; i++) {
TUser user = new TUser();
user.setTUser(assignableUserNameList[i]);
if (StringUtils.isEmpty(actualOwnerUserName)) {
userList[i] = user;
} else if (StringUtils.isNotEmpty(actualOwnerUserName) && !actualOwnerUserName.equals(assignableUserNameList[i])) {
userList[i] = user;
}
}
}
} else {
log.warn("Cannot load User Realm for Tenant Id: " + tenantId);
}
return userList;
}
use of org.wso2.carbon.user.core.UserRealm in project carbon-business-process by wso2.
the class UserSubstitutionService method getRequestedAssignee.
/**
* Validate and get the assignee for a substitute request
* @param user
* @return actual assignee of the substitute request
* @throws UserStoreException
*/
private String getRequestedAssignee(final String user) throws UserStoreException {
String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
UserRealm userRealm = BPMNOSGIService.getUserRealm();
String assignee = getTenantAwareUser(user);
// validate the assignee
if (assignee != null && !assignee.trim().isEmpty() && !assignee.equals(loggedInUser)) {
// setting another users
boolean isAuthorized = isUserAuthorizedForSubstitute(loggedInUser);
if (!isAuthorized) {
throw new BPMNForbiddenException("Action requires BPMN substitution permission");
}
if (!userRealm.getUserStoreManager().isExistingUser(assignee)) {
throw new ActivitiIllegalArgumentException("Non existing user for argument assignee : " + assignee);
}
} else {
// assignee is the logged in user
assignee = loggedInUser;
}
return assignee;
}
use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPAuthenticator method proceedWithOTP.
/**
* Proceed with One Time Password.
*
* @param response the HttpServletResponse
* @param context the AuthenticationContext
* @param errorPage the errorPage
* @param mobileNumber the mobile number
* @param queryParams the queryParams
* @param username the Username
* @throws AuthenticationFailedException
*/
private void proceedWithOTP(HttpServletResponse response, AuthenticationContext context, String errorPage, String mobileNumber, String queryParams, String username) throws AuthenticationFailedException {
String screenValue;
Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
boolean isEnableResendCode = SMSOTPUtils.isEnableResendCode(context, getName());
String loginPage = getLoginPage(context);
String tenantDomain = MultitenantUtils.getTenantDomain(username);
String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
try {
// One time password is generated and stored in the context.
OneTimePassword token = new OneTimePassword();
String secret = OneTimePassword.getRandomNumber(SMSOTPConstants.SECRET_KEY_LENGTH);
String otpToken = token.generateToken(secret, String.valueOf(SMSOTPConstants.NUMBER_BASE), SMSOTPConstants.NUMBER_DIGIT);
context.setProperty(SMSOTPConstants.OTP_TOKEN, otpToken);
if (log.isDebugEnabled()) {
log.debug("Generated OTP successfully and set to the context.");
}
// Get the values of the sms provider related api parameters.
String smsUrl = authenticatorProperties.get(SMSOTPConstants.SMS_URL);
String httpMethod = authenticatorProperties.get(SMSOTPConstants.HTTP_METHOD);
String headerString = authenticatorProperties.get(SMSOTPConstants.HEADERS);
String payload = authenticatorProperties.get(SMSOTPConstants.PAYLOAD);
String httpResponse = authenticatorProperties.get(SMSOTPConstants.HTTP_RESPONSE);
if (!sendRESTCall(context, smsUrl, httpMethod, headerString, payload, httpResponse, mobileNumber, otpToken)) {
String retryParam;
context.setProperty(SMSOTPConstants.STATUS_CODE, SMSOTPConstants.UNABLE_SEND_CODE);
if (context.getProperty(SMSOTPConstants.ERROR_CODE) != null) {
retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + context.getProperty(SMSOTPConstants.ERROR_CODE).toString();
} else {
retryParam = SMSOTPConstants.UNABLE_SEND_CODE_PARAM + SMSOTPConstants.UNABLE_SEND_CODE_VALUE;
}
String redirectUrl = getURL(errorPage, queryParams);
response.sendRedirect(redirectUrl + SMSOTPConstants.RESEND_CODE + isEnableResendCode + retryParam);
} else {
String url = getURL(loginPage, queryParams);
boolean isUserExists = FederatedAuthenticatorUtil.isUserExistInUserStore(username);
if (isUserExists) {
screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
if (screenValue != null) {
url = url + SMSOTPConstants.SCREEN_VALUE + screenValue;
}
}
response.sendRedirect(url);
}
} catch (IOException e) {
throw new AuthenticationFailedException("Error while sending the HTTP request. ", e);
} catch (UserStoreException e) {
throw new AuthenticationFailedException("Failed to get the user from user store. ", e);
}
}
use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPAuthenticator method getScreenValue.
/**
* Get the screen value for configured screen attribute.
*
* @param context the AuthenticationContext
* @return screenValue
* @throws AuthenticationFailedException
*/
private String getScreenValue(AuthenticationContext context) throws AuthenticationFailedException {
String screenValue;
String username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
String tenantDomain = MultitenantUtils.getTenantDomain(username);
String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
UserRealm userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
try {
screenValue = getScreenAttribute(context, userRealm, tenantAwareUsername);
} catch (UserStoreException e) {
throw new AuthenticationFailedException("Failed to get the screen attribute for the user " + tenantAwareUsername + " from user store. ", e);
}
return screenValue;
}
Aggregations