Examples with UserRealm org.wso2.carbon.user.core.UserRealm used on opensource projects

Example 56 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project jaggery by wso2.

the class RegistryHostObject method isAuthorized.

private boolean isAuthorized(UserRegistry registry, String resourcePath, String action) throws RegistryException {
    UserRealm userRealm = registry.getUserRealm();
    String userName = registry.getUserName();
    try {
        if (!userRealm.getAuthorizationManager().isUserAuthorized(userName, resourcePath, action)) {
            return false;
        }
    } catch (UserStoreException e) {
        throw new org.wso2.carbon.registry.core.exceptions.RegistryException("Error at Authorizing " + resourcePath + " with user " + userName + ":" + e.getMessage(), e);
    }
    return true;
}

Example 57 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPAuthenticator method checkWithBackUpCodes.

/**
 * If user forgets the mobile, then user can use the back up codes to authenticate the user.
 *
 * @param context           the AuthenticationContext
 * @param userToken         the userToken
 * @param authenticatedUser the name of authenticatedUser
 * @throws AuthenticationFailedException
 */
private void checkWithBackUpCodes(AuthenticationContext context, String userToken, AuthenticatedUser authenticatedUser) throws AuthenticationFailedException {
    String savedOTPString = null;
    String username = context.getProperty(SMSOTPConstants.USER_NAME).toString();
    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
    UserRealm userRealm = getUserRealm(username);
    try {
        if (userRealm != null) {
            savedOTPString = userRealm.getUserStoreManager().getUserClaimValue(tenantAwareUsername, SMSOTPConstants.SAVED_OTP_LIST, null);
        }
        if (StringUtils.isEmpty(savedOTPString)) {
            if (log.isDebugEnabled()) {
                log.debug("The claim " + SMSOTPConstants.SAVED_OTP_LIST + " does not contain any values");
            }
            throw new AuthenticationFailedException("The claim " + SMSOTPConstants.SAVED_OTP_LIST + " does not contain any values");
        } else if (savedOTPString.contains(userToken)) {
            if (log.isDebugEnabled()) {
                log.debug("Found saved backup SMS OTP for user :" + authenticatedUser);
            }
            context.setSubject(authenticatedUser);
            savedOTPString = savedOTPString.replaceAll(userToken, "").replaceAll(",,", ",");
            userRealm.getUserStoreManager().setUserClaimValue(tenantAwareUsername, SMSOTPConstants.SAVED_OTP_LIST, savedOTPString, null);
        } else {
            if (log.isDebugEnabled()) {
                log.debug("User entered OTP :" + userToken + " does not match with any of the saved backup codes");
            }
            throw new AuthenticationFailedException("Verification Error due to Code " + userToken + " mismatch.");
        }
    } catch (UserStoreException e) {
        throw new AuthenticationFailedException("Cannot find the user claim for OTP list for user : " + authenticatedUser, e);
    }
}

Example 58 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method updateUserAttribute.

/**
 * Update the mobile number (user attribute) in user's profile.
 *
 * @param username  the Username
 * @param attribute the Attribute
 * @throws SMSOTPException
 */
public static void updateUserAttribute(String username, Map<String, String> attribute, String tenantDomain) throws SMSOTPException {
    try {
        // updating user attributes is independent from tenant association.not tenant association check needed here.
        UserRealm userRealm;
        // user is always in the super tenant.
        userRealm = SMSOTPUtils.getUserRealm(tenantDomain);
        if (userRealm == null) {
            throw new SMSOTPException("The specified tenant domain " + tenantDomain + " does not exist.");
        }
        // check whether user already exists in the system.
        SMSOTPUtils.verifyUserExists(username, tenantDomain);
        UserStoreManager userStoreManager = userRealm.getUserStoreManager();
        userStoreManager.setUserClaimValues(username, attribute, null);
    } catch (UserStoreException | AuthenticationFailedException e) {
        throw new SMSOTPException("Exception occurred while connecting to User Store: Authentication is failed. ", e);
    }
}

Example 59 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method getUserRealm.

/**
 * Get the user realm of the logged in user.
 *
 * @param tenantDomain the tenantDomain
 * @return th user realm
 * @throws AuthenticationFailedException
 */
public static UserRealm getUserRealm(String tenantDomain) throws AuthenticationFailedException {
    UserRealm userRealm;
    try {
        int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
        RealmService realmService = IdentityTenantUtil.getRealmService();
        userRealm = realmService.getTenantUserRealm(tenantId);
    } catch (Exception e) {
        throw new AuthenticationFailedException("Cannot find the user realm for the tenant domain " + tenantDomain, e);
    }
    return userRealm;
}

Example 60 with UserRealm

use of org.wso2.carbon.user.core.UserRealm in project identity-outbound-auth-sms-otp by wso2-extensions.

the class SMSOTPUtils method isSMSOTPDisableForLocalUser.

/**
 * Check whether SMSOTP is disable by user.
 *
 * @param username the Username
 * @param context  the AuthenticationContext
 * @return true or false
 * @throws SMSOTPException
 */
public static boolean isSMSOTPDisableForLocalUser(String username, AuthenticationContext context, String authenticatorName) throws SMSOTPException, AuthenticationFailedException {
    UserRealm userRealm;
    try {
        String tenantDomain = MultitenantUtils.getTenantDomain(username);
        int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
        RealmService realmService = IdentityTenantUtil.getRealmService();
        userRealm = realmService.getTenantUserRealm(tenantId);
        username = MultitenantUtils.getTenantAwareUsername(String.valueOf(username));
        boolean isEnablingControlledByUser = isSMSOTPEnableOrDisableByUser(context, authenticatorName);
        if (userRealm != null) {
            if (isEnablingControlledByUser) {
                Map<String, String> claimValues = userRealm.getUserStoreManager().getUserClaimValues(username, new String[] { SMSOTPConstants.USER_SMSOTP_DISABLED_CLAIM_URI }, null);
                return Boolean.parseBoolean(claimValues.get(SMSOTPConstants.USER_SMSOTP_DISABLED_CLAIM_URI));
            }
        } else {
            throw new SMSOTPException("Cannot find the user realm for the given tenant domain : " + CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        }
    } catch (UserStoreException e) {
        throw new SMSOTPException("Failed while trying to access userRealm of the user : " + username, e);
    }
    return false;
}