use of org.wso2.carbon.user.core.UserStoreClientException in project identity-inbound-provisioning-scim2 by wso2-extensions.
the class SCIMUserManager method filterUsernames.
/**
* Method to get users when a filter domain is known.
*
* @param condition Condition of the single attribute filter
* @param offset Start index value
* @param limit Count value
* @param sortBy SortBy
* @param sortOrder Sort order
* @param domainName Domain to perform the search
* @return User names of the filtered users
* @throws CharonException Error while filtering
*/
private Set<org.wso2.carbon.user.core.common.User> filterUsernames(Condition condition, int offset, int limit, String sortBy, String sortOrder, String domainName) throws CharonException, BadRequestException {
if (log.isDebugEnabled()) {
log.debug(String.format("Filtering users in domain : %s with limit: %d and offset: %d.", domainName, limit, offset));
}
try {
Set<org.wso2.carbon.user.core.common.User> users;
if (removeDuplicateUsersInUsersResponseEnabled) {
users = new TreeSet<>(Comparator.comparing(org.wso2.carbon.user.core.common.User::getFullQualifiedUsername));
users.addAll(carbonUM.getUserListWithID(condition, domainName, UserCoreConstants.DEFAULT_PROFILE, limit, offset, sortBy, sortOrder));
} else {
List<org.wso2.carbon.user.core.common.User> usersList = carbonUM.getUserListWithID(condition, domainName, UserCoreConstants.DEFAULT_PROFILE, limit, offset, sortBy, sortOrder);
users = new LinkedHashSet<>(usersList);
}
return users;
} catch (UserStoreClientException e) {
String errorMessage = String.format("Error while retrieving users for the domain: %s with limit: %d and " + "offset: %d. %s", domainName, limit, offset, e.getMessage());
if (log.isDebugEnabled()) {
log.debug(errorMessage, e);
}
throw new BadRequestException(errorMessage, ResponseCodeConstants.INVALID_VALUE);
} catch (UserStoreException e) {
// Sometimes client exceptions are wrapped in the super class.
// Therefore checking for possible client exception.
Throwable ex = ExceptionUtils.getRootCause(e);
if (ex instanceof UserStoreClientException) {
String errorMessage = String.format("Error in obtaining role names from user store. %s", ex.getMessage());
if (log.isDebugEnabled()) {
log.debug(errorMessage, ex);
}
throw new BadRequestException(errorMessage, ResponseCodeConstants.INVALID_VALUE);
}
String errorMessage = String.format("Error while retrieving users for the domain: %s with limit: %d and offset: %d.", domainName, limit, offset);
throw resolveError(e, errorMessage);
}
}
use of org.wso2.carbon.user.core.UserStoreClientException in project identity-outbound-auth-sms-otp by wso2-extensions.
the class SMSOTPAuthenticator method processAuthenticationResponse.
/**
* Process the response of the SMSOTP end-point.
*
* @param request the HttpServletRequest
* @param response the HttpServletResponse
* @param context the AuthenticationContext
* @throws AuthenticationFailedException
*/
@Override
protected void processAuthenticationResponse(HttpServletRequest request, HttpServletResponse response, AuthenticationContext context) throws AuthenticationFailedException {
AuthenticatedUser authenticatedUser = (AuthenticatedUser) context.getProperty(SMSOTPConstants.AUTHENTICATED_USER);
boolean isLocalUser = SMSOTPUtils.isLocalUser(context);
if (authenticatedUser != null && isLocalUser && SMSOTPUtils.isAccountLocked(authenticatedUser)) {
if (log.isDebugEnabled()) {
log.debug(String.format("Authentication failed since authenticated user: %s, account is locked.", authenticatedUser));
}
context.setProperty(SMSOTPConstants.ACCOUNT_LOCKED, true);
throw new AuthenticationFailedException("User account is locked.");
}
String userToken = request.getParameter(SMSOTPConstants.CODE);
String contextToken = (String) context.getProperty(SMSOTPConstants.OTP_TOKEN);
if (StringUtils.isEmpty(request.getParameter(SMSOTPConstants.CODE))) {
throw new InvalidCredentialsException("Code cannot not be null");
}
if (Boolean.parseBoolean(request.getParameter(SMSOTPConstants.RESEND))) {
if (log.isDebugEnabled()) {
log.debug("Retrying to resend the OTP");
}
throw new InvalidCredentialsException("Retrying to resend the OTP");
}
if (context.getProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE) != null) {
context.setProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE, "false");
}
boolean succeededAttempt = false;
if (userToken.equals(contextToken)) {
context.removeProperty(SMSOTPConstants.CODE_MISMATCH);
processValidUserToken(context, authenticatedUser);
succeededAttempt = true;
} else if (isLocalUser && "true".equals(SMSOTPUtils.getBackupCode(context))) {
succeededAttempt = checkWithBackUpCodes(context, userToken, authenticatedUser);
} else {
if (log.isDebugEnabled()) {
log.debug("Given otp code is a mismatch.");
}
context.setProperty(SMSOTPConstants.CODE_MISMATCH, true);
}
if (succeededAttempt && isLocalUser) {
String username = String.valueOf(context.getProperty(SMSOTPConstants.USER_NAME));
String mobileNumber;
try {
mobileNumber = SMSOTPUtils.getMobileNumberForUsername(username);
} catch (SMSOTPException e) {
throw new AuthenticationFailedException("Failed to get the parameters from authentication xml file " + "for user: " + username + " for tenant: " + context.getTenantDomain(), e);
}
if (StringUtils.isBlank(mobileNumber)) {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
Object verifiedMobileObject = context.getProperty(SMSOTPConstants.REQUESTED_USER_MOBILE);
if (verifiedMobileObject != null) {
try {
updateMobileNumberForUsername(context, request, username, tenantDomain);
} catch (SMSOTPException e) {
throw new AuthenticationFailedException("Failed accessing the userstore for user: " + username, e.getCause());
} catch (UserStoreClientException e) {
context.setProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE, "true");
throw new AuthenticationFailedException("Mobile claim update failed for user :" + username, e);
} catch (UserStoreException e) {
Throwable ex = e.getCause();
if (ex instanceof UserStoreClientException) {
context.setProperty(SMSOTPConstants.MOBILE_NUMBER_UPDATE_FAILURE, "true");
context.setProperty(SMSOTPConstants.PROFILE_UPDATE_FAILURE_REASON, ex.getMessage());
}
throw new AuthenticationFailedException("Mobile claim update failed for user " + username, e);
}
}
}
}
if (!succeededAttempt) {
handleSmsOtpVerificationFail(context);
context.setProperty(SMSOTPConstants.CODE_MISMATCH, true);
throw new AuthenticationFailedException("Invalid code. Verification failed.");
}
// It reached here means the authentication was successful.
resetSmsOtpFailedAttempts(context);
}
use of org.wso2.carbon.user.core.UserStoreClientException in project carbon-identity-framework by wso2.
the class DatabaseBasedUserStoreDAOImpl method deleteUserStore.
public void deleteUserStore(String domain) throws IdentityUserStoreMgtException {
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
// Run pre user-store name update listeners
triggerListnersOnUserStorePreDelete(domain);
AbstractUserStoreManager userStoreManager = (AbstractUserStoreManager) CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
if (userStoreManager == null) {
throw new IdentityUserStoreMgtException("Unable to find a user store from the " + "ThreadLocalCarbonContext.");
}
userStoreManager.deletePersistedDomain(domain);
deleteUserStore(domain, tenantId);
removeRealmFromSecondaryUserStoreManager(domain);
} catch (UserStoreClientException e) {
throw buildIdentityUserStoreClientException("Userstore " + domain + " cannot be deleted.", e);
} catch (UserStoreException e) {
throw new IdentityUserStoreMgtException("Error while triggering the userstore pre delete listeners.");
}
}
use of org.wso2.carbon.user.core.UserStoreClientException in project carbon-identity-framework by wso2.
the class FileBasedUserStoreDAOImpl method doUpdateUserStoreDomainName.
@Override
protected void doUpdateUserStoreDomainName(String previousDomainName, UserStorePersistanceDTO userStorePersistanceDTO) throws IdentityUserStoreMgtException {
Path userStoreConfigFile;
Path previousUserStoreConfigFile;
String domainName = userStorePersistanceDTO.getUserStoreDTO().getDomainId();
String fileName = domainName.replace(".", "_");
String previousFileName = previousDomainName.replace(".", "_");
validateFileName(domainName, fileName);
validateFileName(previousDomainName, previousFileName);
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
if (tenantId == MultitenantConstants.SUPER_TENANT_ID) {
createUserStoreDirectory(null, fileName, false);
userStoreConfigFile = Paths.get(DEPLOYMENT_DIRECTORY, fileName + FILE_EXTENSION_XML);
previousUserStoreConfigFile = Paths.get(DEPLOYMENT_DIRECTORY, previousFileName + FILE_EXTENSION_XML);
} else {
String tenantFilePath = CarbonUtils.getCarbonTenantsDirPath();
createUserStoreDirectory(tenantFilePath, fileName, true);
userStoreConfigFile = Paths.get(tenantFilePath, String.valueOf(tenantId), USERSTORES, fileName + FILE_EXTENSION_XML);
previousUserStoreConfigFile = Paths.get(tenantFilePath, String.valueOf(tenantId), USERSTORES, previousFileName + FILE_EXTENSION_XML);
}
if (!Files.exists(previousUserStoreConfigFile)) {
String errorMessage = "Cannot update user store domain name. Previous domain name " + previousDomainName + " does not exists.";
throw new IdentityUserStoreClientException(UserStoreConfigurationConstant.ErrorMessage.ERROR_CODE_XML_FILE_NOT_FOUND.getCode(), errorMessage);
}
if (Files.exists(userStoreConfigFile)) {
String errorMessage = "Cannot update user store domain name. An user store already exists with new domain" + " " + domainName + ".";
throw new IdentityUserStoreClientException(UserStoreConfigurationConstant.ErrorMessage.ERROR_CODE_XML_FILE_ALREADY_EXISTS.getCode(), errorMessage);
}
try {
// Run pre user-store name update listeners
triggerListnersOnUserStorePreUpdate(previousDomainName, domainName);
// Update persisted domain name
updatePersistedDomainName(previousDomainName, domainName, tenantId);
// Run post userstore name update listeners.
triggerListenersOnUserStorePostUpdate(previousDomainName, domainName);
} catch (UserStoreClientException e) {
throw buildIdentityUserStoreClientException("Userstore " + domainName + " cannot be updated.", e);
} catch (UserStoreException e) {
String errorMessage = "Error while updating user store domain : " + domainName;
log.error(errorMessage, e);
throw new IdentityUserStoreMgtException(errorMessage);
}
try {
Files.delete(previousUserStoreConfigFile);
writeToUserStoreConfigurationFile(userStoreConfigFile, userStorePersistanceDTO.getUserStoreDTO(), true, false, previousDomainName);
} catch (IOException e) {
log.info("Error when deleting previous configuration files " + previousUserStoreConfigFile);
}
}
use of org.wso2.carbon.user.core.UserStoreClientException in project carbon-identity-framework by wso2.
the class UserStoreConfigServiceImpl method addUserStore.
@Override
public void addUserStore(UserStoreDTO userStoreDTO) throws IdentityUserStoreMgtException {
loadTenant();
try {
triggerListenersOnUserStorePreAdd(userStoreDTO);
if (SecondaryUserStoreConfigurationUtil.isUserStoreRepositorySeparationEnabled() && StringUtils.isNotBlank(userStoreDTO.getRepositoryClass())) {
AbstractUserStoreDAOFactory userStoreDAOFactory = UserStoreConfigListenersHolder.getInstance().getUserStoreDAOFactories().get(userStoreDTO.getRepositoryClass());
userStoreDAOFactory.getInstance().addUserStore(userStoreDTO);
} else {
if (StringUtils.isNotBlank(userStoreDTO.getRepositoryClass())) {
if (LOG.isDebugEnabled()) {
LOG.debug("Repository separation of user-stores has been disabled. Adding user-store " + userStoreDTO.getDomainId() + " with file-based configuration.");
}
}
validateConnectionUrl(userStoreDTO);
SecondaryUserStoreConfigurationUtil.getFileBasedUserStoreDAOFactory().addUserStore(userStoreDTO);
}
} catch (UserStoreClientException e) {
throw buildIdentityUserStoreClientException("Userstore " + userStoreDTO.getDomainId() + " cannot be added.", e);
} catch (UserStoreException e) {
String errorMessage = e.getMessage();
throw new IdentityUserStoreMgtException(errorMessage, e);
}
}
Aggregations