use of org.wso2.carbon.user.mgt.common.UserAdminException in project carbon-apimgt by wso2.
the class APIConsumerImpl method changeUserPassword.
/**
* Change user's password
*
* @param currentPassword Current password of the user
* @param newPassword New password of the user
*/
@Override
public void changeUserPassword(String currentPassword, String newPassword) throws APIManagementException {
// check whether EnablePasswordChange configuration is set to 'true'
APIManagerConfiguration config = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
boolean enableChangePassword = Boolean.parseBoolean(config.getFirstProperty(APIConstants.ENABLE_CHANGE_PASSWORD));
if (!enableChangePassword) {
throw new APIManagementException("Password change operation is disabled in the system", ExceptionCodes.PASSWORD_CHANGE_DISABLED);
}
UserAdmin userAdmin = new UserAdmin();
try {
userAdmin.changePasswordByUser(userNameWithoutChange, currentPassword, newPassword);
} catch (UserAdminException e) {
String genericErrorMessage = "Error occurred while changing the user password";
if (log.isDebugEnabled()) {
log.debug(genericErrorMessage, e);
}
// filter the exception message
String exceptionMessage = e.getMessage();
if (exceptionMessage.matches("(?i:.*\\b(current)\\b.*\\b(password)\\b.*\\b(incorrect)\\b.*)")) {
String errorMessage = "The current user password entered is incorrect";
throw new APIManagementException(errorMessage, ExceptionCodes.CURRENT_PASSWORD_INCORRECT);
} else if ((exceptionMessage.matches("(?i:.*\\b(password)\\b.*\\b(length)\\b.*)")) || (ExceptionUtils.getStackTrace(e).contains("PolicyViolationException"))) {
String errorMessage = "The new password entered is invalid since it doesn't comply with the password " + "pattern/policy configured";
throw new APIManagementException(errorMessage, ExceptionCodes.PASSWORD_PATTERN_INVALID);
} else {
throw new APIManagementException(genericErrorMessage);
}
}
}
Aggregations