Search in sources :

Example 66 with FormField

use of org.xmpp.forms.FormField in project Openfire by igniterealtime.

the class IQRegisterHandler method handleIQ.

@Override
public IQ handleIQ(IQ packet) throws PacketException, UnauthorizedException {
    ClientSession session = sessionManager.getSession(packet.getFrom());
    IQ reply = null;
    // If no session was found then answer an error (if possible)
    if (session == null) {
        Log.error("Error during registration. Session not found in " + sessionManager.getPreAuthenticatedKeys() + " for key " + packet.getFrom());
        // This error packet will probably won't make it through
        reply = IQ.createResultIQ(packet);
        reply.setChildElement(packet.getChildElement().createCopy());
        reply.setError(PacketError.Condition.internal_server_error);
        return reply;
    }
    if (IQ.Type.get.equals(packet.getType())) {
        // If inband registration is not allowed, return an error.
        if (!registrationEnabled) {
            reply = IQ.createResultIQ(packet);
            reply.setChildElement(packet.getChildElement().createCopy());
            reply.setError(PacketError.Condition.forbidden);
        } else {
            reply = IQ.createResultIQ(packet);
            if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
                try {
                    User user = userManager.getUser(session.getUsername());
                    Element currentRegistration = probeResult.createCopy();
                    currentRegistration.addElement("registered");
                    currentRegistration.element("username").setText(user.getUsername());
                    currentRegistration.element("password").setText("");
                    currentRegistration.element("email").setText(user.getEmail() == null ? "" : user.getEmail());
                    currentRegistration.element("name").setText(user.getName());
                    Element form = currentRegistration.element(QName.get("x", "jabber:x:data"));
                    Iterator fields = form.elementIterator("field");
                    Element field;
                    while (fields.hasNext()) {
                        field = (Element) fields.next();
                        if ("username".equals(field.attributeValue("var"))) {
                            field.addElement("value").addText(user.getUsername());
                        } else if ("name".equals(field.attributeValue("var"))) {
                            field.addElement("value").addText(user.getName());
                        } else if ("email".equals(field.attributeValue("var"))) {
                            field.addElement("value").addText(user.getEmail() == null ? "" : user.getEmail());
                        }
                    }
                    reply.setChildElement(currentRegistration);
                } catch (UserNotFoundException e) {
                    reply.setChildElement(probeResult.createCopy());
                }
            } else {
                // This is a workaround. Since we don't want to have an incorrect TO attribute
                // value we need to clean up the TO attribute. The TO attribute will contain an
                // incorrect value since we are setting a fake JID until the user actually
                // authenticates with the server.
                reply.setTo((JID) null);
                reply.setChildElement(probeResult.createCopy());
            }
        }
    } else if (IQ.Type.set.equals(packet.getType())) {
        try {
            Element iqElement = packet.getChildElement();
            if (iqElement.element("remove") != null) {
                // If inband registration is not allowed, return an error.
                if (!registrationEnabled) {
                    reply = IQ.createResultIQ(packet);
                    reply.setChildElement(packet.getChildElement().createCopy());
                    reply.setError(PacketError.Condition.forbidden);
                } else {
                    if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
                        User user = userManager.getUser(session.getUsername());
                        // Delete the user
                        userManager.deleteUser(user);
                        // Delete the roster of the user
                        rosterManager.deleteRoster(session.getAddress());
                        // Delete the user from all the Groups
                        GroupManager.getInstance().deleteUser(user);
                        reply = IQ.createResultIQ(packet);
                        session.process(reply);
                        // Take a quick nap so that the client can process the result
                        Thread.sleep(10);
                        // Close the user's connection
                        final StreamError error = new StreamError(StreamError.Condition.not_authorized);
                        for (ClientSession sess : sessionManager.getSessions(user.getUsername())) {
                            sess.deliverRawText(error.toXML());
                            sess.close();
                        }
                        // The reply has been sent so clean up the variable
                        reply = null;
                    } else {
                        throw new UnauthorizedException();
                    }
                }
            } else {
                String username;
                String password = null;
                String email = null;
                String name = null;
                User newUser;
                DataForm registrationForm;
                FormField field;
                Element formElement = iqElement.element("x");
                // Check if a form was used to provide the registration info
                if (formElement != null) {
                    // Get the sent form
                    registrationForm = new DataForm(formElement);
                    // Get the username sent in the form
                    List<String> values = registrationForm.getField("username").getValues();
                    username = (!values.isEmpty() ? values.get(0) : " ");
                    // Get the password sent in the form
                    field = registrationForm.getField("password");
                    if (field != null) {
                        values = field.getValues();
                        password = (!values.isEmpty() ? values.get(0) : " ");
                    }
                    // Get the email sent in the form
                    field = registrationForm.getField("email");
                    if (field != null) {
                        values = field.getValues();
                        email = (!values.isEmpty() ? values.get(0) : " ");
                    }
                    // Get the name sent in the form
                    field = registrationForm.getField("name");
                    if (field != null) {
                        values = field.getValues();
                        name = (!values.isEmpty() ? values.get(0) : " ");
                    }
                } else {
                    // Get the registration info from the query elements
                    username = iqElement.elementText("username");
                    password = iqElement.elementText("password");
                    email = iqElement.elementText("email");
                    name = iqElement.elementText("name");
                }
                if (email != null && email.matches("\\s*")) {
                    email = null;
                }
                if (name != null && name.matches("\\s*")) {
                    name = null;
                }
                // stringprep validity now.
                if (username != null) {
                    Stringprep.nodeprep(username);
                }
                if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
                    // Flag that indicates if the user is *only* changing his password
                    boolean onlyPassword = false;
                    if (iqElement.elements().size() == 2 && iqElement.element("username") != null && iqElement.element("password") != null) {
                        onlyPassword = true;
                    }
                    // If users are not allowed to change their password, return an error.
                    if (password != null && !canChangePassword) {
                        reply = IQ.createResultIQ(packet);
                        reply.setChildElement(packet.getChildElement().createCopy());
                        reply.setError(PacketError.Condition.forbidden);
                        return reply;
                    } else // If inband registration is not allowed, return an error.
                    if (!onlyPassword && !registrationEnabled) {
                        reply = IQ.createResultIQ(packet);
                        reply.setChildElement(packet.getChildElement().createCopy());
                        reply.setError(PacketError.Condition.forbidden);
                        return reply;
                    } else {
                        User user = userManager.getUser(session.getUsername());
                        if (user.getUsername().equalsIgnoreCase(username)) {
                            if (password != null && password.trim().length() > 0) {
                                user.setPassword(password);
                            }
                            if (!onlyPassword) {
                                user.setEmail(email);
                            }
                            newUser = user;
                        } else if (password != null && password.trim().length() > 0) {
                            // An admin can create new accounts when logged in.
                            newUser = userManager.createUser(username, password, null, email);
                        } else {
                            // Deny registration of users with no password
                            reply = IQ.createResultIQ(packet);
                            reply.setChildElement(packet.getChildElement().createCopy());
                            reply.setError(PacketError.Condition.not_acceptable);
                            return reply;
                        }
                    }
                } else {
                    // If inband registration is not allowed, return an error.
                    if (!registrationEnabled) {
                        reply = IQ.createResultIQ(packet);
                        reply.setChildElement(packet.getChildElement().createCopy());
                        reply.setError(PacketError.Condition.forbidden);
                        return reply;
                    } else // information was not provided
                    if (password == null || password.trim().length() == 0) {
                        reply = IQ.createResultIQ(packet);
                        reply.setChildElement(packet.getChildElement().createCopy());
                        reply.setError(PacketError.Condition.not_acceptable);
                        return reply;
                    } else {
                        // Create the new account
                        newUser = userManager.createUser(username, password, name, email);
                    }
                }
                // Set and save the extra user info (e.g. full name, etc.)
                if (newUser != null && name != null && !name.equals(newUser.getName())) {
                    newUser.setName(name);
                }
                reply = IQ.createResultIQ(packet);
            }
        } catch (UserAlreadyExistsException e) {
            reply = IQ.createResultIQ(packet);
            reply.setChildElement(packet.getChildElement().createCopy());
            reply.setError(PacketError.Condition.conflict);
        } catch (UserNotFoundException e) {
            reply = IQ.createResultIQ(packet);
            reply.setChildElement(packet.getChildElement().createCopy());
            reply.setError(PacketError.Condition.bad_request);
        } catch (StringprepException e) {
            // The specified username is not correct according to the stringprep specs
            reply = IQ.createResultIQ(packet);
            reply.setChildElement(packet.getChildElement().createCopy());
            reply.setError(PacketError.Condition.jid_malformed);
        } catch (IllegalArgumentException e) {
            // At least one of the fields passed in is not valid
            reply = IQ.createResultIQ(packet);
            reply.setChildElement(packet.getChildElement().createCopy());
            reply.setError(PacketError.Condition.not_acceptable);
            Log.warn(e.getMessage(), e);
        } catch (UnsupportedOperationException e) {
            // The User provider is read-only so this operation is not allowed
            reply = IQ.createResultIQ(packet);
            reply.setChildElement(packet.getChildElement().createCopy());
            reply.setError(PacketError.Condition.not_allowed);
        } catch (Exception e) {
            // Some unexpected error happened so return an internal_server_error
            reply = IQ.createResultIQ(packet);
            reply.setChildElement(packet.getChildElement().createCopy());
            reply.setError(PacketError.Condition.internal_server_error);
            Log.error(e.getMessage(), e);
        }
    }
    if (reply != null) {
        // why is this done here instead of letting the iq handler do it?
        session.process(reply);
    }
    return null;
}
Also used : UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException) User(org.jivesoftware.openfire.user.User) Element(org.dom4j.Element) IQ(org.xmpp.packet.IQ) UserAlreadyExistsException(org.jivesoftware.openfire.user.UserAlreadyExistsException) StringprepException(gnu.inet.encoding.StringprepException) PacketException(org.jivesoftware.openfire.PacketException) UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException) UserAlreadyExistsException(org.jivesoftware.openfire.user.UserAlreadyExistsException) UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException) StringprepException(gnu.inet.encoding.StringprepException) StreamError(org.xmpp.packet.StreamError) ClientSession(org.jivesoftware.openfire.session.ClientSession) Iterator(java.util.Iterator) UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException) DataForm(org.xmpp.forms.DataForm) List(java.util.List) FormField(org.xmpp.forms.FormField)

Example 67 with FormField

use of org.xmpp.forms.FormField in project Openfire by igniterealtime.

the class AddGroupUsers method addStageInformation.

@Override
protected void addStageInformation(SessionData data, Element command) {
    DataForm form = new DataForm(DataForm.Type.form);
    form.setTitle("Add members or admins to a group");
    form.addInstruction("Fill out this form to add new members or admins to a group.");
    FormField field = form.addField();
    field.setType(FormField.Type.hidden);
    field.setVariable("FORM_TYPE");
    field.addValue("http://jabber.org/protocol/admin");
    field = form.addField();
    field.setType(FormField.Type.text_single);
    field.setLabel("Group Name");
    field.setVariable("group");
    field.setRequired(true);
    field = form.addField();
    field.setType(FormField.Type.boolean_type);
    field.setLabel("Admin");
    field.setVariable("admin");
    field.addValue(false);
    field.setRequired(true);
    field = form.addField();
    field.setType(FormField.Type.jid_multi);
    field.setLabel("Users");
    field.setVariable("users");
    field.setRequired(true);
    // Add the form to the command
    command.add(form.getElement());
}
Also used : DataForm(org.xmpp.forms.DataForm) FormField(org.xmpp.forms.FormField)

Example 68 with FormField

use of org.xmpp.forms.FormField in project Openfire by igniterealtime.

the class DeleteGroupUsers method addStageInformation.

@Override
protected void addStageInformation(SessionData data, Element command) {
    DataForm form = new DataForm(DataForm.Type.form);
    form.setTitle("Delete members or admins from a group");
    form.addInstruction("Fill out this form to delete members or admins from a group.");
    FormField field = form.addField();
    field.setType(FormField.Type.hidden);
    field.setVariable("FORM_TYPE");
    field.addValue("http://jabber.org/protocol/admin");
    field = form.addField();
    field.setType(FormField.Type.text_single);
    field.setLabel("Group Name");
    field.setVariable("group");
    field.setRequired(true);
    field = form.addField();
    field.setType(FormField.Type.jid_multi);
    field.setLabel("Users");
    field.setVariable("users");
    field.setRequired(true);
    // Add the form to the command
    command.add(form.getElement());
}
Also used : DataForm(org.xmpp.forms.DataForm) FormField(org.xmpp.forms.FormField)

Example 69 with FormField

use of org.xmpp.forms.FormField in project Openfire by igniterealtime.

the class DeleteUser method addStageInformation.

@Override
protected void addStageInformation(SessionData data, Element command) {
    DataForm form = new DataForm(DataForm.Type.form);
    form.setTitle("Deleting one or more users");
    form.addInstruction("Fill out this form to delete users.");
    FormField field = form.addField();
    field.setType(FormField.Type.hidden);
    field.setVariable("FORM_TYPE");
    field.addValue("http://jabber.org/protocol/admin");
    field = form.addField();
    field.setType(FormField.Type.jid_multi);
    field.setLabel("The Jabber ID(s) for the account to be deleted");
    field.setVariable("accountjids");
    field.setRequired(true);
    // Add the form to the command
    command.add(form.getElement());
}
Also used : DataForm(org.xmpp.forms.DataForm) FormField(org.xmpp.forms.FormField)

Example 70 with FormField

use of org.xmpp.forms.FormField in project Openfire by igniterealtime.

the class AddUser method addStageInformation.

@Override
protected void addStageInformation(SessionData data, Element command) {
    DataForm form = new DataForm(DataForm.Type.form);
    form.setTitle("Adding a user");
    form.addInstruction("Fill out this form to add a user.");
    FormField field = form.addField();
    field.setType(FormField.Type.hidden);
    field.setVariable("FORM_TYPE");
    field.addValue("http://jabber.org/protocol/admin");
    field = form.addField();
    field.setType(FormField.Type.jid_single);
    field.setLabel("The Jabber ID for the account to be added");
    field.setVariable("accountjid");
    field.setRequired(true);
    field = form.addField();
    field.setType(FormField.Type.text_private);
    field.setLabel("The password for this account");
    field.setVariable("password");
    field = form.addField();
    field.setType(FormField.Type.text_private);
    field.setLabel("Retype password");
    field.setVariable("password-verify");
    field = form.addField();
    field.setType(FormField.Type.text_single);
    field.setLabel("Email address");
    field.setVariable("email");
    field = form.addField();
    field.setType(FormField.Type.text_single);
    field.setLabel("Given name");
    field.setVariable("given_name");
    field = form.addField();
    field.setType(FormField.Type.text_single);
    field.setLabel("Family name");
    field.setVariable("surname");
    // Add the form to the command
    command.add(form.getElement());
}
Also used : DataForm(org.xmpp.forms.DataForm) FormField(org.xmpp.forms.FormField)

Aggregations

FormField (org.xmpp.forms.FormField)92 DataForm (org.xmpp.forms.DataForm)80 Element (org.dom4j.Element)21 JID (org.xmpp.packet.JID)13 IQ (org.xmpp.packet.IQ)7 HashSet (java.util.HashSet)6 ClientSession (org.jivesoftware.openfire.session.ClientSession)6 ArrayList (java.util.ArrayList)4 UserNotFoundException (org.jivesoftware.openfire.user.UserNotFoundException)4 ParseException (java.text.ParseException)3 Date (java.util.Date)3 UnauthorizedException (org.jivesoftware.openfire.auth.UnauthorizedException)3 Group (org.jivesoftware.openfire.group.Group)3 Test (org.junit.Test)3 List (java.util.List)2 CopyOnWriteArrayList (java.util.concurrent.CopyOnWriteArrayList)2 PacketException (org.jivesoftware.openfire.PacketException)2 GroupJID (org.jivesoftware.openfire.group.GroupJID)2 GroupNotFoundException (org.jivesoftware.openfire.group.GroupNotFoundException)2 MUCRoom (org.jivesoftware.openfire.muc.MUCRoom)2